Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/yMvpkXjAi8jYZMaXjEqnc1g9FzA.roa
File: yMvpkXjAi8jYZMaXjEqnc1g9FzA.roa (raw, json)
Hash identifier: KMDZeGIKnKGSzMByMlM2ViMlgVemdL/o0QCPTCL4kjo=
Subject key identifier: C8:CB:E9:91:78:C0:8B:C8:D8:64:C6:97:8C:4A:A7:73:58:3D:17:30
Certificate issuer: /CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Certificate serial: 0182F04E0B6349E96D52A3119F8FD4944BC8
Authority key identifier: 44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/yMvpkXjAi8jYZMaXjEqnc1g9FzA.roa
Signing time: Tue 30 Aug 2022 19:50:22 +0000
ROA not before: Tue 30 Aug 2022 19:50:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203629
IP address blocks: 2a0f:cf84::/30 maxlen: 30
2a09:3800::/30 maxlen: 30
2a0b:ab04::/30 maxlen: 30
2a09:3b04::/30 maxlen: 30
2a0c:e8c4::/30 maxlen: 30
2a0a:2880::/30 maxlen: 30
2a09:3804::/30 maxlen: 30
2a0a:2884::/30 maxlen: 30
2a10:d8c4::/30 maxlen: 30
2a0d:2e44::/30 maxlen: 30
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:f0:4e:0b:63:49:e9:6d:52:a3:11:9f:8f:d4:94:4b:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Validity
Not Before: Aug 30 19:50:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c8cbe99178c08bc8d864c6978c4aa773583d1730
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:5c:2d:0a:76:df:bc:53:0b:a9:aa:89:01:62:
69:14:94:77:93:5e:f0:8d:8f:ef:b1:5b:e9:e6:3e:
22:e5:34:23:ce:a0:a4:f4:28:8a:49:6d:47:07:58:
42:78:47:50:cb:08:3e:3d:44:c7:93:48:58:01:d6:
2f:d9:17:d3:d0:de:21:f8:33:79:e1:c4:9e:f6:ca:
93:28:f4:92:53:19:5b:ae:9f:dc:5c:2a:ad:02:aa:
af:e4:85:76:f7:cd:67:82:e0:ab:a7:3a:52:45:e0:
53:d9:74:e4:d3:35:91:53:0f:90:16:1b:ba:4c:4d:
25:52:62:c6:07:a5:a0:9d:38:36:c7:d1:e2:2a:ad:
55:44:1d:1c:c6:e4:fe:ba:9c:a7:92:d3:06:29:9f:
db:8e:fd:eb:0a:5d:73:4e:0b:dd:aa:6e:16:a4:91:
0d:01:b8:3e:9c:20:19:f4:7d:91:88:af:da:ff:c9:
dd:be:3c:fb:88:c7:c2:14:b5:ad:4f:f1:a2:88:50:
8c:2d:98:8e:70:e5:b0:7a:9c:53:50:1b:78:88:91:
09:f1:9b:5c:05:90:50:5a:c0:14:ca:32:b3:f8:f1:
8e:80:dd:23:93:5f:af:0e:35:45:8e:9f:e8:71:c9:
84:b5:18:03:2b:b3:cd:dd:f7:fd:29:eb:27:02:c7:
99:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:CB:E9:91:78:C0:8B:C8:D8:64:C6:97:8C:4A:A7:73:58:3D:17:30
X509v3 Authority Key Identifier:
keyid:44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/yMvpkXjAi8jYZMaXjEqnc1g9FzA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:3800::/29
2a09:3b04::/30
2a0a:2880::/29
2a0b:ab04::/30
2a0c:e8c4::/30
2a0d:2e44::/30
2a0f:cf84::/30
2a10:d8c4::/30
Signature Algorithm: sha256WithRSAEncryption
01:0f:ec:6b:40:97:23:c9:16:76:13:35:d4:8d:bc:aa:0b:58:
eb:8e:39:ea:16:bd:11:86:88:2f:1f:3b:9b:f0:9c:e7:3b:46:
8c:2e:4b:12:61:e4:a2:e5:1f:8c:e6:90:1b:39:7a:48:a0:04:
8b:40:1b:0b:cd:6d:8d:2f:c4:f2:a6:92:1f:6c:8b:b1:11:91:
2a:63:90:03:d1:29:1e:99:26:d6:d1:ca:48:ff:ce:c0:c6:32:
d9:2b:3a:b6:ba:90:c8:e7:9e:86:27:a0:83:0e:44:f8:62:d7:
be:09:46:cc:5f:53:14:8a:d7:3d:42:9f:4d:de:5d:4d:a4:da:
2b:a2:08:a9:bd:4d:64:7a:a0:1c:ec:b1:12:7d:e4:c6:a6:d4:
bd:b0:ce:d9:9f:72:46:84:c7:e4:ab:1d:74:73:87:b7:ab:a0:
f1:1a:6a:c9:bb:30:a1:83:cf:f5:70:81:ac:26:23:2f:f7:20:
f3:ae:3c:dc:af:65:aa:df:41:87:30:81:85:66:aa:7d:41:e8:
3f:16:f3:36:d8:d3:64:b0:a3:3f:db:2a:68:5a:14:10:b8:85:
e2:c1:49:af:b5:3a:9e:d7:4a:5e:57:dd:9e:b0:6f:89:97:b7:
bd:dc:5f:d1:7c:48:bb:85:8d:60:0f:8e:f2:70:d2:d9:52:15:
7e:21:1d:95
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYLwTgtjSeltUqMRn4/UlEvIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NTllYzJhNWZkNTM5MDljNTIzOWY0Y2M4ZDZkMzI5YTI3
NzliYjEwHhcNMjIwODMwMTk1MDIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGNiZTk5MTc4YzA4YmM4ZDg2NGM2OTc4YzRhYTc3MzU4M2QxNzMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgFwtCnbfvFMLqaqJAWJpFJR3k17w
jY/vsVvp5j4i5TQjzqCk9CiKSW1HB1hCeEdQywg+PUTHk0hYAdYv2RfT0N4h+DN5
4cSe9sqTKPSSUxlbrp/cXCqtAqqv5IV2981nguCrpzpSReBT2XTk0zWRUw+QFhu6
TE0lUmLGB6WgnTg2x9HiKq1VRB0cxuT+upynktMGKZ/bjv3rCl1zTgvdqm4WpJEN
Abg+nCAZ9H2RiK/a/8ndvjz7iMfCFLWtT/GiiFCMLZiOcOWwepxTUBt4iJEJ8Ztc
BZBQWsAUyjKz+PGOgN0jk1+vDjVFjp/occmEtRgDK7PN3ff9KesnAseZXwIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFMjL6ZF4wIvI2GTGl4xKp3NYPRcwMB8GA1UdIwQY
MBaAFERZ7Cpf1TkJxSOfTMjW0ymid5uxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTkt
NmI0MzcyNjAyMDk2LzEveU12cGtYakFpOGpZWk1hWGpFcW5jMWc5RnpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTktNmI0MzcyNjAyMDk2
LzEvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAAjA4AwUDKgk4AAMF
AioJOwQDBQMqCiiAAwUCKgurBAMFAioM6MQDBQIqDS5EAwUCKg/PhAMFAioQ2MQw
DQYJKoZIhvcNAQELBQADggEBAAEP7GtAlyPJFnYTNdSNvKoLWOuOOeoWvRGGiC8f
O5vwnOc7RowuSxJh5KLlH4zmkBs5ekigBItAGwvNbY0vxPKmkh9si7ERkSpjkAPR
KR6ZJtbRykj/zsDGMtkrOra6kMjnnoYnoIMORPhi174JRsxfUxSK1z1Cn03eXU2k
2iuiCKm9TWR6oBzssRJ95Mam1L2wztmfckaEx+SrHXRzh7eroPEaasm7MKGDz/Vw
gawmIy/3IPOuPNyvZarfQYcwgYVmqn1B6D8W8zbY02Swoz/bKmhaFBC4heLBSa+1
Op7XSl5X3Z6wb4mXt73cX9F8SLuFjWAPjvJw0tlSFX4hHZU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:05 2024 by rpki-client on console-fra.rpki-client.org