Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/iYLOo3UAz_j6rBz5qCEEbIQxDgU.roa
File: iYLOo3UAz_j6rBz5qCEEbIQxDgU.roa (raw, json)
Hash identifier: DBCOgVSPgrc+p8v+E4A+tF6VqjOZyt4UEpXYKwFbBUU=
Subject key identifier: 89:82:CE:A3:75:00:CF:F8:FA:AC:1C:F9:A8:21:04:6C:84:31:0E:05
Certificate issuer: /CN=cd8313e41e646a09cd01e2e6f4739d3bd236c4ff
Certificate serial: 199DC1F3
Authority key identifier: CD:83:13:E4:1E:64:6A:09:CD:01:E2:E6:F4:73:9D:3B:D2:36:C4:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zYMT5B5kagnNAeLm9HOdO9I2xP8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/iYLOo3UAz_j6rBz5qCEEbIQxDgU.roa
Signing time: Sat 01 Jan 2022 05:52:35 +0000
ROA not before: Sat 01 Jan 2022 05:52:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3180
IP address blocks: 2a04:ac00:b::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 429769203 (0x199dc1f3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd8313e41e646a09cd01e2e6f4739d3bd236c4ff
Validity
Not Before: Jan 1 05:52:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8982cea37500cff8faac1cf9a821046c84310e05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:c7:5e:5c:9b:8c:de:08:fc:40:a9:c8:eb:9e:
0d:28:d4:41:87:89:03:38:59:66:fb:52:a7:0a:2e:
78:28:9a:69:e0:27:63:16:1d:95:af:01:4d:12:db:
fa:90:7e:47:ca:37:cf:31:01:cf:09:15:cc:d7:b6:
d1:50:b3:d5:95:ba:aa:a4:64:83:e2:73:9e:98:82:
ef:a0:6d:70:80:4d:ef:73:e6:bc:1f:9f:7f:4e:94:
25:32:ce:19:6f:1d:f3:4c:ac:6e:3b:3a:6b:42:66:
9b:52:f9:ee:e6:9b:c1:c5:a2:54:b8:c3:7f:ca:4b:
0c:60:ee:1f:da:b5:e2:b7:0f:37:55:9f:51:d7:62:
e6:15:bd:9a:c3:af:45:52:62:e8:af:e8:ff:fc:3e:
70:81:58:b7:de:e1:1a:31:8a:dc:be:fe:55:37:8e:
29:a8:81:87:d0:ca:1c:a2:90:0d:e2:9f:26:3c:9e:
ea:4e:b1:3e:ca:e5:a1:18:d9:d5:36:60:31:ac:7e:
a6:40:3d:05:ed:75:44:35:2c:f2:c8:3a:96:f2:65:
df:4e:35:e9:11:37:f0:26:15:03:a4:13:f0:2e:2f:
1b:cf:2c:ca:66:c9:11:08:6a:8d:56:b8:dd:e5:06:
cb:31:a6:e6:1b:03:36:38:d3:9f:db:b5:b2:f0:69:
5c:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:82:CE:A3:75:00:CF:F8:FA:AC:1C:F9:A8:21:04:6C:84:31:0E:05
X509v3 Authority Key Identifier:
keyid:CD:83:13:E4:1E:64:6A:09:CD:01:E2:E6:F4:73:9D:3B:D2:36:C4:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zYMT5B5kagnNAeLm9HOdO9I2xP8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/iYLOo3UAz_j6rBz5qCEEbIQxDgU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/zYMT5B5kagnNAeLm9HOdO9I2xP8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:ac00:b::/48
Signature Algorithm: sha256WithRSAEncryption
6e:94:60:0c:07:c8:30:50:0f:a9:79:f1:48:bc:3c:8f:37:a0:
68:5e:fc:3a:bf:b3:e9:70:2a:19:13:0d:47:c1:dc:43:f3:d2:
3c:65:bd:0b:6e:98:a0:74:55:90:51:ff:36:11:8e:74:2f:9a:
c0:1a:06:5f:c8:4f:25:48:8b:58:79:73:6e:61:9b:84:55:1a:
78:ac:29:b9:78:d8:f6:fa:fe:bc:89:53:d8:29:e9:45:51:01:
06:0c:4e:d5:1c:12:a6:ff:b2:e7:d6:4f:d9:c0:7b:38:a3:b5:
a6:48:5c:c0:3f:f9:5b:68:94:38:40:92:e9:d0:3f:9f:30:f6:
f9:8c:6e:e7:44:b9:35:9c:43:05:b4:69:ad:7e:17:a6:7c:9f:
f9:ea:5f:bd:59:a0:f7:ed:96:f4:a0:1f:8c:29:c5:e8:2f:32:
14:1f:44:93:6b:92:19:a0:97:13:a7:01:56:0e:7b:ca:57:1c:
ee:8d:6b:a6:c3:f3:f3:dc:10:cc:ef:75:39:fc:cf:26:e7:9a:
73:cf:19:ef:81:26:8f:f4:6f:be:b5:f8:3a:24:81:cb:07:68:
2a:13:e4:dd:da:98:ce:62:b3:7b:73:45:60:0d:7f:ac:55:7d:
4d:5f:8b:57:5b:3e:c2:13:e3:cc:e9:3d:2d:c6:bd:11:2b:ab:
70:1b:af:5b
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEGZ3B8zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
ZDgzMTNlNDFlNjQ2YTA5Y2QwMWUyZTZmNDczOWQzYmQyMzZjNGZmMB4XDTIyMDEw
MTA1NTIzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODk4MmNlYTM3NTAw
Y2ZmOGZhYWMxY2Y5YTgyMTA0NmM4NDMxMGUwNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMfHXlybjN4I/ECpyOueDSjUQYeJAzhZZvtSpwoueCiaaeAn
YxYdla8BTRLb+pB+R8o3zzEBzwkVzNe20VCz1ZW6qqRkg+JznpiC76BtcIBN73Pm
vB+ff06UJTLOGW8d80ysbjs6a0Jmm1L57uabwcWiVLjDf8pLDGDuH9q14rcPN1Wf
Uddi5hW9msOvRVJi6K/o//w+cIFYt97hGjGK3L7+VTeOKaiBh9DKHKKQDeKfJjye
6k6xPsrloRjZ1TZgMax+pkA9Be11RDUs8sg6lvJl30416RE38CYVA6QT8C4vG88s
ymbJEQhqjVa43eUGyzGm5hsDNjjTn9u1svBpXGUCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBSJgs6jdQDP+PqsHPmoIQRshDEOBTAfBgNVHSMEGDAWgBTNgxPkHmRqCc0B
4ub0c5070jbE/zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3pZTVQ1QjVrYWduTkFlTG05SE9kTzlJMnhQOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmUvMzQ2NWYzLTAzYzItNGVhYS1hNjc0LTg4NjJiNTE3MzE3Yy8x
L2lZTE9vM1VBel9qNnJCejVxQ0VFYklReERnVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmUv
MzQ2NWYzLTAzYzItNGVhYS1hNjc0LTg4NjJiNTE3MzE3Yy8xL3pZTVQ1QjVrYWdu
TkFlTG05SE9kTzlJMnhQOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoErAAACzANBgkqhkiG9w0BAQsF
AAOCAQEAbpRgDAfIMFAPqXnxSLw8jzegaF78Or+z6XAqGRMNR8HcQ/PSPGW9C26Y
oHRVkFH/NhGOdC+awBoGX8hPJUiLWHlzbmGbhFUaeKwpuXjY9vr+vIlT2CnpRVEB
BgxO1RwSpv+y59ZP2cB7OKO1pkhcwD/5W2iUOECS6dA/nzD2+Yxu50S5NZxDBbRp
rX4Xpnyf+epfvVmg9+2W9KAfjCnF6C8yFB9Ek2uSGaCXE6cBVg57ylcc7o1rpsPz
89wQzO91OfzPJueac88Z74Emj/RvvrX4OiSBywdoKhPk3dqYzmKze3NFYA1/rFV9
TV+LV1s+whPjzOk9Lca9ESurcBuvWw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:26:01 2025 by rpki-client