Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/6ZAvuZZKJ7sgZ9P34jZrvCVC6I0.roa
File: 6ZAvuZZKJ7sgZ9P34jZrvCVC6I0.roa (raw, json)
Hash identifier: wvsWJqBTZ1QWz3cEpk7KIZKzJIUBgJ7wbY9GBrCoViI=
Subject key identifier: E9:90:2F:B9:96:4A:27:BB:20:67:D3:F7:E2:36:6B:BC:25:42:E8:8D
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01899BF316212C813FEEE1E3564990B81EC0
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/6ZAvuZZKJ7sgZ9P34jZrvCVC6I0.roa
Signing time: Fri 28 Jul 2023 10:02:26 +0000
ROA not before: Fri 28 Jul 2023 10:02:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8772
IP address blocks: 2a12:d6c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:9b:f3:16:21:2c:81:3f:ee:e1:e3:56:49:90:b8:1e:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jul 28 10:02:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e9902fb9964a27bb2067d3f7e2366bbc2542e88d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:ca:28:0f:c0:14:46:74:38:4f:0b:b2:82:87:
9a:43:e3:44:69:e2:3d:37:24:be:39:fe:72:43:7b:
f0:ad:8d:be:a8:ce:34:7f:55:51:fc:1c:44:8d:79:
24:18:a8:22:c4:a7:fd:2f:32:aa:f6:81:63:a3:43:
16:46:4e:5d:a6:ef:66:77:4e:d1:d6:53:0a:5f:a3:
71:69:c8:c6:e8:57:43:ab:38:2a:9d:b4:44:db:de:
e8:9d:ae:99:27:e5:7e:d1:f8:93:e7:8d:07:5d:28:
99:fe:d0:ed:73:a1:3f:0c:0a:6b:18:74:d5:e5:eb:
b8:06:e4:1c:74:ba:c1:5a:68:e0:69:a4:34:38:da:
8a:78:8f:7d:92:28:04:93:c0:a3:93:f4:18:08:51:
44:f3:99:50:31:36:ae:96:66:3f:a3:1c:0e:07:d8:
6d:23:81:24:bd:97:b7:80:db:c4:82:0f:89:a2:7f:
a3:91:96:eb:83:89:68:6a:af:47:ad:4b:23:89:ae:
a3:80:b8:f3:54:67:bc:be:b9:d8:79:19:42:4e:4c:
b5:5c:a8:db:94:8d:a0:b1:6d:e3:39:f6:86:fb:ff:
44:0a:3b:24:85:04:ae:84:e4:c2:76:ed:77:15:e3:
ee:ae:4d:08:7f:3f:c8:c0:c9:70:5f:c3:e5:64:ed:
1a:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:90:2F:B9:96:4A:27:BB:20:67:D3:F7:E2:36:6B:BC:25:42:E8:8D
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/6ZAvuZZKJ7sgZ9P34jZrvCVC6I0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:d6c0::/29
Signature Algorithm: sha256WithRSAEncryption
c8:19:d8:1b:30:e0:2e:c2:61:94:e4:f4:04:28:60:2c:e7:f8:
1f:bd:a6:da:bc:11:4e:ff:c8:12:0b:eb:53:8d:db:3b:ed:70:
53:83:7a:a0:8a:e8:94:68:30:07:37:bf:34:89:dc:d0:91:3f:
b5:f3:b1:15:68:1f:11:fc:94:09:1b:da:68:1c:39:f0:c5:75:
00:48:56:4f:78:08:dc:cb:b8:1c:de:d7:b8:97:c2:c4:62:d6:
f2:68:db:c2:48:30:e2:c0:ac:02:5c:f0:dc:eb:b6:41:df:da:
d0:0f:2f:81:6a:23:01:f4:fe:08:61:7d:4f:11:f2:23:2e:bc:
c3:0d:47:6a:d6:f9:df:4f:69:dc:28:fc:e6:3c:f5:7d:a1:5e:
d0:c9:11:44:de:2c:2e:e1:dd:27:7a:2b:7a:e8:36:94:65:f1:
ca:a2:4a:3c:44:ec:7b:b7:7e:df:28:0f:4b:50:f0:8c:13:7d:
0b:76:91:65:06:74:25:74:78:2c:73:e4:21:31:55:29:e5:be:
66:e5:15:9b:80:07:f4:7c:f5:a0:1d:67:36:45:3f:6f:1a:8a:
4c:0f:86:9b:23:ac:42:fa:1c:4f:05:b4:26:90:0f:8e:38:f3:
cf:2a:5f:95:54:32:9e:a5:d8:39:cf:58:4d:e9:1e:f6:c0:d8:
d9:6e:9d:04
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYmb8xYhLIE/7uHjVkmQuB7AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMwNzI4MTAwMjI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOTkwMmZiOTk2NGEyN2JiMjA2N2QzZjdlMjM2NmJiYzI1NDJlODhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9MooD8AURnQ4TwuygoeaQ+NEaeI9
NyS+Of5yQ3vwrY2+qM40f1VR/BxEjXkkGKgixKf9LzKq9oFjo0MWRk5dpu9md07R
1lMKX6NxacjG6FdDqzgqnbRE297ona6ZJ+V+0fiT540HXSiZ/tDtc6E/DAprGHTV
5eu4BuQcdLrBWmjgaaQ0ONqKeI99kigEk8Cjk/QYCFFE85lQMTaulmY/oxwOB9ht
I4EkvZe3gNvEgg+Jon+jkZbrg4loaq9HrUsjia6jgLjzVGe8vrnYeRlCTky1XKjb
lI2gsW3jOfaG+/9ECjskhQSuhOTCdu13FePurk0Ifz/IwMlwX8PlZO0aQQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFOmQL7mWSie7IGfT9+I2a7wlQuiNMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvNlpBdnVaWktKN3NnWjlQMzRqWnJ2Q1ZDNkkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhLWwDAN
BgkqhkiG9w0BAQsFAAOCAQEAyBnYGzDgLsJhlOT0BChgLOf4H72m2rwRTv/IEgvr
U43bO+1wU4N6oIrolGgwBze/NInc0JE/tfOxFWgfEfyUCRvaaBw58MV1AEhWT3gI
3Mu4HN7XuJfCxGLW8mjbwkgw4sCsAlzw3Ou2Qd/a0A8vgWojAfT+CGF9TxHyIy68
ww1Hatb5309p3Cj85jz1faFe0MkRRN4sLuHdJ3oreug2lGXxyqJKPETse7d+3ygP
S1DwjBN9C3aRZQZ0JXR4LHPkITFVKeW+ZuUVm4AH9Hz1oB1nNkU/bxqKTA+GmyOs
QvocTwW0JpAPjjjzzypflVQynqXYOc9YTeke9sDY2W6dBA==
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:06:45 2025 by rpki-client