Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/0-hrQQqyOmGytzU7f0TSfDdrPzw.roa
File: 0-hrQQqyOmGytzU7f0TSfDdrPzw.roa (raw, json)
Hash identifier: +oG5Zy2RsGqzZpVqggQgAfBjZFMJcRLhxEgdVaffEMI=
Subject key identifier: D3:E8:6B:41:0A:B2:3A:61:B2:B7:35:3B:7F:44:D2:7C:37:6B:3F:3C
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01860D03B68EBA81ACAFB14FDF5CCDE000FB
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/0-hrQQqyOmGytzU7f0TSfDdrPzw.roa
Signing time: Wed 01 Feb 2023 12:46:32 +0000
ROA not before: Wed 01 Feb 2023 12:46:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8772
IP address blocks: 2a0a:1400::/29 maxlen: 29
2a0f:e040::/29 maxlen: 29
2a0f:2100::/29 maxlen: 29
2a0c:9240::/29 maxlen: 29
2a0f:8300::/29 maxlen: 29
2a0f:8100::/29 maxlen: 29
2a0b:b740::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:0d:03:b6:8e:ba:81:ac:af:b1:4f:df:5c:cd:e0:00:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Feb 1 12:46:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d3e86b410ab23a61b2b7353b7f44d27c376b3f3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:e5:fd:11:57:cd:79:b1:50:c9:40:45:02:1f:
63:1d:5e:42:65:86:47:47:30:21:23:8e:ba:bd:9d:
51:e4:19:8d:a8:8c:c2:8a:1a:e2:67:79:05:18:d8:
8b:2c:5e:4a:12:51:dc:55:f8:ec:e3:1d:ba:d3:55:
c4:64:eb:ac:be:7c:b8:51:40:b9:90:84:56:9e:ef:
34:80:01:63:f8:15:35:b1:f1:91:e3:ff:16:82:90:
42:2b:b6:43:b5:db:7e:c2:81:4c:86:b7:e3:e0:3b:
62:69:65:5b:96:9d:48:05:f7:14:39:05:4f:19:c4:
b5:a5:11:c9:0a:bd:45:3a:bf:4f:84:ef:6d:3e:9a:
af:fe:51:38:e9:82:df:81:19:6a:f7:9f:66:8b:92:
ac:95:76:42:f2:9a:e9:41:eb:40:cd:9d:b7:06:b6:
cf:aa:5f:bb:36:b6:ab:8c:51:35:27:5e:ac:2e:2a:
7f:09:6f:b9:36:d7:94:27:64:98:7d:bf:42:33:bc:
a4:db:67:86:b8:6d:6c:60:90:5a:61:e4:bc:68:5c:
00:66:28:b4:52:6e:66:68:22:80:8f:08:ee:a9:34:
6f:e6:f0:1f:fd:dc:98:2a:ef:42:dd:5e:5b:3a:5d:
8e:f1:25:35:f3:0d:b5:4d:e9:cd:37:40:f5:74:4a:
a0:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:E8:6B:41:0A:B2:3A:61:B2:B7:35:3B:7F:44:D2:7C:37:6B:3F:3C
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/0-hrQQqyOmGytzU7f0TSfDdrPzw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:1400::/29
2a0b:b740::/29
2a0c:9240::/29
2a0f:2100::/29
2a0f:8100::/29
2a0f:8300::/29
2a0f:e040::/29
Signature Algorithm: sha256WithRSAEncryption
97:cd:c4:01:c9:b7:50:e7:fe:89:a8:da:a7:58:62:64:6e:3a:
5b:31:0f:52:5d:5a:ed:65:d5:b3:f3:9f:7a:6e:48:23:93:98:
a3:f0:62:7f:36:a6:d1:e1:fc:08:92:2e:d1:18:86:5d:54:5a:
8b:98:41:bf:0b:e9:4f:c0:1a:e5:81:60:60:9c:86:6a:c0:df:
fe:e5:c4:64:7d:bb:d2:14:2e:d0:d7:89:6f:df:2e:85:4e:78:
0d:72:92:a1:cb:f6:d7:a5:ee:97:96:c7:08:5f:28:5a:e6:53:
eb:5b:53:39:ef:13:a2:fd:ee:19:a0:4d:9b:40:56:bd:41:e5:
26:f4:20:bd:87:a4:48:35:66:f2:45:d3:50:40:70:ae:b0:4d:
d1:ba:b5:22:6e:1b:27:99:d5:7a:1e:9d:1e:41:42:7a:ac:79:
74:a5:1d:6f:b2:22:e0:94:7d:6b:52:8e:78:ab:1d:5c:6e:b2:
1d:22:64:17:5f:7c:05:cc:31:80:b3:4c:b9:8f:0c:0c:bd:7c:
f3:87:61:df:93:9e:15:1d:ea:0b:99:2d:d1:86:8b:4e:e8:5a:
58:96:7f:87:54:c3:2a:c0:58:f1:86:14:86:62:a3:5a:bf:a4:
f1:cd:ab:1f:f1:62:3e:ae:9d:e6:1c:ee:be:fc:95:ea:8b:6b:
67:f7:4a:ae
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAYYNA7aOuoGsr7FP31zN4AD7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMwMjAxMTI0NjMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkM2U4NmI0MTBhYjIzYTYxYjJiNzM1M2I3ZjQ0ZDI3YzM3NmIzZjNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAueX9EVfNebFQyUBFAh9jHV5CZYZH
RzAhI466vZ1R5BmNqIzCihriZ3kFGNiLLF5KElHcVfjs4x2601XEZOusvny4UUC5
kIRWnu80gAFj+BU1sfGR4/8WgpBCK7ZDtdt+woFMhrfj4DtiaWVblp1IBfcUOQVP
GcS1pRHJCr1FOr9PhO9tPpqv/lE46YLfgRlq959mi5KslXZC8prpQetAzZ23BrbP
ql+7NrarjFE1J16sLip/CW+5NteUJ2SYfb9CM7yk22eGuG1sYJBaYeS8aFwAZii0
Um5maCKAjwjuqTRv5vAf/dyYKu9C3V5bOl2O8SU18w21TenNN0D1dEqgmwIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFNPoa0EKsjphsrc1O39E0nw3az88MB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvMC1oclFRcXlPbUd5dHpVN2YwVFNmRGRyUHp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTA3BAIAAjAxAwUDKgoUAAMF
AyoLt0ADBQMqDJJAAwUDKg8hAAMFAyoPgQADBQMqD4MAAwUDKg/gQDANBgkqhkiG
9w0BAQsFAAOCAQEAl83EAcm3UOf+iajap1hiZG46WzEPUl1a7WXVs/Ofem5II5OY
o/Bifzam0eH8CJIu0RiGXVRai5hBvwvpT8Aa5YFgYJyGasDf/uXEZH270hQu0NeJ
b98uhU54DXKSocv216Xul5bHCF8oWuZT61tTOe8Tov3uGaBNm0BWvUHlJvQgvYek
SDVm8kXTUEBwrrBN0bq1Im4bJ5nVeh6dHkFCeqx5dKUdb7Ii4JR9a1KOeKsdXG6y
HSJkF198BcwxgLNMuY8MDL1884dh35OeFR3qC5kt0YaLTuhaWJZ/h1TDKsBY8YYU
hmKjWr+k8c2rH/FiPq6d5hzuvvyV6otrZ/dKrg==
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:01:41 2025 by rpki-client