Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/YF_G1f974le58mROXqie6_owfow.roa
File: YF_G1f974le58mROXqie6_owfow.roa (raw, json)
Hash identifier: j+kWEJ3fD7KsHx4X2tUWqEaFxPEkfyKW3qe4Vm1hDQs=
Subject key identifier: 60:5F:C6:D5:FF:7B:E2:57:B9:F2:64:4E:5E:A8:9E:EB:FA:30:7E:8C
Certificate issuer: /CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Certificate serial: 086017A7
Authority key identifier: 44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/YF_G1f974le58mROXqie6_owfow.roa
Signing time: Mon 28 Feb 2022 09:31:55 +0000
ROA not before: Mon 28 Feb 2022 09:31:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210625
IP address blocks: 2a09:4e07:9000::/36 maxlen: 36
2a09:4e06::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 140515239 (0x86017a7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Validity
Not Before: Feb 28 09:31:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=605fc6d5ff7be257b9f2644e5ea89eebfa307e8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:53:28:43:57:bb:b1:57:01:3e:53:0d:bb:2e:
12:ce:b4:2e:2f:cc:18:ae:8d:7b:57:2d:70:f5:7d:
48:67:17:50:37:60:3c:35:70:7d:c2:c4:f0:ad:54:
0b:44:99:49:a3:50:f8:e1:84:5d:53:8a:99:4e:ba:
63:d0:a9:27:37:ce:85:26:ce:e7:d6:43:64:6d:fd:
19:ea:3c:ae:41:29:34:6f:cf:2f:87:5b:77:a5:69:
f1:7e:ef:b9:98:d0:48:70:6a:50:25:6c:ba:19:9c:
3e:e1:73:9e:e1:ef:65:bb:99:cf:54:2b:b1:6d:05:
8c:97:1d:0f:e7:6c:34:1b:36:3d:4c:d4:2f:52:d2:
74:54:48:3d:61:4e:79:54:19:3b:3d:1b:d7:38:40:
cd:2a:f5:81:64:2b:f0:19:73:14:b8:9a:d8:4e:ef:
2e:22:0a:4f:40:46:f4:50:db:db:ab:2b:3e:a5:e0:
aa:1d:50:da:2a:4d:ce:c4:40:2a:c1:39:38:6b:53:
e1:c8:d3:9e:74:55:4e:b5:34:fa:88:87:d4:dd:77:
c4:e3:32:19:0b:75:73:49:d4:bc:95:eb:2b:87:60:
ec:99:e6:46:96:bb:2e:3e:3f:3a:a0:d1:5a:7f:09:
03:d0:d0:71:0a:c4:03:11:18:b0:de:eb:05:4e:92:
a9:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:5F:C6:D5:FF:7B:E2:57:B9:F2:64:4E:5E:A8:9E:EB:FA:30:7E:8C
X509v3 Authority Key Identifier:
keyid:44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/YF_G1f974le58mROXqie6_owfow.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:4e06::/32
2a09:4e07:9000::/36
Signature Algorithm: sha256WithRSAEncryption
1b:c6:62:7b:a5:22:61:93:96:58:4d:dc:be:de:2e:7a:8b:b3:
73:ac:03:9d:5e:c6:0d:a1:f8:54:22:85:b2:13:a5:cc:5d:d4:
dd:43:cb:0d:bb:a1:36:29:29:4c:87:0b:b8:7d:09:86:7e:ce:
30:be:94:a2:55:da:67:7a:5f:a9:38:00:9c:61:f2:33:b0:56:
91:0d:de:6b:2a:c7:f2:c7:77:7d:21:1e:af:11:a9:f6:94:7f:
23:07:0a:f6:7b:87:8d:cb:e9:17:7f:4b:50:68:00:7c:06:93:
fc:47:81:5e:2a:30:f3:2a:15:17:11:b6:ce:41:f2:b2:27:d2:
2e:1c:e7:f5:ca:4f:d1:ad:46:d3:e2:d8:d7:6f:39:f4:a3:05:
ec:15:f3:f9:d5:b2:9e:f4:be:41:18:3b:29:b1:89:71:9f:56:
a9:52:44:a0:c3:5e:05:d1:00:b4:3a:7b:09:b9:42:a7:4e:d4:
00:f5:70:00:28:6a:00:ad:d3:5d:e6:80:67:51:6f:59:e4:4e:
ff:d5:d2:dc:5c:8e:da:f9:83:60:ce:42:65:5c:f4:fc:6e:e8:
20:fc:a8:bc:6b:a6:19:73:9f:fc:da:f9:38:d5:68:29:6e:9c:
c7:af:38:54:9f:2a:14:28:f6:60:06:bb:f3:ac:cd:77:0f:26:
94:c1:20:bd
-----BEGIN CERTIFICATE-----
MIIE+DCCA+CgAwIBAgIECGAXpzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
NDU5ZWMyYTVmZDUzOTA5YzUyMzlmNGNjOGQ2ZDMyOWEyNzc5YmIxMB4XDTIyMDIy
ODA5MzE1NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjA1ZmM2ZDVmZjdi
ZTI1N2I5ZjI2NDRlNWVhODllZWJmYTMwN2U4YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKpTKENXu7FXAT5TDbsuEs60Li/MGK6Ne1ctcPV9SGcXUDdg
PDVwfcLE8K1UC0SZSaNQ+OGEXVOKmU66Y9CpJzfOhSbO59ZDZG39Geo8rkEpNG/P
L4dbd6Vp8X7vuZjQSHBqUCVsuhmcPuFznuHvZbuZz1QrsW0FjJcdD+dsNBs2PUzU
L1LSdFRIPWFOeVQZOz0b1zhAzSr1gWQr8BlzFLia2E7vLiIKT0BG9FDb26srPqXg
qh1Q2ipNzsRAKsE5OGtT4cjTnnRVTrU0+oiH1N13xOMyGQt1c0nUvJXrK4dg7Jnm
Rpa7Lj4/OqDRWn8JA9DQcQrEAxEYsN7rBU6SqQ8CAwEAAaOCAhIwggIOMB0GA1Ud
DgQWBBRgX8bV/3viV7nyZE5eqJ7r+jB+jDAfBgNVHSMEGDAWgBREWewqX9U5CcUj
n0zI1tMponebsTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1JGbnNLbF9WT1FuRkk1OU15TmJUS2FKM203RS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTcvZjBhZTYyLWMxMDctNDNjZS1hOGE5LTZiNDM3MjYwMjA5Ni8x
L1lGX0cxZjk3NGxlNThtUk9YcWllNl9vd2Zvdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTcv
ZjBhZTYyLWMxMDctNDNjZS1hOGE5LTZiNDM3MjYwMjA5Ni8xL1JGbnNLbF9WT1Fu
Rkk1OU15TmJUS2FKM203RS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAo
BggrBgEFBQcBBwEB/wQZMBcwFQQCAAIwDwMFACoJTgYDBgQqCU4HkDANBgkqhkiG
9w0BAQsFAAOCAQEAG8Zie6UiYZOWWE3cvt4ueouzc6wDnV7GDaH4VCKFshOlzF3U
3UPLDbuhNikpTIcLuH0Jhn7OML6UolXaZ3pfqTgAnGHyM7BWkQ3eayrH8sd3fSEe
rxGp9pR/IwcK9nuHjcvpF39LUGgAfAaT/EeBXiow8yoVFxG2zkHysifSLhzn9cpP
0a1G0+LY12859KMF7BXz+dWynvS+QRg7KbGJcZ9WqVJEoMNeBdEAtDp7CblCp07U
APVwAChqAK3TXeaAZ1FvWeRO/9XS3FyO2vmDYM5CZVz0/G7oIPyovGumGXOf/Nr5
ONVoKW6cx684VJ8qFCj2YAa786zNdw8mlMEgvQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:32 2023 by rpki-client on console-ams.rpki-client.org