Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/a7c8d0-c92d-45d0-91a3-28c22abf08d0/1/y_iErmLxpYVqNfieS5vgM2Xj_YU.roa
File: y_iErmLxpYVqNfieS5vgM2Xj_YU.roa (raw, json)
Hash identifier: sTwP3bRH9IvHST4aJLjsV6fQ1Em2MSXwQLtN4Qaoeis=
Subject key identifier: CB:F8:84:AE:62:F1:A5:85:6A:35:F8:9E:4B:9B:E0:33:65:E3:FD:85
Certificate issuer: /CN=955246b1b65c95046259c2248c1d306ff135b984
Certificate serial: 02539467
Authority key identifier: 95:52:46:B1:B6:5C:95:04:62:59:C2:24:8C:1D:30:6F:F1:35:B9:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lVJGsbZclQRiWcIkjB0wb_E1uYQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/a7c8d0-c92d-45d0-91a3-28c22abf08d0/1/y_iErmLxpYVqNfieS5vgM2Xj_YU.roa
Signing time: Sat 01 Jan 2022 10:58:49 +0000
ROA not before: Sat 01 Jan 2022 10:58:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211501
IP address blocks: 2001:67c:10d8::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 39031911 (0x2539467)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=955246b1b65c95046259c2248c1d306ff135b984
Validity
Not Before: Jan 1 10:58:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cbf884ae62f1a5856a35f89e4b9be03365e3fd85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:20:a3:89:c2:0c:f1:3d:a1:b6:b8:1f:43:02:
da:ef:7a:af:6e:f8:ad:34:2c:11:a3:c6:25:af:5a:
fe:4f:61:71:a0:41:bf:33:97:11:6e:0c:ad:88:cb:
24:29:15:89:66:35:65:75:a6:2e:d0:e0:4a:90:ab:
8b:28:30:a0:68:72:24:5d:07:c5:3a:ed:f1:67:ea:
3f:ee:8d:68:11:fa:39:1e:d2:87:e6:17:07:37:82:
81:e7:d0:e4:69:cc:7a:31:3a:a4:31:98:04:6d:ef:
75:40:be:50:25:d1:9d:68:83:41:53:ad:ea:48:d7:
29:22:28:85:a7:f3:38:88:d8:aa:9d:dc:49:94:fa:
25:f6:56:85:22:86:34:b0:b1:39:f3:86:9c:b5:f2:
e4:ba:86:35:31:5d:0b:d0:2e:fc:aa:7e:54:97:e8:
ac:12:a8:c7:92:e5:76:66:3d:78:b7:6c:c0:93:b2:
6e:58:2b:38:f4:e1:60:bf:06:77:a5:21:dd:aa:b0:
20:3f:41:2d:b3:e7:37:8f:6a:26:9c:78:75:c3:c9:
e7:90:da:19:11:9a:85:45:9e:a0:9f:7c:c8:94:ca:
4d:1a:41:c4:39:80:a8:44:21:d6:9a:d7:14:d3:82:
4f:87:68:ad:4c:c7:71:f8:e4:c9:99:b6:66:dc:0a:
6b:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:F8:84:AE:62:F1:A5:85:6A:35:F8:9E:4B:9B:E0:33:65:E3:FD:85
X509v3 Authority Key Identifier:
keyid:95:52:46:B1:B6:5C:95:04:62:59:C2:24:8C:1D:30:6F:F1:35:B9:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lVJGsbZclQRiWcIkjB0wb_E1uYQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/a7c8d0-c92d-45d0-91a3-28c22abf08d0/1/y_iErmLxpYVqNfieS5vgM2Xj_YU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/a7c8d0-c92d-45d0-91a3-28c22abf08d0/1/lVJGsbZclQRiWcIkjB0wb_E1uYQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:10d8::/48
Signature Algorithm: sha256WithRSAEncryption
d9:b6:0c:ed:20:65:e6:88:f1:23:b9:b6:b9:a8:c5:28:bf:43:
c9:00:ce:59:7d:42:40:2d:05:80:3c:2f:f1:28:82:f5:c5:de:
8f:67:84:9f:64:17:fd:a5:7f:21:e7:d3:86:bf:b2:9a:54:dc:
bc:e9:56:b9:16:44:d5:79:94:bf:16:9b:de:c6:a7:b8:cd:59:
e9:a6:df:1f:e8:8a:ee:50:e9:73:85:a1:c8:dc:20:7f:b1:27:
f9:f5:fd:34:07:34:04:42:f6:e7:3e:d5:ef:f4:e5:fc:46:a4:
7b:19:2c:90:95:59:c3:b6:0c:58:87:5d:42:17:1b:ad:ca:8c:
a7:39:4a:f0:c5:95:66:a1:bb:f5:75:95:e2:72:17:63:a3:8d:
4f:3b:ac:20:bc:84:8d:18:07:e1:11:11:7f:69:3a:42:b3:52:
ba:87:60:94:52:33:b2:44:79:e8:22:2f:c4:3f:62:a9:3e:4a:
4d:1c:c4:b5:1e:8b:c6:c4:ae:90:cd:88:13:0b:cd:64:f6:50:
92:5e:9f:2c:af:23:d7:b0:30:92:05:34:e5:81:06:26:53:bc:
bc:4b:55:53:de:f4:f6:ee:9b:4e:05:b9:d7:ea:0d:5a:cf:5e:
df:63:70:73:03:5f:e4:0b:1f:c5:ae:31:df:10:61:0d:c0:7e:
30:7f:14:e1
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEAlOUZzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
NTUyNDZiMWI2NWM5NTA0NjI1OWMyMjQ4YzFkMzA2ZmYxMzViOTg0MB4XDTIyMDEw
MTEwNTg0OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2JmODg0YWU2MmYx
YTU4NTZhMzVmODllNGI5YmUwMzM2NWUzZmQ4NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN0go4nCDPE9oba4H0MC2u96r274rTQsEaPGJa9a/k9hcaBB
vzOXEW4MrYjLJCkViWY1ZXWmLtDgSpCriygwoGhyJF0HxTrt8WfqP+6NaBH6OR7S
h+YXBzeCgefQ5GnMejE6pDGYBG3vdUC+UCXRnWiDQVOt6kjXKSIohafzOIjYqp3c
SZT6JfZWhSKGNLCxOfOGnLXy5LqGNTFdC9Au/Kp+VJforBKox5LldmY9eLdswJOy
blgrOPThYL8Gd6Uh3aqwID9BLbPnN49qJpx4dcPJ55DaGRGahUWeoJ98yJTKTRpB
xDmAqEQh1prXFNOCT4dorUzHcfjkyZm2ZtwKa3MCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBTL+ISuYvGlhWo1+J5Lm+AzZeP9hTAfBgNVHSMEGDAWgBSVUkaxtlyVBGJZ
wiSMHTBv8TW5hDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2xWSkdzYlpjbFFSaVdjSWtqQjB3Yl9FMXVZUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODgvYTdjOGQwLWM5MmQtNDVkMC05MWEzLTI4YzIyYWJmMDhkMC8x
L3lfaUVybUx4cFlWcU5maWVTNXZnTTJYal9ZVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODgv
YTdjOGQwLWM5MmQtNDVkMC05MWEzLTI4YzIyYWJmMDhkMC8xL2xWSkdzYlpjbFFS
aVdjSWtqQjB3Yl9FMXVZUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABBnwQ2DANBgkqhkiG9w0BAQsF
AAOCAQEA2bYM7SBl5ojxI7m2uajFKL9DyQDOWX1CQC0FgDwv8SiC9cXej2eEn2QX
/aV/IefThr+ymlTcvOlWuRZE1XmUvxab3sanuM1Z6abfH+iK7lDpc4WhyNwgf7En
+fX9NAc0BEL25z7V7/Tl/EakexkskJVZw7YMWIddQhcbrcqMpzlK8MWVZqG79XWV
4nIXY6ONTzusILyEjRgH4RERf2k6QrNSuodglFIzskR56CIvxD9iqT5KTRzEtR6L
xsSukM2IEwvNZPZQkl6fLK8j17AwkgU05YEGJlO8vEtVU9709u6bTgW51+oNWs9e
32NwcwNf5Asfxa4x3xBhDcB+MH8U4Q==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:38 2023 by rpki-client on console-ams.rpki-client.org