Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/bfb27a-f005-48cb-9473-ffb2ef4bfe25/1/lyGwGSiwxVZnrjWY9trqedOUYmM.roa
File: lyGwGSiwxVZnrjWY9trqedOUYmM.roa (raw, json)
Hash identifier: ePoAx5x8XZlnI5ljjkX18V0VblHiV1328UhBKil5qpc=
Subject key identifier: 97:21:B0:19:28:B0:C5:56:67:AE:35:98:F6:DA:EA:79:D3:94:62:63
Certificate issuer: /CN=ff597b40c6d4469f9b914a78dc8ec439323b0fb8
Certificate serial: 01856DC1B96065AB2A1D8C37F513471E451C
Authority key identifier: FF:59:7B:40:C6:D4:46:9F:9B:91:4A:78:DC:8E:C4:39:32:3B:0F:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_1l7QMbURp-bkUp43I7EOTI7D7g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/bfb27a-f005-48cb-9473-ffb2ef4bfe25/1/lyGwGSiwxVZnrjWY9trqedOUYmM.roa
Signing time: Sun 01 Jan 2023 14:34:50 +0000
ROA not before: Sun 01 Jan 2023 14:34:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 2a0b:4581::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:c1:b9:60:65:ab:2a:1d:8c:37:f5:13:47:1e:45:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff597b40c6d4469f9b914a78dc8ec439323b0fb8
Validity
Not Before: Jan 1 14:34:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9721b01928b0c55667ae3598f6daea79d3946263
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:ce:b8:08:d5:9b:d4:89:59:e2:44:90:81:70:
e7:2b:d7:1c:0f:80:65:68:3a:e4:7f:85:18:e6:07:
ee:55:81:ea:02:3e:9f:d4:d5:81:46:57:bb:b6:46:
b3:83:53:2a:a3:62:6f:c8:f4:78:c3:81:02:f8:fd:
0a:98:91:25:02:19:82:ee:25:0a:e6:8b:5e:d9:80:
42:45:a1:89:8b:fd:06:fa:e5:a2:f2:7d:88:ff:5b:
9e:25:11:6c:7b:a7:2b:8b:a0:9b:40:1c:62:c2:ba:
69:60:1d:1a:f0:5e:74:d3:aa:16:d4:4f:39:d3:0b:
97:bb:c8:f3:1e:55:94:4d:26:84:88:ed:6e:29:91:
e6:6f:24:8d:e0:cd:ee:d9:27:3e:11:64:ac:56:ad:
79:c9:da:2e:dd:0f:5d:29:0f:57:4a:1b:2a:54:c9:
58:1b:24:59:06:39:36:1f:59:d8:8d:c3:d0:51:af:
4c:30:eb:ec:62:e7:a2:78:fe:3d:11:f8:0f:c8:2b:
dc:ef:8d:1d:4e:b4:70:3e:c5:1a:29:04:71:0e:18:
e9:82:f3:c9:a1:b5:d5:42:b9:7f:5e:38:5f:46:a8:
cf:88:49:88:3d:55:5f:03:59:de:fd:93:9b:a8:ff:
f8:3c:d5:71:97:96:8c:66:47:10:9d:53:ba:65:2d:
84:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:21:B0:19:28:B0:C5:56:67:AE:35:98:F6:DA:EA:79:D3:94:62:63
X509v3 Authority Key Identifier:
keyid:FF:59:7B:40:C6:D4:46:9F:9B:91:4A:78:DC:8E:C4:39:32:3B:0F:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_1l7QMbURp-bkUp43I7EOTI7D7g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/bfb27a-f005-48cb-9473-ffb2ef4bfe25/1/lyGwGSiwxVZnrjWY9trqedOUYmM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/bfb27a-f005-48cb-9473-ffb2ef4bfe25/1/_1l7QMbURp-bkUp43I7EOTI7D7g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:4581::/48
Signature Algorithm: sha256WithRSAEncryption
5a:07:ef:43:b7:b9:06:ad:d6:92:6c:bd:b7:45:4e:26:27:dd:
1b:dc:b2:eb:d4:f7:50:fa:99:f8:53:df:78:ca:96:28:8c:4f:
a5:de:d9:95:0e:ad:e5:5a:ec:3e:14:05:70:33:eb:9b:f5:b4:
0a:85:94:8b:23:84:60:28:ce:fd:9a:5f:98:e5:85:14:d1:9a:
14:40:37:da:88:7f:62:bd:3d:25:ac:17:73:4f:3f:db:0a:10:
7b:14:90:53:64:b3:6e:e8:13:c2:d8:c3:0c:12:43:00:24:2e:
c7:98:b6:ed:61:34:fa:92:fd:b2:97:c8:a6:ab:b1:3b:6b:dd:
4c:6d:d5:b7:d8:d6:72:c8:9f:fb:6a:5e:cd:c5:fd:55:38:44:
46:1c:63:52:c5:b8:4d:12:32:0b:77:dd:43:db:9d:8c:76:47:
af:77:f7:3c:4b:cb:90:7f:2f:1c:b4:99:7c:a0:31:55:01:f4:
d7:11:df:e3:0b:5a:c9:11:1d:f9:c9:ff:09:a8:af:ad:56:12:
2a:7e:ee:4f:56:28:00:f8:8e:60:6f:da:95:7a:21:d6:4b:77:
91:98:b0:7c:39:c6:96:e5:81:02:9d:36:8d:c4:15:4a:a1:67:
65:88:f1:a7:bf:c3:89:58:62:b8:fe:ce:9a:a8:94:86:2d:33:
ce:65:0f:5e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVtwblgZasqHYw39RNHHkUcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmNTk3YjQwYzZkNDQ2OWY5YjkxNGE3OGRjOGVjNDM5MzIz
YjBmYjgwHhcNMjMwMTAxMTQzNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzIxYjAxOTI4YjBjNTU2NjdhZTM1OThmNmRhZWE3OWQzOTQ2MjYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqs64CNWb1IlZ4kSQgXDnK9ccD4Bl
aDrkf4UY5gfuVYHqAj6f1NWBRle7tkazg1Mqo2JvyPR4w4EC+P0KmJElAhmC7iUK
5ote2YBCRaGJi/0G+uWi8n2I/1ueJRFse6cri6CbQBxiwrppYB0a8F5006oW1E85
0wuXu8jzHlWUTSaEiO1uKZHmbySN4M3u2Sc+EWSsVq15ydou3Q9dKQ9XShsqVMlY
GyRZBjk2H1nYjcPQUa9MMOvsYueieP49EfgPyCvc740dTrRwPsUaKQRxDhjpgvPJ
obXVQrl/XjhfRqjPiEmIPVVfA1ne/ZObqP/4PNVxl5aMZkcQnVO6ZS2EqQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJchsBkosMVWZ641mPba6nnTlGJjMB8GA1UdIwQY
MBaAFP9Ze0DG1Eafm5FKeNyOxDkyOw+4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzFsN1FNYlVScC1ia1VwNDNJN0VPVEk3RDdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9iZmIyN2EtZjAwNS00OGNiLTk0NzMt
ZmZiMmVmNGJmZTI1LzEvbHlHd0dTaXd4VlpucmpXWTl0cnFlZE9VWW1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9iZmIyN2EtZjAwNS00OGNiLTk0NzMtZmZiMmVmNGJmZTI1
LzEvXzFsN1FNYlVScC1ia1VwNDNJN0VPVEk3RDdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgtFgQAA
MA0GCSqGSIb3DQEBCwUAA4IBAQBaB+9Dt7kGrdaSbL23RU4mJ90b3LLr1PdQ+pn4
U994ypYojE+l3tmVDq3lWuw+FAVwM+ub9bQKhZSLI4RgKM79ml+Y5YUU0ZoUQDfa
iH9ivT0lrBdzTz/bChB7FJBTZLNu6BPC2MMMEkMAJC7HmLbtYTT6kv2yl8imq7E7
a91MbdW32NZyyJ/7al7Nxf1VOERGHGNSxbhNEjILd91D252Mdkevd/c8S8uQfy8c
tJl8oDFVAfTXEd/jC1rJER35yf8JqK+tVhIqfu5PVigA+I5gb9qVeiHWS3eRmLB8
OcaW5YECnTaNxBVKoWdliPGnv8OJWGK4/s6aqJSGLTPOZQ9e
-----END CERTIFICATE-----
Generated at Mon Apr 7 13:40:05 2025 by rpki-client