Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/2x61xcar4D3EzyJTaxXxYtnJ7GY.roa
File: 2x61xcar4D3EzyJTaxXxYtnJ7GY.roa (raw, json)
Hash identifier: Kpb+3/Kg/CwD9FZv+xdfkJf9+BVGgmOpk7AjttzdgDQ=
Subject key identifier: DB:1E:B5:C5:C6:AB:E0:3D:C4:CF:22:53:6B:15:F1:62:D9:C9:EC:66
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0182D3E5E81F6A2B7CE5F976AEBC15E48B0D
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/2x61xcar4D3EzyJTaxXxYtnJ7GY.roa
Signing time: Thu 25 Aug 2022 07:27:15 +0000
ROA not before: Thu 25 Aug 2022 07:27:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204339
IP address blocks: 2a0f:7f00::/29 maxlen: 29
2a0f:e640::/29 maxlen: 29
2a0f:3940::/29 maxlen: 29
2a0f:8300::/29 maxlen: 29
2a0f:9e00::/29 maxlen: 29
2a0f:8100::/29 maxlen: 29
2a0f:2300::/29 maxlen: 29
2a0f:2d80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:d3:e5:e8:1f:6a:2b:7c:e5:f9:76:ae:bc:15:e4:8b:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Aug 25 07:27:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=db1eb5c5c6abe03dc4cf22536b15f162d9c9ec66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:0d:6e:8e:e3:3d:f9:94:c5:74:d4:bc:df:9c:
cf:91:ad:5a:1e:1e:b4:4f:dc:a0:a8:fe:dc:38:95:
b7:eb:dd:da:cb:5c:86:f6:77:e5:27:29:08:dd:54:
d0:c9:0a:15:66:35:6b:a1:b3:48:0a:e0:40:d9:b5:
e2:40:7e:31:e0:b4:42:3c:f0:42:d1:6e:1d:3c:5d:
c3:27:8f:7b:6c:ae:99:c0:0b:4f:fc:bd:9d:0f:ad:
72:9c:ad:70:21:58:53:91:06:f0:6e:b2:ed:fa:bd:
13:90:8b:b2:ae:d8:47:09:9f:ed:3c:4e:87:e3:d8:
e9:81:ed:21:f7:46:79:ba:12:f3:04:f2:ed:bd:a7:
fd:d4:80:34:7d:1f:dc:31:a6:70:c2:75:13:72:c0:
ac:d4:b0:bb:f1:50:d6:96:6c:a6:8c:60:a5:73:32:
3d:e6:aa:a9:ed:cc:ea:8d:93:af:05:0d:02:cf:e5:
25:18:20:c5:e4:90:3d:6c:1c:fb:6b:e0:c1:c0:09:
0a:f9:6d:17:6b:3b:39:28:5e:1c:c2:fe:c3:3c:59:
3b:2d:61:fd:fe:ab:03:50:7e:1b:d9:95:1a:42:3d:
2b:6e:c4:09:9f:24:c1:cb:b1:2d:6f:58:82:18:cb:
85:1d:65:9e:a8:8f:81:07:66:3a:77:6c:97:c4:23:
dd:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:1E:B5:C5:C6:AB:E0:3D:C4:CF:22:53:6B:15:F1:62:D9:C9:EC:66
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/2x61xcar4D3EzyJTaxXxYtnJ7GY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:2300::/29
2a0f:2d80::/29
2a0f:3940::/29
2a0f:7f00::/29
2a0f:8100::/29
2a0f:8300::/29
2a0f:9e00::/29
2a0f:e640::/29
Signature Algorithm: sha256WithRSAEncryption
b8:3c:96:bd:f5:ad:5f:c4:c6:d6:be:b5:82:0c:05:ab:29:dd:
dd:25:ff:26:c7:09:cd:80:d3:ca:ce:74:67:05:c5:1f:14:c7:
99:ff:50:3b:54:ac:d6:73:79:03:22:eb:0c:3f:49:15:18:98:
37:4a:1d:7c:34:13:85:ae:b7:df:1e:79:72:c7:d5:97:0d:43:
c3:b0:66:70:78:26:4b:0d:bf:35:d0:0e:5e:67:94:e6:fa:8c:
41:34:d8:51:88:e7:32:70:14:6a:f7:02:a6:7d:d7:c8:84:98:
5b:74:23:49:bb:c5:cd:d6:37:88:bd:a8:de:d8:de:a1:9c:b5:
d8:6d:91:43:62:b4:bc:2d:5a:15:83:87:4d:7d:68:d0:90:36:
95:5c:23:8a:9a:c7:e2:2a:91:a0:e5:14:ae:b9:91:f5:ca:05:
40:fd:57:8f:dd:ee:27:fa:6c:ad:1a:be:44:27:4d:77:c4:07:
11:ef:38:b3:4c:37:74:9d:d5:41:b4:be:69:b2:8e:ce:98:86:
c3:e1:15:5f:ca:91:f7:6f:a8:ec:31:c7:ad:eb:bd:8a:5e:6b:
b8:49:fb:33:05:5e:98:fd:10:28:6d:74:39:e5:89:5c:cd:20:
85:ba:a9:a2:f7:1d:c2:5c:a3:dc:a8:ad:ad:44:78:62:72:c2:
2b:87:17:f6
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYLT5egfait85fl2rrwV5IsNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjIwODI1MDcyNzE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjFlYjVjNWM2YWJlMDNkYzRjZjIyNTM2YjE1ZjE2MmQ5YzllYzY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhw1ujuM9+ZTFdNS835zPka1aHh60
T9ygqP7cOJW3693ay1yG9nflJykI3VTQyQoVZjVrobNICuBA2bXiQH4x4LRCPPBC
0W4dPF3DJ497bK6ZwAtP/L2dD61ynK1wIVhTkQbwbrLt+r0TkIuyrthHCZ/tPE6H
49jpge0h90Z5uhLzBPLtvaf91IA0fR/cMaZwwnUTcsCs1LC78VDWlmymjGClczI9
5qqp7czqjZOvBQ0Cz+UlGCDF5JA9bBz7a+DBwAkK+W0Xazs5KF4cwv7DPFk7LWH9
/qsDUH4b2ZUaQj0rbsQJnyTBy7Etb1iCGMuFHWWeqI+BB2Y6d2yXxCPdjwIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFNsetcXGq+A9xM8iU2sV8WLZyexmMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvMng2MXhjYXI0RDNFenlKVGF4WHhZdG5KN0dZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAAjA4AwUDKg8jAAMF
AyoPLYADBQMqDzlAAwUDKg9/AAMFAyoPgQADBQMqD4MAAwUDKg+eAAMFAyoP5kAw
DQYJKoZIhvcNAQELBQADggEBALg8lr31rV/Exta+tYIMBasp3d0l/ybHCc2A08rO
dGcFxR8Ux5n/UDtUrNZzeQMi6ww/SRUYmDdKHXw0E4Wut98eeXLH1ZcNQ8OwZnB4
JksNvzXQDl5nlOb6jEE02FGI5zJwFGr3AqZ918iEmFt0I0m7xc3WN4i9qN7Y3qGc
tdhtkUNitLwtWhWDh019aNCQNpVcI4qax+IqkaDlFK65kfXKBUD9V4/d7if6bK0a
vkQnTXfEBxHvOLNMN3Sd1UG0vmmyjs6YhsPhFV/KkfdvqOwxx63rvYpea7hJ+zMF
Xpj9EChtdDnliVzNIIW6qaL3HcJco9yora1EeGJywiuHF/Y=
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:14:55 2025 by rpki-client