Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/4YVWGNiv2LdCGNGoOkhGlKVHXeI.roa
File: 4YVWGNiv2LdCGNGoOkhGlKVHXeI.roa (raw, json)
Hash identifier: fVSzOmIiCpI1B+p7YZAWTqg5SH6mgpCEP5d9EkDHAEM=
Subject key identifier: E1:85:56:18:D8:AF:D8:B7:42:18:D1:A8:3A:48:46:94:A5:47:5D:E2
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018BCE1A623AE1B56760375D0739431E3400
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/4YVWGNiv2LdCGNGoOkhGlKVHXeI.roa
Signing time: Tue 14 Nov 2023 13:51:57 +0000
ROA not before: Tue 14 Nov 2023 13:51:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20473
IP address blocks: 2a0f:7d00:1::/48 maxlen: 48
2a0f:7d02:1::/48 maxlen: 48
2a0c:7884::/32 maxlen: 32
2a0f:ea00::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ce:1a:62:3a:e1:b5:67:60:37:5d:07:39:43:1e:34:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Nov 14 13:51:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e1855618d8afd8b74218d1a83a484694a5475de2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:67:ef:3d:ba:41:06:41:91:12:c8:9e:06:04:
20:6f:f4:0b:fa:98:8b:c1:ac:f2:ef:f3:bc:3f:3a:
bd:41:86:60:94:fb:fc:e4:00:c7:94:18:79:e8:4d:
88:e0:2d:22:cc:cf:89:01:ea:3b:51:a3:8d:ee:39:
bd:16:0d:bd:c3:84:4d:49:bb:cb:8c:fb:fc:2e:3a:
ac:81:ca:72:4f:02:14:d8:3b:c5:d8:d8:d1:f2:d6:
eb:25:0f:ad:28:83:f0:f5:07:1c:af:bd:83:c7:4a:
91:01:43:9f:31:31:fd:3f:dc:8a:c1:fb:e4:1f:9d:
19:55:63:96:3a:7f:cc:5b:fc:e7:ae:e5:8e:c1:86:
71:d6:75:6f:f8:ef:e7:9c:5d:e7:3d:4c:68:e1:fb:
65:a3:81:1a:cf:08:2d:46:99:db:ac:f7:8a:73:7f:
58:cc:9c:90:4f:49:2d:e1:5f:97:3a:de:7d:bb:dc:
b6:7b:6f:4c:4b:bf:1c:ec:e2:83:fc:42:1e:4e:b0:
89:1c:50:2d:86:c5:d2:df:34:cb:da:d7:63:5d:ea:
81:87:7b:82:f2:01:86:76:80:3e:f4:d7:b2:27:e1:
11:4c:2b:d3:c4:3d:b2:b5:a8:39:24:2c:6f:b2:71:
f1:85:f6:b4:85:0c:d0:6d:a0:73:56:45:29:0c:86:
bf:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:85:56:18:D8:AF:D8:B7:42:18:D1:A8:3A:48:46:94:A5:47:5D:E2
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/4YVWGNiv2LdCGNGoOkhGlKVHXeI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:7884::/32
2a0f:7d00:1::/48
2a0f:7d02:1::/48
2a0f:ea00::/29
Signature Algorithm: sha256WithRSAEncryption
b6:6f:8c:ce:8f:95:4e:ac:88:64:a0:c7:df:93:67:99:04:00:
d2:b3:4a:42:7e:50:50:67:76:dd:29:b3:5f:f6:55:3f:57:f6:
ed:6c:8a:f8:5b:29:66:98:67:37:17:2a:f9:6d:e4:ce:b1:fc:
74:76:8d:84:ac:d7:be:af:9b:bc:90:11:eb:8a:4e:04:14:18:
c9:ea:ee:ca:11:57:dc:ef:05:0e:17:58:ce:22:40:2f:84:c5:
50:29:1a:32:07:c6:02:e1:82:cb:b3:5a:50:cf:9b:36:b1:55:
e6:84:b8:a1:41:f6:78:b3:fd:2d:7d:c4:c9:dd:72:c1:b1:19:
e8:83:52:7a:15:48:ae:9e:52:38:b9:35:6e:78:24:34:f4:ea:
d4:af:3f:be:58:a5:56:12:89:38:b8:15:ef:fa:49:b0:8f:ab:
a5:89:0d:14:a1:f7:48:8a:42:a4:84:ee:b2:cc:97:4a:8f:a5:
2d:00:35:04:a7:21:25:80:db:f2:65:1a:89:37:86:df:d2:b3:
c6:c0:01:8b:0b:0b:f6:5b:c5:17:f2:5b:ab:26:ad:de:7c:18:
66:75:99:26:76:93:8b:10:84:82:11:76:75:00:30:1a:ad:f7:
53:72:d3:67:0e:17:f5:19:be:9b:51:8f:19:dd:a6:1b:65:77:
f7:60:88:1b
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYvOGmI64bVnYDddBzlDHjQAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMxMTE0MTM1MTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTg1NTYxOGQ4YWZkOGI3NDIxOGQxYTgzYTQ4NDY5NGE1NDc1ZGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1mfvPbpBBkGREsieBgQgb/QL+piL
wazy7/O8Pzq9QYZglPv85ADHlBh56E2I4C0izM+JAeo7UaON7jm9Fg29w4RNSbvL
jPv8LjqsgcpyTwIU2DvF2NjR8tbrJQ+tKIPw9Qccr72Dx0qRAUOfMTH9P9yKwfvk
H50ZVWOWOn/MW/znruWOwYZx1nVv+O/nnF3nPUxo4ftlo4EazwgtRpnbrPeKc39Y
zJyQT0kt4V+XOt59u9y2e29MS78c7OKD/EIeTrCJHFAthsXS3zTL2tdjXeqBh3uC
8gGGdoA+9NeyJ+ERTCvTxD2ytag5JCxvsnHxhfa0hQzQbaBzVkUpDIa/CwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFOGFVhjYr9i3QhjRqDpIRpSlR13iMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvNFlWV0dOaXYyTGRDR05Hb09raEdsS1ZIWGVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAAjAgAwUAKgx4hAMH
ACoPfQAAAQMHACoPfQIAAQMFAyoP6gAwDQYJKoZIhvcNAQELBQADggEBALZvjM6P
lU6siGSgx9+TZ5kEANKzSkJ+UFBndt0ps1/2VT9X9u1sivhbKWaYZzcXKvlt5M6x
/HR2jYSs176vm7yQEeuKTgQUGMnq7soRV9zvBQ4XWM4iQC+ExVApGjIHxgLhgsuz
WlDPmzaxVeaEuKFB9niz/S19xMndcsGxGeiDUnoVSK6eUji5NW54JDT06tSvP75Y
pVYSiTi4Fe/6SbCPq6WJDRSh90iKQqSE7rLMl0qPpS0ANQSnISWA2/JlGok3ht/S
s8bAAYsLC/ZbxRfyW6smrd58GGZ1mSZ2k4sQhIIRdnUAMBqt91Ny02cOF/UZvptR
jxndphtld/dgiBs=
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:06:35 2025 by rpki-client