Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/2YAHneTK5KjUM52U-S_Us1x5oVA.roa
File: 2YAHneTK5KjUM52U-S_Us1x5oVA.roa (raw, json)
Hash identifier: S082CbSCT2R4IxQKFzXZJ+huVIQ2DTFGxFP8cwK4yhc=
Subject key identifier: D9:80:07:9D:E4:CA:E4:A8:D4:33:9D:94:F9:2F:D4:B3:5C:79:A1:50
Certificate issuer: /CN=cfcead390625edba1408108df57cea47160d70e5
Certificate serial: 018C7D4C5F60A333CF547CF50A1FAB6CB857
Authority key identifier: CF:CE:AD:39:06:25:ED:BA:14:08:10:8D:F5:7C:EA:47:16:0D:70:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z86tOQYl7boUCBCN9XzqRxYNcOU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/2YAHneTK5KjUM52U-S_Us1x5oVA.roa
Signing time: Mon 18 Dec 2023 14:20:06 +0000
ROA not before: Mon 18 Dec 2023 14:20:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 215832
IP address blocks: 2a0f:7803:fe80::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:7d:4c:5f:60:a3:33:cf:54:7c:f5:0a:1f:ab:6c:b8:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfcead390625edba1408108df57cea47160d70e5
Validity
Not Before: Dec 18 14:20:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d980079de4cae4a8d4339d94f92fd4b35c79a150
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:96:9d:d1:ef:09:c1:4c:6e:73:c5:c9:ff:8f:
d3:8c:0a:66:67:b4:37:97:5e:57:17:2c:b0:ea:0f:
08:33:f4:dc:e5:30:37:5f:00:d3:f3:31:a4:3c:16:
5d:5d:c6:9f:0f:83:a2:ef:20:5b:62:4d:00:7e:6e:
84:8f:67:05:80:62:b0:fa:f0:00:9a:0a:42:ec:1e:
32:1a:b4:37:5d:98:ee:ec:03:69:32:0f:d0:db:35:
dd:74:48:e1:5b:58:d2:0b:ee:e2:ff:58:7f:f3:6a:
27:c3:a3:f8:f1:5d:c5:94:6d:f6:a7:a8:55:75:e2:
69:04:38:f4:2d:7e:44:1f:24:9a:1e:3b:4c:6d:73:
c8:c8:4e:08:61:71:b7:bd:56:05:6f:2b:07:12:53:
7a:4e:03:cf:26:85:ea:f7:ce:ce:35:8c:46:a0:80:
78:b3:45:c2:6a:5f:ac:78:a0:7e:20:2e:f8:75:43:
89:cc:5d:4d:57:a1:f7:0f:15:0a:6e:bf:d1:ff:2d:
fe:cb:58:ad:15:e6:15:be:3b:4d:2c:0c:7e:bb:bb:
51:0e:8e:32:4a:23:86:a2:8a:f0:94:6d:a4:0a:2b:
34:87:16:75:cb:d7:d3:39:94:32:16:13:02:2b:ed:
d1:88:ae:c7:4e:ca:6e:3d:2c:bb:95:f2:ca:f0:fa:
b6:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:80:07:9D:E4:CA:E4:A8:D4:33:9D:94:F9:2F:D4:B3:5C:79:A1:50
X509v3 Authority Key Identifier:
keyid:CF:CE:AD:39:06:25:ED:BA:14:08:10:8D:F5:7C:EA:47:16:0D:70:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z86tOQYl7boUCBCN9XzqRxYNcOU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/2YAHneTK5KjUM52U-S_Us1x5oVA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/z86tOQYl7boUCBCN9XzqRxYNcOU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:7803:fe80::/44
Signature Algorithm: sha256WithRSAEncryption
2f:13:4e:2e:80:9d:4f:33:2d:93:8b:c7:2c:9c:c8:11:a1:55:
71:6e:e7:a9:48:24:bf:3a:65:37:d5:c8:87:fc:48:15:29:1b:
07:ac:a9:c6:37:aa:57:17:86:bc:3a:87:80:1a:0d:f2:fa:11:
e5:b9:a9:d1:2f:45:2a:f9:de:11:37:4b:03:33:b7:73:5b:f4:
c0:ab:98:35:d7:60:29:7e:10:69:81:19:a4:9d:55:eb:72:35:
80:68:13:d8:a1:24:c9:f7:d7:93:e2:89:d5:1a:e9:09:1f:27:
4e:49:7e:cc:d7:cb:ca:4f:4f:c1:70:d9:3b:cf:40:32:1e:32:
ae:4d:ea:cd:c8:4e:27:59:c8:db:a3:da:05:77:a6:d4:14:82:
b1:24:42:aa:18:69:13:02:e0:56:eb:07:2b:9e:07:83:2f:34:
37:09:c6:b7:83:f3:ef:d1:5a:8a:f3:24:f3:42:44:27:52:e9:
d6:af:7d:de:d7:89:39:58:a3:67:4e:bf:f3:d4:f8:24:88:0f:
79:4f:1d:31:1f:48:c3:b0:69:c2:aa:49:6b:71:42:53:70:fb:
8d:e1:2a:ee:bf:1a:3f:f3:01:6d:d5:5d:b8:d6:e3:a3:f7:42:
68:6c:0d:bf:a1:00:59:32:d0:4e:f1:91:7c:c4:fe:79:4a:54:
f9:8f:00:fe
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYx9TF9gozPPVHz1Ch+rbLhXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmY2VhZDM5MDYyNWVkYmExNDA4MTA4ZGY1N2NlYTQ3MTYw
ZDcwZTUwHhcNMjMxMjE4MTQyMDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTgwMDc5ZGU0Y2FlNGE4ZDQzMzlkOTRmOTJmZDRiMzVjNzlhMTUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw5ad0e8JwUxuc8XJ/4/TjApmZ7Q3
l15XFyyw6g8IM/Tc5TA3XwDT8zGkPBZdXcafD4Oi7yBbYk0Afm6Ej2cFgGKw+vAA
mgpC7B4yGrQ3XZju7ANpMg/Q2zXddEjhW1jSC+7i/1h/82onw6P48V3FlG32p6hV
deJpBDj0LX5EHySaHjtMbXPIyE4IYXG3vVYFbysHElN6TgPPJoXq987ONYxGoIB4
s0XCal+seKB+IC74dUOJzF1NV6H3DxUKbr/R/y3+y1itFeYVvjtNLAx+u7tRDo4y
SiOGoorwlG2kCis0hxZ1y9fTOZQyFhMCK+3RiK7HTspuPSy7lfLK8Pq2BwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNmAB53kyuSo1DOdlPkv1LNceaFQMB8GA1UdIwQY
MBaAFM/OrTkGJe26FAgQjfV86kcWDXDlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejg2dE9RWWw3Ym9VQ0JDTjlYenFSeFlOY09VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9jNDY0N2EtNjA0Mi00ZmU4LWEyNzYt
ZjViNmE3MThmNGI1LzEvMllBSG5lVEs1S2pVTTUyVS1TX1VzMXg1b1ZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9jNDY0N2EtNjA0Mi00ZmU4LWEyNzYtZjViNmE3MThmNGI1
LzEvejg2dE9RWWw3Ym9VQ0JDTjlYenFSeFlOY09VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg94A/6A
MA0GCSqGSIb3DQEBCwUAA4IBAQAvE04ugJ1PMy2Ti8csnMgRoVVxbuepSCS/OmU3
1ciH/EgVKRsHrKnGN6pXF4a8OoeAGg3y+hHluanRL0Uq+d4RN0sDM7dzW/TAq5g1
12ApfhBpgRmknVXrcjWAaBPYoSTJ99eT4onVGukJHydOSX7M18vKT0/BcNk7z0Ay
HjKuTerNyE4nWcjbo9oFd6bUFIKxJEKqGGkTAuBW6wcrngeDLzQ3Cca3g/Pv0VqK
8yTzQkQnUunWr33e14k5WKNnTr/z1PgkiA95Tx0xH0jDsGnCqklrcUJTcPuN4Sru
vxo/8wFt1V241uOj90JobA2/oQBZMtBO8ZF8xP55SlT5jwD+
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:29:54 2025 by rpki-client