Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/_y1y3Lk4fn9SvfUT-ilycYhJyi0.roa
File: _y1y3Lk4fn9SvfUT-ilycYhJyi0.roa (raw, json)
Hash identifier: T5xjYGEVXz9xEGl4oqIRMow+gsvhrHQZMui2gO3jiXs=
Subject key identifier: FF:2D:72:DC:B9:38:7E:7F:52:BD:F5:13:FA:29:72:71:88:49:CA:2D
Certificate issuer: /CN=b05d28d16626bc5dcabf2e915435782b96e14071
Certificate serial: 0185726F1B26A425E1111C1B23086BCAB35F
Authority key identifier: B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/_y1y3Lk4fn9SvfUT-ilycYhJyi0.roa
Signing time: Mon 02 Jan 2023 12:22:42 +0000
ROA not before: Mon 02 Jan 2023 12:22:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1136
IP address blocks: 2a07:3502:10e0::/48 maxlen: 48
2a07:3500:1bc0::/48 maxlen: 48
2a07:3500:1b30::/48 maxlen: 48
2a07:3500:1b48::/48 maxlen: 48
2a07:3500:1020::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:6f:1b:26:a4:25:e1:11:1c:1b:23:08:6b:ca:b3:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b05d28d16626bc5dcabf2e915435782b96e14071
Validity
Not Before: Jan 2 12:22:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ff2d72dcb9387e7f52bdf513fa2972718849ca2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:21:e7:b9:90:fc:4b:cd:ce:33:71:79:9d:de:
4d:a8:64:7d:3e:bc:42:81:5a:e8:79:cb:db:eb:ff:
61:3d:68:fe:5b:13:06:a1:f0:7f:5a:e4:88:7a:28:
91:1f:b3:fc:88:7d:1e:e7:12:ee:08:04:4a:21:e2:
b9:38:e3:2e:cd:cc:1b:2a:48:b5:74:0d:c0:dc:b8:
71:8d:15:c5:d0:b9:16:c2:2e:46:12:cc:b5:ee:e0:
bc:e5:1f:9c:ee:9c:44:7d:fb:9a:26:9c:3f:b5:67:
bc:54:90:c1:32:d8:5e:1a:5d:b0:1a:f5:1b:96:0b:
c2:ae:25:7f:c6:91:54:1d:e2:24:2f:82:95:05:04:
9d:80:69:e1:a8:17:4b:b1:1a:c4:71:81:50:45:39:
ba:ce:88:9b:64:bd:f2:c2:f2:e5:51:67:30:df:fa:
74:f4:fd:a1:d5:fd:e2:92:ca:7b:30:6d:24:c0:2f:
6d:70:75:48:2d:e4:17:f9:9b:8d:27:6f:3b:ee:a4:
a0:36:90:f8:6e:8b:4f:3b:10:8e:fd:67:79:bd:82:
70:1f:d0:6d:fb:3f:08:c0:02:ea:eb:7d:1c:6e:9b:
aa:76:2d:01:92:93:16:d5:89:c4:f4:02:fe:cf:47:
4b:21:15:44:4a:51:00:1a:e7:d6:f0:a4:d5:01:e9:
e1:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:2D:72:DC:B9:38:7E:7F:52:BD:F5:13:FA:29:72:71:88:49:CA:2D
X509v3 Authority Key Identifier:
keyid:B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/_y1y3Lk4fn9SvfUT-ilycYhJyi0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:3500:1020::/48
2a07:3500:1b30::/48
2a07:3500:1b48::/48
2a07:3500:1bc0::/48
2a07:3502:10e0::/48
Signature Algorithm: sha256WithRSAEncryption
b8:ad:b0:85:f6:68:89:76:5c:ec:25:ca:77:86:50:63:89:5f:
76:ba:2f:88:f4:a8:49:cd:cf:5b:5a:f5:62:41:e3:ee:b2:18:
dd:73:76:d3:7d:83:64:17:21:88:dc:8a:ad:88:dd:c8:7e:01:
88:c4:38:31:6b:50:ee:e0:95:72:d6:47:95:88:be:a6:5e:d1:
8e:23:f5:30:91:0a:9d:ab:08:10:15:d0:ad:a7:dd:9d:36:46:
f6:12:b8:43:1e:ad:9d:10:f5:d7:37:bf:aa:c1:79:0d:b6:45:
b6:1f:a3:49:98:cf:16:aa:0c:6f:19:26:bb:d4:a6:75:e9:cf:
02:ea:c4:6d:64:4a:fb:66:fa:c4:cc:14:6a:a9:5f:d7:38:34:
99:aa:cd:b7:35:f1:4c:39:5c:14:22:d0:c1:42:5b:20:dc:7e:
69:7a:6a:81:95:04:be:66:20:a6:2a:07:4b:52:67:39:d9:0f:
0a:2e:0c:44:81:32:ed:55:2a:99:4a:d8:1e:54:b6:f7:6e:9b:
09:12:37:29:cb:2a:ac:38:d0:4f:3a:ba:92:91:92:75:40:ab:
fc:40:d1:27:8a:c2:2c:b0:54:cd:d2:ab:bf:9c:38:e5:06:aa:
b6:06:c1:e8:57:10:58:f4:2f:ea:72:45:4e:db:80:c4:63:4a:
26:08:6e:6b
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYVybxsmpCXhERwbIwhryrNfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwNWQyOGQxNjYyNmJjNWRjYWJmMmU5MTU0MzU3ODJiOTZl
MTQwNzEwHhcNMjMwMTAyMTIyMjQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjJkNzJkY2I5Mzg3ZTdmNTJiZGY1MTNmYTI5NzI3MTg4NDljYTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzyHnuZD8S83OM3F5nd5NqGR9PrxC
gVroecvb6/9hPWj+WxMGofB/WuSIeiiRH7P8iH0e5xLuCARKIeK5OOMuzcwbKki1
dA3A3LhxjRXF0LkWwi5GEsy17uC85R+c7pxEffuaJpw/tWe8VJDBMtheGl2wGvUb
lgvCriV/xpFUHeIkL4KVBQSdgGnhqBdLsRrEcYFQRTm6zoibZL3ywvLlUWcw3/p0
9P2h1f3iksp7MG0kwC9tcHVILeQX+ZuNJ2877qSgNpD4botPOxCO/Wd5vYJwH9Bt
+z8IwALq630cbpuqdi0BkpMW1YnE9AL+z0dLIRVESlEAGufW8KTVAenhVwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFP8tcty5OH5/Ur31E/opcnGIScotMB8GA1UdIwQY
MBaAFLBdKNFmJrxdyr8ukVQ1eCuW4UBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEt
YWQ1NzU1MjJiMzY1LzEvX3kxeTNMazRmbjlTdmZVVC1pbHljWWhKeWkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEtYWQ1NzU1MjJiMzY1
LzEvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAzBAIAAjAtAwcAKgc1ABAg
AwcAKgc1ABswAwcAKgc1ABtIAwcAKgc1ABvAAwcAKgc1AhDgMA0GCSqGSIb3DQEB
CwUAA4IBAQC4rbCF9miJdlzsJcp3hlBjiV92ui+I9KhJzc9bWvViQePushjdc3bT
fYNkFyGI3IqtiN3IfgGIxDgxa1Du4JVy1keViL6mXtGOI/UwkQqdqwgQFdCtp92d
Nkb2ErhDHq2dEPXXN7+qwXkNtkW2H6NJmM8WqgxvGSa71KZ16c8C6sRtZEr7ZvrE
zBRqqV/XODSZqs23NfFMOVwUItDBQlsg3H5pemqBlQS+ZiCmKgdLUmc52Q8KLgxE
gTLtVSqZStgeVLb3bpsJEjcpyyqsONBPOrqSkZJ1QKv8QNEnisIssFTN0qu/nDjl
Bqq2BsHoVxBY9C/qckVO24DEY0omCG5r
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:33:54 2025 by rpki-client