Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/4099rBf7I55X-b8oYbT1t_-xA7c.roa
File: 4099rBf7I55X-b8oYbT1t_-xA7c.roa (raw, json)
Hash identifier: P0i48azWEPXoAJZkRqtCd1DmxhZAxwVJ6zdm6xg+6U4=
Subject key identifier: E3:4F:7D:AC:17:FB:23:9E:57:F9:BF:28:61:B4:F5:B7:FF:B1:03:B7
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0182B5E76004DFD0BA16F05A943F8BFD6C00
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/4099rBf7I55X-b8oYbT1t_-xA7c.roa
Signing time: Fri 19 Aug 2022 11:40:15 +0000
ROA not before: Fri 19 Aug 2022 11:40:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204339
IP address blocks: 2a0f:7f00::/29 maxlen: 29
2a0f:a200::/29 maxlen: 29
2a0f:e640::/29 maxlen: 29
2a0f:3940::/29 maxlen: 29
2a0f:8300::/29 maxlen: 29
2a0f:9e00::/29 maxlen: 29
2a0f:8100::/29 maxlen: 29
2a0f:2300::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:b5:e7:60:04:df:d0:ba:16:f0:5a:94:3f:8b:fd:6c:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Aug 19 11:40:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e34f7dac17fb239e57f9bf2861b4f5b7ffb103b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:1b:91:6a:bc:18:83:ce:6b:5f:28:09:9d:a4:
56:c5:bd:1f:c4:a8:8b:99:1f:59:be:7c:1a:e5:40:
f0:17:8d:d0:41:4c:58:33:6d:0a:bd:bf:ac:3b:59:
8b:2b:91:cb:4b:28:94:7c:f7:ba:b0:81:62:a0:52:
9b:2d:b9:c5:f0:48:c7:3a:f9:bd:58:05:f8:f5:4b:
fc:54:31:89:3a:d2:74:f8:a4:bb:15:30:6d:b8:5e:
d6:0d:47:54:47:b6:46:26:85:db:bd:36:aa:e1:3a:
0a:b7:63:16:87:b1:85:8b:c1:2e:e4:01:2a:3f:12:
4a:74:ac:d5:83:5c:07:f4:6d:b3:fa:2c:f6:f4:d8:
eb:4f:c0:70:88:99:eb:f1:9d:c1:63:c3:b5:95:66:
88:80:53:c8:22:65:77:70:47:f7:8c:0c:9f:97:2a:
c1:46:ed:d1:a5:87:41:1f:d6:e6:f8:4f:dd:44:7d:
ea:68:c2:da:af:51:d0:e2:f9:76:a6:f1:f8:b9:01:
ee:c4:97:35:d1:24:f9:93:64:01:23:3d:cc:86:47:
5e:e0:49:52:2f:d9:93:a7:49:8a:dc:b5:28:ba:17:
77:e6:17:cf:b8:ae:c8:47:e8:24:2c:1b:28:be:1e:
c3:8c:1e:15:66:aa:d9:ce:88:b4:9e:8a:fa:42:4a:
74:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:4F:7D:AC:17:FB:23:9E:57:F9:BF:28:61:B4:F5:B7:FF:B1:03:B7
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/4099rBf7I55X-b8oYbT1t_-xA7c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:2300::/29
2a0f:3940::/29
2a0f:7f00::/29
2a0f:8100::/29
2a0f:8300::/29
2a0f:9e00::/29
2a0f:a200::/29
2a0f:e640::/29
Signature Algorithm: sha256WithRSAEncryption
71:f0:cf:82:0e:8e:8a:69:ab:f9:f8:12:41:1f:cb:26:0d:44:
39:87:f1:15:01:40:46:60:89:28:ed:10:9d:a9:01:69:61:2f:
98:94:2f:97:fe:5d:71:d0:50:2e:85:e1:07:15:77:70:c2:a1:
88:b0:fb:3c:fa:c7:02:d6:54:65:46:42:42:8c:6e:a0:6d:4e:
33:f1:ab:e5:00:bd:d5:d3:44:4d:68:9f:3b:7c:91:aa:1a:7b:
7c:a9:fd:53:61:e5:98:69:ad:f5:44:a2:52:d4:25:ff:7f:c6:
7c:fa:43:0e:a9:75:97:88:8b:d2:d6:86:4e:e4:51:1a:dc:34:
68:d6:04:c2:75:3a:ff:21:95:e6:8e:51:22:3b:aa:79:3d:92:
8b:bf:21:a6:06:9f:90:0b:7b:32:8b:bb:22:93:82:7b:f0:11:
fe:92:78:51:ed:33:4a:12:44:60:b7:5c:3e:00:81:bc:df:51:
36:f7:80:9f:78:b2:9e:a1:ca:2e:09:f2:28:a6:51:c2:91:64:
8d:68:4a:19:aa:3b:f4:01:06:b6:9f:4c:78:58:98:3d:74:33:
ac:24:7c:d4:36:1e:01:0f:84:4b:65:ad:bb:65:d3:4d:ac:9a:
a0:53:63:53:1a:a1:11:c9:ad:c2:79:57:1a:d4:2d:57:a6:02:
6a:8c:fb:ff
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYK152AE39C6FvBalD+L/WwAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjIwODE5MTE0MDE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzRmN2RhYzE3ZmIyMzllNTdmOWJmMjg2MWI0ZjViN2ZmYjEwM2I3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmBuRarwYg85rXygJnaRWxb0fxKiL
mR9Zvnwa5UDwF43QQUxYM20Kvb+sO1mLK5HLSyiUfPe6sIFioFKbLbnF8EjHOvm9
WAX49Uv8VDGJOtJ0+KS7FTBtuF7WDUdUR7ZGJoXbvTaq4ToKt2MWh7GFi8Eu5AEq
PxJKdKzVg1wH9G2z+iz29NjrT8BwiJnr8Z3BY8O1lWaIgFPIImV3cEf3jAyflyrB
Ru3RpYdBH9bm+E/dRH3qaMLar1HQ4vl2pvH4uQHuxJc10ST5k2QBIz3Mhkde4ElS
L9mTp0mK3LUouhd35hfPuK7IR+gkLBsovh7DjB4VZqrZzoi0nor6Qkp0pQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFONPfawX+yOeV/m/KGG09bf/sQO3MB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvNDA5OXJCZjdJNTVYLWI4b1liVDF0Xy14QTdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAAjA4AwUDKg8jAAMF
AyoPOUADBQMqD38AAwUDKg+BAAMFAyoPgwADBQMqD54AAwUDKg+iAAMFAyoP5kAw
DQYJKoZIhvcNAQELBQADggEBAHHwz4IOjoppq/n4EkEfyyYNRDmH8RUBQEZgiSjt
EJ2pAWlhL5iUL5f+XXHQUC6F4QcVd3DCoYiw+zz6xwLWVGVGQkKMbqBtTjPxq+UA
vdXTRE1onzt8kaoae3yp/VNh5ZhprfVEolLUJf9/xnz6Qw6pdZeIi9LWhk7kURrc
NGjWBMJ1Ov8hleaOUSI7qnk9kou/IaYGn5ALezKLuyKTgnvwEf6SeFHtM0oSRGC3
XD4AgbzfUTb3gJ94sp6hyi4J8iimUcKRZI1oShmqO/QBBrafTHhYmD10M6wkfNQ2
HgEPhEtlrbtl002smqBTY1MaoRHJrcJ5VxrULVemAmqM+/8=
-----END CERTIFICATE-----
Generated at Mon Apr 21 16:28:20 2025 by rpki-client