Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/c6bcba-a996-4bb5-ba4a-a46153145cf8/1/YFJH6cEUwz0A-grPE6umCVdHrJM.roa
File: YFJH6cEUwz0A-grPE6umCVdHrJM.roa (raw, json)
Hash identifier: jHvKyMNaWUH7qOqdl1AngVe8JfO9nzx2ue82Y7gegWc=
Subject key identifier: 60:52:47:E9:C1:14:C3:3D:00:FA:0A:CF:13:AB:A6:09:57:47:AC:93
Certificate issuer: /CN=f2beed4df207c3609adfded80dddd9316f0a9b45
Certificate serial: 0183FE66C70EA079517354EFCA30132C1EE0
Authority key identifier: F2:BE:ED:4D:F2:07:C3:60:9A:DF:DE:D8:0D:DD:D9:31:6F:0A:9B:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8r7tTfIHw2Ca397YDd3ZMW8Km0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/c6bcba-a996-4bb5-ba4a-a46153145cf8/1/YFJH6cEUwz0A-grPE6umCVdHrJM.roa
Signing time: Sat 22 Oct 2022 06:34:51 +0000
ROA not before: Sat 22 Oct 2022 06:34:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202619
IP address blocks: 2a0d:ec0::/30 maxlen: 30
2a03:a9c4::/30 maxlen: 30
2a03:a9c0::/30 maxlen: 30
2a0d:ec4::/30 maxlen: 30
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:fe:66:c7:0e:a0:79:51:73:54:ef:ca:30:13:2c:1e:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f2beed4df207c3609adfded80dddd9316f0a9b45
Validity
Not Before: Oct 22 06:34:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=605247e9c114c33d00fa0acf13aba6095747ac93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:40:c4:9b:39:93:45:f6:2e:27:d2:86:10:38:
7c:ab:a3:42:64:4e:a1:4a:f9:d7:f6:35:d1:0b:b4:
29:71:c2:8b:bb:09:ab:7a:92:b8:84:95:8c:9e:ad:
f9:d4:56:f7:4c:fb:be:2a:e1:94:98:71:6a:e7:09:
4d:1d:cf:19:3a:80:6a:45:38:48:c6:fa:bb:b3:6d:
23:e7:c8:bf:42:91:a5:4b:a5:2e:08:2d:41:31:c7:
ca:fa:07:19:c0:45:6e:44:11:cc:fd:be:03:ad:bb:
c3:99:5a:81:02:e6:dd:0d:de:90:ad:12:79:a9:ac:
0e:08:1f:14:a3:88:34:04:2f:93:a6:77:6f:94:95:
d0:cf:98:6f:31:99:92:65:ac:10:c3:d3:b6:ea:01:
bf:bc:53:28:cd:4d:a0:bd:44:df:c4:f9:80:f3:e2:
88:b4:03:e5:30:0d:38:e3:7d:df:a3:94:da:56:41:
cc:1d:3a:f1:27:6d:f3:01:e4:19:b6:98:79:f4:96:
b5:83:66:b6:13:5d:33:45:6a:45:71:d2:ec:a9:c9:
17:96:ff:49:1d:fa:51:01:e5:7c:8c:11:3f:04:66:
48:da:8e:b4:26:99:be:89:ca:e0:4b:6b:c4:a4:ed:
89:50:c8:8a:63:d9:46:8f:ea:35:8c:c5:c0:f4:ac:
64:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:52:47:E9:C1:14:C3:3D:00:FA:0A:CF:13:AB:A6:09:57:47:AC:93
X509v3 Authority Key Identifier:
keyid:F2:BE:ED:4D:F2:07:C3:60:9A:DF:DE:D8:0D:DD:D9:31:6F:0A:9B:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8r7tTfIHw2Ca397YDd3ZMW8Km0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/c6bcba-a996-4bb5-ba4a-a46153145cf8/1/YFJH6cEUwz0A-grPE6umCVdHrJM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/c6bcba-a996-4bb5-ba4a-a46153145cf8/1/8r7tTfIHw2Ca397YDd3ZMW8Km0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:a9c0::/29
2a0d:ec0::/29
Signature Algorithm: sha256WithRSAEncryption
0d:f9:ad:91:a8:9e:be:5a:ba:74:29:ab:71:d2:fb:64:af:6e:
9e:14:ed:2d:ee:7b:16:49:69:4c:78:98:02:82:ec:f0:4c:c0:
40:71:a2:15:7b:6b:eb:c9:23:fe:21:26:35:4c:67:8c:31:22:
a2:4e:9b:38:ab:98:93:38:53:4e:49:1f:46:19:8e:3c:79:db:
37:3f:8e:35:0a:bc:d8:89:b5:be:0d:c4:a2:5f:10:ba:d4:60:
37:49:04:48:c4:68:14:28:42:1f:17:da:2f:d7:e8:3d:60:28:
33:7b:ed:da:ad:4e:c2:a6:c7:2c:5b:88:cf:bd:d3:80:11:63:
8b:bb:d9:3d:71:e1:5c:3a:12:23:d6:96:d5:e7:c7:d4:28:29:
88:e8:82:27:a5:a7:1d:1c:37:10:02:fa:8f:b6:ea:82:2a:81:
b9:e8:20:f9:a0:62:13:3b:85:c0:fc:d1:61:02:9d:22:1f:a8:
03:3c:f5:d1:4d:70:31:24:8b:e0:78:4d:18:71:ff:9a:0c:76:
8e:41:2e:16:16:c2:c9:2b:bc:94:24:61:b8:b3:1c:8b:79:56:
fe:c8:c6:ee:32:9c:7c:6a:e0:d1:ad:d4:c9:e2:3a:70:b3:ee:
b8:e3:c8:ad:14:6b:96:90:05:e0:8a:00:2e:33:dc:53:72:b6:
ff:61:f4:51
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYP+ZscOoHlRc1TvyjATLB7gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyYmVlZDRkZjIwN2MzNjA5YWRmZGVkODBkZGRkOTMxNmYw
YTliNDUwHhcNMjIxMDIyMDYzNDUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDUyNDdlOWMxMTRjMzNkMDBmYTBhY2YxM2FiYTYwOTU3NDdhYzkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmEDEmzmTRfYuJ9KGEDh8q6NCZE6h
SvnX9jXRC7QpccKLuwmrepK4hJWMnq351Fb3TPu+KuGUmHFq5wlNHc8ZOoBqRThI
xvq7s20j58i/QpGlS6UuCC1BMcfK+gcZwEVuRBHM/b4DrbvDmVqBAubdDd6QrRJ5
qawOCB8Uo4g0BC+TpndvlJXQz5hvMZmSZawQw9O26gG/vFMozU2gvUTfxPmA8+KI
tAPlMA04433fo5TaVkHMHTrxJ23zAeQZtph59Ja1g2a2E10zRWpFcdLsqckXlv9J
HfpRAeV8jBE/BGZI2o60Jpm+icrgS2vEpO2JUMiKY9lGj+o1jMXA9Kxk3QIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFGBSR+nBFMM9APoKzxOrpglXR6yTMB8GA1UdIwQY
MBaAFPK+7U3yB8Ngmt/e2A3d2TFvCptFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOHI3dFRmSUh3MkNhMzk3WURkM1pNVzhLbTBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9jNmJjYmEtYTk5Ni00YmI1LWJhNGEt
YTQ2MTUzMTQ1Y2Y4LzEvWUZKSDZjRVV3ejBBLWdyUEU2dW1DVmRIckpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9jNmJjYmEtYTk5Ni00YmI1LWJhNGEtYTQ2MTUzMTQ1Y2Y4
LzEvOHI3dFRmSUh3MkNhMzk3WURkM1pNVzhLbTBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKgOpwAMF
AyoNDsAwDQYJKoZIhvcNAQELBQADggEBAA35rZGonr5aunQpq3HS+2Svbp4U7S3u
exZJaUx4mAKC7PBMwEBxohV7a+vJI/4hJjVMZ4wxIqJOmzirmJM4U05JH0YZjjx5
2zc/jjUKvNiJtb4NxKJfELrUYDdJBEjEaBQoQh8X2i/X6D1gKDN77dqtTsKmxyxb
iM+904ARY4u72T1x4Vw6EiPWltXnx9QoKYjogielpx0cNxAC+o+26oIqgbnoIPmg
YhM7hcD80WECnSIfqAM89dFNcDEki+B4TRhx/5oMdo5BLhYWwskrvJQkYbizHIt5
Vv7Ixu4ynHxq4NGt1MniOnCz7rjjyK0Ua5aQBeCKAC4z3FNytv9h9FE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:04 2024 by rpki-client on console-ams.rpki-client.org