Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/220113-44f1-4dc5-b0bc-a656058c531f/1/YqP8eqzEBPoHtycdNYhkERnDmeM.roa
File: YqP8eqzEBPoHtycdNYhkERnDmeM.roa (raw, json)
Hash identifier: wuQgB0iwJnON+OOSk2LfV9uQG033Cmt7jQn1SikBWqo=
Subject key identifier: 62:A3:FC:7A:AC:C4:04:FA:07:B7:27:1D:35:88:64:11:19:C3:99:E3
Certificate issuer: /CN=ffe4146018a763a42a51556359bf15bf85e39ac6
Certificate serial: 01856FF94D01EFE0429520D5F5486BF7E7CA
Authority key identifier: FF:E4:14:60:18:A7:63:A4:2A:51:55:63:59:BF:15:BF:85:E3:9A:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_-QUYBinY6QqUVVjWb8Vv4XjmsY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/220113-44f1-4dc5-b0bc-a656058c531f/1/YqP8eqzEBPoHtycdNYhkERnDmeM.roa
Signing time: Mon 02 Jan 2023 00:54:47 +0000
ROA not before: Mon 02 Jan 2023 00:54:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206013
IP address blocks: 2001:67c:10e4::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:f9:4d:01:ef:e0:42:95:20:d5:f5:48:6b:f7:e7:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ffe4146018a763a42a51556359bf15bf85e39ac6
Validity
Not Before: Jan 2 00:54:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=62a3fc7aacc404fa07b7271d3588641119c399e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:66:b6:53:02:61:8a:e2:b6:09:c1:53:70:13:
ab:40:6b:2b:cd:6b:49:59:a8:3c:d9:ce:ad:e9:9d:
f9:d5:ca:33:0a:8f:98:85:ee:c9:b2:b9:22:85:66:
df:a9:a1:ec:e5:94:c4:e0:f1:c1:02:98:ac:ae:79:
f1:ee:df:79:f3:6b:c3:86:83:e3:d1:13:a6:be:44:
15:0b:b5:ca:95:3c:54:df:ee:a2:1f:bc:5e:1c:d6:
2b:ad:72:95:56:9c:4e:f6:13:37:16:6b:a8:77:d4:
bd:7e:23:4a:70:5e:a5:ca:1e:79:61:6f:b3:f8:20:
33:92:75:7a:6c:a6:d8:f5:f9:56:b3:04:5d:e3:a3:
be:fe:5e:88:35:b4:9a:91:ef:88:9d:e4:02:da:38:
78:ba:0c:21:e5:c7:ea:de:c2:79:18:9c:15:c5:c0:
26:22:78:26:04:7a:9e:40:7a:5e:37:bf:92:8a:0c:
49:3b:db:25:8e:e6:6e:7f:86:86:a7:14:a6:62:30:
fa:19:10:29:a4:18:fc:4d:33:66:db:cb:66:dc:2a:
2e:c6:5f:85:cd:59:2c:63:ff:05:0e:f6:a9:b0:b8:
64:07:d8:99:9d:f1:97:c4:07:59:2c:ba:41:99:4d:
16:26:ec:a6:3a:83:44:18:01:84:ab:13:3e:3a:31:
65:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:A3:FC:7A:AC:C4:04:FA:07:B7:27:1D:35:88:64:11:19:C3:99:E3
X509v3 Authority Key Identifier:
keyid:FF:E4:14:60:18:A7:63:A4:2A:51:55:63:59:BF:15:BF:85:E3:9A:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_-QUYBinY6QqUVVjWb8Vv4XjmsY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/220113-44f1-4dc5-b0bc-a656058c531f/1/YqP8eqzEBPoHtycdNYhkERnDmeM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/220113-44f1-4dc5-b0bc-a656058c531f/1/_-QUYBinY6QqUVVjWb8Vv4XjmsY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:10e4::/48
Signature Algorithm: sha256WithRSAEncryption
b7:5e:2c:9b:f5:41:77:74:34:77:75:da:96:ee:9a:b4:4e:e6:
27:45:3a:9a:0d:8b:ca:c7:f1:31:12:bc:93:38:9e:01:4a:df:
ed:be:eb:da:ee:ad:15:d5:30:87:7e:d6:a9:c6:42:6e:50:83:
59:01:c5:f0:e4:59:53:28:b0:e1:1d:d8:56:2c:c3:44:a0:4d:
1d:d8:9a:67:4a:2b:cb:9f:da:7c:39:71:a9:f4:68:e7:32:17:
f2:d5:2b:c8:06:56:a8:09:4d:fc:b5:f3:94:cc:ff:0a:79:3c:
51:5a:17:3c:ee:1d:d1:78:8f:c9:2a:51:1f:50:b0:1a:94:19:
73:b0:7a:7d:cf:57:d1:da:d3:16:e8:f9:3a:ae:00:57:2d:ea:
a7:a9:70:f9:b1:24:19:19:9d:e1:20:b5:ad:cf:35:2f:14:41:
68:04:f6:44:ba:30:c1:4d:7f:d6:df:a9:4e:4d:a2:3c:f6:d8:
eb:90:69:f9:c4:bd:59:bc:3e:4f:2f:54:b1:0c:f1:ae:ad:9e:
e1:9d:39:8a:34:2e:d1:a0:f7:ec:29:bb:93:11:25:b7:49:bf:
a9:57:37:b2:c4:52:c9:18:24:01:9c:6c:92:9e:6d:a3:00:e8:
3e:fa:35:23:02:1c:db:b0:9c:63:87:3e:5b:3a:c3:f2:51:2b:
df:4e:e8:02
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVv+U0B7+BClSDV9Uhr9+fKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmZTQxNDYwMThhNzYzYTQyYTUxNTU2MzU5YmYxNWJmODVl
MzlhYzYwHhcNMjMwMTAyMDA1NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MmEzZmM3YWFjYzQwNGZhMDdiNzI3MWQzNTg4NjQxMTE5YzM5OWUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApma2UwJhiuK2CcFTcBOrQGsrzWtJ
Wag82c6t6Z351cozCo+Yhe7JsrkihWbfqaHs5ZTE4PHBApisrnnx7t9582vDhoPj
0ROmvkQVC7XKlTxU3+6iH7xeHNYrrXKVVpxO9hM3Fmuod9S9fiNKcF6lyh55YW+z
+CAzknV6bKbY9flWswRd46O+/l6INbSake+IneQC2jh4ugwh5cfq3sJ5GJwVxcAm
IngmBHqeQHpeN7+SigxJO9sljuZuf4aGpxSmYjD6GRAppBj8TTNm28tm3Couxl+F
zVksY/8FDvapsLhkB9iZnfGXxAdZLLpBmU0WJuymOoNEGAGEqxM+OjFlyQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGKj/HqsxAT6B7cnHTWIZBEZw5njMB8GA1UdIwQY
MBaAFP/kFGAYp2OkKlFVY1m/Fb+F45rGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXy1RVVlCaW5ZNlFxVVZWaldiOFZ2NFhqbXNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC8yMjAxMTMtNDRmMS00ZGM1LWIwYmMt
YTY1NjA1OGM1MzFmLzEvWXFQOGVxekVCUG9IdHljZE5ZaGtFUm5EbWVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC8yMjAxMTMtNDRmMS00ZGM1LWIwYmMtYTY1NjA1OGM1MzFm
LzEvXy1RVVlCaW5ZNlFxVVZWaldiOFZ2NFhqbXNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfBDk
MA0GCSqGSIb3DQEBCwUAA4IBAQC3Xiyb9UF3dDR3ddqW7pq0TuYnRTqaDYvKx/Ex
EryTOJ4BSt/tvuva7q0V1TCHftapxkJuUINZAcXw5FlTKLDhHdhWLMNEoE0d2Jpn
SivLn9p8OXGp9GjnMhfy1SvIBlaoCU38tfOUzP8KeTxRWhc87h3ReI/JKlEfULAa
lBlzsHp9z1fR2tMW6Pk6rgBXLeqnqXD5sSQZGZ3hILWtzzUvFEFoBPZEujDBTX/W
36lOTaI89tjrkGn5xL1ZvD5PL1SxDPGurZ7hnTmKNC7RoPfsKbuTESW3Sb+pVzey
xFLJGCQBnGySnm2jAOg++jUjAhzbsJxjhz5bOsPyUSvfTugC
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:44:09 2025 by rpki-client