Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/0e8WA3dwDSPHZztMvF4WlovSXBc.roa
File: 0e8WA3dwDSPHZztMvF4WlovSXBc.roa (raw, json)
Hash identifier: nGIdPYsR+jiJ/XiiLbxLZrexY1WL4PTXpM2wbe/46Ro=
Subject key identifier: D1:EF:16:03:77:70:0D:23:C7:67:3B:4C:BC:5E:16:96:8B:D2:5C:17
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0186EC6039A33D91F62F434F7FF2D3D363B7
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/0e8WA3dwDSPHZztMvF4WlovSXBc.roa
Signing time: Thu 16 Mar 2023 21:42:54 +0000
ROA not before: Thu 16 Mar 2023 21:42:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1239
IP address blocks: 2a0f:3d86::/32 maxlen: 32
2a0f:ea42::/32 maxlen: 32
2a0e:2240:5::/48 maxlen: 48
2a0e:2240:3::/48 maxlen: 48
2a0f:3d85::/32 maxlen: 32
2a0f:a200::/32 maxlen: 32
2a0f:3d81::/32 maxlen: 32
2a0e:2240:4::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:ec:60:39:a3:3d:91:f6:2f:43:4f:7f:f2:d3:d3:63:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Mar 16 21:42:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d1ef160377700d23c7673b4cbc5e16968bd25c17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:c0:ec:21:45:e6:63:6e:c9:b8:61:61:2d:f1:
13:2c:51:cd:fd:33:64:ff:f4:9b:82:d5:12:23:41:
b9:15:4e:23:17:2d:ae:66:6d:ce:95:45:d2:4a:4c:
4d:70:d7:cf:70:6d:34:a7:c7:b8:e6:8b:8a:d3:8a:
e2:94:85:4b:a7:c6:25:83:a5:7c:83:8e:16:1c:ee:
80:fd:96:36:e1:04:4b:49:fa:f8:db:51:94:ec:0d:
7f:81:82:62:b9:75:3f:1e:c8:67:f1:b9:59:45:bd:
24:ca:bd:5f:43:d1:5a:d1:8c:66:8a:56:bd:e6:f5:
73:97:d3:4c:7d:30:0a:c8:14:63:96:68:cd:33:ae:
b2:75:d7:a2:33:4b:7a:08:8e:0a:96:b3:b5:60:8f:
74:c2:5c:e0:36:d8:db:56:47:99:47:7f:a3:35:e3:
58:7b:ac:66:ba:29:52:66:fd:42:13:e9:02:59:67:
9f:8b:2d:13:f5:e7:ed:19:a0:e6:ac:50:2d:88:57:
c2:c9:86:ba:8e:e3:ff:9a:6a:60:a6:7a:a1:90:9a:
1f:23:72:c4:46:00:10:c6:ee:08:c1:4f:bd:ac:cc:
6a:1b:6e:a9:05:2c:42:de:49:15:bb:65:ce:64:a5:
50:aa:94:51:5a:f7:43:23:93:30:25:89:dc:b9:93:
17:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:EF:16:03:77:70:0D:23:C7:67:3B:4C:BC:5E:16:96:8B:D2:5C:17
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/0e8WA3dwDSPHZztMvF4WlovSXBc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:2240:3::-2a0e:2240:5:ffff:ffff:ffff:ffff:ffff
2a0f:3d81::/32
2a0f:3d85::-2a0f:3d86:ffff:ffff:ffff:ffff:ffff:ffff
2a0f:a200::/32
2a0f:ea42::/32
Signature Algorithm: sha256WithRSAEncryption
93:08:a4:c1:8c:39:2a:59:ae:e0:66:69:35:6c:51:d7:b2:80:
73:d1:c8:33:fc:8e:2a:0a:d1:c9:2e:10:0d:4b:0b:b3:6c:93:
a1:2e:6d:4a:f2:5b:23:07:d9:00:5c:4e:7b:d6:d3:90:07:84:
b8:c8:66:ea:ac:ea:a4:05:05:a2:8b:f6:58:6e:67:4e:bd:46:
2f:c3:fd:2a:5c:9d:41:4b:a6:bb:53:1f:be:5e:b8:f3:8e:d4:
f7:0e:3d:00:b6:34:c3:e7:cc:b2:22:23:a4:6f:f6:dd:41:b7:
fe:35:fe:fc:28:26:f8:92:6a:eb:aa:67:ba:c9:e8:df:1c:5e:
82:92:57:7b:c5:75:36:05:98:68:52:81:63:13:85:42:56:0e:
84:65:ce:8c:26:86:89:8b:91:ef:d6:5d:61:91:b4:f5:d8:0d:
9a:a6:58:e2:a1:14:04:16:f3:fd:02:7a:0b:68:37:63:a4:9c:
66:0b:7a:6a:38:5e:79:3e:3c:f9:63:78:4a:16:c7:a4:4b:d8:
0d:01:b5:19:6d:e8:ab:2f:c7:e4:4b:b0:ef:db:eb:89:57:fa:
7a:34:13:ee:bd:b5:cf:fb:21:cf:b3:eb:20:41:ef:ac:5d:2b:
53:09:5d:af:a1:93:d5:19:06:02:a9:c5:3b:19:83:01:0d:68:
e9:62:c6:ea
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYbsYDmjPZH2L0NPf/LT02O3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMwMzE2MjE0MjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWVmMTYwMzc3NzAwZDIzYzc2NzNiNGNiYzVlMTY5NjhiZDI1YzE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvsDsIUXmY27JuGFhLfETLFHN/TNk
//SbgtUSI0G5FU4jFy2uZm3OlUXSSkxNcNfPcG00p8e45ouK04rilIVLp8Ylg6V8
g44WHO6A/ZY24QRLSfr421GU7A1/gYJiuXU/Hshn8blZRb0kyr1fQ9Fa0Yxmila9
5vVzl9NMfTAKyBRjlmjNM66yddeiM0t6CI4KlrO1YI90wlzgNtjbVkeZR3+jNeNY
e6xmuilSZv1CE+kCWWefiy0T9eftGaDmrFAtiFfCyYa6juP/mmpgpnqhkJofI3LE
RgAQxu4IwU+9rMxqG26pBSxC3kkVu2XOZKVQqpRRWvdDI5MwJYncuZMXfQIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFNHvFgN3cA0jx2c7TLxeFpaL0lwXMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvMGU4V0EzZHdEU1BIWnp0TXZGNFdsb3ZTWEJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTA/BAIAAjA5MBIDBwAqDiJA
AAMDBwEqDiJAAAQDBQAqDz2BMA4DBQAqDz2FAwUAKg89hgMFACoPogADBQAqD+pC
MA0GCSqGSIb3DQEBCwUAA4IBAQCTCKTBjDkqWa7gZmk1bFHXsoBz0cgz/I4qCtHJ
LhANSwuzbJOhLm1K8lsjB9kAXE571tOQB4S4yGbqrOqkBQWii/ZYbmdOvUYvw/0q
XJ1BS6a7Ux++XrjzjtT3Dj0AtjTD58yyIiOkb/bdQbf+Nf78KCb4kmrrqme6yejf
HF6Ckld7xXU2BZhoUoFjE4VCVg6EZc6MJoaJi5Hv1l1hkbT12A2apljioRQEFvP9
AnoLaDdjpJxmC3pqOF55Pjz5Y3hKFsekS9gNAbUZbeirL8fkS7Dv2+uJV/p6NBPu
vbXP+yHPs+sgQe+sXStTCV2voZPVGQYCqcU7GYMBDWjpYsbq
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:05:14 2025 by rpki-client