Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/5BUfGZgHvSgAeF3SQLKH9pY30cQ.roa
File: 5BUfGZgHvSgAeF3SQLKH9pY30cQ.roa (raw, json)
Hash identifier: HW8ftj5z2OwsOt5M1mxu4Qj1DuwrrgGifzotdxBdlLM=
Subject key identifier: E4:15:1F:19:98:07:BD:28:00:78:5D:D2:40:B2:87:F6:96:37:D1:C4
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018C1F38BE2A5B2FB7C48D7CF62B43F666E0
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/5BUfGZgHvSgAeF3SQLKH9pY30cQ.roa
Signing time: Thu 30 Nov 2023 07:54:21 +0000
ROA not before: Thu 30 Nov 2023 07:54:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197992
IP address blocks: 2a0f:7f00::/29 maxlen: 29
2a06:dfc0::/29 maxlen: 29
2a06:b5c0::/29 maxlen: 29
2a0e:5a80::/29 maxlen: 29
2a13:d300::/29 maxlen: 29
2a07:95c0::/29 maxlen: 29
2a13:200::/29 maxlen: 29
2a07:a300::/29 maxlen: 29
2a12:d540::/29 maxlen: 29
2a0a:2340::/29 maxlen: 29
2a06:bf40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:1f:38:be:2a:5b:2f:b7:c4:8d:7c:f6:2b:43:f6:66:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Nov 30 07:54:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e4151f199807bd2800785dd240b287f69637d1c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:c1:60:90:49:4f:4d:46:e6:cf:41:6e:aa:1f:
8a:61:fa:e1:14:f6:86:1a:47:bc:a8:12:27:21:41:
90:c6:6d:8f:ec:e2:3f:db:4d:e9:98:a8:04:e1:c2:
20:0b:b8:44:33:c0:3a:64:2d:2c:27:3b:79:ec:e1:
31:37:c0:50:99:7a:57:6c:2f:f6:a9:ac:b7:09:53:
de:87:1c:ab:21:2e:d5:45:4c:97:af:6c:16:71:60:
11:66:5a:21:54:a5:68:e6:b2:11:1c:e3:99:2a:b7:
9f:93:95:4a:95:26:87:84:24:c3:1a:dd:b3:4f:d8:
ac:88:63:f6:e0:70:ff:96:4d:5f:12:5a:06:45:4e:
18:4b:36:95:7c:09:cb:7c:a7:e7:12:26:56:90:84:
60:2d:63:3c:c0:34:fe:7f:2c:2e:16:71:41:ca:fb:
51:50:f1:80:be:39:9c:b2:96:3a:78:88:ac:aa:42:
e5:56:42:f0:98:20:b9:95:2e:dc:09:c1:c7:f0:11:
1e:dd:91:f5:06:c4:5a:ee:e5:cf:82:6f:31:c4:b3:
9f:24:16:da:7b:1e:c5:c3:90:42:8d:d2:b6:e9:0d:
a0:43:80:99:07:81:1f:29:6b:e8:37:03:39:c3:db:
ed:06:00:0f:c8:5a:71:1d:89:72:94:7f:4f:bc:a0:
7d:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:15:1F:19:98:07:BD:28:00:78:5D:D2:40:B2:87:F6:96:37:D1:C4
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/5BUfGZgHvSgAeF3SQLKH9pY30cQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:b5c0::/29
2a06:bf40::/29
2a06:dfc0::/29
2a07:95c0::/29
2a07:a300::/29
2a0a:2340::/29
2a0e:5a80::/29
2a0f:7f00::/29
2a12:d540::/29
2a13:200::/29
2a13:d300::/29
Signature Algorithm: sha256WithRSAEncryption
c0:f4:65:36:80:e2:b4:66:1d:eb:00:87:7a:e0:f6:73:70:d3:
15:4e:32:32:53:83:e5:24:8d:77:9d:e2:1e:6f:b1:25:d4:09:
1e:2a:cf:34:a7:aa:67:0a:93:c2:aa:54:d9:3f:73:05:91:7d:
7c:84:a4:10:45:d0:a3:16:71:a7:33:05:54:f3:6b:35:a8:2c:
4f:20:bb:21:30:b9:2d:f9:e2:dc:f6:00:37:02:17:1f:96:23:
05:7e:e0:f6:2f:d4:d9:22:e8:b1:fc:79:1c:d9:c4:c1:44:6f:
f5:ef:37:2d:f9:fe:9d:25:1c:89:5b:13:01:97:81:cb:34:6c:
4c:b3:21:61:c1:40:ab:36:e0:d4:a1:86:8d:41:bc:61:c6:bd:
a8:bd:f4:a7:57:9e:3d:8f:20:c1:a1:13:9a:ce:dc:87:e0:03:
31:f0:41:5e:9c:51:68:f3:f5:59:dd:72:4a:4c:22:59:2f:2e:
c0:bc:4f:94:48:da:9e:b1:c8:fa:90:f0:95:68:b2:8f:f9:c6:
bb:a9:98:84:9e:da:63:e1:14:b4:3a:76:61:41:5d:b1:33:44:
ea:7c:3a:ee:2d:b6:e4:5b:06:63:db:d5:01:e0:f7:89:c0:43:
3e:ee:ef:69:b0:90:c4:16:dd:fa:ab:90:6b:94:5c:cc:f3:7f:
38:6a:1a:47
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgISAYwfOL4qWy+3xI189itD9mbgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMxMTMwMDc1NDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDE1MWYxOTk4MDdiZDI4MDA3ODVkZDI0MGIyODdmNjk2MzdkMWM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhcFgkElPTUbmz0Fuqh+KYfrhFPaG
Gke8qBInIUGQxm2P7OI/203pmKgE4cIgC7hEM8A6ZC0sJzt57OExN8BQmXpXbC/2
qay3CVPehxyrIS7VRUyXr2wWcWARZlohVKVo5rIRHOOZKrefk5VKlSaHhCTDGt2z
T9isiGP24HD/lk1fEloGRU4YSzaVfAnLfKfnEiZWkIRgLWM8wDT+fywuFnFByvtR
UPGAvjmcspY6eIisqkLlVkLwmCC5lS7cCcHH8BEe3ZH1BsRa7uXPgm8xxLOfJBba
ex7Fw5BCjdK26Q2gQ4CZB4EfKWvoNwM5w9vtBgAPyFpxHYlylH9PvKB9lQIDAQAB
o4ICUDCCAkwwHQYDVR0OBBYEFOQVHxmYB70oAHhd0kCyh/aWN9HEMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvNUJVZkdaZ0h2U2dBZUYzU1FMS0g5cFkzMGNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGYGCCsGAQUFBwEHAQH/BFcwVTBTBAIAAjBNAwUDKga1wAMF
AyoGv0ADBQMqBt/AAwUDKgeVwAMFAyoHowADBQMqCiNAAwUDKg5agAMFAyoPfwAD
BQMqEtVAAwUDKhMCAAMFAyoT0wAwDQYJKoZIhvcNAQELBQADggEBAMD0ZTaA4rRm
HesAh3rg9nNw0xVOMjJTg+UkjXed4h5vsSXUCR4qzzSnqmcKk8KqVNk/cwWRfXyE
pBBF0KMWcaczBVTzazWoLE8guyEwuS354tz2ADcCFx+WIwV+4PYv1Nki6LH8eRzZ
xMFEb/XvNy35/p0lHIlbEwGXgcs0bEyzIWHBQKs24NShho1BvGHGvai99KdXnj2P
IMGhE5rO3IfgAzHwQV6cUWjz9VndckpMIlkvLsC8T5RI2p6xyPqQ8JVoso/5xrup
mISe2mPhFLQ6dmFBXbEzROp8Ou4ttuRbBmPb1QHg94nAQz7u72mwkMQW3fqrkGuU
XMzzfzhqGkc=
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:58:56 2025 by rpki-client