Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/atY6aDnEsgATP9eot7T7Ik0yssA.roa
File: atY6aDnEsgATP9eot7T7Ik0yssA.roa (raw, json)
Hash identifier: uZg2GhbEalwHM0lywkjSLLTURLP3lL5OuvXS4NIUW8k=
Subject key identifier: 6A:D6:3A:68:39:C4:B2:00:13:3F:D7:A8:B7:B4:FB:22:4D:32:B2:C0
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 018BF6A52BBB681FC35D9E642C97064E32D1
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/atY6aDnEsgATP9eot7T7Ik0yssA.roa
Signing time: Wed 22 Nov 2023 10:48:21 +0000
ROA not before: Wed 22 Nov 2023 10:48:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44812
IP address blocks: 2a11:4b45::/32 maxlen: 32
2a12:a346::/32 maxlen: 32
2a11:4b40::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:f6:a5:2b:bb:68:1f:c3:5d:9e:64:2c:97:06:4e:32:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Nov 22 10:48:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6ad63a6839c4b200133fd7a8b7b4fb224d32b2c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:dc:6f:fb:25:1f:2a:1c:38:11:8c:ac:21:31:
e4:8d:ba:c7:02:ea:42:dd:56:87:4e:69:a3:f6:7c:
a6:44:91:62:eb:55:cc:69:81:d5:e9:21:00:16:9f:
ba:8c:7c:ca:0d:c2:c8:49:7e:39:4b:89:2d:a0:df:
9a:61:3d:66:0a:b7:f5:68:32:c9:ba:6b:22:f3:68:
f5:4a:08:6c:41:f5:83:f8:ae:84:e2:e2:87:71:83:
03:c9:4b:30:c7:fc:a1:47:65:06:b6:b4:86:75:47:
70:4e:03:a9:60:ac:c2:91:62:79:37:cc:b3:d8:48:
f0:e1:50:8f:a6:72:25:d2:66:67:e6:a6:77:d7:2f:
64:1c:ee:1f:b5:5e:70:4e:32:b9:6b:aa:47:72:7d:
de:90:39:da:29:63:3c:04:94:d6:30:2b:cb:be:ac:
27:e0:af:79:1b:fb:0c:59:5d:99:1f:55:d3:c0:00:
6b:23:22:13:40:4f:53:44:f6:ee:da:14:c1:9b:6c:
21:f4:d9:ab:df:fc:f8:e6:72:ee:3c:ec:b4:12:42:
01:cf:66:1a:b3:79:1a:c1:30:fd:36:45:48:5b:c7:
8a:c6:eb:d3:6e:55:b9:df:ef:50:ee:23:bd:17:aa:
e5:87:c6:7d:39:5b:3a:59:9b:ae:a2:76:d8:d4:4e:
e8:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:D6:3A:68:39:C4:B2:00:13:3F:D7:A8:B7:B4:FB:22:4D:32:B2:C0
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/atY6aDnEsgATP9eot7T7Ik0yssA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:4b40::/32
2a11:4b45::/32
2a12:a346::/32
Signature Algorithm: sha256WithRSAEncryption
6a:ca:49:9a:fa:c4:c9:4f:bd:4a:fe:57:27:2a:0b:a8:a1:90:
bf:4e:bd:27:03:20:a0:00:16:73:c7:b0:e9:3d:a0:26:33:e9:
df:88:e5:c7:e1:a9:66:06:2d:74:2b:b3:f1:dc:f7:a5:32:36:
4c:87:ed:e8:ed:ce:61:d7:b7:57:98:02:9d:32:8e:f2:4f:4a:
af:c5:c4:42:bf:0b:c5:6d:b3:01:ed:a7:ac:95:ef:fa:a5:78:
39:c1:34:44:8c:d6:3b:f8:94:a0:b6:54:ce:b0:0b:00:6b:0c:
ec:22:0f:cb:28:67:b4:d6:61:ee:f3:92:2d:e5:41:a1:ce:5b:
c6:52:dc:15:3b:55:4f:ee:5e:6d:ee:b2:0a:3d:95:88:76:52:
13:58:a8:cc:67:6d:a7:81:f3:b1:c8:1a:ef:3b:43:71:05:23:
89:4a:6a:4d:6c:09:7f:ab:10:9e:bf:3d:8b:62:3f:f8:0d:bb:
ce:1f:6a:82:e7:84:54:40:84:b4:60:67:ec:f5:90:2c:1a:e2:
62:23:32:89:bd:63:98:66:c0:4b:69:a0:70:28:55:42:78:a2:
e7:84:d8:68:2b:db:05:15:71:88:99:24:c7:bb:2b:b6:2e:a5:
57:9b:85:92:51:a7:90:6b:4e:ad:df:d8:85:bb:90:33:a0:59:
5e:25:f9:92
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYv2pSu7aB/DXZ5kLJcGTjLRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjMxMTIyMTA0ODIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWQ2M2E2ODM5YzRiMjAwMTMzZmQ3YThiN2I0ZmIyMjRkMzJiMmMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlNxv+yUfKhw4EYysITHkjbrHAupC
3VaHTmmj9nymRJFi61XMaYHV6SEAFp+6jHzKDcLISX45S4ktoN+aYT1mCrf1aDLJ
umsi82j1SghsQfWD+K6E4uKHcYMDyUswx/yhR2UGtrSGdUdwTgOpYKzCkWJ5N8yz
2Ejw4VCPpnIl0mZn5qZ31y9kHO4ftV5wTjK5a6pHcn3ekDnaKWM8BJTWMCvLvqwn
4K95G/sMWV2ZH1XTwABrIyITQE9TRPbu2hTBm2wh9Nmr3/z45nLuPOy0EkIBz2Ya
s3kawTD9NkVIW8eKxuvTblW53+9Q7iO9F6rlh8Z9OVs6WZuuonbY1E7oGQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGrWOmg5xLIAEz/XqLe0+yJNMrLAMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvYXRZNmFEbkVzZ0FUUDllb3Q3VDdJazB5c3NBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUAKhFLQAMF
ACoRS0UDBQAqEqNGMA0GCSqGSIb3DQEBCwUAA4IBAQBqykma+sTJT71K/lcnKguo
oZC/Tr0nAyCgABZzx7DpPaAmM+nfiOXH4almBi10K7Px3PelMjZMh+3o7c5h17dX
mAKdMo7yT0qvxcRCvwvFbbMB7aesle/6pXg5wTREjNY7+JSgtlTOsAsAawzsIg/L
KGe01mHu85It5UGhzlvGUtwVO1VP7l5t7rIKPZWIdlITWKjMZ22ngfOxyBrvO0Nx
BSOJSmpNbAl/qxCevz2LYj/4DbvOH2qC54RUQIS0YGfs9ZAsGuJiIzKJvWOYZsBL
aaBwKFVCeKLnhNhoK9sFFXGImSTHuyu2LqVXm4WSUaeQa06t39iFu5AzoFleJfmS
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:54:25 2025 by rpki-client