Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/42juz8LvMFzJRZyPBjV8R8gkqgI.roa
File: 42juz8LvMFzJRZyPBjV8R8gkqgI.roa (raw, json)
Hash identifier: aPWHucnIXZQnCQtSaYNDiRX1UVxClK1++Qi1+LbZwsk=
Subject key identifier: E3:68:EE:CF:C2:EF:30:5C:C9:45:9C:8F:06:35:7C:47:C8:24:AA:02
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018875F50729D6C7D323EE27809202B46E10
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/42juz8LvMFzJRZyPBjV8R8gkqgI.roa
Signing time: Thu 01 Jun 2023 07:56:12 +0000
ROA not before: Thu 01 Jun 2023 07:56:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212477
IP address blocks: 2a13:2d40::/29 maxlen: 29
2a13:fd00::/29 maxlen: 29
2a11:4e80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:75:f5:07:29:d6:c7:d3:23:ee:27:80:92:02:b4:6e:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jun 1 07:56:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e368eecfc2ef305cc9459c8f06357c47c824aa02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:13:d0:44:5d:24:cd:f9:6f:52:81:db:90:d5:
13:3a:50:97:67:fd:65:5c:32:f8:0b:40:cd:31:b5:
9f:de:d2:c0:da:c5:3c:74:6c:3b:d6:09:75:1c:14:
6d:6e:15:0a:d1:1c:1f:f9:75:9b:ee:b9:40:6f:5a:
e8:99:50:a4:93:a0:5c:4d:6c:30:81:45:84:c1:a1:
fe:4e:5e:22:ae:37:9e:cd:da:6e:7a:da:b7:92:4e:
a2:91:79:39:fb:b0:f5:c0:a3:ac:80:5c:9a:6c:eb:
d1:e5:17:5b:20:45:e1:00:fb:89:49:b1:ce:78:7d:
9a:08:13:2f:51:ca:51:bf:fa:4f:d8:a5:31:d8:d0:
6f:fa:57:18:28:b3:08:14:6f:ee:41:7f:b4:ac:8d:
95:4c:f8:c5:a7:ae:95:25:ca:43:3d:58:6c:e0:0a:
7a:cf:c7:0c:d2:cf:a2:58:86:bf:68:f8:c7:fb:24:
19:3c:37:b1:db:23:ef:1f:f1:f4:d8:8a:2e:73:c8:
a4:ad:f5:f7:03:1f:d6:5b:2c:22:1b:31:05:37:37:
d8:e2:32:e2:40:44:18:5a:d4:6a:65:b0:8e:bf:a8:
61:77:fa:33:a6:e7:68:04:40:05:38:42:0a:85:d4:
69:cd:b1:25:b0:e1:64:5b:9f:dc:47:f8:c2:e3:e5:
42:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:68:EE:CF:C2:EF:30:5C:C9:45:9C:8F:06:35:7C:47:C8:24:AA:02
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/42juz8LvMFzJRZyPBjV8R8gkqgI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:4e80::/29
2a13:2d40::/29
2a13:fd00::/29
Signature Algorithm: sha256WithRSAEncryption
76:bc:65:66:78:16:db:0e:b8:0e:6c:12:58:a5:da:17:b2:43:
9a:b2:cf:95:8e:a7:6a:ef:38:65:cd:c1:fd:8a:bb:e8:a6:c1:
1f:1c:ba:2a:44:3e:74:37:60:0f:bb:cc:97:b2:78:fe:99:47:
33:c8:b3:0e:5f:bb:42:12:d3:5f:12:84:42:77:2b:ad:88:62:
a1:f7:0e:d2:65:47:83:e0:62:c8:19:0d:90:14:8e:75:24:16:
51:ae:ef:22:48:bc:ad:fa:70:81:8c:80:0d:d5:a4:1e:2c:ee:
72:fc:02:cb:02:db:55:70:f6:03:62:e0:6a:63:74:43:b6:44:
b5:66:83:d9:8f:76:88:5d:d5:a0:56:46:86:7c:31:08:bc:43:
ea:67:1e:8f:7f:5d:f0:5b:bd:08:57:a9:e8:b5:ef:46:47:03:
e9:42:54:11:df:44:12:93:70:b3:18:c8:30:95:e5:8a:a6:69:
cc:96:56:24:46:10:dd:b1:3b:7b:67:08:96:ab:2d:f7:b4:cf:
b5:6e:a7:bf:c4:54:07:5a:75:d4:6a:be:4d:27:63:69:6a:ba:
dd:08:92:1b:f2:e8:2f:87:80:8f:71:b3:a3:ad:6a:66:98:6d:
1a:00:08:dd:b6:89:23:d8:a7:13:5b:4a:89:2f:8a:df:cd:0e:
86:81:e6:68
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYh19Qcp1sfTI+4ngJICtG4QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMwNjAxMDc1NjEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzY4ZWVjZmMyZWYzMDVjYzk0NTljOGYwNjM1N2M0N2M4MjRhYTAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjxPQRF0kzflvUoHbkNUTOlCXZ/1l
XDL4C0DNMbWf3tLA2sU8dGw71gl1HBRtbhUK0Rwf+XWb7rlAb1romVCkk6BcTWww
gUWEwaH+Tl4irjeezdpuetq3kk6ikXk5+7D1wKOsgFyabOvR5RdbIEXhAPuJSbHO
eH2aCBMvUcpRv/pP2KUx2NBv+lcYKLMIFG/uQX+0rI2VTPjFp66VJcpDPVhs4Ap6
z8cM0s+iWIa/aPjH+yQZPDex2yPvH/H02Iouc8ikrfX3Ax/WWywiGzEFNzfY4jLi
QEQYWtRqZbCOv6hhd/ozpudoBEAFOEIKhdRpzbElsOFkW5/cR/jC4+VC9QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFONo7s/C7zBcyUWcjwY1fEfIJKoCMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvNDJqdXo4THZNRnpKUlp5UEJqVjhSOGdrcWdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUDKhFOgAMF
AyoTLUADBQMqE/0AMA0GCSqGSIb3DQEBCwUAA4IBAQB2vGVmeBbbDrgObBJYpdoX
skOass+Vjqdq7zhlzcH9irvopsEfHLoqRD50N2APu8yXsnj+mUczyLMOX7tCEtNf
EoRCdyutiGKh9w7SZUeD4GLIGQ2QFI51JBZRru8iSLyt+nCBjIAN1aQeLO5y/ALL
AttVcPYDYuBqY3RDtkS1ZoPZj3aIXdWgVkaGfDEIvEPqZx6Pf13wW70IV6note9G
RwPpQlQR30QSk3CzGMgwleWKpmnMllYkRhDdsTt7ZwiWqy33tM+1bqe/xFQHWnXU
ar5NJ2NparrdCJIb8ugvh4CPcbOjrWpmmG0aAAjdtokj2KcTW0qJL4rfzQ6GgeZo
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:55:56 2025 by rpki-client