Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/11FfaVZer4ZBDU8DjD3ud9mEr94.roa
File: 11FfaVZer4ZBDU8DjD3ud9mEr94.roa (raw, json)
Hash identifier: w32ZfSNv9/l0uIEVodpTaiYF1ndChdr5k7MUmO4RZ9s=
Subject key identifier: D7:51:5F:69:56:5E:AF:86:41:0D:4F:03:8C:3D:EE:77:D9:84:AF:DE
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018B670EA930955DB11183EE7D979CC9A819
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/11FfaVZer4ZBDU8DjD3ud9mEr94.roa
Signing time: Wed 25 Oct 2023 13:38:15 +0000
ROA not before: Wed 25 Oct 2023 13:38:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205544
IP address blocks: 2a0f:e6c6:1::/48 maxlen: 48
2a0f:e1c0:1::/48 maxlen: 48
2a13:3380:1::/48 maxlen: 48
2a0f:e6c7:1::/48 maxlen: 48
2a0f:e6c5:1::/48 maxlen: 48
2a13:e100:1::/48 maxlen: 48
2a0f:e440::/29 maxlen: 29
2a07:f302:d::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:67:0e:a9:30:95:5d:b1:11:83:ee:7d:97:9c:c9:a8:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Oct 25 13:38:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d7515f69565eaf86410d4f038c3dee77d984afde
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:e7:7e:b0:f9:fe:bc:00:ea:54:dc:0b:a0:44:
cc:1f:01:02:f9:ea:47:f1:50:80:d8:21:25:0a:6a:
f5:9a:88:ad:b2:18:eb:43:d2:2f:b5:78:bd:6f:87:
18:35:95:40:6d:f8:7e:0e:08:af:78:6b:4e:bd:9e:
98:a6:87:40:bd:f6:f9:7d:b2:f4:8d:9c:4b:ea:36:
75:1f:cc:64:ae:54:25:b7:b4:2a:11:ad:d2:b2:7b:
0c:1e:80:14:ac:29:59:3a:8a:3d:fa:ef:d7:19:62:
12:5e:6e:16:26:86:1c:37:74:42:26:3f:44:a5:d5:
11:5e:a5:77:9c:7d:eb:d5:26:1b:1b:3e:cf:4b:e6:
0c:ee:71:8b:0c:ce:76:45:f3:5d:d5:5e:1b:b8:58:
2f:1c:74:73:0e:a1:cb:79:8a:75:5f:de:f1:33:14:
ba:6c:20:ca:dd:54:95:fd:db:bf:5a:95:f4:5f:2e:
69:64:32:60:40:b0:80:3e:31:6f:ea:75:4b:f5:9e:
c8:36:55:ee:ff:73:36:9e:e2:04:28:c2:22:f1:b9:
74:ab:e6:b3:1a:80:5a:76:a6:a8:0d:30:60:23:5f:
29:1a:58:47:2c:62:37:c8:97:68:f8:9d:03:35:dd:
65:bc:44:c9:1a:17:89:9d:0f:49:f6:66:e4:20:ee:
bc:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:51:5F:69:56:5E:AF:86:41:0D:4F:03:8C:3D:EE:77:D9:84:AF:DE
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/11FfaVZer4ZBDU8DjD3ud9mEr94.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:f302:d::/48
2a0f:e1c0:1::/48
2a0f:e440::/29
2a0f:e6c5:1::/48
2a0f:e6c6:1::/48
2a0f:e6c7:1::/48
2a13:3380:1::/48
2a13:e100:1::/48
Signature Algorithm: sha256WithRSAEncryption
18:06:7c:fe:35:ef:2d:99:b1:e0:13:89:42:01:c2:72:d9:2a:
aa:4c:8c:3c:86:f6:76:78:b1:6e:18:ae:6f:a2:cb:5d:65:13:
0b:8b:91:37:2e:7f:32:5e:f2:8d:22:08:3a:c2:c1:6f:bd:27:
d6:51:eb:de:9b:5f:17:08:c3:49:39:86:5c:a3:af:2d:15:2a:
2b:50:8c:2a:f4:7e:22:47:36:c8:36:60:50:9e:09:c1:00:e3:
22:01:e1:60:95:ec:05:af:bf:f3:0a:25:bc:bb:f3:20:55:e5:
25:ff:a4:88:09:1e:a6:ce:39:bc:b3:e8:68:07:e8:b0:4c:60:
f2:2d:6c:bc:f6:45:ac:08:ea:c8:33:dd:40:70:d6:ae:58:f3:
7c:19:32:ea:34:e3:c8:86:26:a5:b1:24:88:fd:e2:16:f5:38:
39:26:3b:33:d9:d8:77:f4:f0:45:bc:c3:ef:97:df:37:29:f8:
22:ca:8b:ff:e6:df:c3:f2:50:fe:d9:47:c7:5c:96:70:95:d5:
fb:2a:39:f1:03:d9:30:20:92:7d:05:08:81:33:f5:28:f6:19:
07:44:c8:63:b6:c5:c5:dd:d3:30:78:0b:f8:41:7a:ba:1f:30:
da:bc:ee:63:94:4e:4c:e8:a7:53:c2:d3:5c:e2:65:45:1b:f7:
91:02:64:ce
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAYtnDqkwlV2xEYPufZecyagZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMxMDI1MTMzODE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzUxNWY2OTU2NWVhZjg2NDEwZDRmMDM4YzNkZWU3N2Q5ODRhZmRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg+d+sPn+vADqVNwLoETMHwEC+epH
8VCA2CElCmr1moitshjrQ9IvtXi9b4cYNZVAbfh+DgiveGtOvZ6YpodAvfb5fbL0
jZxL6jZ1H8xkrlQlt7QqEa3SsnsMHoAUrClZOoo9+u/XGWISXm4WJoYcN3RCJj9E
pdURXqV3nH3r1SYbGz7PS+YM7nGLDM52RfNd1V4buFgvHHRzDqHLeYp1X97xMxS6
bCDK3VSV/du/WpX0Xy5pZDJgQLCAPjFv6nVL9Z7INlXu/3M2nuIEKMIi8bl0q+az
GoBadqaoDTBgI18pGlhHLGI3yJdo+J0DNd1lvETJGheJnQ9J9mbkIO68+QIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFNdRX2lWXq+GQQ1PA4w97nfZhK/eMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvMTFGZmFWWmVyNFpCRFU4RGpEM3VkOW1Fcjk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjBMBAIAAjBGAwcAKgfzAgAN
AwcAKg/hwAABAwUDKg/kQAMHACoP5sUAAQMHACoP5sYAAQMHACoP5scAAQMHACoT
M4AAAQMHACoT4QAAATANBgkqhkiG9w0BAQsFAAOCAQEAGAZ8/jXvLZmx4BOJQgHC
ctkqqkyMPIb2dnixbhiub6LLXWUTC4uRNy5/Ml7yjSIIOsLBb70n1lHr3ptfFwjD
STmGXKOvLRUqK1CMKvR+Ikc2yDZgUJ4JwQDjIgHhYJXsBa+/8wolvLvzIFXlJf+k
iAkeps45vLPoaAfosExg8i1svPZFrAjqyDPdQHDWrljzfBky6jTjyIYmpbEkiP3i
FvU4OSY7M9nYd/TwRbzD75ffNyn4IsqL/+bfw/JQ/tlHx1yWcJXV+yo58QPZMCCS
fQUIgTP1KPYZB0TIY7bFxd3TMHgL+EF6uh8w2rzuY5ROTOinU8LTXOJlRRv3kQJk
zg==
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:59:16 2025 by rpki-client