Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/70y0MA0hZWsM87sjmSh7Tg1CHLU.roa
File: 70y0MA0hZWsM87sjmSh7Tg1CHLU.roa (raw, json)
Hash identifier: ipAOFwRT+YIc6UCJrB8y99vMXABBotlGgS0nZOZ94t8=
Subject key identifier: EF:4C:B4:30:0D:21:65:6B:0C:F3:BB:23:99:28:7B:4E:0D:42:1C:B5
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0182C594238BEAFF86BF2EF17BB65FB40C1D
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/70y0MA0hZWsM87sjmSh7Tg1CHLU.roa
Signing time: Mon 22 Aug 2022 12:43:15 +0000
ROA not before: Mon 22 Aug 2022 12:43:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201364
IP address blocks: 2a0f:db40::/29 maxlen: 29
2a0f:ee00::/29 maxlen: 29
2a0f:2700::/29 maxlen: 29
2a0f:e9c0::/29 maxlen: 29
2a0f:dd40::/29 maxlen: 29
2a0b:b740::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:c5:94:23:8b:ea:ff:86:bf:2e:f1:7b:b6:5f:b4:0c:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Aug 22 12:43:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ef4cb4300d21656b0cf3bb2399287b4e0d421cb5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:b2:76:31:25:3a:97:6c:04:16:0b:8d:73:5a:
7c:9e:da:a6:25:0e:ba:4e:1b:9d:72:93:6e:e5:5e:
50:70:1d:21:ff:33:74:7b:b7:71:ef:8e:93:73:be:
c7:2b:f4:ce:b9:7a:10:98:19:8f:fb:46:eb:2d:58:
0c:af:d4:8b:ed:93:bd:7c:33:d4:39:4c:17:60:e3:
14:ea:09:58:db:00:94:ca:45:0b:ad:43:65:33:49:
ce:eb:24:94:8c:79:8f:b7:bc:98:e7:49:56:1c:a5:
0c:96:25:71:b5:14:4e:9a:ae:98:d9:97:c3:2e:f3:
0e:6e:75:e0:c0:f5:f5:ca:96:12:3e:6e:06:43:c2:
14:34:a5:3e:21:bc:74:c6:f3:50:67:dc:5d:f1:9b:
86:74:53:10:89:12:63:d6:bd:c5:0d:f6:84:36:a1:
aa:4f:e5:2f:6f:d4:9f:f8:b6:75:28:1a:6b:fe:3b:
d5:dd:ec:9c:d0:01:cc:be:35:9e:be:d1:a2:20:6c:
1c:90:ba:ee:07:bf:73:37:71:d8:88:b2:27:ac:53:
3b:81:10:de:9b:58:15:d2:60:4b:bc:de:2d:ad:90:
2e:2d:46:d1:1a:4b:53:08:45:a1:e2:52:a4:b1:4a:
f2:3d:87:9c:df:29:e6:26:3e:48:3c:c3:82:f7:36:
bb:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:4C:B4:30:0D:21:65:6B:0C:F3:BB:23:99:28:7B:4E:0D:42:1C:B5
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/70y0MA0hZWsM87sjmSh7Tg1CHLU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:b740::/29
2a0f:2700::/29
2a0f:db40::/29
2a0f:dd40::/29
2a0f:e9c0::/29
2a0f:ee00::/29
Signature Algorithm: sha256WithRSAEncryption
ae:24:90:cd:77:e0:bf:32:5d:12:d0:3d:9d:d5:59:c2:85:d4:
19:b8:de:0a:cc:6e:dd:88:d3:18:e7:2d:ae:89:4f:77:07:83:
59:ec:ca:e8:98:53:76:1c:b4:3c:7a:18:86:de:65:72:70:cf:
ed:31:71:e6:2d:2b:1d:88:15:cb:f9:dd:b4:9b:77:0a:ca:7b:
d1:0b:cb:82:fb:81:1e:53:44:45:cc:a8:52:ca:74:b0:a2:fd:
57:5c:86:ec:28:4e:cd:f5:21:77:85:d4:ee:fa:a7:0b:41:7d:
c7:e3:f0:d7:31:49:2a:d2:c6:e1:d3:28:99:1d:2c:2f:22:46:
33:40:b0:1b:f9:57:00:ce:93:c6:44:80:b1:e9:b8:a0:27:15:
21:bf:75:e8:8f:a4:8d:4f:73:d6:4e:45:23:dd:cd:10:be:e1:
63:f6:37:53:3b:36:9a:1d:83:8d:00:1c:c2:98:e6:42:73:38:
26:a8:3a:99:7d:d9:49:88:e8:ae:9e:bc:4d:35:5f:d0:92:39:
d4:a0:a1:d2:de:6f:73:3c:38:2e:75:c3:80:02:c4:ee:28:c0:
63:37:5f:62:ab:8d:82:94:e2:6d:4b:92:e3:5e:ff:05:0c:60:
89:e1:c9:f6:51:49:c8:3d:47:a5:96:cf:13:33:f2:59:e7:8e:
6e:cc:86:00
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYLFlCOL6v+Gvy7xe7ZftAwdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjIwODIyMTI0MzE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjRjYjQzMDBkMjE2NTZiMGNmM2JiMjM5OTI4N2I0ZTBkNDIxY2I1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhrJ2MSU6l2wEFguNc1p8ntqmJQ66
ThudcpNu5V5QcB0h/zN0e7dx746Tc77HK/TOuXoQmBmP+0brLVgMr9SL7ZO9fDPU
OUwXYOMU6glY2wCUykULrUNlM0nO6ySUjHmPt7yY50lWHKUMliVxtRROmq6Y2ZfD
LvMObnXgwPX1ypYSPm4GQ8IUNKU+Ibx0xvNQZ9xd8ZuGdFMQiRJj1r3FDfaENqGq
T+Uvb9Sf+LZ1KBpr/jvV3eyc0AHMvjWevtGiIGwckLruB79zN3HYiLInrFM7gRDe
m1gV0mBLvN4trZAuLUbRGktTCEWh4lKksUryPYec3ynmJj5IPMOC9za7UwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFO9MtDANIWVrDPO7I5koe04NQhy1MB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvNzB5ME1BMGhaV3NNODdzam1TaDdUZzFDSExVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAAjAqAwUDKgu3QAMF
AyoPJwADBQMqD9tAAwUDKg/dQAMFAyoP6cADBQMqD+4AMA0GCSqGSIb3DQEBCwUA
A4IBAQCuJJDNd+C/Ml0S0D2d1VnChdQZuN4KzG7diNMY5y2uiU93B4NZ7MromFN2
HLQ8ehiG3mVycM/tMXHmLSsdiBXL+d20m3cKynvRC8uC+4EeU0RFzKhSynSwov1X
XIbsKE7N9SF3hdTu+qcLQX3H4/DXMUkq0sbh0yiZHSwvIkYzQLAb+VcAzpPGRICx
6bigJxUhv3Xoj6SNT3PWTkUj3c0QvuFj9jdTOzaaHYONABzCmOZCczgmqDqZfdlJ
iOiunrxNNV/QkjnUoKHS3m9zPDgudcOAAsTuKMBjN19iq42ClOJtS5LjXv8FDGCJ
4cn2UUnIPUells8TM/JZ545uzIYA
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:00:22 2025 by rpki-client