Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/YkULX8g7cwRyyX_iKr0ZdQCfq1o.roa
File: YkULX8g7cwRyyX_iKr0ZdQCfq1o.roa (raw, json)
Hash identifier: 1id0aOdeQe+U09/MI96imKKqb+i9dE+2NmnPH3t2tKc=
Subject key identifier: 62:45:0B:5F:C8:3B:73:04:72:C9:7F:E2:2A:BD:19:75:00:9F:AB:5A
Certificate issuer: /CN=b05d28d16626bc5dcabf2e915435782b96e14071
Certificate serial: 2123C2CF
Authority key identifier: B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/YkULX8g7cwRyyX_iKr0ZdQCfq1o.roa
Signing time: Sat 01 Jan 2022 13:00:33 +0000
ROA not before: Sat 01 Jan 2022 13:00:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29311
IP address blocks: 2a04:9a04::/32 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 555991759 (0x2123c2cf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b05d28d16626bc5dcabf2e915435782b96e14071
Validity
Not Before: Jan 1 13:00:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=62450b5fc83b730472c97fe22abd1975009fab5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:e6:fe:d1:a3:ca:3b:a2:2b:cf:0b:a4:98:8e:
e8:43:fc:77:df:8e:57:3e:34:64:3a:73:b8:a3:56:
c9:10:4d:ab:9b:78:49:c5:55:4f:c5:1b:00:65:2d:
7a:74:b7:d2:5b:f5:37:34:10:c2:8c:84:45:78:69:
5c:f0:ce:de:82:d4:eb:26:66:4c:5f:0e:3a:10:e0:
09:c3:bb:fc:65:4d:4b:99:4e:70:ac:46:a8:7f:2e:
dc:14:1d:22:70:24:15:ed:8d:f8:2a:9a:4a:58:77:
c5:71:e7:77:9c:d6:86:50:c1:1b:7e:59:4b:d2:87:
b5:48:46:c1:a2:35:97:43:6e:0f:5d:d3:dc:d6:62:
56:93:88:cc:d0:de:c9:f6:1b:ca:9c:b3:ed:8a:8c:
ce:3a:26:cf:70:19:da:cd:8d:85:63:c4:f5:54:7c:
3d:59:cf:35:55:ce:d2:04:7b:67:5b:b0:9e:07:5a:
a8:91:67:b9:65:d6:4a:9b:a0:f1:fe:d6:b5:20:72:
74:bd:11:f0:f1:08:2a:88:f9:b9:7b:f6:66:70:06:
c4:b7:a9:bd:a0:f0:b6:c5:29:85:2a:ae:df:79:29:
a0:e5:03:fa:9d:73:ef:be:f7:93:63:65:bf:fd:c8:
04:c4:77:36:d3:d8:76:2d:78:1d:b1:ae:db:18:c5:
7d:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:45:0B:5F:C8:3B:73:04:72:C9:7F:E2:2A:BD:19:75:00:9F:AB:5A
X509v3 Authority Key Identifier:
keyid:B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/YkULX8g7cwRyyX_iKr0ZdQCfq1o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:9a04::/32
Signature Algorithm: sha256WithRSAEncryption
07:c1:34:22:01:b9:ca:af:ee:9a:50:7f:86:c5:e8:3d:4e:60:
ff:77:da:11:38:f4:3e:f3:7d:ad:96:29:77:cf:2f:b0:6c:50:
d3:94:b7:ba:60:bf:ef:0e:ef:e7:4e:42:b8:a7:df:75:a3:e3:
36:57:e3:60:c4:7d:57:7a:26:42:a2:b3:b9:3e:d2:3b:aa:3c:
5f:78:b8:ae:ef:50:6d:52:60:54:af:ef:f2:08:c9:7a:b4:45:
cf:c3:37:02:40:6e:f5:c0:de:e2:da:b9:f8:3a:23:ba:85:d5:
c3:19:7f:a9:ba:b6:95:b6:44:af:cf:46:6c:bd:8c:32:bc:8a:
e4:88:e3:b2:57:20:ef:0e:ee:ff:1e:51:ff:23:3c:3d:d4:8d:
23:98:e7:8a:85:2b:b3:37:fd:0f:2b:25:54:4d:a0:02:3f:5a:
37:c6:89:da:b5:1d:66:fa:f0:00:eb:2f:26:6a:66:7d:cd:b6:
45:22:2e:37:82:17:a3:2a:d1:50:5e:fc:66:a2:a2:7d:97:a1:
cd:2d:60:d6:ca:68:da:d3:59:cf:7c:c7:2c:ba:a2:3e:32:45:
9d:20:4f:a6:67:e7:f1:c8:51:7c:bf:5d:3e:83:07:a6:72:4b:
90:d0:42:c0:7d:65:6e:23:bb:f4:f9:ca:7f:53:ce:f8:14:d9:
b5:38:98:5e
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIEISPCzzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MDVkMjhkMTY2MjZiYzVkY2FiZjJlOTE1NDM1NzgyYjk2ZTE0MDcxMB4XDTIyMDEw
MTEzMDAzM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjI0NTBiNWZjODNi
NzMwNDcyYzk3ZmUyMmFiZDE5NzUwMDlmYWI1YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALPm/tGjyjuiK88LpJiO6EP8d9+OVz40ZDpzuKNWyRBNq5t4
ScVVT8UbAGUtenS30lv1NzQQwoyERXhpXPDO3oLU6yZmTF8OOhDgCcO7/GVNS5lO
cKxGqH8u3BQdInAkFe2N+CqaSlh3xXHnd5zWhlDBG35ZS9KHtUhGwaI1l0NuD13T
3NZiVpOIzNDeyfYbypyz7YqMzjomz3AZ2s2NhWPE9VR8PVnPNVXO0gR7Z1uwngda
qJFnuWXWSpug8f7WtSBydL0R8PEIKoj5uXv2ZnAGxLepvaDwtsUphSqu33kpoOUD
+p1z7773k2Nlv/3IBMR3NtPYdi14HbGu2xjFfY8CAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBRiRQtfyDtzBHLJf+IqvRl1AJ+rWjAfBgNVHSMEGDAWgBSwXSjRZia8Xcq/
LpFUNXgrluFAcTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NGMG8wV1ltdkYzS3Z5NlJWRFY0SzViaFFIRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzMvYmJhOTczLTdjOWYtNGIxMS1iNjExLWFkNTc1NTIyYjM2NS8x
L1lrVUxYOGc3Y3dSeXlYX2lLcjBaZFFDZnExby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzMv
YmJhOTczLTdjOWYtNGIxMS1iNjExLWFkNTc1NTIyYjM2NS8xL3NGMG8wV1ltdkYz
S3Z5NlJWRFY0SzViaFFIRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoEmgQwDQYJKoZIhvcNAQELBQAD
ggEBAAfBNCIBucqv7ppQf4bF6D1OYP932hE49D7zfa2WKXfPL7BsUNOUt7pgv+8O
7+dOQrin33Wj4zZX42DEfVd6JkKis7k+0juqPF94uK7vUG1SYFSv7/IIyXq0Rc/D
NwJAbvXA3uLaufg6I7qF1cMZf6m6tpW2RK/PRmy9jDK8iuSI47JXIO8O7v8eUf8j
PD3UjSOY54qFK7M3/Q8rJVRNoAI/WjfGidq1HWb68ADrLyZqZn3NtkUiLjeCF6Mq
0VBe/Gaion2Xoc0tYNbKaNrTWc98xyy6oj4yRZ0gT6Zn5/HIUXy/XT6DB6ZyS5DQ
QsB9ZW4ju/T5yn9TzvgU2bU4mF4=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:36:23 2025 by rpki-client