Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/07ce7e-4641-4985-9845-1a007157d59a/1/Ky3Tjd2_S0EWxBMNNRUYZW9UeBs.roa
File: Ky3Tjd2_S0EWxBMNNRUYZW9UeBs.roa (raw, json)
Hash identifier: DaQHqSVO92+9eC65kIaq12gbGibt2zRLOCMHYxr1I6U=
Subject key identifier: 2B:2D:D3:8D:DD:BF:4B:41:16:C4:13:0D:35:15:18:65:6F:54:78:1B
Certificate issuer: /CN=eb3d6fe787c50553b07317112e19e65b4f675931
Certificate serial: 0185723122CFC06DFFCCD9AF3157E5AC76DB
Authority key identifier: EB:3D:6F:E7:87:C5:05:53:B0:73:17:11:2E:19:E6:5B:4F:67:59:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6z1v54fFBVOwcxcRLhnmW09nWTE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/07ce7e-4641-4985-9845-1a007157d59a/1/Ky3Tjd2_S0EWxBMNNRUYZW9UeBs.roa
Signing time: Mon 02 Jan 2023 11:15:00 +0000
ROA not before: Mon 02 Jan 2023 11:15:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 38974
IP address blocks: 2001:678:cf8::/48 maxlen: 48
2001:67c:1708::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:31:22:cf:c0:6d:ff:cc:d9:af:31:57:e5:ac:76:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eb3d6fe787c50553b07317112e19e65b4f675931
Validity
Not Before: Jan 2 11:15:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2b2dd38dddbf4b4116c4130d351518656f54781b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:2c:2d:88:e8:4d:b7:0b:64:8a:cd:1c:57:6b:
a1:f7:b0:49:f6:be:63:c6:32:45:64:5f:8e:77:18:
ba:a9:ce:7d:ea:fd:7e:ec:90:d8:14:04:3f:5e:1b:
8f:f6:87:94:92:d8:5a:80:c9:5f:68:6f:5d:a0:77:
f0:9b:1d:4c:9c:c9:95:8d:68:eb:5b:2e:8f:6f:0d:
57:52:2b:cd:4e:da:1d:5c:3a:5e:1f:ce:c5:ba:e6:
ec:0f:ac:27:17:ec:83:b5:b5:e6:95:a2:c5:22:09:
3a:8b:01:2c:37:90:69:c8:3a:d5:af:2f:b5:d7:23:
11:e8:a8:3a:25:e9:60:8d:9c:aa:bf:8d:59:d8:ce:
5c:b2:3b:de:dc:6e:96:e0:59:99:4a:fc:e5:7a:b8:
6a:42:3f:44:f6:72:eb:e9:27:bd:b2:89:19:a5:5b:
65:ee:e7:aa:d8:21:0e:5a:c4:6c:19:b9:64:ab:31:
63:4e:f8:cf:d3:4b:0c:ad:d3:17:9c:c7:6d:2d:73:
36:df:ee:e3:29:6b:3b:c4:75:d3:b1:19:6e:09:b9:
61:7e:21:98:fb:27:aa:41:53:d8:63:48:f1:0d:b9:
88:5e:8c:36:08:c2:f9:38:5a:a4:28:22:ac:33:62:
a4:6e:a4:31:9c:b2:4a:87:e8:49:d7:bd:18:43:28:
4a:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:2D:D3:8D:DD:BF:4B:41:16:C4:13:0D:35:15:18:65:6F:54:78:1B
X509v3 Authority Key Identifier:
keyid:EB:3D:6F:E7:87:C5:05:53:B0:73:17:11:2E:19:E6:5B:4F:67:59:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6z1v54fFBVOwcxcRLhnmW09nWTE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/07ce7e-4641-4985-9845-1a007157d59a/1/Ky3Tjd2_S0EWxBMNNRUYZW9UeBs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/07ce7e-4641-4985-9845-1a007157d59a/1/6z1v54fFBVOwcxcRLhnmW09nWTE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:cf8::/48
2001:67c:1708::/48
Signature Algorithm: sha256WithRSAEncryption
3a:cf:c1:c4:39:c8:4f:b3:64:30:53:32:bf:74:4d:aa:f2:73:
aa:55:ed:ec:98:36:11:54:eb:e9:3a:00:e8:0e:c4:77:33:bc:
06:ca:97:cb:78:4a:2c:12:86:3d:53:bd:37:25:70:b1:83:cb:
98:5f:6b:ab:df:ca:62:ef:73:be:35:86:8e:ec:fd:76:ef:45:
31:ae:40:9b:eb:7c:a1:8a:8b:23:80:69:51:da:0b:ca:10:b9:
16:f6:0d:ab:23:ed:1a:28:23:26:a9:05:b7:97:a4:bc:e7:e7:
a9:b8:92:c0:1c:bc:34:66:f3:07:f6:dd:75:5d:be:7e:9e:5e:
16:9f:ab:cf:41:76:bb:16:ac:45:4c:c3:aa:6a:7b:7b:ee:31:
47:5e:e8:6d:18:14:51:3d:dc:d8:5d:0d:19:9d:78:21:6b:23:
ca:81:4d:47:d9:c3:65:69:46:a2:59:c9:5d:0c:2a:75:11:0c:
a6:01:fc:cf:5d:15:1d:09:a9:cd:bb:6c:f7:e6:d4:13:93:08:
7a:e2:81:16:33:56:2c:de:6d:33:85:a6:8c:e7:31:3b:7b:6b:
9e:6a:a0:06:c1:b8:75:27:73:ca:77:32:2e:39:4b:d3:8d:f0:
aa:fe:21:83:b8:f6:aa:be:77:93:50:93:0a:c7:c1:23:d3:28:
2d:55:b0:28
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVyMSLPwG3/zNmvMVflrHbbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViM2Q2ZmU3ODdjNTA1NTNiMDczMTcxMTJlMTllNjViNGY2
NzU5MzEwHhcNMjMwMTAyMTExNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjJkZDM4ZGRkYmY0YjQxMTZjNDEzMGQzNTE1MTg2NTZmNTQ3ODFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApSwtiOhNtwtkis0cV2uh97BJ9r5j
xjJFZF+Odxi6qc596v1+7JDYFAQ/XhuP9oeUkthagMlfaG9doHfwmx1MnMmVjWjr
Wy6Pbw1XUivNTtodXDpeH87FuubsD6wnF+yDtbXmlaLFIgk6iwEsN5BpyDrVry+1
1yMR6Kg6JelgjZyqv41Z2M5csjve3G6W4FmZSvzlerhqQj9E9nLr6Se9sokZpVtl
7ueq2CEOWsRsGblkqzFjTvjP00sMrdMXnMdtLXM23+7jKWs7xHXTsRluCblhfiGY
+yeqQVPYY0jxDbmIXow2CML5OFqkKCKsM2KkbqQxnLJKh+hJ170YQyhKcQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCst043dv0tBFsQTDTUVGGVvVHgbMB8GA1UdIwQY
MBaAFOs9b+eHxQVTsHMXES4Z5ltPZ1kxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnoxdjU0ZkZCVk93Y3hjUkxobm1XMDluV1RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi8wN2NlN2UtNDY0MS00OTg1LTk4NDUt
MWEwMDcxNTdkNTlhLzEvS3kzVGpkMl9TMEVXeEJNTk5SVVlaVzlVZUJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi8wN2NlN2UtNDY0MS00OTg1LTk4NDUtMWEwMDcxNTdkNTlh
LzEvNnoxdjU0ZkZCVk93Y3hjUkxobm1XMDluV1RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAIAEGeAz4
AwcAIAEGfBcIMA0GCSqGSIb3DQEBCwUAA4IBAQA6z8HEOchPs2QwUzK/dE2q8nOq
Ve3smDYRVOvpOgDoDsR3M7wGypfLeEosEoY9U703JXCxg8uYX2ur38pi73O+NYaO
7P1270UxrkCb63yhiosjgGlR2gvKELkW9g2rI+0aKCMmqQW3l6S85+epuJLAHLw0
ZvMH9t11Xb5+nl4Wn6vPQXa7FqxFTMOqant77jFHXuhtGBRRPdzYXQ0ZnXghayPK
gU1H2cNlaUaiWcldDCp1EQymAfzPXRUdCanNu2z35tQTkwh64oEWM1Ys3m0zhaaM
5zE7e2ueaqAGwbh1J3PKdzIuOUvTjfCq/iGDuPaqvneTUJMKx8Ej0ygtVbAo
-----END CERTIFICATE-----
Generated at Mon Apr 21 16:30:54 2025 by rpki-client