Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/8a7da4-ba19-4b29-87e0-9155132a179a/1/yBkmzij3_X9u7wNH777N-ABY2uU.roa
File: yBkmzij3_X9u7wNH777N-ABY2uU.roa (raw, json)
Hash identifier: rMiB72w4DzfWquIG27mZl+E2cmATlDvv7xfZ/qjvna4=
Subject key identifier: C8:19:26:CE:28:F7:FD:7F:6E:EF:03:47:EF:BE:CD:F8:00:58:DA:E5
Certificate issuer: /CN=3b97de17512cfa8bebc3df80b27b47624ef41691
Certificate serial: 01856F428C417749F11EB22BE39B9E3E8E79
Authority key identifier: 3B:97:DE:17:51:2C:FA:8B:EB:C3:DF:80:B2:7B:47:62:4E:F4:16:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O5feF1Es-ovrw9-AsntHYk70FpE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/8a7da4-ba19-4b29-87e0-9155132a179a/1/yBkmzij3_X9u7wNH777N-ABY2uU.roa
Signing time: Sun 01 Jan 2023 21:35:10 +0000
ROA not before: Sun 01 Jan 2023 21:35:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201257
IP address blocks: 2001:67c:b14::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:8c:41:77:49:f1:1e:b2:2b:e3:9b:9e:3e:8e:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b97de17512cfa8bebc3df80b27b47624ef41691
Validity
Not Before: Jan 1 21:35:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c81926ce28f7fd7f6eef0347efbecdf80058dae5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:a0:5c:a1:89:b4:1c:e7:b3:04:aa:2d:da:79:
c3:67:46:8b:25:d3:95:16:f3:dd:0f:a9:c3:43:cb:
14:65:a1:1d:fd:3f:a2:9c:ec:09:54:a6:c2:54:1a:
90:7d:32:65:52:b7:d0:a2:29:f8:c1:b0:b1:28:a1:
53:73:c9:60:ad:58:74:a7:c1:2f:b2:e7:30:ca:fa:
a5:06:62:3f:99:75:c3:13:c3:a4:b6:67:c8:5a:40:
f8:13:b3:60:98:27:9a:36:3f:69:02:2d:27:b1:3a:
74:38:e7:d0:c6:ff:ac:35:d6:d7:00:c4:ae:de:12:
88:68:30:bf:09:86:c2:fa:18:b4:52:8d:ee:01:f5:
f9:9a:80:73:74:19:00:5c:1f:cc:8f:2e:ee:60:10:
1d:11:16:2f:6d:1f:75:b5:d8:f7:85:6c:e2:55:53:
f0:14:e6:1d:2f:4a:fc:4f:39:22:6b:94:f4:4c:65:
f0:25:37:70:00:85:49:42:0c:3e:c3:dd:71:e6:b1:
2d:4e:dd:44:dc:a2:d0:a4:9d:9d:d0:22:96:e0:54:
0e:1d:0c:5e:c6:40:0d:26:ba:5e:dc:50:82:b3:97:
03:92:1b:f9:a3:97:60:11:c9:be:77:39:6a:0a:a7:
35:5c:50:da:4d:b4:80:96:fd:48:32:c4:c9:72:b3:
30:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:19:26:CE:28:F7:FD:7F:6E:EF:03:47:EF:BE:CD:F8:00:58:DA:E5
X509v3 Authority Key Identifier:
keyid:3B:97:DE:17:51:2C:FA:8B:EB:C3:DF:80:B2:7B:47:62:4E:F4:16:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O5feF1Es-ovrw9-AsntHYk70FpE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/8a7da4-ba19-4b29-87e0-9155132a179a/1/yBkmzij3_X9u7wNH777N-ABY2uU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/8a7da4-ba19-4b29-87e0-9155132a179a/1/O5feF1Es-ovrw9-AsntHYk70FpE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:b14::/48
Signature Algorithm: sha256WithRSAEncryption
15:35:6d:f6:04:33:fc:f8:c7:89:62:e0:c5:90:03:f1:fc:e4:
06:08:7c:cc:6a:35:b9:e1:85:72:1a:dd:aa:e0:42:34:d9:87:
37:22:39:5d:41:24:26:de:9e:d2:63:5d:9c:1c:c7:ff:62:3e:
33:ae:de:f7:dc:1f:c2:6d:18:19:fe:a5:69:35:52:08:a3:09:
b3:4e:6b:27:d7:8f:1d:89:69:b0:a8:1f:bb:84:1b:37:9b:5f:
ae:ed:13:2a:e8:2f:0b:a5:cf:4f:67:7f:3f:16:a0:5d:c0:43:
5b:f9:3a:b6:3b:4d:b1:c8:4e:24:81:e2:61:59:95:b4:7b:ed:
ac:6d:ad:95:bd:e4:e5:cb:98:d2:19:60:29:89:36:4b:a8:2b:
58:8b:b6:01:e1:c8:3d:8f:69:ec:bd:ab:6e:1e:0d:ad:d0:70:
ca:1f:f5:3d:ca:1f:b8:9b:66:63:d5:5f:b6:01:71:2f:76:6a:
d8:1e:97:15:ee:75:26:ca:45:3d:9e:6f:a3:c2:f4:cd:b0:d4:
6c:a5:4d:c0:0c:0f:d3:7b:da:66:cf:f7:36:3b:aa:66:66:37:
a0:d3:e5:b1:28:29:bf:22:94:1a:df:72:8a:6f:82:9f:62:7f:
9b:3e:4f:5d:9b:d9:5a:72:95:ce:82:08:b5:51:37:6d:88:7f:
82:45:54:7d
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVvQoxBd0nxHrIr45uePo55MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiOTdkZTE3NTEyY2ZhOGJlYmMzZGY4MGIyN2I0NzYyNGVm
NDE2OTEwHhcNMjMwMTAxMjEzNTEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODE5MjZjZTI4ZjdmZDdmNmVlZjAzNDdlZmJlY2RmODAwNThkYWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh6BcoYm0HOezBKot2nnDZ0aLJdOV
FvPdD6nDQ8sUZaEd/T+inOwJVKbCVBqQfTJlUrfQoin4wbCxKKFTc8lgrVh0p8Ev
sucwyvqlBmI/mXXDE8OktmfIWkD4E7NgmCeaNj9pAi0nsTp0OOfQxv+sNdbXAMSu
3hKIaDC/CYbC+hi0Uo3uAfX5moBzdBkAXB/Mjy7uYBAdERYvbR91tdj3hWziVVPw
FOYdL0r8Tzkia5T0TGXwJTdwAIVJQgw+w91x5rEtTt1E3KLQpJ2d0CKW4FQOHQxe
xkANJrpe3FCCs5cDkhv5o5dgEcm+dzlqCqc1XFDaTbSAlv1IMsTJcrMwmQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMgZJs4o9/1/bu8DR+++zfgAWNrlMB8GA1UdIwQY
MBaAFDuX3hdRLPqL68PfgLJ7R2JO9BaRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzVmZUYxRXMtb3ZydzktQXNudEhZazcwRnBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy84YTdkYTQtYmExOS00YjI5LTg3ZTAt
OTE1NTEzMmExNzlhLzEveUJrbXppajNfWDl1N3dOSDc3N04tQUJZMnVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy84YTdkYTQtYmExOS00YjI5LTg3ZTAtOTE1NTEzMmExNzlh
LzEvTzVmZUYxRXMtb3ZydzktQXNudEhZazcwRnBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfAsU
MA0GCSqGSIb3DQEBCwUAA4IBAQAVNW32BDP8+MeJYuDFkAPx/OQGCHzMajW54YVy
Gt2q4EI02Yc3IjldQSQm3p7SY12cHMf/Yj4zrt733B/CbRgZ/qVpNVIIowmzTmsn
148diWmwqB+7hBs3m1+u7RMq6C8Lpc9PZ38/FqBdwENb+Tq2O02xyE4kgeJhWZW0
e+2sba2VveTly5jSGWApiTZLqCtYi7YB4cg9j2nsvatuHg2t0HDKH/U9yh+4m2Zj
1V+2AXEvdmrYHpcV7nUmykU9nm+jwvTNsNRspU3ADA/Te9pmz/c2O6pmZjeg0+Wx
KCm/IpQa33KKb4KfYn+bPk9dm9lacpXOggi1UTdtiH+CRVR9
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:33:14 2025 by rpki-client