Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/0776a2-5e89-4e2c-9370-5b304eec0025/1/ys3Nq5vLcjAL9wtT0h99sdqI3Qk.roa
File: ys3Nq5vLcjAL9wtT0h99sdqI3Qk.roa (raw, json)
Hash identifier: YD2sHJ2dPGY42TecogUMOEvn+ZyMF3OP8TcijfBkdAA=
Subject key identifier: CA:CD:CD:AB:9B:CB:72:30:0B:F7:0B:53:D2:1F:7D:B1:DA:88:DD:09
Certificate issuer: /CN=ec9b0931118f08bf4a34b3e052fd8f8a5c1ecab0
Certificate serial: 1D529D26
Authority key identifier: EC:9B:09:31:11:8F:08:BF:4A:34:B3:E0:52:FD:8F:8A:5C:1E:CA:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7JsJMRGPCL9KNLPgUv2PilweyrA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/0776a2-5e89-4e2c-9370-5b304eec0025/1/ys3Nq5vLcjAL9wtT0h99sdqI3Qk.roa
Signing time: Wed 20 Apr 2022 06:30:32 +0000
ROA not before: Wed 20 Apr 2022 06:30:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210641
IP address blocks: 2a02:dcf::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 491953446 (0x1d529d26)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec9b0931118f08bf4a34b3e052fd8f8a5c1ecab0
Validity
Not Before: Apr 20 06:30:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cacdcdab9bcb72300bf70b53d21f7db1da88dd09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:2f:91:2a:f4:fa:a3:e5:21:2c:2d:ac:87:a1:
70:e8:a0:e9:a7:40:47:f5:c2:9e:df:aa:0f:26:c6:
b0:cf:09:02:cf:98:24:4d:9e:d0:09:22:78:77:7f:
01:32:35:9f:6f:5f:f0:7e:24:b9:a3:86:bb:d2:7c:
ed:5c:6e:f3:35:07:c4:c6:0f:56:b8:34:7e:91:a6:
cc:cc:da:12:48:24:49:6b:6c:d7:e5:81:83:ca:33:
d0:f6:77:41:60:1d:e0:dc:97:7e:5e:77:2d:28:b5:
fd:3b:08:b7:45:bd:7a:c2:c2:12:e9:0c:a7:7d:a1:
ab:73:4d:06:92:86:76:b5:85:d1:ff:b6:aa:7b:23:
e6:ee:e7:4e:1c:65:80:44:dd:7d:b6:bd:01:61:e5:
72:bd:b0:99:d6:d5:f8:a7:28:dc:c9:b0:3a:bd:f0:
08:2c:38:62:04:cd:8e:c6:bc:80:ad:aa:b1:04:f2:
ae:87:78:11:f5:f5:13:8e:65:29:af:47:9c:c1:b6:
a9:3a:15:7a:7b:b1:16:3d:38:a3:d4:71:cf:73:e9:
54:d7:c2:8b:e9:b7:32:81:c1:55:9a:4b:d4:37:f2:
83:49:77:4a:c4:e0:01:f9:89:a4:75:9d:d8:c9:82:
5d:26:f4:cd:9a:c6:38:f6:81:7b:ed:cb:07:04:21:
f6:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:CD:CD:AB:9B:CB:72:30:0B:F7:0B:53:D2:1F:7D:B1:DA:88:DD:09
X509v3 Authority Key Identifier:
keyid:EC:9B:09:31:11:8F:08:BF:4A:34:B3:E0:52:FD:8F:8A:5C:1E:CA:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7JsJMRGPCL9KNLPgUv2PilweyrA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/0776a2-5e89-4e2c-9370-5b304eec0025/1/ys3Nq5vLcjAL9wtT0h99sdqI3Qk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/0776a2-5e89-4e2c-9370-5b304eec0025/1/7JsJMRGPCL9KNLPgUv2PilweyrA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:dcf::/32
Signature Algorithm: sha256WithRSAEncryption
7b:4d:81:fe:8a:8b:bb:61:ac:c7:a2:04:4a:c7:ff:80:c5:f8:
10:3e:7e:77:30:04:84:02:9c:eb:43:18:46:e3:28:58:85:4b:
64:fc:47:32:e4:c0:05:fa:f2:4d:88:f0:13:29:66:14:79:f2:
72:b5:ee:49:09:ca:32:df:37:e0:2f:73:eb:b0:fa:65:96:ad:
9c:04:8c:68:af:18:36:ea:6d:b3:16:4c:29:15:25:bf:fc:60:
d0:7c:07:c6:8c:66:99:32:4e:7a:09:58:5a:28:17:c8:fd:39:
0d:5a:89:11:d3:72:06:ce:e8:00:9f:62:ff:ee:dd:18:ac:99:
f6:bb:0b:88:33:63:b5:ef:16:d8:eb:ad:64:64:31:41:4f:b3:
9b:b9:d3:bb:69:81:77:27:30:aa:be:92:84:a0:b3:9d:df:df:
bd:e8:db:67:3d:8d:af:49:cb:24:eb:60:aa:8b:83:3b:b1:ed:
72:aa:3d:0f:5c:ac:17:21:80:85:e8:96:7e:f8:e9:36:74:36:
fa:4c:59:90:d7:a4:b5:a2:5f:15:87:ca:de:75:26:c4:34:51:
50:02:01:31:03:60:a1:e7:42:1f:2f:7f:92:9e:f2:c8:3c:1d:
e7:1e:b1:81:8c:5d:e0:3c:73:84:69:fa:79:f5:af:e1:69:ca:
5b:41:eb:90
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIEHVKdJjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
YzliMDkzMTExOGYwOGJmNGEzNGIzZTA1MmZkOGY4YTVjMWVjYWIwMB4XDTIyMDQy
MDA2MzAzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2FjZGNkYWI5YmNi
NzIzMDBiZjcwYjUzZDIxZjdkYjFkYTg4ZGQwOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM8vkSr0+qPlISwtrIehcOig6adAR/XCnt+qDybGsM8JAs+Y
JE2e0AkieHd/ATI1n29f8H4kuaOGu9J87Vxu8zUHxMYPVrg0fpGmzMzaEkgkSWts
1+WBg8oz0PZ3QWAd4NyXfl53LSi1/TsIt0W9esLCEukMp32hq3NNBpKGdrWF0f+2
qnsj5u7nThxlgETdfba9AWHlcr2wmdbV+Kco3MmwOr3wCCw4YgTNjsa8gK2qsQTy
rod4EfX1E45lKa9HnMG2qToVenuxFj04o9Rxz3PpVNfCi+m3MoHBVZpL1Dfyg0l3
SsTgAfmJpHWd2MmCXSb0zZrGOPaBe+3LBwQh9hUCAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBTKzc2rm8tyMAv3C1PSH32x2ojdCTAfBgNVHSMEGDAWgBTsmwkxEY8Iv0o0
s+BS/Y+KXB7KsDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzdKc0pNUkdQQ0w5S05MUGdVdjJQaWx3ZXlyQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODMvMDc3NmEyLTVlODktNGUyYy05MzcwLTViMzA0ZWVjMDAyNS8x
L3lzM05xNXZMY2pBTDl3dFQwaDk5c2RxSTNRay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODMv
MDc3NmEyLTVlODktNGUyYy05MzcwLTViMzA0ZWVjMDAyNS8xLzdKc0pNUkdQQ0w5
S05MUGdVdjJQaWx3ZXlyQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoCDc8wDQYJKoZIhvcNAQELBQAD
ggEBAHtNgf6Ki7thrMeiBErH/4DF+BA+fncwBIQCnOtDGEbjKFiFS2T8RzLkwAX6
8k2I8BMpZhR58nK17kkJyjLfN+Avc+uw+mWWrZwEjGivGDbqbbMWTCkVJb/8YNB8
B8aMZpkyTnoJWFooF8j9OQ1aiRHTcgbO6ACfYv/u3Rismfa7C4gzY7XvFtjrrWRk
MUFPs5u507tpgXcnMKq+koSgs53f373o22c9ja9JyyTrYKqLgzux7XKqPQ9crBch
gIXoln746TZ0NvpMWZDXpLWiXxWHyt51JsQ0UVACATEDYKHnQh8vf5Ke8sg8Hece
sYGMXeA8c4Rp+nn1r+FpyltB65A=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:16:06 2025 by rpki-client