Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/0a2984-a869-440d-b578-58935179b985/1/YpufBLsdwczlSXp2yjdhllQcvjw.roa
File: YpufBLsdwczlSXp2yjdhllQcvjw.roa (raw, json)
Hash identifier: deecighz1iMpty7OWkrQb5H6yyswvmddQ/C/wycn9kA=
Subject key identifier: 62:9B:9F:04:BB:1D:C1:CC:E5:49:7A:76:CA:37:61:96:54:1C:BE:3C
Certificate issuer: /CN=38203463eb944b25c65135ca47bdbdab646f3984
Certificate serial: 03E04C6B
Authority key identifier: 38:20:34:63:EB:94:4B:25:C6:51:35:CA:47:BD:BD:AB:64:6F:39:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OCA0Y-uUSyXGUTXKR729q2RvOYQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/0a2984-a869-440d-b578-58935179b985/1/YpufBLsdwczlSXp2yjdhllQcvjw.roa
Signing time: Sat 01 Jan 2022 06:56:33 +0000
ROA not before: Sat 01 Jan 2022 06:56:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 0
IP address blocks: 2a00:8860::/29 maxlen: 29
2a00:8861::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65031275 (0x3e04c6b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38203463eb944b25c65135ca47bdbdab646f3984
Validity
Not Before: Jan 1 06:56:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=629b9f04bb1dc1cce5497a76ca376196541cbe3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:14:12:4b:1d:47:e5:2e:10:44:d8:3b:77:d2:
bc:e6:f6:27:c6:3a:50:3c:2e:02:f4:a2:fc:b0:d0:
3f:f9:a5:28:c9:98:92:6d:a9:71:69:48:9f:27:d7:
a2:18:3e:e9:3c:6e:3b:2b:f3:d7:70:79:1c:04:ad:
c1:0a:00:9f:55:85:7c:13:6b:cc:05:49:8c:77:9f:
b1:a6:0c:11:5b:66:0f:cf:e3:4b:28:fb:97:c3:c7:
1b:e7:85:b7:60:60:92:34:d8:05:6f:ee:7f:64:bd:
84:3e:79:0a:39:b9:93:72:0d:41:4c:cf:4f:83:1d:
91:5e:d4:e7:af:31:37:07:5b:65:4b:dd:28:75:69:
7f:d9:79:b3:90:ac:a6:ea:9d:7c:fd:41:a0:9f:93:
85:e9:a5:53:b5:38:45:23:f3:70:5f:dd:ef:01:fc:
2f:78:6e:c9:84:35:83:4f:c4:e0:53:d0:af:93:2e:
2c:60:a2:55:d5:71:21:73:57:5e:72:71:8b:a1:07:
d7:18:a2:8e:e4:e9:7b:5a:44:03:8d:8d:0e:18:f2:
61:0f:92:86:3e:5d:8e:b4:6b:71:fe:43:89:a0:6d:
e6:88:4d:18:86:d6:ad:cf:7b:99:ee:0d:60:af:f8:
c8:6d:b8:77:bb:17:a4:f7:a6:23:56:99:2f:0b:18:
e9:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:9B:9F:04:BB:1D:C1:CC:E5:49:7A:76:CA:37:61:96:54:1C:BE:3C
X509v3 Authority Key Identifier:
keyid:38:20:34:63:EB:94:4B:25:C6:51:35:CA:47:BD:BD:AB:64:6F:39:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OCA0Y-uUSyXGUTXKR729q2RvOYQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/0a2984-a869-440d-b578-58935179b985/1/YpufBLsdwczlSXp2yjdhllQcvjw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/0a2984-a869-440d-b578-58935179b985/1/OCA0Y-uUSyXGUTXKR729q2RvOYQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:8860::/29
Signature Algorithm: sha256WithRSAEncryption
31:05:67:23:11:8c:b3:15:8c:73:10:c3:2e:63:f9:09:11:73:
de:94:25:1c:8d:f5:f0:20:71:0b:4c:25:12:9f:76:b1:29:d5:
a6:fb:63:37:6f:0e:07:b0:f9:de:fb:78:ec:38:d1:9c:99:db:
2b:da:47:08:d5:1a:df:a9:c5:ce:c4:b3:7b:18:be:d7:ce:bc:
a8:e4:d6:16:0d:ec:fb:4f:6b:a2:b5:e2:65:a8:c1:eb:56:d0:
95:03:f6:97:58:5f:15:91:71:df:c4:d8:d1:52:fb:9e:8c:5c:
82:e9:39:5f:f8:12:67:9a:32:73:f3:5e:62:85:3c:bc:18:82:
12:a4:86:ef:80:f7:2b:ea:70:d6:c5:24:b8:61:bc:90:41:b6:
4f:71:f9:05:64:05:09:71:4e:57:38:75:23:56:f6:43:d9:28:
86:5a:88:3d:47:0d:a7:68:09:65:a1:dd:72:e4:fc:34:d7:1c:
9b:c8:f4:37:4c:98:5d:3d:89:ae:66:4a:d3:0f:d3:81:ab:af:
b5:9c:49:f1:99:5b:10:0d:74:8d:86:ae:d5:ba:38:0a:f8:cd:
ae:29:a3:fb:48:bc:98:60:13:22:b7:a2:62:41:58:67:fe:60:
35:66:19:00:89:37:4d:15:14:d0:cd:4e:1e:98:ab:35:3d:01:
2c:9d:f1:58
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIEA+BMazANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
ODIwMzQ2M2ViOTQ0YjI1YzY1MTM1Y2E0N2JkYmRhYjY0NmYzOTg0MB4XDTIyMDEw
MTA2NTYzM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjI5YjlmMDRiYjFk
YzFjY2U1NDk3YTc2Y2EzNzYxOTY1NDFjYmUzYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANAUEksdR+UuEETYO3fSvOb2J8Y6UDwuAvSi/LDQP/mlKMmY
km2pcWlInyfXohg+6TxuOyvz13B5HAStwQoAn1WFfBNrzAVJjHefsaYMEVtmD8/j
Syj7l8PHG+eFt2BgkjTYBW/uf2S9hD55Cjm5k3INQUzPT4MdkV7U568xNwdbZUvd
KHVpf9l5s5CspuqdfP1BoJ+ThemlU7U4RSPzcF/d7wH8L3huyYQ1g0/E4FPQr5Mu
LGCiVdVxIXNXXnJxi6EH1xiijuTpe1pEA42NDhjyYQ+Shj5djrRrcf5DiaBt5ohN
GIbWrc97me4NYK/4yG24d7sXpPemI1aZLwsY6V8CAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBRim58Eux3BzOVJenbKN2GWVBy+PDAfBgNVHSMEGDAWgBQ4IDRj65RLJcZR
NcpHvb2rZG85hDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L09DQTBZLXVVU3lYR1VUWEtSNzI5cTJSdk9ZUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2YvMGEyOTg0LWE4NjktNDQwZC1iNTc4LTU4OTM1MTc5Yjk4NS8x
L1lwdWZCTHNkd2N6bFNYcDJ5amRobGxRY3Zqdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Yv
MGEyOTg0LWE4NjktNDQwZC1iNTc4LTU4OTM1MTc5Yjk4NS8xL09DQTBZLXVVU3lY
R1VUWEtSNzI5cTJSdk9ZUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFAyoAiGAwDQYJKoZIhvcNAQELBQAD
ggEBADEFZyMRjLMVjHMQwy5j+QkRc96UJRyN9fAgcQtMJRKfdrEp1ab7YzdvDgew
+d77eOw40ZyZ2yvaRwjVGt+pxc7Es3sYvtfOvKjk1hYN7PtPa6K14mWowetW0JUD
9pdYXxWRcd/E2NFS+56MXILpOV/4EmeaMnPzXmKFPLwYghKkhu+A9yvqcNbFJLhh
vJBBtk9x+QVkBQlxTlc4dSNW9kPZKIZaiD1HDadoCWWh3XLk/DTXHJvI9DdMmF09
ia5mStMP04Grr7WcSfGZWxANdI2GrtW6OAr4za4po/tIvJhgEyK3omJBWGf+YDVm
GQCJN00VFNDNTh6YqzU9ASyd8Vg=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:30 2023 by rpki-client on console-fra.rpki-client.org