Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/4dSN8wbENI3QiaNHduCp9sm4onI.roa
File: 4dSN8wbENI3QiaNHduCp9sm4onI.roa (raw, json)
Hash identifier: wWqWF0nlUs0k8gm53zl8k215XWPU0d/He9t+E+YnR9k=
Subject key identifier: E1:D4:8D:F3:06:C4:34:8D:D0:89:A3:47:76:E0:A9:F6:C9:B8:A2:72
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018C61C3423664E2478D48D38168982913A4
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/4dSN8wbENI3QiaNHduCp9sm4onI.roa
Signing time: Wed 13 Dec 2023 06:00:35 +0000
ROA not before: Wed 13 Dec 2023 06:00:35 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 151814
IP address blocks: 2a0f:7d03:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:61:c3:42:36:64:e2:47:8d:48:d3:81:68:98:29:13:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Dec 13 06:00:35 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e1d48df306c4348dd089a34776e0a9f6c9b8a272
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:91:ee:52:40:d4:e4:7f:a7:ed:54:85:37:f2:
7b:5c:7d:9f:52:19:37:e5:e2:b9:e1:a1:10:be:a4:
88:cb:cc:22:6b:dd:65:8b:25:f6:dc:cd:d4:d7:46:
ba:aa:6e:ff:16:c5:be:a3:e6:05:bd:25:db:34:3c:
77:c8:68:63:0b:52:2c:7c:74:49:a6:df:30:a8:21:
f6:aa:8b:a2:b2:d9:e9:e8:e8:51:23:09:5e:4e:9a:
c0:d3:7d:08:74:47:31:9c:e5:ed:9a:3a:7e:6f:12:
73:9c:b9:ae:89:5d:4a:84:6e:c6:be:de:d5:cc:f7:
8e:1f:e4:c4:58:f0:0e:f7:eb:7a:9b:b0:bc:b4:fa:
1d:fb:29:ba:35:d0:d5:d2:03:cd:e3:42:69:a9:86:
b3:ae:04:9b:96:7b:a4:af:78:38:0a:7a:e3:2f:58:
2a:08:59:b8:d7:6b:78:fa:02:29:1b:9c:04:cf:6a:
43:4a:d1:1d:4f:1e:cd:8d:d3:1e:4b:42:f3:a5:8c:
b9:4b:f0:77:69:6d:1d:c7:6d:65:56:c2:61:1b:94:
d3:b9:b8:c0:a1:f7:52:c2:3c:2d:48:49:a9:68:d3:
7b:99:d8:be:77:f2:93:16:96:d4:0a:63:41:fb:83:
45:55:0a:be:6c:27:15:77:2e:4e:8e:a5:5e:19:38:
e0:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:D4:8D:F3:06:C4:34:8D:D0:89:A3:47:76:E0:A9:F6:C9:B8:A2:72
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/4dSN8wbENI3QiaNHduCp9sm4onI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:7d03:1::/48
Signature Algorithm: sha256WithRSAEncryption
3f:d3:b7:26:3f:98:0c:c7:36:8e:36:d1:f6:f4:f0:60:cb:6a:
bd:39:3f:b6:fa:b2:ae:86:e2:a8:ca:62:9b:63:4e:a6:d2:2c:
81:a0:43:b7:9e:1e:d9:6b:22:61:e4:15:f2:c6:41:12:1b:e8:
e8:57:25:5f:1c:5b:11:a6:f8:b1:99:19:c9:90:83:e9:85:0d:
44:48:a5:59:52:ce:bc:0f:1e:c6:88:8c:1d:44:2d:4b:65:42:
e6:9b:31:51:3b:45:66:36:e1:c5:66:a9:76:04:32:14:db:cc:
29:91:ee:24:f5:47:46:b6:8a:55:bd:ef:d9:3a:cd:db:a0:f3:
32:9c:ee:6f:dd:79:c0:ac:f7:a9:0b:70:ec:f1:d8:6b:0c:12:
70:5b:d1:e0:1d:1b:2a:1d:68:84:33:92:5c:6f:6a:ff:0d:0d:
fe:63:81:25:51:99:f4:17:ce:25:8b:4b:08:db:62:6a:4b:02:
54:9a:bd:da:8a:76:ee:61:b5:3a:dc:3e:76:b4:70:7d:71:07:
20:62:ee:ee:24:d7:2e:52:86:0d:da:94:93:37:43:6d:b4:35:
75:95:e7:37:68:7d:55:e1:b6:ff:02:31:a4:f3:05:2c:7c:f0:
4e:07:a7:e6:f8:57:c1:42:41:73:64:ef:90:38:4e:ca:31:4a:
9a:3d:7b:14
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYxhw0I2ZOJHjUjTgWiYKROkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMxMjEzMDYwMDM1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMWQ0OGRmMzA2YzQzNDhkZDA4OWEzNDc3NmUwYTlmNmM5YjhhMjcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn5HuUkDU5H+n7VSFN/J7XH2fUhk3
5eK54aEQvqSIy8wia91liyX23M3U10a6qm7/FsW+o+YFvSXbNDx3yGhjC1IsfHRJ
pt8wqCH2qouistnp6OhRIwleTprA030IdEcxnOXtmjp+bxJznLmuiV1KhG7Gvt7V
zPeOH+TEWPAO9+t6m7C8tPod+ym6NdDV0gPN40JpqYazrgSblnukr3g4CnrjL1gq
CFm412t4+gIpG5wEz2pDStEdTx7NjdMeS0LzpYy5S/B3aW0dx21lVsJhG5TTubjA
ofdSwjwtSEmpaNN7mdi+d/KTFpbUCmNB+4NFVQq+bCcVdy5OjqVeGTjgmQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFOHUjfMGxDSN0ImjR3bgqfbJuKJyMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvNGRTTjh3YkVOSTNRaWFOSGR1Q3A5c200b25JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg99AwAB
MA0GCSqGSIb3DQEBCwUAA4IBAQA/07cmP5gMxzaONtH29PBgy2q9OT+2+rKuhuKo
ymKbY06m0iyBoEO3nh7ZayJh5BXyxkESG+joVyVfHFsRpvixmRnJkIPphQ1ESKVZ
Us68Dx7GiIwdRC1LZULmmzFRO0VmNuHFZql2BDIU28wpke4k9UdGtopVve/ZOs3b
oPMynO5v3XnArPepC3Ds8dhrDBJwW9HgHRsqHWiEM5Jcb2r/DQ3+Y4ElUZn0F84l
i0sI22JqSwJUmr3ainbuYbU63D52tHB9cQcgYu7uJNcuUoYN2pSTN0NttDV1lec3
aH1V4bb/AjGk8wUsfPBOB6fm+FfBQkFzZO+QOE7KMUqaPXsU
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:07:26 2025 by rpki-client