Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/4D6fEa4UvIq-VVm4ZvoN2TW2kBY.roa
File: 4D6fEa4UvIq-VVm4ZvoN2TW2kBY.roa (raw, json)
Hash identifier: GCrhaYfsVwqYCumRuWJuAY94RgVVCCMCLqH7f1cYU7s=
Subject key identifier: E0:3E:9F:11:AE:14:BC:8A:BE:55:59:B8:66:FA:0D:D9:35:B6:90:16
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0188B911AD18A049C639D08F7DAD966656C8
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/4D6fEa4UvIq-VVm4ZvoN2TW2kBY.roa
Signing time: Wed 14 Jun 2023 08:42:03 +0000
ROA not before: Wed 14 Jun 2023 08:42:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57043
IP address blocks: 2a11:3500::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:b9:11:ad:18:a0:49:c6:39:d0:8f:7d:ad:96:66:56:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jun 14 08:42:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e03e9f11ae14bc8abe5559b866fa0dd935b69016
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:6f:11:53:25:ad:2f:01:9a:c9:70:d5:a2:48:
4e:d1:39:72:36:e2:f8:14:30:29:8e:7b:6e:1b:34:
ee:e2:54:85:f6:ab:cf:84:7b:82:1b:bf:86:29:0a:
8c:fe:1a:d1:18:ec:82:64:ae:2a:03:20:c8:9e:41:
5f:9a:61:c8:1e:4d:80:05:82:4e:50:34:96:db:a7:
c5:d7:c7:a1:10:d7:76:41:d8:3c:a9:af:a3:1a:67:
3b:ad:53:30:ef:07:14:52:22:a6:c0:21:c9:fa:7a:
e7:04:5f:96:d7:5f:1f:fc:75:f0:ae:37:55:1d:7a:
51:af:89:1d:2b:f0:57:45:42:65:12:4f:7f:c0:ea:
1b:e4:e4:bd:2d:3d:38:6f:46:c3:1a:d9:23:41:a2:
a8:f6:24:b7:01:ff:9d:45:2f:d1:32:5f:50:5b:1e:
89:7c:5d:29:47:19:4f:45:05:a0:0d:b9:2d:a9:b0:
f0:71:aa:c9:96:26:99:1c:3b:af:a4:97:4e:04:db:
6f:6b:24:b4:7d:ff:0b:2d:b6:80:8e:66:24:73:5b:
6c:c1:56:d1:72:56:e9:31:57:05:80:14:8a:70:72:
0f:95:fc:0b:c1:20:91:2a:81:e3:fc:b7:00:46:22:
b2:70:3e:a8:35:19:80:2c:07:84:8f:af:30:ca:5a:
fc:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:3E:9F:11:AE:14:BC:8A:BE:55:59:B8:66:FA:0D:D9:35:B6:90:16
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/4D6fEa4UvIq-VVm4ZvoN2TW2kBY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:3500::/29
Signature Algorithm: sha256WithRSAEncryption
34:2b:94:0a:30:ec:0e:18:de:af:72:d9:d7:02:8d:9f:14:3b:
5f:37:74:b6:b9:a2:ac:dd:a2:50:a9:03:cd:3a:11:7b:e9:b7:
c0:ef:0a:84:d8:f0:55:78:b4:a4:ac:75:d4:f0:d6:5f:30:3e:
68:93:e3:0b:ca:ce:73:f7:af:7a:cb:c2:98:2f:28:f0:86:84:
a9:61:aa:79:23:42:16:27:ce:f0:b7:34:8c:9f:b2:03:51:98:
e5:0c:23:4c:c4:79:2b:b0:f9:a2:61:dd:ea:0c:33:6f:be:d2:
ba:25:f1:e1:cf:03:a9:63:b6:95:b9:20:f1:5a:46:ed:32:41:
83:7a:51:bf:04:eb:73:a1:ed:5d:3f:55:8f:fe:62:6c:85:5d:
82:bb:86:05:bc:21:9c:fc:7b:3d:16:ae:87:76:fb:6f:6d:fc:
a1:64:19:f5:a8:31:8f:17:61:85:86:c4:0b:a3:76:b2:e4:87:
51:12:28:4b:d4:16:0b:cc:ec:f6:4d:84:64:1a:dd:24:ef:a0:
44:db:10:60:50:2f:8c:75:f6:f8:f9:29:54:23:03:1c:ed:a8:
04:b1:79:45:b4:65:56:c2:58:b8:3d:a2:33:36:53:1b:d8:7e:
4d:2c:c7:cc:a0:fe:17:65:60:9d:46:77:e3:83:66:d1:e1:59:
d2:4f:4f:4b
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYi5Ea0YoEnGOdCPfa2WZlbIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMwNjE0MDg0MjAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDNlOWYxMWFlMTRiYzhhYmU1NTU5Yjg2NmZhMGRkOTM1YjY5MDE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjW8RUyWtLwGayXDVokhO0TlyNuL4
FDApjntuGzTu4lSF9qvPhHuCG7+GKQqM/hrRGOyCZK4qAyDInkFfmmHIHk2ABYJO
UDSW26fF18ehENd2Qdg8qa+jGmc7rVMw7wcUUiKmwCHJ+nrnBF+W118f/HXwrjdV
HXpRr4kdK/BXRUJlEk9/wOob5OS9LT04b0bDGtkjQaKo9iS3Af+dRS/RMl9QWx6J
fF0pRxlPRQWgDbktqbDwcarJliaZHDuvpJdOBNtvayS0ff8LLbaAjmYkc1tswVbR
clbpMVcFgBSKcHIPlfwLwSCRKoHj/LcARiKycD6oNRmALAeEj68wylr8QQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFOA+nxGuFLyKvlVZuGb6Ddk1tpAWMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvNEQ2ZkVhNFV2SXEtVlZtNFp2b04yVFcya0JZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhE1ADAN
BgkqhkiG9w0BAQsFAAOCAQEANCuUCjDsDhjer3LZ1wKNnxQ7Xzd0trmirN2iUKkD
zToRe+m3wO8KhNjwVXi0pKx11PDWXzA+aJPjC8rOc/evesvCmC8o8IaEqWGqeSNC
FifO8Lc0jJ+yA1GY5QwjTMR5K7D5omHd6gwzb77SuiXx4c8DqWO2lbkg8VpG7TJB
g3pRvwTrc6HtXT9Vj/5ibIVdgruGBbwhnPx7PRauh3b7b238oWQZ9agxjxdhhYbE
C6N2suSHURIoS9QWC8zs9k2EZBrdJO+gRNsQYFAvjHX2+PkpVCMDHO2oBLF5RbRl
VsJYuD2iMzZTG9h+TSzHzKD+F2VgnUZ344Nm0eFZ0k9PSw==
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:11:51 2025 by rpki-client