Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/YF_xT8owrDOnfeXoILRPqWDmsD0.roa
File: YF_xT8owrDOnfeXoILRPqWDmsD0.roa (raw, json)
Hash identifier: bN+Dt707Vq0+KtjtLsxzSZo0IrNtxJ+E8t24FHCPbBU=
Subject key identifier: 60:5F:F1:4F:CA:30:AC:33:A7:7D:E5:E8:20:B4:4F:A9:60:E6:B0:3D
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0182C5FF41C822A66BE0E53C0CD427282EEC
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/YF_xT8owrDOnfeXoILRPqWDmsD0.roa
Signing time: Mon 22 Aug 2022 14:40:16 +0000
ROA not before: Mon 22 Aug 2022 14:40:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204687
IP address blocks: 2a0b:64c2::/32 maxlen: 32
2a0b:64c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:c5:ff:41:c8:22:a6:6b:e0:e5:3c:0c:d4:27:28:2e:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Aug 22 14:40:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=605ff14fca30ac33a77de5e820b44fa960e6b03d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:bd:f8:f5:92:1e:14:49:7c:9a:86:68:b3:35:
36:13:c5:1f:38:b7:a4:ae:09:10:77:af:36:fa:61:
9d:0b:4c:ff:1c:95:10:9a:fa:97:61:ee:74:32:6a:
83:88:ae:08:02:9e:1e:e4:0b:30:f4:96:8b:52:dd:
d7:42:f1:05:a4:44:d9:39:e5:10:7f:8f:97:8b:55:
db:81:97:b7:a4:3a:cc:49:b9:0f:b4:da:17:84:83:
c6:04:15:5b:c5:1b:b7:eb:d7:6f:40:dd:55:b7:d6:
ad:91:14:46:aa:ad:c9:d7:de:2e:77:87:7e:19:51:
9d:26:1b:4c:03:c5:bd:27:0d:1f:4d:48:7b:70:dc:
00:11:c0:b0:6d:87:f6:34:18:0d:ca:14:f6:7c:8f:
9e:28:12:2c:de:bf:92:69:77:41:c4:58:80:c5:fa:
e1:44:40:1f:1c:10:2c:33:f7:b8:aa:31:30:b1:df:
fc:e9:85:ca:1d:04:04:56:a7:1d:ae:60:8c:e2:85:
26:68:2f:6e:c2:3b:e8:10:c0:05:de:a5:99:ab:9e:
bd:07:da:99:66:76:26:c2:84:c2:13:f9:8f:a3:e7:
84:cc:78:07:5a:f6:6d:6f:a0:6a:f0:f6:ce:c1:88:
50:69:03:08:9a:e0:fc:f9:8a:0d:3b:98:88:90:66:
f0:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:5F:F1:4F:CA:30:AC:33:A7:7D:E5:E8:20:B4:4F:A9:60:E6:B0:3D
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/YF_xT8owrDOnfeXoILRPqWDmsD0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:64c0::/32
2a0b:64c2::/32
Signature Algorithm: sha256WithRSAEncryption
33:ce:d3:9e:0a:14:6a:d0:cd:be:a5:d8:d6:31:b0:dd:d8:74:
7c:c0:b8:36:92:35:e1:d3:88:26:b3:e9:02:e8:b0:dc:a1:73:
e3:04:63:26:22:e7:88:24:eb:32:b0:a7:d8:07:c6:ca:83:b5:
92:79:21:89:3e:d4:db:dd:4e:d2:eb:ef:46:2a:bb:8d:32:8b:
d2:0f:5b:4a:49:e7:d0:c7:ae:9e:02:a5:4c:e4:d7:96:d6:a5:
63:3c:a3:13:79:a3:7b:a9:67:9f:36:6e:37:49:bf:10:82:88:
cf:6d:ff:66:e9:97:33:f8:b1:7c:f4:54:c4:d6:ab:26:d5:26:
70:c0:19:03:46:41:1a:4a:c6:ac:b1:a8:86:33:33:84:90:a7:
4b:94:d5:76:81:48:a0:a4:3e:5c:7c:bc:85:60:ef:f1:9a:1c:
8f:37:ef:f7:28:62:df:b0:eb:c6:16:0b:4d:58:63:e4:76:44:
56:f9:77:3d:cd:de:b5:c5:3c:34:d9:c5:83:c6:59:09:ec:e2:
be:2b:41:a8:fc:ac:1f:b4:1a:90:84:43:e8:3d:3d:34:0f:df:
d5:17:9c:41:95:fb:f0:af:8d:9d:9d:38:2e:e6:65:f3:18:cd:
ef:f7:18:35:8c:e8:0f:ab:7c:db:c8:0a:08:4f:27:9a:90:56:
b3:04:aa:ed
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYLF/0HIIqZr4OU8DNQnKC7sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjIwODIyMTQ0MDE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDVmZjE0ZmNhMzBhYzMzYTc3ZGU1ZTgyMGI0NGZhOTYwZTZiMDNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgb349ZIeFEl8moZoszU2E8UfOLek
rgkQd682+mGdC0z/HJUQmvqXYe50MmqDiK4IAp4e5Asw9JaLUt3XQvEFpETZOeUQ
f4+Xi1XbgZe3pDrMSbkPtNoXhIPGBBVbxRu369dvQN1Vt9atkRRGqq3J194ud4d+
GVGdJhtMA8W9Jw0fTUh7cNwAEcCwbYf2NBgNyhT2fI+eKBIs3r+SaXdBxFiAxfrh
REAfHBAsM/e4qjEwsd/86YXKHQQEVqcdrmCM4oUmaC9uwjvoEMAF3qWZq569B9qZ
ZnYmwoTCE/mPo+eEzHgHWvZtb6Bq8PbOwYhQaQMImuD8+YoNO5iIkGbwSwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFGBf8U/KMKwzp33l6CC0T6lg5rA9MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvWUZfeFQ4b3dyRE9uZmVYb0lMUlBxV0Rtc0QwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKgtkwAMF
ACoLZMIwDQYJKoZIhvcNAQELBQADggEBADPO054KFGrQzb6l2NYxsN3YdHzAuDaS
NeHTiCaz6QLosNyhc+MEYyYi54gk6zKwp9gHxsqDtZJ5IYk+1NvdTtLr70Yqu40y
i9IPW0pJ59DHrp4CpUzk15bWpWM8oxN5o3upZ582bjdJvxCCiM9t/2bplzP4sXz0
VMTWqybVJnDAGQNGQRpKxqyxqIYzM4SQp0uU1XaBSKCkPlx8vIVg7/GaHI837/co
Yt+w68YWC01YY+R2RFb5dz3N3rXFPDTZxYPGWQns4r4rQaj8rB+0GpCEQ+g9PTQP
39UXnEGV+/CvjZ2dOC7mZfMYze/3GDWM6A+rfNvICghPJ5qQVrMEqu0=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:55 2023 by rpki-client on console-ams.rpki-client.org