Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/83d6fa-461d-4a56-a844-9f942bc12a7e/1/YZcpwfWvAAP9h8wjUmHvSggsh4c.roa
File: YZcpwfWvAAP9h8wjUmHvSggsh4c.roa (raw, json)
Hash identifier: grQa8tHpkR81YBB2hf8wzjt9a5zl/mlkZKIzxmExLG0=
Subject key identifier: 61:97:29:C1:F5:AF:00:03:FD:87:CC:23:52:61:EF:4A:08:2C:87:87
Certificate issuer: /CN=5688b42175d6214a31a5407db8b6c95f1ec60d4e
Certificate serial: 0187CEF1C16A74FC612F5C4C65715D38A967
Authority key identifier: 56:88:B4:21:75:D6:21:4A:31:A5:40:7D:B8:B6:C9:5F:1E:C6:0D:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Voi0IXXWIUoxpUB9uLbJXx7GDU4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/83d6fa-461d-4a56-a844-9f942bc12a7e/1/YZcpwfWvAAP9h8wjUmHvSggsh4c.roa
Signing time: Sat 29 Apr 2023 21:36:02 +0000
ROA not before: Sat 29 Apr 2023 21:36:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212077
IP address blocks: 2a13:7b40:1::/48 maxlen: 64
2a13:7b40:1::/64 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:ce:f1:c1:6a:74:fc:61:2f:5c:4c:65:71:5d:38:a9:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5688b42175d6214a31a5407db8b6c95f1ec60d4e
Validity
Not Before: Apr 29 21:36:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=619729c1f5af0003fd87cc235261ef4a082c8787
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:13:af:cc:9a:c4:4a:83:7e:50:28:9e:eb:1a:
f6:63:00:61:26:c9:46:95:ce:6e:a0:d5:71:2d:a0:
7d:d7:06:3f:5e:7e:7c:cb:fc:06:f0:a3:62:a8:47:
27:b3:0f:c1:72:f1:0c:b2:77:cd:46:f1:8e:72:4e:
09:8d:f7:50:14:db:af:cc:5c:fc:52:a7:be:ef:34:
a6:04:ee:96:32:5c:85:53:21:b8:7b:14:73:ae:50:
bb:2a:4d:d0:8d:a8:af:9f:4b:f7:3d:78:75:1a:bb:
ba:9b:f0:52:93:8c:fc:9e:11:9a:2b:5b:56:a1:e9:
61:8f:72:59:0f:a3:eb:0c:12:74:91:d7:3f:c2:2f:
4b:c1:fe:b0:83:86:6e:91:c6:fc:c1:53:c9:8d:24:
76:79:8f:67:39:de:b9:6b:e7:d5:5b:6e:dc:f3:29:
7b:2b:8a:8c:1e:35:83:b5:c0:bf:65:cd:8d:34:a6:
ff:d3:6e:79:68:61:7d:1d:57:f5:45:e1:85:e0:78:
a7:1f:35:4f:de:08:78:a9:10:9e:73:0d:09:f4:1b:
fd:e6:e8:58:c4:68:98:d7:75:74:65:d3:0b:5b:71:
f9:f9:ec:19:df:2f:df:b2:fa:2c:9f:92:b3:b6:77:
a5:70:d7:33:18:9f:01:a4:ef:92:57:77:9e:42:db:
a5:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:97:29:C1:F5:AF:00:03:FD:87:CC:23:52:61:EF:4A:08:2C:87:87
X509v3 Authority Key Identifier:
keyid:56:88:B4:21:75:D6:21:4A:31:A5:40:7D:B8:B6:C9:5F:1E:C6:0D:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Voi0IXXWIUoxpUB9uLbJXx7GDU4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/83d6fa-461d-4a56-a844-9f942bc12a7e/1/YZcpwfWvAAP9h8wjUmHvSggsh4c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/83d6fa-461d-4a56-a844-9f942bc12a7e/1/Voi0IXXWIUoxpUB9uLbJXx7GDU4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:7b40:1::/48
Signature Algorithm: sha256WithRSAEncryption
78:f8:f0:3e:fa:3c:21:06:22:eb:60:ad:bc:ac:81:42:d9:a3:
33:c3:25:a6:0e:d4:3c:48:67:78:72:b0:0f:35:3c:2c:a5:05:
a7:5f:a1:55:84:43:6c:1c:89:e5:95:4e:f8:2e:a4:aa:5c:22:
84:6f:9e:88:d3:2f:d4:56:86:77:ed:2c:80:e1:c7:c0:3a:50:
6f:53:d6:33:d6:e5:5e:3c:06:4f:73:d0:14:a5:ab:fe:09:8f:
46:81:98:7a:f6:41:36:76:cb:6c:b9:18:dc:a2:69:27:7b:13:
dc:6b:71:e7:50:e1:18:97:cc:6c:24:d0:42:ca:8e:cb:e7:b8:
d1:6b:61:00:a2:b3:92:bd:14:18:81:a1:9a:0a:55:15:43:6b:
d9:04:0b:89:00:20:8d:59:ce:c4:e9:56:cd:23:65:ae:9b:0d:
b6:dc:1d:a3:e9:07:7a:ba:c2:12:6e:e2:86:fd:af:e9:ef:04:
49:c3:94:36:10:ef:a4:40:5f:08:59:90:cd:c7:2f:f7:ee:ab:
9d:df:56:7f:c7:77:f7:4c:1f:77:24:0e:2e:18:47:96:31:f0:
7f:88:9b:a1:1c:d8:77:60:ee:6a:f4:7b:7e:16:83:2e:52:e5:
13:3c:c4:50:ec:d5:bb:62:d6:41:56:c1:e4:ec:6b:77:00:c7:
5e:59:6e:d9
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYfO8cFqdPxhL1xMZXFdOKlnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2ODhiNDIxNzVkNjIxNGEzMWE1NDA3ZGI4YjZjOTVmMWVj
NjBkNGUwHhcNMjMwNDI5MjEzNjAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTk3MjljMWY1YWYwMDAzZmQ4N2NjMjM1MjYxZWY0YTA4MmM4Nzg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmROvzJrESoN+UCie6xr2YwBhJslG
lc5uoNVxLaB91wY/Xn58y/wG8KNiqEcnsw/BcvEMsnfNRvGOck4JjfdQFNuvzFz8
Uqe+7zSmBO6WMlyFUyG4exRzrlC7Kk3Qjaivn0v3PXh1Gru6m/BSk4z8nhGaK1tW
oelhj3JZD6PrDBJ0kdc/wi9Lwf6wg4Zukcb8wVPJjSR2eY9nOd65a+fVW27c8yl7
K4qMHjWDtcC/Zc2NNKb/0255aGF9HVf1ReGF4HinHzVP3gh4qRCecw0J9Bv95uhY
xGiY13V0ZdMLW3H5+ewZ3y/fsvosn5KztnelcNczGJ8BpO+SV3eeQtulCwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGGXKcH1rwAD/YfMI1Jh70oILIeHMB8GA1UdIwQY
MBaAFFaItCF11iFKMaVAfbi2yV8exg1OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVm9pMElYWFdJVW94cFVCOXVMYkpYeDdHRFU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS84M2Q2ZmEtNDYxZC00YTU2LWE4NDQt
OWY5NDJiYzEyYTdlLzEvWVpjcHdmV3ZBQVA5aDh3alVtSHZTZ2dzaDRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS84M2Q2ZmEtNDYxZC00YTU2LWE4NDQtOWY5NDJiYzEyYTdl
LzEvVm9pMElYWFdJVW94cFVCOXVMYkpYeDdHRFU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhN7QAAB
MA0GCSqGSIb3DQEBCwUAA4IBAQB4+PA++jwhBiLrYK28rIFC2aMzwyWmDtQ8SGd4
crAPNTwspQWnX6FVhENsHInllU74LqSqXCKEb56I0y/UVoZ37SyA4cfAOlBvU9Yz
1uVePAZPc9AUpav+CY9GgZh69kE2dstsuRjcomknexPca3HnUOEYl8xsJNBCyo7L
57jRa2EAorOSvRQYgaGaClUVQ2vZBAuJACCNWc7E6VbNI2Wumw223B2j6Qd6usIS
buKG/a/p7wRJw5Q2EO+kQF8IWZDNxy/37qud31Z/x3f3TB93JA4uGEeWMfB/iJuh
HNh3YO5q9Ht+FoMuUuUTPMRQ7NW7YtZBVsHk7Gt3AMdeWW7Z
-----END CERTIFICATE-----
Generated at Sat Jun 14 11:51:25 2025 by rpki-client