Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/yIZwF17fG1QNjhNcd6_TH7lTly0.roa
File: yIZwF17fG1QNjhNcd6_TH7lTly0.roa (raw, json)
Hash identifier: bMAnRP814bX6Ri2OabUrHb5HrhNVSjDnjuQE+HJNTG4=
Subject key identifier: C8:86:70:17:5E:DF:1B:54:0D:8E:13:5C:77:AF:D3:1F:B9:53:97:2D
Certificate issuer: /CN=a7fd3f89335dcf828666b28fad8ae993bd448878
Certificate serial: 2706D8
Authority key identifier: A7:FD:3F:89:33:5D:CF:82:86:66:B2:8F:AD:8A:E9:93:BD:44:88:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p_0_iTNdz4KGZrKPrYrpk71EiHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/yIZwF17fG1QNjhNcd6_TH7lTly0.roa
Signing time: Fri 25 Mar 2022 13:54:50 +0000
ROA not before: Fri 25 Mar 2022 13:54:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203038
IP address blocks: 2a0a:3507:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2557656 (0x2706d8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7fd3f89335dcf828666b28fad8ae993bd448878
Validity
Not Before: Mar 25 13:54:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c88670175edf1b540d8e135c77afd31fb953972d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:2e:6e:d5:4f:dd:41:bf:88:40:ce:b9:c5:b8:
b0:4d:03:63:96:44:c9:3c:62:21:23:a0:0c:7a:aa:
ab:33:7e:54:a3:07:5c:26:3e:fc:6b:cb:d7:70:37:
4e:10:5a:9d:f7:f2:0c:86:17:38:e3:33:34:ce:32:
a0:91:a9:1a:79:bf:da:e8:fd:c8:01:8c:39:c8:16:
a5:29:05:db:37:87:87:84:c9:e7:7d:35:7c:2f:41:
b3:5c:43:2d:b0:87:b7:8e:b7:5f:37:44:26:ee:ef:
4e:b2:c1:cf:02:c7:50:2d:4b:b5:8c:61:65:ff:54:
cb:9a:21:2c:d9:0c:30:e5:0e:97:5a:b6:19:89:6c:
3a:2c:a4:e5:3e:16:0c:cf:e4:41:23:c4:88:a1:72:
8c:f9:83:57:19:61:a8:3a:86:d6:f2:9f:fd:3e:f0:
3b:61:5f:fa:78:37:c1:9a:c2:93:d9:de:86:bf:79:
d1:7c:ee:87:40:4a:29:7c:94:8d:84:6e:b0:ad:c7:
c2:02:69:29:2d:80:eb:7b:3d:00:7a:f7:15:a4:c5:
bd:5e:bc:d4:af:36:2a:9f:e0:d9:30:25:eb:35:1e:
62:73:8b:1a:33:5e:35:03:cc:45:3f:ce:51:ab:36:
df:6f:0a:a6:4b:82:9b:50:c9:98:89:e9:75:1f:04:
c5:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:86:70:17:5E:DF:1B:54:0D:8E:13:5C:77:AF:D3:1F:B9:53:97:2D
X509v3 Authority Key Identifier:
keyid:A7:FD:3F:89:33:5D:CF:82:86:66:B2:8F:AD:8A:E9:93:BD:44:88:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p_0_iTNdz4KGZrKPrYrpk71EiHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/yIZwF17fG1QNjhNcd6_TH7lTly0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/p_0_iTNdz4KGZrKPrYrpk71EiHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:3507:1::/48
Signature Algorithm: sha256WithRSAEncryption
7d:14:50:81:2a:6e:8c:74:da:b3:fc:a5:e4:a1:a6:73:b8:db:
c3:99:7e:15:60:74:4f:05:22:7b:19:56:3e:6e:f3:6c:88:59:
24:05:bc:9a:75:d1:e8:2a:fe:4c:04:2b:5c:15:8c:64:34:4e:
e7:68:e7:f3:73:5a:ad:8c:f1:e1:3f:27:99:da:ee:98:e9:9b:
89:8f:54:f9:16:fb:2c:f6:69:d9:82:2c:bb:ce:15:e2:91:58:
33:96:70:2b:55:f0:df:f4:c1:16:8e:29:8c:8f:4e:01:c3:6a:
8f:22:3b:5f:ff:65:0d:fd:3e:ac:f2:e9:9a:22:49:60:4a:76:
2d:a7:14:66:21:55:45:0b:f3:ec:d8:50:48:35:92:d8:b6:17:
da:11:5e:0f:2a:ac:c0:83:f5:9d:d3:12:d0:80:a0:d5:00:7a:
80:3b:c4:55:b0:58:bc:1c:72:33:f2:29:e8:59:c3:44:89:7e:
04:7a:ac:a5:4c:b6:cd:4c:1a:ac:79:98:67:48:aa:a6:16:9a:
55:5b:38:8f:38:12:dd:4c:8a:9a:30:3f:d8:ea:3e:a0:69:4b:
8c:46:0a:35:2c:d7:0c:51:14:d8:0f:06:f5:a1:df:68:72:c3:
69:be:fa:fc:62:17:fb:dc:f5:23:27:40:f7:60:a4:4f:b7:44:
5f:b7:68:1b
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIDJwbYMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGE3
ZmQzZjg5MzM1ZGNmODI4NjY2YjI4ZmFkOGFlOTkzYmQ0NDg4NzgwHhcNMjIwMzI1
MTM1NDUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhjODg2NzAxNzVlZGYx
YjU0MGQ4ZTEzNWM3N2FmZDMxZmI5NTM5NzJkMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAwC5u1U/dQb+IQM65xbiwTQNjlkTJPGIhI6AMeqqrM35Uowdc
Jj78a8vXcDdOEFqd9/IMhhc44zM0zjKgkakaeb/a6P3IAYw5yBalKQXbN4eHhMnn
fTV8L0GzXEMtsIe3jrdfN0Qm7u9OssHPAsdQLUu1jGFl/1TLmiEs2Qww5Q6XWrYZ
iWw6LKTlPhYMz+RBI8SIoXKM+YNXGWGoOobW8p/9PvA7YV/6eDfBmsKT2d6Gv3nR
fO6HQEopfJSNhG6wrcfCAmkpLYDrez0AevcVpMW9XrzUrzYqn+DZMCXrNR5ic4sa
M141A8xFP85RqzbfbwqmS4KbUMmYiel1HwTFqQIDAQABo4ICDDCCAggwHQYDVR0O
BBYEFMiGcBde3xtUDY4TXHev0x+5U5ctMB8GA1UdIwQYMBaAFKf9P4kzXc+Chmay
j62K6ZO9RIh4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
cF8wX2lUTmR6NEtHWnJLUHJZcnBrNzFFaUhnLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC83ZC8zODhmZDgtYzgxZi00ZTcxLWFmNTItYzBiMWFkNDM1Yjk1LzEv
eUlad0YxN2ZHMVFOamhOY2Q2X1RIN2xUbHkwLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC8z
ODhmZDgtYzgxZi00ZTcxLWFmNTItYzBiMWFkNDM1Yjk1LzEvcF8wX2lUTmR6NEtH
WnJLUHJZcnBrNzFFaUhnLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIG
CCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgo1BwABMA0GCSqGSIb3DQEBCwUA
A4IBAQB9FFCBKm6MdNqz/KXkoaZzuNvDmX4VYHRPBSJ7GVY+bvNsiFkkBbyaddHo
Kv5MBCtcFYxkNE7naOfzc1qtjPHhPyeZ2u6Y6ZuJj1T5Fvss9mnZgiy7zhXikVgz
lnArVfDf9MEWjimMj04Bw2qPIjtf/2UN/T6s8umaIklgSnYtpxRmIVVFC/Ps2FBI
NZLYthfaEV4PKqzAg/Wd0xLQgKDVAHqAO8RVsFi8HHIz8inoWcNEiX4EeqylTLbN
TBqseZhnSKqmFppVWziPOBLdTIqaMD/Y6j6gaUuMRgo1LNcMURTYDwb1od9ocsNp
vvr8Yhf73PUjJ0D3YKRPt0Rft2gb
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:02 2023 by rpki-client on console-ams.rpki-client.org