Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/OS3YVoPakSm6yjed4AF-u0_Yync.roa
File: OS3YVoPakSm6yjed4AF-u0_Yync.roa (raw, json)
Hash identifier: N9PcIAc/110DxrukDBArC50TP6hyhcj4CoETvvhQ6EM=
Subject key identifier: 39:2D:D8:56:83:DA:91:29:BA:CA:37:9D:E0:01:7E:BB:4F:D8:CA:77
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01882420FF6A6F38021D09E620C1AE5D54C3
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/OS3YVoPakSm6yjed4AF-u0_Yync.roa
Signing time: Tue 16 May 2023 10:35:22 +0000
ROA not before: Tue 16 May 2023 10:35:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 63023
IP address blocks: 2a13:9280::/29 maxlen: 29
2a13:f40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:24:20:ff:6a:6f:38:02:1d:09:e6:20:c1:ae:5d:54:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: May 16 10:35:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=392dd85683da9129baca379de0017ebb4fd8ca77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:c7:d2:f2:a9:41:ef:6b:fd:02:83:2f:fe:3b:
0e:0e:01:7e:18:38:54:f9:89:fe:c5:78:2a:4d:f1:
cf:81:b6:fa:36:9b:4b:24:f6:73:3f:74:03:e4:65:
be:3a:08:1d:82:44:12:63:69:4b:e4:71:89:cd:96:
95:0c:a6:40:c3:93:da:d7:95:66:7e:f7:45:0f:54:
66:6c:0e:ee:f9:28:b2:ac:da:33:6b:0d:de:3e:fa:
6f:60:d7:da:3a:27:d8:2b:ca:47:5a:e6:34:96:83:
c6:a6:84:4c:81:9d:7c:7c:91:3b:0b:c7:e2:8a:ec:
cf:02:0c:ad:c0:8c:42:a3:fe:18:c0:19:90:5c:e3:
77:47:5f:c3:a2:27:80:47:4d:7a:9e:47:c6:2d:3d:
63:b1:a2:6c:ec:6e:f6:fa:94:75:3a:96:b7:a3:a5:
c2:26:57:93:0a:10:68:ac:c5:8f:00:f4:8c:06:55:
e7:a2:21:be:5e:db:0a:8d:47:96:0c:2e:e8:79:73:
f3:ad:e0:fc:13:1c:69:a4:a1:f2:ed:d9:db:a6:18:
c7:6e:e5:5b:05:db:1b:d1:56:16:e9:03:db:49:e7:
f0:b8:2a:f8:98:bb:51:a2:42:cf:fd:42:4b:39:8e:
8f:f8:9c:cb:e8:60:e9:0b:6b:6d:a8:f8:e3:56:43:
04:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:2D:D8:56:83:DA:91:29:BA:CA:37:9D:E0:01:7E:BB:4F:D8:CA:77
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/OS3YVoPakSm6yjed4AF-u0_Yync.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:f40::/29
2a13:9280::/29
Signature Algorithm: sha256WithRSAEncryption
13:f9:20:3c:05:b5:7a:dd:39:38:b5:c6:db:26:82:06:7c:c8:
3f:39:98:85:9c:68:69:ff:ee:32:3c:b6:51:48:b5:6d:fd:c4:
c7:b4:c6:7e:9e:6d:83:8d:7a:dd:1b:f0:af:77:f9:f8:d6:f7:
a6:c7:c2:96:3d:c5:22:42:a7:b7:5a:bc:0b:67:e8:d3:23:ae:
a5:e3:e7:ca:ce:91:ad:79:e2:57:fb:e8:38:a1:1c:09:9f:46:
31:49:9f:d8:00:00:88:bc:db:10:67:3f:77:12:26:f8:b9:5a:
40:60:43:9f:81:02:8a:2d:be:93:c3:c2:85:4c:dc:00:fd:e2:
df:1f:25:4e:96:94:a4:f9:2a:f3:fe:ff:fd:d9:5a:79:65:1d:
b2:11:f9:46:1e:9b:fa:5b:19:12:51:9e:19:fc:28:5d:e5:05:
f1:bc:f7:ff:79:e9:78:71:2f:e5:c6:5b:26:63:df:b5:6f:56:
a6:fe:91:9f:3a:b6:a3:8d:8e:cb:43:21:9e:be:ff:cb:11:41:
c8:48:6b:c6:25:f7:4e:08:69:0a:ea:93:0c:e2:48:f7:04:2c:
31:40:55:8a:32:f5:5f:e0:e7:d0:5b:af:a9:24:0c:f1:0e:c0:
3a:c5:4a:27:77:03:b6:07:55:e2:70:df:cf:d8:09:9d:fc:d0:
eb:f3:3a:a1
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYgkIP9qbzgCHQnmIMGuXVTDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMwNTE2MTAzNTIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTJkZDg1NjgzZGE5MTI5YmFjYTM3OWRlMDAxN2ViYjRmZDhjYTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAicfS8qlB72v9AoMv/jsODgF+GDhU
+Yn+xXgqTfHPgbb6NptLJPZzP3QD5GW+OggdgkQSY2lL5HGJzZaVDKZAw5Pa15Vm
fvdFD1RmbA7u+SiyrNozaw3ePvpvYNfaOifYK8pHWuY0loPGpoRMgZ18fJE7C8fi
iuzPAgytwIxCo/4YwBmQXON3R1/DoieAR016nkfGLT1jsaJs7G72+pR1Opa3o6XC
JleTChBorMWPAPSMBlXnoiG+XtsKjUeWDC7oeXPzreD8ExxppKHy7dnbphjHbuVb
Bdsb0VYW6QPbSefwuCr4mLtRokLP/UJLOY6P+JzL6GDpC2ttqPjjVkME1wIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFDkt2FaD2pEpuso3neABfrtP2Mp3MB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvT1MzWVZvUGFrU202eWplZDRBRi11MF9ZeW5jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKhMPQAMF
AyoTkoAwDQYJKoZIhvcNAQELBQADggEBABP5IDwFtXrdOTi1xtsmggZ8yD85mIWc
aGn/7jI8tlFItW39xMe0xn6ebYONet0b8K93+fjW96bHwpY9xSJCp7davAtn6NMj
rqXj58rOka154lf76DihHAmfRjFJn9gAAIi82xBnP3cSJvi5WkBgQ5+BAootvpPD
woVM3AD94t8fJU6WlKT5KvP+//3ZWnllHbIR+UYem/pbGRJRnhn8KF3lBfG89/95
6XhxL+XGWyZj37VvVqb+kZ86tqONjstDIZ6+/8sRQchIa8Yl904IaQrqkwziSPcE
LDFAVYoy9V/g59Bbr6kkDPEOwDrFSid3A7YHVeJw38/YCZ380OvzOqE=
-----END CERTIFICATE-----
Generated at Thu May 8 05:48:54 2025 by rpki-client