Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/YztxadUaZNV22HJM1ZeJB3BUpvg.roa
File: YztxadUaZNV22HJM1ZeJB3BUpvg.roa (raw, json)
Hash identifier: 0clOF+7eup1u/ySGte136a0xnSTj+gHYFUo7HpxxbCo=
Subject key identifier: 63:3B:71:69:D5:1A:64:D5:76:D8:72:4C:D5:97:89:07:70:54:A6:F8
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018A088B0EAAEBA3C5AE3705CE160A27AB7A
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/YztxadUaZNV22HJM1ZeJB3BUpvg.roa
Signing time: Fri 18 Aug 2023 12:07:25 +0000
ROA not before: Fri 18 Aug 2023 12:07:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205544
IP address blocks: 2a0f:e1c0:1::/48 maxlen: 48
2a0f:e6c7:1::/48 maxlen: 48
2a0f:e6c5:1::/48 maxlen: 48
2a0f:e440::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:08:8b:0e:aa:eb:a3:c5:ae:37:05:ce:16:0a:27:ab:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Aug 18 12:07:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=633b7169d51a64d576d8724cd59789077054a6f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:7b:b4:13:b1:18:c4:df:26:43:68:31:7f:1e:
c7:91:13:60:0c:f7:27:07:a6:34:66:60:49:26:85:
09:36:3a:34:ac:89:ae:fb:6e:a6:d4:e9:42:a5:b0:
0c:77:d8:27:6b:d5:04:65:0b:ac:cb:de:a6:5c:67:
eb:54:ed:4a:dd:29:b9:b6:74:fc:40:f4:29:2f:d4:
5a:63:e6:6a:a7:05:04:a8:b2:56:49:be:f9:e3:65:
88:87:41:a3:9d:b1:1e:ef:22:a8:e1:2e:c4:c4:1a:
f4:9d:a4:fa:b5:f2:1f:50:57:b1:0a:e8:38:f7:04:
9b:31:8a:13:3c:3a:50:90:cf:49:ef:01:8d:6e:1e:
34:3a:31:2f:25:ca:6b:56:5a:fc:54:53:ee:46:94:
fe:37:2a:1b:f8:5e:9c:72:f7:68:a6:d5:f5:38:4f:
d5:2e:4f:9e:26:23:30:dd:9a:4c:04:ed:63:a5:1b:
fd:9b:53:cd:30:1b:b8:bb:c9:c7:6f:ca:94:06:f9:
07:e4:65:64:fb:ec:16:5e:ed:d1:4b:8f:52:88:aa:
30:d8:0b:94:67:62:04:1a:90:da:7d:5e:ae:6c:81:
85:8b:a0:03:bf:e4:30:cf:fb:55:43:d9:57:37:ae:
7e:1a:5b:0c:a1:d5:37:4f:1f:f1:32:d1:e1:07:ca:
59:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:3B:71:69:D5:1A:64:D5:76:D8:72:4C:D5:97:89:07:70:54:A6:F8
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/YztxadUaZNV22HJM1ZeJB3BUpvg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:e1c0:1::/48
2a0f:e440::/29
2a0f:e6c5:1::/48
2a0f:e6c7:1::/48
Signature Algorithm: sha256WithRSAEncryption
04:03:7a:54:34:89:08:77:bb:8b:80:3d:62:04:3c:e4:9a:f5:
ee:16:19:c8:f0:47:2d:56:48:78:b7:d1:ac:5f:ba:a8:e5:8d:
b5:a9:08:f7:f9:7a:d2:d3:13:34:ee:35:f2:37:ec:f4:28:6f:
6a:4a:92:4a:d1:8d:9c:bf:ab:68:a9:bf:a3:48:da:d6:39:b3:
51:aa:06:4f:c1:ea:35:11:8b:93:ef:48:4c:a6:28:9e:f6:02:
68:bb:c3:b9:c4:df:7d:46:17:46:b7:d8:12:37:c8:09:01:f8:
d1:6c:01:44:bf:85:7b:1e:e1:ef:f8:fc:1a:a1:90:34:1a:26:
7a:3d:fe:6f:f3:4a:18:4e:8e:c0:de:f1:8a:d2:5c:4e:7c:e0:
f9:78:0b:ca:cf:22:3e:e8:a9:bc:2d:21:1d:82:f6:2b:f0:db:
5a:d3:be:77:0f:d4:b4:38:6a:b7:94:3c:60:03:43:03:54:9b:
44:34:0c:7c:85:19:bd:30:e0:81:b7:6b:a6:84:db:8e:1d:ce:
4a:88:61:5d:4b:5e:ba:05:84:af:1b:4b:2a:56:3b:1e:7f:3c:
c5:f2:44:42:75:0a:f2:6b:e0:e3:b0:de:31:63:e5:46:18:46:
ff:6e:c6:1f:bf:8c:2b:8e:76:fe:1c:f1:9b:af:5b:5a:3c:51:
39:a7:fc:32
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYoIiw6q66PFrjcFzhYKJ6t6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMwODE4MTIwNzI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzNiNzE2OWQ1MWE2NGQ1NzZkODcyNGNkNTk3ODkwNzcwNTRhNmY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApnu0E7EYxN8mQ2gxfx7HkRNgDPcn
B6Y0ZmBJJoUJNjo0rImu+26m1OlCpbAMd9gna9UEZQusy96mXGfrVO1K3Sm5tnT8
QPQpL9RaY+ZqpwUEqLJWSb7542WIh0GjnbEe7yKo4S7ExBr0naT6tfIfUFexCug4
9wSbMYoTPDpQkM9J7wGNbh40OjEvJcprVlr8VFPuRpT+Nyob+F6ccvdoptX1OE/V
Lk+eJiMw3ZpMBO1jpRv9m1PNMBu4u8nHb8qUBvkH5GVk++wWXu3RS49SiKow2AuU
Z2IEGpDafV6ubIGFi6ADv+Qwz/tVQ9lXN65+GlsModU3Tx/xMtHhB8pZ8wIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFGM7cWnVGmTVdthyTNWXiQdwVKb4MB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvWXp0eGFkVWFaTlYyMkhKTTFaZUpCM0JVcHZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAAjAiAwcAKg/hwAAB
AwUDKg/kQAMHACoP5sUAAQMHACoP5scAATANBgkqhkiG9w0BAQsFAAOCAQEABAN6
VDSJCHe7i4A9YgQ85Jr17hYZyPBHLVZIeLfRrF+6qOWNtakI9/l60tMTNO418jfs
9ChvakqSStGNnL+raKm/o0ja1jmzUaoGT8HqNRGLk+9ITKYonvYCaLvDucTffUYX
RrfYEjfICQH40WwBRL+Fex7h7/j8GqGQNBomej3+b/NKGE6OwN7xitJcTnzg+XgL
ys8iPuipvC0hHYL2K/DbWtO+dw/UtDhqt5Q8YANDA1SbRDQMfIUZvTDggbdrpoTb
jh3OSohhXUteugWErxtLKlY7Hn88xfJEQnUK8mvg47DeMWPlRhhG/27GH7+MK452
/hzxm69bWjxROaf8Mg==
-----END CERTIFICATE-----
Generated at Mon May 12 23:02:20 2025 by rpki-client