Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/285850-7551-4229-87b6-3a4468c4dfdf/1/vy-Kp5aPUGZkQmqBl7nseHrgeJI.roa
File: vy-Kp5aPUGZkQmqBl7nseHrgeJI.roa (raw, json)
Hash identifier: Ig44s/g7FaJ4yOUi2fBhBu2DaHap2ucM7ZI5GiFsMCk=
Subject key identifier: BF:2F:8A:A7:96:8F:50:66:64:42:6A:81:97:B9:EC:78:7A:E0:78:92
Certificate issuer: /CN=b986028c9feb6f142b3fecb64667f48874ba9c37
Certificate serial: 0185704BC9577868AC46EE8B05928F04A227
Authority key identifier: B9:86:02:8C:9F:EB:6F:14:2B:3F:EC:B6:46:67:F4:88:74:BA:9C:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uYYCjJ_rbxQrP-y2Rmf0iHS6nDc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/285850-7551-4229-87b6-3a4468c4dfdf/1/vy-Kp5aPUGZkQmqBl7nseHrgeJI.roa
Signing time: Mon 02 Jan 2023 02:24:52 +0000
ROA not before: Mon 02 Jan 2023 02:24:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25365
IP address blocks: 2a00:7880:10::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:4b:c9:57:78:68:ac:46:ee:8b:05:92:8f:04:a2:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b986028c9feb6f142b3fecb64667f48874ba9c37
Validity
Not Before: Jan 2 02:24:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bf2f8aa7968f506664426a8197b9ec787ae07892
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:da:0c:25:2a:16:d3:cc:33:2c:9c:08:4a:8e:
17:45:6c:25:e5:21:0c:5a:dc:a5:68:ba:01:a0:59:
06:e3:5b:67:65:9f:83:db:a6:53:8d:05:59:82:de:
64:65:05:47:a3:bc:bf:d7:13:af:02:a2:15:15:af:
92:7a:e0:0f:7c:66:1d:0d:a8:14:47:2f:62:dc:d0:
41:15:39:7b:9e:fb:81:4f:5e:d1:37:8b:7b:a4:fd:
b2:1d:65:06:4a:5d:4e:f4:7d:a0:6f:7a:b1:34:5c:
27:21:1b:34:25:4e:15:b3:9a:98:11:e8:06:e8:82:
6f:53:f0:32:05:aa:f1:b7:a6:c5:92:20:7e:2c:ae:
b8:7a:86:57:32:9a:ef:15:70:04:7a:89:ac:8b:2d:
19:bf:7c:82:63:8e:fb:21:0d:49:b1:6e:3c:69:7a:
93:9b:fb:81:56:2e:a7:04:30:e5:e2:02:0c:0a:a1:
ba:f9:c6:63:97:fe:c4:f3:fa:ef:73:75:e9:55:8d:
de:5d:1c:6d:d0:9a:01:ea:29:3c:9a:a8:e4:81:9a:
6f:ca:24:a9:3f:e4:68:3d:82:4f:3c:ac:dc:7c:85:
ee:e3:9d:37:ca:40:fc:e2:66:e8:9b:22:8a:e8:d1:
f2:4b:1b:a1:12:51:d9:53:19:e3:e1:a6:ea:f1:fb:
de:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:2F:8A:A7:96:8F:50:66:64:42:6A:81:97:B9:EC:78:7A:E0:78:92
X509v3 Authority Key Identifier:
keyid:B9:86:02:8C:9F:EB:6F:14:2B:3F:EC:B6:46:67:F4:88:74:BA:9C:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uYYCjJ_rbxQrP-y2Rmf0iHS6nDc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/285850-7551-4229-87b6-3a4468c4dfdf/1/vy-Kp5aPUGZkQmqBl7nseHrgeJI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/285850-7551-4229-87b6-3a4468c4dfdf/1/uYYCjJ_rbxQrP-y2Rmf0iHS6nDc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:7880:10::/48
Signature Algorithm: sha256WithRSAEncryption
03:ad:9a:f8:36:4c:40:9f:21:25:79:26:df:dc:04:88:b1:0d:
2b:bb:78:af:c6:40:22:b3:0b:19:ee:4f:3e:54:11:f2:8e:1e:
95:7e:75:e6:59:7f:ab:66:ab:1f:3a:e7:7f:af:46:59:51:06:
65:b4:be:26:b3:35:d3:03:ef:a8:42:66:3c:9d:d8:d3:dc:8f:
ea:d3:64:b9:89:95:10:5f:cf:d2:66:80:cc:46:23:35:ca:29:
4d:dc:5b:fe:2a:ca:30:f5:8d:b3:4c:d4:7a:c3:72:b2:19:ca:
1e:bd:b2:07:0e:9b:e3:26:27:c5:44:4d:b4:45:9c:12:27:21:
a8:7c:75:f0:c4:2d:21:bc:2b:61:6c:81:be:61:32:3e:23:d9:
ae:6e:5e:0d:58:4c:ec:5f:30:40:d5:1c:d2:33:b1:f0:7f:e2:
42:6e:2b:96:59:14:ee:2a:42:48:9d:31:d8:af:67:76:03:d2:
63:3c:d3:2f:75:4d:fb:3d:15:1d:09:e3:e2:db:b8:83:b6:f1:
34:8e:7a:19:07:d4:1f:95:b3:db:d9:5b:76:ba:b5:39:f2:2a:
44:84:77:15:87:a4:da:58:2a:9b:dc:d4:36:aa:ad:44:1d:10:
e6:0d:68:6d:fd:4b:6b:e0:76:b1:82:1d:91:22:af:a2:dd:49:
ef:03:f6:41
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVwS8lXeGisRu6LBZKPBKInMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5ODYwMjhjOWZlYjZmMTQyYjNmZWNiNjQ2NjdmNDg4NzRi
YTljMzcwHhcNMjMwMTAyMDIyNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjJmOGFhNzk2OGY1MDY2NjQ0MjZhODE5N2I5ZWM3ODdhZTA3ODkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxdoMJSoW08wzLJwISo4XRWwl5SEM
WtylaLoBoFkG41tnZZ+D26ZTjQVZgt5kZQVHo7y/1xOvAqIVFa+SeuAPfGYdDagU
Ry9i3NBBFTl7nvuBT17RN4t7pP2yHWUGSl1O9H2gb3qxNFwnIRs0JU4Vs5qYEegG
6IJvU/AyBarxt6bFkiB+LK64eoZXMprvFXAEeomsiy0Zv3yCY477IQ1JsW48aXqT
m/uBVi6nBDDl4gIMCqG6+cZjl/7E8/rvc3XpVY3eXRxt0JoB6ik8mqjkgZpvyiSp
P+RoPYJPPKzcfIXu4503ykD84mbomyKK6NHySxuhElHZUxnj4abq8fveDQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFL8viqeWj1BmZEJqgZe57Hh64HiSMB8GA1UdIwQY
MBaAFLmGAoyf628UKz/stkZn9Ih0upw3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVlZQ2pKX3JieFFyUC15MlJtZjBpSFM2bkRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS8yODU4NTAtNzU1MS00MjI5LTg3YjYt
M2E0NDY4YzRkZmRmLzEvdnktS3A1YVBVR1prUW1xQmw3bnNlSHJnZUpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS8yODU4NTAtNzU1MS00MjI5LTg3YjYtM2E0NDY4YzRkZmRm
LzEvdVlZQ2pKX3JieFFyUC15MlJtZjBpSFM2bkRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgB4gAAQ
MA0GCSqGSIb3DQEBCwUAA4IBAQADrZr4NkxAnyEleSbf3ASIsQ0ru3ivxkAiswsZ
7k8+VBHyjh6VfnXmWX+rZqsfOud/r0ZZUQZltL4mszXTA++oQmY8ndjT3I/q02S5
iZUQX8/SZoDMRiM1yilN3Fv+Ksow9Y2zTNR6w3KyGcoevbIHDpvjJifFRE20RZwS
JyGofHXwxC0hvCthbIG+YTI+I9mubl4NWEzsXzBA1RzSM7Hwf+JCbiuWWRTuKkJI
nTHYr2d2A9JjPNMvdU37PRUdCePi27iDtvE0jnoZB9QflbPb2Vt2urU58ipEhHcV
h6TaWCqb3NQ2qq1EHRDmDWht/Utr4Haxgh2RIq+i3UnvA/ZB
-----END CERTIFICATE-----
Generated at Tue Apr 22 18:17:08 2025 by rpki-client