Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/ytaM6wOZhhn7FopMzm016NH_V1U.roa
File: ytaM6wOZhhn7FopMzm016NH_V1U.roa (raw, json)
Hash identifier: ylpUgNxYdAX3oKBo2Awp3L9JuncT/fq4UlR70WtxIs0=
Subject key identifier: CA:D6:8C:EB:03:99:86:19:FB:16:8A:4C:CE:6D:35:E8:D1:FF:57:55
Certificate issuer: /CN=00775d9471b85d963fef6d283590e2d942dd5c21
Certificate serial: 01856F5DB1AD480FF1999AB50E15485CEBEF
Authority key identifier: 00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/ytaM6wOZhhn7FopMzm016NH_V1U.roa
Signing time: Sun 01 Jan 2023 22:04:49 +0000
ROA not before: Sun 01 Jan 2023 22:04:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29577
IP address blocks: 81.12.0.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:5d:b1:ad:48:0f:f1:99:9a:b5:0e:15:48:5c:eb:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00775d9471b85d963fef6d283590e2d942dd5c21
Validity
Not Before: Jan 1 22:04:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cad68ceb03998619fb168a4cce6d35e8d1ff5755
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:ff:67:a9:01:30:4c:e3:9a:13:0e:65:a7:d8:
7f:01:dd:27:e3:c5:2b:f0:ea:a7:13:d5:74:83:2d:
9e:9e:e3:1e:85:7d:ea:5d:c0:c6:e8:02:93:c3:60:
d6:69:b8:da:98:05:da:8c:c6:c6:1f:60:79:c8:ce:
0c:36:49:ad:9f:e7:c1:5a:39:3f:a7:7d:03:ac:e3:
b7:25:1c:6c:fa:bd:55:d8:f6:e9:2e:ff:1f:7c:67:
c4:4e:bc:c3:0b:9c:45:9f:e6:79:09:53:7f:5e:42:
5e:04:2e:2d:82:36:d0:1a:f2:84:84:21:1f:c0:39:
2d:70:fc:35:cf:b1:4f:9f:ae:d1:32:57:c6:de:d3:
01:6b:0d:a0:de:84:b8:dc:cc:4c:35:e1:3e:fe:0b:
69:d8:dc:2b:fb:8e:3e:4b:8b:56:50:80:c6:f8:24:
af:6e:a0:e0:c2:76:f7:8b:f7:81:ed:e5:45:2f:7c:
14:01:a7:39:65:20:a9:54:47:28:41:44:fd:5c:cd:
14:0c:73:88:8a:5e:9c:36:76:b8:ce:a0:59:39:c2:
67:fb:1d:04:c8:15:77:5e:9b:c1:5f:74:e2:4d:77:
47:e2:9f:90:85:ea:c0:92:73:77:b6:53:65:76:02:
ed:87:b9:db:43:2b:5b:bd:cd:27:25:d5:56:f5:f7:
5b:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:D6:8C:EB:03:99:86:19:FB:16:8A:4C:CE:6D:35:E8:D1:FF:57:55
X509v3 Authority Key Identifier:
keyid:00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/ytaM6wOZhhn7FopMzm016NH_V1U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.12.0.0/22
Signature Algorithm: sha256WithRSAEncryption
c0:3e:2b:94:c3:7d:c8:68:d0:4a:79:24:b0:e6:e9:8f:6a:2e:
df:04:0e:e4:7d:5a:00:37:d7:87:4d:9e:62:9f:3a:9c:76:c4:
29:4d:e8:df:ac:31:00:67:fe:11:39:a1:00:01:b8:2d:3a:ab:
4c:93:5b:b6:dc:2c:eb:80:ca:10:d7:a6:df:d0:cc:cf:ed:fe:
d1:1a:47:84:df:e2:5e:a6:05:d0:8c:88:d5:98:76:b9:6f:e4:
81:ee:af:2f:21:5e:c0:c8:48:92:0f:34:67:c2:7b:29:63:38:
68:0d:f2:9e:c4:45:b4:95:33:6c:70:10:d0:98:92:23:b0:96:
ae:bd:d9:3d:30:00:20:69:42:1b:c0:e0:99:f4:40:02:5a:0b:
57:60:8f:8b:68:f0:41:48:ae:2c:5a:8b:b9:98:f0:15:33:7c:
43:ec:58:15:9f:62:80:b5:22:b4:de:fe:d9:29:af:61:e0:1b:
9b:99:f6:78:50:12:25:d7:5f:3f:05:95:a1:8c:99:ed:2e:64:
ff:9d:81:ad:6b:27:ce:93:70:95:6a:a7:56:49:9f:ef:ae:95:
34:ba:3a:f1:3b:ab:58:51:b4:8a:e7:97:c4:1c:83:85:76:b5:
c0:1f:6c:7c:f2:24:58:b9:71:98:71:00:a0:a3:cb:0e:7d:b1:
d5:91:fe:5a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvXbGtSA/xmZq1DhVIXOvvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNzc1ZDk0NzFiODVkOTYzZmVmNmQyODM1OTBlMmQ5NDJk
ZDVjMjEwHhcNMjMwMTAxMjIwNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWQ2OGNlYjAzOTk4NjE5ZmIxNjhhNGNjZTZkMzVlOGQxZmY1NzU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2/9nqQEwTOOaEw5lp9h/Ad0n48Ur
8OqnE9V0gy2enuMehX3qXcDG6AKTw2DWabjamAXajMbGH2B5yM4MNkmtn+fBWjk/
p30DrOO3JRxs+r1V2PbpLv8ffGfETrzDC5xFn+Z5CVN/XkJeBC4tgjbQGvKEhCEf
wDktcPw1z7FPn67RMlfG3tMBaw2g3oS43MxMNeE+/gtp2Nwr+44+S4tWUIDG+CSv
bqDgwnb3i/eB7eVFL3wUAac5ZSCpVEcoQUT9XM0UDHOIil6cNna4zqBZOcJn+x0E
yBV3XpvBX3TiTXdH4p+QherAknN3tlNldgLth7nbQytbvc0nJdVW9fdbLwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMrWjOsDmYYZ+xaKTM5tNejR/1dVMB8GA1UdIwQY
MBaAFAB3XZRxuF2WP+9tKDWQ4tlC3VwhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQt
NzZiMzNlNGNlODIxLzEveXRhTTZ3T1poaG43Rm9wTXptMDE2TkhfVjFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQtNzZiMzNlNGNlODIx
LzEvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCUQwAMA0G
CSqGSIb3DQEBCwUAA4IBAQDAPiuUw33IaNBKeSSw5umPai7fBA7kfVoAN9eHTZ5i
nzqcdsQpTejfrDEAZ/4ROaEAAbgtOqtMk1u23CzrgMoQ16bf0MzP7f7RGkeE3+Je
pgXQjIjVmHa5b+SB7q8vIV7AyEiSDzRnwnspYzhoDfKexEW0lTNscBDQmJIjsJau
vdk9MAAgaUIbwOCZ9EACWgtXYI+LaPBBSK4sWou5mPAVM3xD7FgVn2KAtSK03v7Z
Ka9h4BubmfZ4UBIl118/BZWhjJntLmT/nYGtayfOk3CVaqdWSZ/vrpU0ujrxO6tY
UbSK55fEHIOFdrXAH2x88iRYuXGYcQCgo8sOfbHVkf5a
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:10:18 2025 by rpki-client