Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/fb0157-6746-4b00-8f8e-b89a26199976/1/YVflwoBrqdLcdMr5yOu3Q5tv3iY.roa
File: YVflwoBrqdLcdMr5yOu3Q5tv3iY.roa (raw, json)
Hash identifier: xhoetdOECKBG4OREjAvb+YHbEkMOAVI1KK7C1rXnZjw=
Subject key identifier: 61:57:E5:C2:80:6B:A9:D2:DC:74:CA:F9:C8:EB:B7:43:9B:6F:DE:26
Certificate issuer: /CN=2631166de785a3531bdc8361f1190a8369a7ed6a
Certificate serial: 0189B1962D389DFCF7FB6E33E9589CB94449
Authority key identifier: 26:31:16:6D:E7:85:A3:53:1B:DC:83:61:F1:19:0A:83:69:A7:ED:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JjEWbeeFo1Mb3INh8RkKg2mn7Wo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/fb0157-6746-4b00-8f8e-b89a26199976/1/YVflwoBrqdLcdMr5yOu3Q5tv3iY.roa
Signing time: Tue 01 Aug 2023 14:52:36 +0000
ROA not before: Tue 01 Aug 2023 14:52:36 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58061
IP address blocks: 2a00:1ca8:d4::/48 maxlen: 48
2a00:1ca8:9c::/48 maxlen: 48
2a03:3f40:2::/48 maxlen: 48
2a00:1ca8:45::/48 maxlen: 48
2a00:1ca8:d3::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:b1:96:2d:38:9d:fc:f7:fb:6e:33:e9:58:9c:b9:44:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2631166de785a3531bdc8361f1190a8369a7ed6a
Validity
Not Before: Aug 1 14:52:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6157e5c2806ba9d2dc74caf9c8ebb7439b6fde26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:f9:69:c1:2f:c4:9e:99:91:ca:3d:c2:4b:83:
6a:65:09:55:c9:07:e7:01:e3:98:01:f1:d3:c6:3b:
db:64:51:ba:c0:46:f7:c4:35:99:1d:eb:18:d1:a9:
ad:df:38:ec:27:42:9d:81:62:95:1d:dc:96:be:75:
f9:96:ee:49:6c:09:7e:c7:d5:79:88:36:65:a3:ce:
e5:b9:02:f9:35:1f:49:09:3a:23:24:73:7a:70:17:
45:93:8d:93:af:e5:4b:db:ee:a7:fa:db:98:5d:7a:
35:e8:c5:03:d8:98:0c:cd:23:5e:84:7d:39:ac:c1:
f2:52:cf:f6:2b:d2:d5:75:6f:98:7a:81:be:a1:c7:
b3:50:51:64:8b:ca:85:ab:56:4e:53:63:df:25:57:
b0:11:21:85:f7:9c:98:04:28:71:6e:a9:7a:b4:99:
80:8b:0b:32:39:ea:7f:c8:e1:b1:ab:ce:14:97:66:
43:ff:76:cc:0a:70:54:68:d6:ea:09:9b:a4:69:7d:
07:9e:2c:0d:ac:cf:c6:67:16:db:ac:16:dd:7b:fa:
c8:29:47:f5:d3:d7:c1:b8:61:4b:f0:9c:43:bd:0d:
b6:20:0b:40:f5:56:c4:54:62:e5:17:3c:b3:3a:42:
33:67:3e:6b:59:51:66:ef:d8:65:95:9e:78:44:fe:
11:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:57:E5:C2:80:6B:A9:D2:DC:74:CA:F9:C8:EB:B7:43:9B:6F:DE:26
X509v3 Authority Key Identifier:
keyid:26:31:16:6D:E7:85:A3:53:1B:DC:83:61:F1:19:0A:83:69:A7:ED:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JjEWbeeFo1Mb3INh8RkKg2mn7Wo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/fb0157-6746-4b00-8f8e-b89a26199976/1/YVflwoBrqdLcdMr5yOu3Q5tv3iY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/fb0157-6746-4b00-8f8e-b89a26199976/1/JjEWbeeFo1Mb3INh8RkKg2mn7Wo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:1ca8:45::/48
2a00:1ca8:9c::/48
2a00:1ca8:d3::-2a00:1ca8:d4:ffff:ffff:ffff:ffff:ffff
2a03:3f40:2::/48
Signature Algorithm: sha256WithRSAEncryption
8b:c3:07:cb:ac:6d:76:64:e4:ce:a8:ab:37:73:1b:3b:54:12:
35:e1:bd:cf:49:e6:35:fa:f4:eb:7a:0e:61:18:f2:06:13:07:
1c:4b:40:00:7c:27:a6:58:ce:28:65:aa:06:4d:d4:d8:28:fd:
c8:f2:af:9a:15:10:a0:94:05:3f:af:67:08:72:6b:c7:10:40:
8c:ec:6b:2d:07:5d:cb:09:0b:d7:64:1e:66:ab:94:dc:1a:a5:
47:fe:02:8c:c4:2c:4e:7f:8b:06:dd:05:bb:79:6e:8f:cd:16:
a8:3a:f3:cf:1d:b6:01:eb:a6:69:4d:a9:37:10:13:64:93:d6:
89:3e:57:6f:f0:cc:35:78:1a:89:44:17:4c:c6:be:99:96:a6:
8d:1c:8c:e2:38:e3:a7:f8:fb:e5:fd:4d:05:b2:81:88:2c:81:
3b:1c:52:5b:d3:41:03:ec:dc:79:ca:6b:27:a6:6a:49:29:50:
5d:05:e8:c7:08:44:9a:04:4f:2a:a1:1b:71:02:8e:1f:e9:f5:
bd:da:b4:b1:2f:75:2a:1b:fb:85:52:1b:4d:83:ef:5f:f1:bd:
b1:fa:a8:db:1c:4e:25:e9:f2:10:83:e2:e3:84:6a:62:02:67:
9e:df:07:e7:ed:06:5e:ed:85:77:a7:36:bb:5f:aa:fb:08:00:
0a:b6:94:2b
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYmxli04nfz3+24z6VicuURJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2MzExNjZkZTc4NWEzNTMxYmRjODM2MWYxMTkwYTgzNjlh
N2VkNmEwHhcNMjMwODAxMTQ1MjM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTU3ZTVjMjgwNmJhOWQyZGM3NGNhZjljOGViYjc0MzliNmZkZTI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj/lpwS/EnpmRyj3CS4NqZQlVyQfn
AeOYAfHTxjvbZFG6wEb3xDWZHesY0amt3zjsJ0KdgWKVHdyWvnX5lu5JbAl+x9V5
iDZlo87luQL5NR9JCTojJHN6cBdFk42Tr+VL2+6n+tuYXXo16MUD2JgMzSNehH05
rMHyUs/2K9LVdW+YeoG+ocezUFFki8qFq1ZOU2PfJVewESGF95yYBChxbql6tJmA
iwsyOep/yOGxq84Ul2ZD/3bMCnBUaNbqCZukaX0HniwNrM/GZxbbrBbde/rIKUf1
09fBuGFL8JxDvQ22IAtA9VbEVGLlFzyzOkIzZz5rWVFm79hllZ54RP4R7QIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFGFX5cKAa6nS3HTK+cjrt0Obb94mMB8GA1UdIwQY
MBaAFCYxFm3nhaNTG9yDYfEZCoNpp+1qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmpFV2JlZUZvMU1iM0lOaDhSa0tnMm1uN1dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS9mYjAxNTctNjc0Ni00YjAwLThmOGUt
Yjg5YTI2MTk5OTc2LzEvWVZmbHdvQnJxZExjZE1yNXlPdTNRNXR2M2lZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS9mYjAxNTctNjc0Ni00YjAwLThmOGUtYjg5YTI2MTk5OTc2
LzEvSmpFV2JlZUZvMU1iM0lOaDhSa0tnMm1uN1dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzA1BAIAAjAvAwcAKgAcqABF
AwcAKgAcqACcMBIDBwAqAByoANMDBwAqAByoANQDBwAqAz9AAAIwDQYJKoZIhvcN
AQELBQADggEBAIvDB8usbXZk5M6oqzdzGztUEjXhvc9J5jX69Ot6DmEY8gYTBxxL
QAB8J6ZYzihlqgZN1Ngo/cjyr5oVEKCUBT+vZwhya8cQQIzsay0HXcsJC9dkHmar
lNwapUf+AozELE5/iwbdBbt5bo/NFqg6888dtgHrpmlNqTcQE2ST1ok+V2/wzDV4
GolEF0zGvpmWpo0cjOI446f4++X9TQWygYgsgTscUlvTQQPs3HnKayemakkpUF0F
6McIRJoETyqhG3ECjh/p9b3atLEvdSob+4VSG02D71/xvbH6qNscTiXp8hCD4uOE
amICZ57fB+ftBl7thXenNrtfqvsIAAq2lCs=
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:36:55 2025 by rpki-client