Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/1ApenafFZGWmnm-Cd4PUHlfZNVg.roa
File: 1ApenafFZGWmnm-Cd4PUHlfZNVg.roa (raw, json)
Hash identifier: 1I8puppiDzs3vtDIpq9dlebaUywTrQQY28xCItaZcPQ=
Subject key identifier: D4:0A:5E:9D:A7:C5:64:65:A6:9E:6F:82:77:83:D4:1E:57:D9:35:58
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018866A7ACEC3F70A9AAB55A86B4E65F095E
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/1ApenafFZGWmnm-Cd4PUHlfZNVg.roa
Signing time: Mon 29 May 2023 08:37:24 +0000
ROA not before: Mon 29 May 2023 08:37:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200021
IP address blocks: 2a0f:e9c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:66:a7:ac:ec:3f:70:a9:aa:b5:5a:86:b4:e6:5f:09:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: May 29 08:37:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d40a5e9da7c56465a69e6f827783d41e57d93558
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:23:47:fa:dd:eb:7e:5e:9f:cb:b3:fd:e8:dc:
31:21:09:cc:48:ea:33:60:9e:13:45:87:8e:b8:ad:
28:f9:3b:50:ef:3d:8b:6f:77:02:f1:90:f8:d0:b3:
1d:44:bf:51:63:ff:33:75:02:0f:a2:65:9f:3d:bd:
ac:69:95:2f:96:6b:fd:37:36:68:1f:1a:b3:0f:b2:
ee:b7:8f:8a:3e:ce:f9:22:f9:36:d6:a5:23:06:d4:
33:5e:e2:31:67:8b:cc:11:a4:36:68:0c:3f:99:20:
06:4e:66:0e:fe:ab:31:39:4a:f0:f5:0f:97:0a:d3:
84:d3:15:5f:ee:97:d0:27:b9:5e:11:01:17:40:76:
b1:ed:6e:7d:e0:7e:d2:c5:1c:e7:65:ab:25:ae:ae:
69:b8:1a:d5:e8:c0:3d:85:73:f8:40:a5:fc:6d:42:
65:28:52:29:db:00:74:ad:59:29:e6:ee:6c:0e:a3:
6a:49:8d:ef:f3:6c:af:9b:6b:ce:4d:1b:cc:44:32:
d5:a6:2d:7a:76:c0:e5:37:df:ab:70:ee:e8:7d:c3:
b0:a1:6c:98:10:ef:e2:7b:0b:63:2d:69:8e:ce:1c:
cd:3c:52:e4:e4:05:b2:bb:c9:1c:09:8e:13:d0:df:
b5:1f:03:ce:e3:e4:f8:06:31:dd:3b:81:c3:94:dd:
1e:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:0A:5E:9D:A7:C5:64:65:A6:9E:6F:82:77:83:D4:1E:57:D9:35:58
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/1ApenafFZGWmnm-Cd4PUHlfZNVg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:e9c0::/29
Signature Algorithm: sha256WithRSAEncryption
ce:35:1c:90:4c:64:09:b5:4a:ed:67:f8:92:5f:49:86:50:a9:
4a:b1:52:00:fd:19:32:ed:1c:d1:eb:02:7a:f9:95:a5:c5:f8:
bd:65:37:e5:9d:b2:54:9a:51:e3:63:93:59:6c:53:a1:cc:f3:
d6:c2:a3:9d:b0:8f:b3:5c:1b:86:ea:3f:36:57:94:86:17:49:
f6:b4:a4:b2:33:ed:00:73:07:2e:6b:ad:07:17:a0:9d:23:af:
4c:be:e1:23:3d:da:56:a0:b3:0e:94:94:6c:e7:14:24:bb:ec:
2e:42:76:8f:d3:54:a6:ec:75:87:22:91:c0:e7:04:a4:02:c9:
74:f8:b1:fb:38:7c:99:e8:fa:be:98:89:7e:dd:40:3c:ef:2f:
07:41:94:fe:d6:e8:f8:b5:be:3b:80:2f:b5:33:52:4b:01:d3:
93:a3:be:c6:51:4c:f3:72:ca:30:41:44:55:2f:fd:7a:d9:76:
24:75:4e:c1:88:dc:52:49:82:13:ea:00:0d:48:82:2c:90:de:
f9:32:92:2c:ae:92:08:2e:56:5b:a9:4c:68:86:a9:24:62:a4:
8e:38:7d:a4:2d:d0:36:fe:f3:0e:7d:11:73:29:51:1a:91:b1:
f6:63:95:bc:ba:8b:1e:2b:df:bb:ee:1e:26:1b:66:89:84:ce:
79:2f:e8:e5
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYhmp6zsP3CpqrVahrTmXwleMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMwNTI5MDgzNzI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDBhNWU5ZGE3YzU2NDY1YTY5ZTZmODI3NzgzZDQxZTU3ZDkzNTU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwiNH+t3rfl6fy7P96NwxIQnMSOoz
YJ4TRYeOuK0o+TtQ7z2Lb3cC8ZD40LMdRL9RY/8zdQIPomWfPb2saZUvlmv9NzZo
HxqzD7Lut4+KPs75Ivk21qUjBtQzXuIxZ4vMEaQ2aAw/mSAGTmYO/qsxOUrw9Q+X
CtOE0xVf7pfQJ7leEQEXQHax7W594H7SxRznZaslrq5puBrV6MA9hXP4QKX8bUJl
KFIp2wB0rVkp5u5sDqNqSY3v82yvm2vOTRvMRDLVpi16dsDlN9+rcO7ofcOwoWyY
EO/iewtjLWmOzhzNPFLk5AWyu8kcCY4T0N+1HwPO4+T4BjHdO4HDlN0ekwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFNQKXp2nxWRlpp5vgneD1B5X2TVYMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvMUFwZW5hZkZaR1dtbm0tQ2Q0UFVIbGZaTlZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg/pwDAN
BgkqhkiG9w0BAQsFAAOCAQEAzjUckExkCbVK7Wf4kl9JhlCpSrFSAP0ZMu0c0esC
evmVpcX4vWU35Z2yVJpR42OTWWxToczz1sKjnbCPs1wbhuo/NleUhhdJ9rSksjPt
AHMHLmutBxegnSOvTL7hIz3aVqCzDpSUbOcUJLvsLkJ2j9NUpux1hyKRwOcEpALJ
dPix+zh8mej6vpiJft1APO8vB0GU/tbo+LW+O4AvtTNSSwHTk6O+xlFM83LKMEFE
VS/9etl2JHVOwYjcUkmCE+oADUiCLJDe+TKSLK6SCC5WW6lMaIapJGKkjjh9pC3Q
Nv7zDn0RcylRGpGx9mOVvLqLHivfu+4eJhtmiYTOeS/o5Q==
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:14:47 2025 by rpki-client