Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/6Peems09xw0HQLJXV4d-aRqh6J0.roa
File: 6Peems09xw0HQLJXV4d-aRqh6J0.roa (raw, json)
Hash identifier: 56Y+Iz0JLhmkuUk0NDcZAZJ38zB5CGKHvp99EUJvkTQ=
Subject key identifier: E8:F7:9E:9A:CD:3D:C7:0D:07:40:B2:57:57:87:7E:69:1A:A1:E8:9D
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0187B207BC908AB3937015ADDCCFDB3E2FD9
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/6Peems09xw0HQLJXV4d-aRqh6J0.roa
Signing time: Mon 24 Apr 2023 06:51:04 +0000
ROA not before: Mon 24 Apr 2023 06:51:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 396362
IP address blocks: 2a0f:e841::/32 maxlen: 32
2a0e:1a82::/32 maxlen: 32
2a0f:e842::/32 maxlen: 32
2a0f:1e80:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:b2:07:bc:90:8a:b3:93:70:15:ad:dc:cf:db:3e:2f:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Apr 24 06:51:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e8f79e9acd3dc70d0740b25757877e691aa1e89d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:45:d0:d3:ff:cf:7f:b0:08:b7:e3:2a:eb:b5:
46:49:e2:0a:e2:56:26:ab:d1:11:53:77:3a:e3:f2:
41:f0:11:4a:d1:46:56:41:67:37:d5:87:0c:c3:36:
38:58:e5:a4:9d:ea:b5:91:76:d2:18:4f:1f:8f:aa:
8f:87:d7:76:9c:6b:98:5d:f3:4a:ab:fb:bc:de:f2:
78:90:04:b0:7c:47:a4:9c:b3:8e:f2:a9:16:2c:b2:
76:d7:d1:87:da:3b:7f:1d:bc:96:e5:61:d5:26:77:
96:4e:2a:f1:e7:0c:30:65:42:a4:91:4e:a1:b5:c5:
bf:85:24:b8:06:8b:08:68:80:22:05:00:46:f7:62:
ef:0c:91:87:98:2b:9c:61:23:b8:63:aa:f0:6f:43:
7d:9f:0e:1b:48:0a:6c:dd:a0:ff:55:62:10:03:b9:
8d:59:98:c4:24:97:85:ab:cb:e1:58:91:42:02:61:
4f:82:cf:1c:43:71:ae:29:17:93:52:93:24:0c:bc:
82:6b:6b:0c:88:59:f1:ff:b6:d3:50:e7:0c:2a:97:
9f:d8:73:a1:1c:82:e0:c9:43:67:5a:40:0b:c5:f3:
68:87:eb:b0:5c:29:d6:7f:e0:7e:15:53:76:d9:91:
df:f9:fd:f6:7b:de:44:d1:1b:0a:1c:f8:d6:02:c8:
4a:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:F7:9E:9A:CD:3D:C7:0D:07:40:B2:57:57:87:7E:69:1A:A1:E8:9D
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/6Peems09xw0HQLJXV4d-aRqh6J0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:1a82::/32
2a0f:1e80:1::/48
2a0f:e841::-2a0f:e842:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
64:89:ae:30:30:3b:c9:ac:6a:46:f7:a5:09:22:da:05:04:4e:
09:ce:cf:a9:51:b2:2d:1d:27:b4:d4:6f:a2:0c:de:d6:30:65:
88:a9:bd:25:27:68:e8:b9:84:27:55:a5:a8:ae:b2:8e:95:be:
bf:53:de:cb:b7:40:bf:19:20:b2:8a:54:8e:af:da:84:27:34:
d4:55:17:4b:2f:94:1b:00:08:7a:20:51:6a:22:33:5f:b3:b9:
80:71:90:ab:41:10:c0:54:f3:d9:7c:3f:80:55:5f:95:15:0b:
6d:eb:c5:f3:a5:25:01:11:4e:94:be:bd:0a:82:5c:6b:65:9f:
d4:d4:2f:62:f4:d2:d5:4c:10:ec:26:20:0c:80:8c:90:fb:86:
7e:05:a0:b9:37:68:00:ee:82:19:75:fc:c1:59:9d:d5:59:29:
23:39:65:7e:ab:13:9d:e3:28:98:74:e8:04:86:a8:c3:96:ec:
28:31:9a:be:8f:ac:ec:2f:60:86:af:71:26:58:5c:73:4b:c0:
b0:90:4c:a6:78:d4:f0:a5:d1:e5:69:da:b2:09:33:7e:3b:e6:
dc:c7:85:0b:cc:04:98:12:56:60:e6:57:cc:1b:39:95:22:14:
81:5c:28:f7:c8:df:ce:31:98:d0:fc:e7:e6:16:2b:93:ea:5a:
22:6b:c7:ef
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYeyB7yQirOTcBWt3M/bPi/ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMwNDI0MDY1MTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOGY3OWU5YWNkM2RjNzBkMDc0MGIyNTc1Nzg3N2U2OTFhYTFlODlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx0XQ0//Pf7AIt+Mq67VGSeIK4lYm
q9ERU3c64/JB8BFK0UZWQWc31YcMwzY4WOWkneq1kXbSGE8fj6qPh9d2nGuYXfNK
q/u83vJ4kASwfEeknLOO8qkWLLJ219GH2jt/HbyW5WHVJneWTirx5wwwZUKkkU6h
tcW/hSS4BosIaIAiBQBG92LvDJGHmCucYSO4Y6rwb0N9nw4bSAps3aD/VWIQA7mN
WZjEJJeFq8vhWJFCAmFPgs8cQ3GuKReTUpMkDLyCa2sMiFnx/7bTUOcMKpef2HOh
HILgyUNnWkALxfNoh+uwXCnWf+B+FVN22ZHf+f32e95E0RsKHPjWAshKiwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFOj3nprNPccNB0CyV1eHfmkaoeidMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvNlBlZW1zMDl4dzBIUUxKWFY0ZC1hUnFoNkowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAAjAgAwUAKg4aggMH
ACoPHoAAATAOAwUAKg/oQQMFACoP6EIwDQYJKoZIhvcNAQELBQADggEBAGSJrjAw
O8msakb3pQki2gUETgnOz6lRsi0dJ7TUb6IM3tYwZYipvSUnaOi5hCdVpaiuso6V
vr9T3su3QL8ZILKKVI6v2oQnNNRVF0svlBsACHogUWoiM1+zuYBxkKtBEMBU89l8
P4BVX5UVC23rxfOlJQERTpS+vQqCXGtln9TUL2L00tVMEOwmIAyAjJD7hn4FoLk3
aADughl1/MFZndVZKSM5ZX6rE53jKJh06ASGqMOW7Cgxmr6PrOwvYIavcSZYXHNL
wLCQTKZ41PCl0eVp2rIJM3475tzHhQvMBJgSVmDmV8wbOZUiFIFcKPfI384xmND8
5+YWK5PqWiJrx+8=
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:01:26 2025 by rpki-client