Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/yHGTWGtwA4MfFiYSJDKKiLRbJeM.roa
File: yHGTWGtwA4MfFiYSJDKKiLRbJeM.roa (raw, json)
Hash identifier: 58GA+J6wLlCbJQ+GDDysBTKZI/44wPQE9DxvG3b4rOQ=
Subject key identifier: C8:71:93:58:6B:70:03:83:1F:16:26:12:24:32:8A:88:B4:5B:25:E3
Certificate issuer: /CN=3ba5b1c09aa31f6713c61b32e558109e47966d42
Certificate serial: 0185F3625EF2820A9D68656A04061DEC78F4
Authority key identifier: 3B:A5:B1:C0:9A:A3:1F:67:13:C6:1B:32:E5:58:10:9E:47:96:6D:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O6WxwJqjH2cTxhsy5VgQnkeWbUI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/yHGTWGtwA4MfFiYSJDKKiLRbJeM.roa
Signing time: Fri 27 Jan 2023 13:19:48 +0000
ROA not before: Fri 27 Jan 2023 13:19:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3308
IP address blocks: 2001:2010::/28 maxlen: 28
2001:2010::/31 maxlen: 31
2001:2000:1000::/40 maxlen: 40
2001:2012::/32 maxlen: 32
2001:2092::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:f3:62:5e:f2:82:0a:9d:68:65:6a:04:06:1d:ec:78:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ba5b1c09aa31f6713c61b32e558109e47966d42
Validity
Not Before: Jan 27 13:19:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c87193586b7003831f16261224328a88b45b25e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:20:2b:12:84:ed:b1:49:c6:9b:cd:69:03:bd:
64:b4:fa:8d:51:09:89:3b:04:b5:e0:c9:ac:4e:4e:
2a:80:cb:90:a0:8d:05:0d:54:02:99:3e:0c:c6:95:
44:08:5b:d9:68:0c:d7:28:0f:61:66:02:68:e1:26:
a7:fa:86:46:19:2b:6e:fe:d5:24:7d:54:0d:f2:f6:
fa:b1:12:94:d3:0c:1a:cc:e7:11:a2:05:ed:e0:3b:
3a:34:f1:70:b0:86:c8:54:3e:a6:ec:af:74:0b:1b:
84:54:f6:79:bc:d2:5f:69:0c:0f:9f:eb:e2:cc:66:
55:f8:f3:60:1e:0e:08:52:c1:95:dd:10:97:76:0e:
80:8f:d4:d4:25:40:bf:e9:68:27:7b:65:f1:fe:94:
cf:5a:d1:f7:11:fa:6f:eb:32:b6:74:d0:46:0a:14:
84:3c:c4:37:af:9c:f9:70:39:f0:cd:31:50:0f:c0:
99:bb:16:f9:b6:ea:a1:10:ee:43:1b:db:a5:54:e9:
7b:f8:2b:dc:6b:2d:43:a3:17:80:9f:64:9c:ca:5c:
0b:37:b1:68:90:fc:11:25:74:5a:7c:5d:3b:e5:9a:
27:ce:40:b2:e9:3f:8c:b0:2c:4a:7a:4d:59:ae:e3:
98:99:e5:1f:21:81:ed:40:b4:c6:40:74:15:57:db:
15:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:71:93:58:6B:70:03:83:1F:16:26:12:24:32:8A:88:B4:5B:25:E3
X509v3 Authority Key Identifier:
keyid:3B:A5:B1:C0:9A:A3:1F:67:13:C6:1B:32:E5:58:10:9E:47:96:6D:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O6WxwJqjH2cTxhsy5VgQnkeWbUI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/yHGTWGtwA4MfFiYSJDKKiLRbJeM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/O6WxwJqjH2cTxhsy5VgQnkeWbUI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:2000:1000::/40
2001:2010::/28
2001:2092::/32
Signature Algorithm: sha256WithRSAEncryption
09:cd:e2:df:1d:56:8c:9b:f6:ae:f6:ac:d7:43:ea:2d:51:5e:
ad:e7:fe:8f:f7:59:23:bc:59:15:a1:61:05:07:fa:f5:80:01:
a4:e3:fb:6d:4c:4d:fc:ec:64:bf:89:8b:56:15:ce:31:38:71:
20:92:80:b2:2c:97:fb:68:9e:7d:d8:48:e5:3f:3d:82:34:da:
e9:bd:c7:ba:a9:49:bb:ff:83:ce:14:de:cb:cf:3b:03:30:23:
97:78:b8:98:7f:77:d6:e5:75:41:80:21:9a:10:f5:67:31:b9:
10:bd:55:47:35:fa:40:23:6a:17:72:24:e0:a3:b7:99:74:1d:
a0:50:93:38:8a:be:d6:d7:c8:cd:bc:27:8f:89:2d:1e:0a:37:
0e:8e:2b:9a:bd:a2:ad:63:32:11:57:19:5b:25:69:8b:80:24:
8b:df:55:26:00:f4:a3:c8:65:7d:bc:2d:ce:0b:4a:1d:82:55:
6d:61:7d:2e:c4:85:62:b8:29:ed:11:6d:f6:f1:1e:02:b1:33:
50:cd:76:48:53:53:d7:db:af:c1:27:84:dc:41:34:93:59:63:
bf:dc:8a:91:6b:5f:38:ce:c4:9a:95:85:a1:72:c6:eb:60:d8:
8a:0d:a8:6b:8a:a9:e1:b0:84:d7:59:09:7c:d0:2e:44:1e:10:
cf:22:b0:3d
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYXzYl7yggqdaGVqBAYd7Hj0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiYTViMWMwOWFhMzFmNjcxM2M2MWIzMmU1NTgxMDllNDc5
NjZkNDIwHhcNMjMwMTI3MTMxOTQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODcxOTM1ODZiNzAwMzgzMWYxNjI2MTIyNDMyOGE4OGI0NWIyNWUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtSArEoTtsUnGm81pA71ktPqNUQmJ
OwS14MmsTk4qgMuQoI0FDVQCmT4MxpVECFvZaAzXKA9hZgJo4San+oZGGStu/tUk
fVQN8vb6sRKU0wwazOcRogXt4Ds6NPFwsIbIVD6m7K90CxuEVPZ5vNJfaQwPn+vi
zGZV+PNgHg4IUsGV3RCXdg6Aj9TUJUC/6Wgne2Xx/pTPWtH3Efpv6zK2dNBGChSE
PMQ3r5z5cDnwzTFQD8CZuxb5tuqhEO5DG9ulVOl7+Cvcay1DoxeAn2ScylwLN7Fo
kPwRJXRafF075ZonzkCy6T+MsCxKek1ZruOYmeUfIYHtQLTGQHQVV9sViQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFMhxk1hrcAODHxYmEiQyioi0WyXjMB8GA1UdIwQY
MBaAFDulscCaox9nE8YbMuVYEJ5Hlm1CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzZXeHdKcWpIMmNUeGhzeTVWZ1Fua2VXYlVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC8xM2JkNzctZDI5Ny00Njg5LWJlZTQt
NDY2ZTljYWI3ODY0LzEveUhHVFdHdHdBNE1mRmlZU0pES0tpTFJiSmVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC8xM2JkNzctZDI5Ny00Njg5LWJlZTQtNDY2ZTljYWI3ODY0
LzEvTzZXeHdKcWpIMmNUeGhzeTVWZ1Fua2VXYlVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAcBAIAAjAWAwYAIAEgABAD
BQQgASAQAwUAIAEgkjANBgkqhkiG9w0BAQsFAAOCAQEACc3i3x1WjJv2rvas10Pq
LVFeref+j/dZI7xZFaFhBQf69YABpOP7bUxN/Oxkv4mLVhXOMThxIJKAsiyX+2ie
fdhI5T89gjTa6b3HuqlJu/+DzhTey887AzAjl3i4mH931uV1QYAhmhD1ZzG5EL1V
RzX6QCNqF3Ik4KO3mXQdoFCTOIq+1tfIzbwnj4ktHgo3Do4rmr2irWMyEVcZWyVp
i4Aki99VJgD0o8hlfbwtzgtKHYJVbWF9LsSFYrgp7RFt9vEeArEzUM12SFNT19uv
wSeE3EE0k1ljv9yKkWtfOM7EmpWFoXLG62DYig2oa4qp4bCE11kJfNAuRB4QzyKw
PQ==
-----END CERTIFICATE-----
Generated at Sat Apr 19 07:23:36 2025 by rpki-client