Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/91717c-eb77-4e83-8eaa-e123e4e303e1/1/yw2mao--SqcAADQNhQYdJMvM6jY.roa
File: yw2mao--SqcAADQNhQYdJMvM6jY.roa (raw, json)
Hash identifier: FPk4hw5ZBO0mPzHx90ZfzMhlOhaH7wP/1INRKAvg5TE=
Subject key identifier: CB:0D:A6:6A:8F:BE:4A:A7:00:00:34:0D:85:06:1D:24:CB:CC:EA:36
Certificate issuer: /CN=3a48fe0704e4ac95e3a70e95beb84425c316b9ad
Certificate serial: 0185728345025EC1B8678A3C8ACD5EE0B9F7
Authority key identifier: 3A:48:FE:07:04:E4:AC:95:E3:A7:0E:95:BE:B8:44:25:C3:16:B9:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Okj-BwTkrJXjpw6VvrhEJcMWua0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/91717c-eb77-4e83-8eaa-e123e4e303e1/1/yw2mao--SqcAADQNhQYdJMvM6jY.roa
Signing time: Mon 02 Jan 2023 12:44:43 +0000
ROA not before: Mon 02 Jan 2023 12:44:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12897
IP address blocks: 2001:678:804::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:83:45:02:5e:c1:b8:67:8a:3c:8a:cd:5e:e0:b9:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a48fe0704e4ac95e3a70e95beb84425c316b9ad
Validity
Not Before: Jan 2 12:44:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cb0da66a8fbe4aa70000340d85061d24cbccea36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:89:af:09:71:1c:58:7e:b6:b7:b1:32:b6:fd:
4c:d0:03:ac:ff:fc:ec:c5:cb:0e:57:81:67:fb:6d:
47:9b:96:93:af:27:e9:8a:02:83:f9:69:86:0d:59:
26:1d:d3:8b:88:98:0e:cb:d6:26:e3:ae:53:e3:7b:
ff:67:c1:3b:29:b5:e5:5c:47:ec:6d:58:c8:93:8d:
0a:fe:65:ad:7d:9d:fb:58:bf:3e:c6:c0:74:de:8c:
31:cb:7c:bb:30:bc:b5:03:5e:0c:2b:85:ed:ba:b7:
cf:61:28:60:7d:b9:5e:f8:70:ca:c7:28:0f:ec:73:
71:cb:f6:a4:1d:d8:aa:6a:75:bb:7c:5f:99:28:3b:
bc:8e:c6:ab:dd:84:ee:66:e1:9a:18:08:1f:ca:45:
e4:dd:b9:3d:f8:9c:48:c1:a2:df:c0:e5:13:f5:a5:
77:ea:6d:04:e6:26:eb:0d:c8:72:2f:3f:26:d9:37:
bc:4e:06:a0:00:fc:f3:17:c8:17:a1:6d:08:ad:77:
53:20:c1:1a:04:fd:50:d4:2e:3c:17:37:20:1b:91:
11:cb:fb:21:43:aa:eb:07:18:27:1d:e9:9b:aa:f7:
79:97:8a:a6:58:5d:1e:48:77:56:66:b7:bc:18:02:
b6:31:5c:73:72:86:ef:ee:e5:cd:8f:b6:08:73:39:
36:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:0D:A6:6A:8F:BE:4A:A7:00:00:34:0D:85:06:1D:24:CB:CC:EA:36
X509v3 Authority Key Identifier:
keyid:3A:48:FE:07:04:E4:AC:95:E3:A7:0E:95:BE:B8:44:25:C3:16:B9:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Okj-BwTkrJXjpw6VvrhEJcMWua0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/91717c-eb77-4e83-8eaa-e123e4e303e1/1/yw2mao--SqcAADQNhQYdJMvM6jY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/91717c-eb77-4e83-8eaa-e123e4e303e1/1/Okj-BwTkrJXjpw6VvrhEJcMWua0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:804::/48
Signature Algorithm: sha256WithRSAEncryption
e3:77:ad:af:61:f5:09:2b:d6:8b:e4:c3:3c:c2:8d:ac:95:e6:
4e:44:6a:34:de:9c:1d:06:2e:32:01:a8:6d:5e:f5:4e:17:6f:
e4:a5:3f:54:67:2e:0b:57:1c:82:ff:03:32:68:d7:5b:50:2b:
ec:41:71:69:34:2b:42:44:26:a5:85:d7:2a:8e:db:ea:6f:c0:
cb:56:d0:c6:1a:35:e3:fa:6f:db:57:47:b2:2c:a5:7f:ff:16:
d1:b4:c8:a7:75:36:2b:c3:70:d9:66:46:80:d2:08:10:63:b4:
db:c2:82:aa:74:45:8f:8d:ea:ad:43:fc:9d:de:c4:5b:da:f0:
9e:17:a7:ff:1b:00:8c:67:73:cd:5d:a8:4e:7f:8f:98:07:a5:
23:b1:fd:e1:6d:67:f1:3e:01:34:5c:f0:26:84:c7:81:5f:0b:
40:62:e6:1b:b1:ae:e8:2f:78:57:f6:18:df:bf:b8:a9:7d:d9:
38:ee:9a:95:fd:3b:09:82:b0:81:39:61:fc:00:50:8d:f3:f0:
dd:0b:3f:47:c1:8e:4e:8d:98:4a:57:19:f3:da:7d:98:21:be:
b2:63:c6:e1:b3:33:11:12:7c:7c:4d:ad:06:6a:fa:e4:4e:49:
34:ff:93:7b:36:74:7c:30:42:b1:aa:df:cb:24:eb:71:d1:61:
09:1e:fd:40
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVyg0UCXsG4Z4o8is1e4Ln3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNDhmZTA3MDRlNGFjOTVlM2E3MGU5NWJlYjg0NDI1YzMx
NmI5YWQwHhcNMjMwMTAyMTI0NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjBkYTY2YThmYmU0YWE3MDAwMDM0MGQ4NTA2MWQyNGNiY2NlYTM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhomvCXEcWH62t7Eytv1M0AOs//zs
xcsOV4Fn+21Hm5aTryfpigKD+WmGDVkmHdOLiJgOy9Ym465T43v/Z8E7KbXlXEfs
bVjIk40K/mWtfZ37WL8+xsB03owxy3y7MLy1A14MK4XturfPYShgfble+HDKxygP
7HNxy/akHdiqanW7fF+ZKDu8jsar3YTuZuGaGAgfykXk3bk9+JxIwaLfwOUT9aV3
6m0E5ibrDchyLz8m2Te8TgagAPzzF8gXoW0IrXdTIMEaBP1Q1C48FzcgG5ERy/sh
Q6rrBxgnHembqvd5l4qmWF0eSHdWZre8GAK2MVxzcobv7uXNj7YIczk2rQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMsNpmqPvkqnAAA0DYUGHSTLzOo2MB8GA1UdIwQY
MBaAFDpI/gcE5KyV46cOlb64RCXDFrmtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2tqLUJ3VGtySlhqcHc2VnZyaEVKY01XdWEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS85MTcxN2MtZWI3Ny00ZTgzLThlYWEt
ZTEyM2U0ZTMwM2UxLzEveXcybWFvLS1TcWNBQURRTmhRWWRKTXZNNmpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS85MTcxN2MtZWI3Ny00ZTgzLThlYWEtZTEyM2U0ZTMwM2Ux
LzEvT2tqLUJ3VGtySlhqcHc2VnZyaEVKY01XdWEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAgE
MA0GCSqGSIb3DQEBCwUAA4IBAQDjd62vYfUJK9aL5MM8wo2sleZORGo03pwdBi4y
AahtXvVOF2/kpT9UZy4LVxyC/wMyaNdbUCvsQXFpNCtCRCalhdcqjtvqb8DLVtDG
GjXj+m/bV0eyLKV//xbRtMindTYrw3DZZkaA0ggQY7TbwoKqdEWPjeqtQ/yd3sRb
2vCeF6f/GwCMZ3PNXahOf4+YB6Ujsf3hbWfxPgE0XPAmhMeBXwtAYuYbsa7oL3hX
9hjfv7ipfdk47pqV/TsJgrCBOWH8AFCN8/DdCz9HwY5OjZhKVxnz2n2YIb6yY8bh
szMREnx8Ta0GavrkTkk0/5N7NnR8MEKxqt/LJOtx0WEJHv1A
-----END CERTIFICATE-----
Generated at Thu Apr 17 20:16:54 2025 by rpki-client