Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/1-nOjL6gvObmV6gg3rjJvL3LsW-8.roa
File: 1-nOjL6gvObmV6gg3rjJvL3LsW-8.roa (raw, json)
Hash identifier: GmUD8xilskyAeDn8DK95OIEIUpuqWmeylyBwL3GRSLk=
Subject key identifier: FA:73:A3:2F:A8:2F:39:B9:95:EA:08:37:AE:32:6F:2F:72:EC:5B:EF
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018920184D483999AED9CB07FC090390E7CD
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/1-nOjL6gvObmV6gg3rjJvL3LsW-8.roa
Signing time: Tue 04 Jul 2023 08:50:10 +0000
ROA not before: Tue 04 Jul 2023 08:50:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57043
IP address blocks: 2a11:3500::/29 maxlen: 29
2a0e:5800::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:20:18:4d:48:39:99:ae:d9:cb:07:fc:09:03:90:e7:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jul 4 08:50:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fa73a32fa82f39b995ea0837ae326f2f72ec5bef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:f9:fb:30:3c:e2:c7:2c:e7:cf:ba:bb:d3:7d:
21:b4:6e:18:7f:59:27:56:4f:f2:10:8e:cc:80:2d:
0b:55:87:e9:8c:19:59:82:10:bb:a8:f6:d8:da:f2:
5b:b7:4f:fe:46:45:c4:bb:77:7f:d4:8c:dd:0d:22:
5e:bb:2a:8c:42:a2:49:6e:41:97:ce:74:42:b6:8b:
22:a5:8d:6f:fc:26:6b:2a:cb:58:dc:7e:c7:8a:32:
24:87:d4:22:98:53:0a:32:63:ae:31:5e:d6:0a:ca:
18:73:f4:84:3a:bf:b0:c1:1f:d3:8f:77:c0:f0:bc:
ac:a6:97:a3:04:e8:ad:10:cc:88:95:37:dd:23:a1:
af:be:3b:2a:51:b1:16:53:df:bd:ef:ce:03:90:55:
3f:ff:ec:f4:f2:26:d6:c0:16:c8:fd:16:dc:2c:04:
09:0a:91:f8:5a:cc:b3:fd:57:b2:ed:39:67:24:8d:
f6:9c:0c:01:81:bf:eb:8a:6d:6b:0b:8d:82:07:6f:
9a:87:c1:89:93:4d:5c:87:e4:2b:5f:0a:ad:be:7b:
f1:7d:17:e7:94:37:eb:ff:47:7a:66:b4:33:2c:05:
ee:6e:ca:64:fd:a0:97:c0:ae:b8:57:bf:14:7c:3f:
57:04:40:b1:61:40:cc:92:eb:f6:a3:de:4e:ba:6b:
53:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:73:A3:2F:A8:2F:39:B9:95:EA:08:37:AE:32:6F:2F:72:EC:5B:EF
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/1-nOjL6gvObmV6gg3rjJvL3LsW-8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:5800::/29
2a11:3500::/29
Signature Algorithm: sha256WithRSAEncryption
50:2a:36:10:84:7d:1f:91:28:46:d5:d4:16:96:03:d3:a5:f5:
8c:73:13:7c:4e:13:60:37:a4:a8:57:be:11:3f:11:b2:4b:ee:
17:7b:82:b3:9d:8c:29:a2:65:d0:c3:62:4f:5b:44:b0:1a:6d:
60:ce:d1:08:db:9b:df:67:86:34:09:99:f7:93:ce:ec:07:19:
0c:7a:c1:d0:2d:26:95:c7:4d:10:b4:f1:7d:2e:f7:a2:f9:af:
27:f7:b2:31:89:af:59:3a:85:7b:dc:f7:f3:2f:b1:d7:dc:04:
3c:b5:0e:2e:04:2f:a5:98:7f:eb:c5:d7:cb:e3:03:0b:57:63:
6f:15:5e:a9:e3:c8:4a:4d:a2:c7:5b:04:22:f4:82:37:4d:0f:
32:81:0a:86:a2:c4:01:0d:7f:fb:5b:e9:c4:f9:35:13:aa:ed:
68:14:30:3d:d1:8c:90:64:ed:72:08:20:ec:70:a9:dd:8d:63:
a9:a0:ca:17:d4:75:f5:d9:aa:e5:b4:b5:6a:53:2e:98:6f:2b:
10:a1:15:38:7a:6b:29:45:16:6f:7e:f0:fb:15:88:3f:a7:8a:
24:52:cb:9d:e2:d5:68:f6:5b:bb:bc:d0:33:70:7c:b2:33:42:
5c:68:df:6a:58:11:38:b7:1a:07:5c:f9:33:5d:21:76:ff:43:
8b:65:77:fb
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgISAYkgGE1IOZmu2csH/AkDkOfNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMwNzA0MDg1MDEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTczYTMyZmE4MmYzOWI5OTVlYTA4MzdhZTMyNmYyZjcyZWM1YmVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhfn7MDzixyznz7q7030htG4Yf1kn
Vk/yEI7MgC0LVYfpjBlZghC7qPbY2vJbt0/+RkXEu3d/1IzdDSJeuyqMQqJJbkGX
znRCtosipY1v/CZrKstY3H7HijIkh9QimFMKMmOuMV7WCsoYc/SEOr+wwR/Tj3fA
8LysppejBOitEMyIlTfdI6GvvjsqUbEWU9+9784DkFU//+z08ibWwBbI/RbcLAQJ
CpH4Wsyz/Vey7TlnJI32nAwBgb/rim1rC42CB2+ah8GJk01ch+QrXwqtvnvxfRfn
lDfr/0d6ZrQzLAXubspk/aCXwK64V78UfD9XBECxYUDMkuv2o95OumtTTwIDAQAB
o4ICEjCCAg4wHQYDVR0OBBYEFPpzoy+oLzm5leoIN64yby9y7FvvMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvMS1uT2pMNmd2T2JtVjZnZzNyakp2TDNMc1ctOC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYzAvNDlhZGM2LWJhODktNDAzZi1hZGE5LThjNTAwN2MyYTRi
Ni8xL2ZWV2FyN19Ba3hKQzRkWTNLWXp4M1NJLVRDWS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAnBggrBgEFBQcBBwEB/wQYMBYwFAQCAAIwDgMFAyoOWAAD
BQMqETUAMA0GCSqGSIb3DQEBCwUAA4IBAQBQKjYQhH0fkShG1dQWlgPTpfWMcxN8
ThNgN6SoV74RPxGyS+4Xe4KznYwpomXQw2JPW0SwGm1gztEI25vfZ4Y0CZn3k87s
BxkMesHQLSaVx00QtPF9Lvei+a8n97Ixia9ZOoV73PfzL7HX3AQ8tQ4uBC+lmH/r
xdfL4wMLV2NvFV6p48hKTaLHWwQi9II3TQ8ygQqGosQBDX/7W+nE+TUTqu1oFDA9
0YyQZO1yCCDscKndjWOpoMoX1HX12arltLVqUy6YbysQoRU4emspRRZvfvD7FYg/
p4okUsud4tVo9lu7vNAzcHyyM0JcaN9qWBE4txoHXPkzXSF2/0OLZXf7
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:04:23 2025 by rpki-client