Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/888869-7a65-415b-b68f-5484402ceb7a/1/YaRWVwVmx8pff5UU-zgUXoccCZc.roa
File: YaRWVwVmx8pff5UU-zgUXoccCZc.roa (raw, json)
Hash identifier: qoU3ua5BP24RpyVUufIVB6FDH1oesgMwATI+ixKQxiQ=
Subject key identifier: 61:A4:56:57:05:66:C7:CA:5F:7F:95:14:FB:38:14:5E:87:1C:09:97
Certificate issuer: /CN=b0c20ae1dacca31815b274702927c1a5a9dbc7b3
Certificate serial: 018322E9FE7F851F4AFE759213E5C5F13173
Authority key identifier: B0:C2:0A:E1:DA:CC:A3:18:15:B2:74:70:29:27:C1:A5:A9:DB:C7:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sMIK4drMoxgVsnRwKSfBpanbx7M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/888869-7a65-415b-b68f-5484402ceb7a/1/YaRWVwVmx8pff5UU-zgUXoccCZc.roa
Signing time: Fri 09 Sep 2022 15:41:43 +0000
ROA not before: Fri 09 Sep 2022 15:41:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43431
IP address blocks: 2a0e:eb00:1::/48 maxlen: 48
2a0b:1784::/30 maxlen: 30
2a0b:1780::/30 maxlen: 30
2a0e:eb00::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:22:e9:fe:7f:85:1f:4a:fe:75:92:13:e5:c5:f1:31:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0c20ae1dacca31815b274702927c1a5a9dbc7b3
Validity
Not Before: Sep 9 15:41:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=61a456570566c7ca5f7f9514fb38145e871c0997
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:b6:bd:4d:7b:3e:d5:18:88:b7:fd:7f:ec:63:
c7:32:d2:e4:68:79:83:ad:3e:87:b6:07:cb:f7:e8:
7e:90:cd:ea:06:ad:01:0f:90:a4:3b:65:25:63:ee:
95:d8:ff:04:76:40:b3:03:ea:2c:f5:e0:6e:55:69:
d0:2b:8d:e7:eb:bd:c5:2a:36:8f:eb:23:e8:1b:08:
6e:6e:34:85:ee:6f:53:1d:3d:7b:82:cb:d7:25:93:
98:77:2b:bf:1a:70:a9:d3:17:e3:71:04:3a:c3:37:
7a:a3:c2:86:02:8a:ed:a5:ef:81:32:a3:84:26:cd:
ee:d7:b2:f8:c4:77:3c:5d:9c:c3:68:07:3a:8c:68:
44:55:ce:ac:87:ec:3a:9e:5a:5e:60:b8:a4:86:21:
47:b6:3b:13:ce:ae:a9:46:7b:59:a5:b7:5c:e6:9c:
73:3f:54:1c:9d:05:71:c1:df:4d:2f:cd:31:85:cf:
11:05:0c:49:b6:a4:b6:5e:ac:84:70:9f:42:16:36:
ed:8d:74:9a:ae:af:51:44:ec:e0:5a:f0:65:d5:bb:
91:f5:fe:42:9a:cb:8d:f3:98:bd:c8:75:50:ed:2e:
e7:42:21:20:5b:5d:1f:ea:7c:5a:48:86:7e:e9:a8:
ea:9f:a0:c8:7b:19:d3:e5:47:9b:b9:a5:2b:cd:b3:
65:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:A4:56:57:05:66:C7:CA:5F:7F:95:14:FB:38:14:5E:87:1C:09:97
X509v3 Authority Key Identifier:
keyid:B0:C2:0A:E1:DA:CC:A3:18:15:B2:74:70:29:27:C1:A5:A9:DB:C7:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sMIK4drMoxgVsnRwKSfBpanbx7M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/888869-7a65-415b-b68f-5484402ceb7a/1/YaRWVwVmx8pff5UU-zgUXoccCZc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/888869-7a65-415b-b68f-5484402ceb7a/1/sMIK4drMoxgVsnRwKSfBpanbx7M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:1780::/29
2a0e:eb00::/47
Signature Algorithm: sha256WithRSAEncryption
07:38:ea:14:a8:4a:44:88:bb:93:5c:9b:79:81:36:9e:9f:39:
4a:d2:63:29:d4:a3:45:a7:c6:5b:87:b4:64:3c:12:36:12:73:
ef:8f:c7:a2:a4:1f:25:61:74:bb:6c:d4:3c:04:18:42:1c:8d:
d4:f6:58:51:79:36:53:8a:2f:9a:43:90:1d:af:f1:6b:48:77:
f5:85:b7:57:29:a5:e6:36:67:65:90:8b:d8:e1:9e:4d:89:c0:
ff:58:cc:a1:0c:9b:d9:b9:67:3a:8b:f1:37:c9:a5:80:c5:b0:
30:c5:8c:06:78:57:c8:2a:d2:aa:14:ee:9c:93:b4:c7:09:3f:
ac:8f:bd:5e:09:39:c0:3d:de:e8:8c:65:1b:6f:6b:68:6e:da:
e4:72:63:34:a6:c7:36:e9:40:28:2e:44:fe:52:97:52:02:d6:
a4:f7:a3:cf:cc:a2:6c:41:20:fc:03:b6:ae:4a:c7:4b:4d:80:
61:b2:1f:e5:22:6d:7f:aa:3c:91:9a:20:39:a2:8b:ed:fd:3a:
8d:42:e4:50:6f:ca:7a:5d:20:e6:50:fb:f4:70:2a:a8:52:79:
ab:de:04:23:30:ae:57:24:ca:c6:08:44:78:18:b1:b4:43:c0:
51:27:bf:e8:4c:dc:ed:70:7b:41:05:c9:6f:94:5f:ca:4b:31:
aa:b0:44:dc
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAYMi6f5/hR9K/nWSE+XF8TFzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwYzIwYWUxZGFjY2EzMTgxNWIyNzQ3MDI5MjdjMWE1YTlk
YmM3YjMwHhcNMjIwOTA5MTU0MTQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWE0NTY1NzA1NjZjN2NhNWY3Zjk1MTRmYjM4MTQ1ZTg3MWMwOTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAira9TXs+1RiIt/1/7GPHMtLkaHmD
rT6HtgfL9+h+kM3qBq0BD5CkO2UlY+6V2P8EdkCzA+os9eBuVWnQK43n673FKjaP
6yPoGwhubjSF7m9THT17gsvXJZOYdyu/GnCp0xfjcQQ6wzd6o8KGAortpe+BMqOE
Js3u17L4xHc8XZzDaAc6jGhEVc6sh+w6nlpeYLikhiFHtjsTzq6pRntZpbdc5pxz
P1QcnQVxwd9NL80xhc8RBQxJtqS2XqyEcJ9CFjbtjXSarq9RROzgWvBl1buR9f5C
msuN85i9yHVQ7S7nQiEgW10f6nxaSIZ+6ajqn6DIexnT5UebuaUrzbNldwIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFGGkVlcFZsfKX3+VFPs4FF6HHAmXMB8GA1UdIwQY
MBaAFLDCCuHazKMYFbJ0cCknwaWp28ezMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc01JSzRkck1veGdWc25Sd0tTZkJwYW5ieDdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ODg4NjktN2E2NS00MTViLWI2OGYt
NTQ4NDQwMmNlYjdhLzEvWWFSV1Z3Vm14OHBmZjVVVS16Z1VYb2NjQ1pjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ODg4NjktN2E2NS00MTViLWI2OGYtNTQ4NDQwMmNlYjdh
LzEvc01JSzRkck1veGdWc25Sd0tTZkJwYW5ieDdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQAwUDKgsXgAMH
ASoO6wAAADANBgkqhkiG9w0BAQsFAAOCAQEABzjqFKhKRIi7k1ybeYE2np85StJj
KdSjRafGW4e0ZDwSNhJz74/HoqQfJWF0u2zUPAQYQhyN1PZYUXk2U4ovmkOQHa/x
a0h39YW3Vyml5jZnZZCL2OGeTYnA/1jMoQyb2blnOovxN8mlgMWwMMWMBnhXyCrS
qhTunJO0xwk/rI+9Xgk5wD3e6IxlG29raG7a5HJjNKbHNulAKC5E/lKXUgLWpPej
z8yibEEg/AO2rkrHS02AYbIf5SJtf6o8kZogOaKL7f06jULkUG/Kel0g5lD79HAq
qFJ5q94EIzCuVyTKxghEeBixtEPAUSe/6Ezc7XB7QQXJb5RfyksxqrBE3A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:07 2024 by rpki-client on console-fra.rpki-client.org