Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/8N9xuB1Q9a-igtlxplqgbsYVCao.roa
File: 8N9xuB1Q9a-igtlxplqgbsYVCao.roa (raw, json)
Hash identifier: rNUmwTgUaWe9y12o6/vKfaAqIJ6qOq0LfzPu5vgDbck=
Subject key identifier: F0:DF:71:B8:1D:50:F5:AF:A2:82:D9:71:A6:5A:A0:6E:C6:15:09:AA
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01856DCAF5DC0965706748974B4CDCD65688
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/8N9xuB1Q9a-igtlxplqgbsYVCao.roa
Signing time: Sun 01 Jan 2023 14:44:55 +0000
ROA not before: Sun 01 Jan 2023 14:44:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 63023
IP address blocks: 2a0e:5800::/29 maxlen: 29
2a13:4900::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:ca:f5:dc:09:65:70:67:48:97:4b:4c:dc:d6:56:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jan 1 14:44:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f0df71b81d50f5afa282d971a65aa06ec61509aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:5a:97:f5:fe:5b:25:e2:c2:88:c8:0d:ff:61:
cd:db:2d:df:3c:34:a6:30:76:45:83:03:de:da:19:
62:7e:1e:5a:f0:fb:cc:8b:13:c3:81:0a:af:e7:44:
6f:4a:56:15:d3:2c:32:c8:9f:e4:a6:1a:15:25:e9:
01:9e:4e:25:5d:5d:52:73:ff:6f:53:e5:df:5c:3b:
d9:7f:7b:80:e5:83:30:94:30:27:1e:8a:4c:26:ae:
eb:1f:ac:c1:72:4c:b4:44:45:d7:f2:5d:da:4c:4e:
78:4b:c5:fd:b3:2a:93:35:bc:a7:95:a1:98:0d:4e:
66:1d:88:eb:39:4b:19:86:fb:90:44:9e:32:3f:50:
7a:4d:81:02:eb:44:d7:1c:da:f0:8d:5d:bd:f2:57:
ef:5b:f9:e5:19:45:12:01:20:ef:93:a8:d2:8e:7e:
6d:5f:71:34:bd:3e:48:bb:f5:b9:ed:29:b8:0c:94:
34:ee:20:4e:cf:19:46:a0:05:09:b8:0f:b4:47:0f:
77:a7:f3:e7:f4:fa:0e:fa:ec:86:f2:ea:33:b0:d2:
b4:de:6a:97:3c:4f:01:74:87:7b:d1:12:d6:ad:7c:
18:08:4f:55:20:31:0d:94:8f:7f:14:59:d4:ae:e4:
fc:95:82:46:62:db:bb:05:52:b2:d5:d0:8f:80:61:
f9:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:DF:71:B8:1D:50:F5:AF:A2:82:D9:71:A6:5A:A0:6E:C6:15:09:AA
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/8N9xuB1Q9a-igtlxplqgbsYVCao.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:5800::/29
2a13:4900::/29
Signature Algorithm: sha256WithRSAEncryption
8b:33:f6:7d:eb:fe:df:4a:e0:2d:48:8d:12:85:41:2d:61:26:
c9:59:67:06:0f:8a:97:99:38:11:87:be:34:3d:65:1e:e5:07:
b0:14:2b:41:46:ea:b6:f1:c0:49:a6:b1:5c:22:b9:7d:b4:c4:
44:9f:22:0f:3a:11:59:55:0f:d9:f2:c4:19:73:27:a3:33:14:
a9:67:6f:97:aa:0a:f3:ad:03:56:ec:ac:92:6a:f5:9d:3b:dc:
a6:3e:a6:c5:99:f3:d5:ab:83:2a:d7:d6:79:de:7c:35:9d:de:
d6:bc:10:dc:aa:6d:3c:7d:99:d6:c7:8d:2d:fd:b4:f0:32:b4:
a8:35:b4:8c:c4:7d:49:a3:8e:9c:a0:b9:33:45:9a:40:6d:0a:
74:b5:cc:b2:05:37:2e:32:c1:29:01:fc:e0:b1:ad:6f:ab:a4:
0a:df:0f:7d:e1:70:9f:1a:2c:85:43:83:93:61:ed:8b:a6:2d:
06:9b:34:64:51:e9:c9:71:18:c0:3c:de:9b:1d:54:d3:6a:a2:
49:40:e2:c8:c6:90:38:a5:fa:c4:cf:df:66:e8:ca:79:51:21:
a9:ba:df:df:19:04:59:ae:b4:98:3e:88:57:5a:1d:c4:d7:71:
a4:2b:12:52:88:a2:fb:50:57:1a:00:3b:96:50:89:3a:94:08:
1a:0e:80:0d
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVtyvXcCWVwZ0iXS0zc1laIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMwMTAxMTQ0NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMGRmNzFiODFkNTBmNWFmYTI4MmQ5NzFhNjVhYTA2ZWM2MTUwOWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAslqX9f5bJeLCiMgN/2HN2y3fPDSm
MHZFgwPe2hlifh5a8PvMixPDgQqv50RvSlYV0ywyyJ/kphoVJekBnk4lXV1Sc/9v
U+XfXDvZf3uA5YMwlDAnHopMJq7rH6zBcky0REXX8l3aTE54S8X9syqTNbynlaGY
DU5mHYjrOUsZhvuQRJ4yP1B6TYEC60TXHNrwjV298lfvW/nlGUUSASDvk6jSjn5t
X3E0vT5Iu/W57Sm4DJQ07iBOzxlGoAUJuA+0Rw93p/Pn9PoO+uyG8uozsNK03mqX
PE8BdId70RLWrXwYCE9VIDENlI9/FFnUruT8lYJGYtu7BVKy1dCPgGH5zQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFPDfcbgdUPWvooLZcaZaoG7GFQmqMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvOE45eHVCMVE5YS1pZ3RseHBscWdic1lWQ2FvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKg5YAAMF
AyoTSQAwDQYJKoZIhvcNAQELBQADggEBAIsz9n3r/t9K4C1IjRKFQS1hJslZZwYP
ipeZOBGHvjQ9ZR7lB7AUK0FG6rbxwEmmsVwiuX20xESfIg86EVlVD9nyxBlzJ6Mz
FKlnb5eqCvOtA1bsrJJq9Z073KY+psWZ89WrgyrX1nnefDWd3ta8ENyqbTx9mdbH
jS39tPAytKg1tIzEfUmjjpyguTNFmkBtCnS1zLIFNy4ywSkB/OCxrW+rpArfD33h
cJ8aLIVDg5Nh7YumLQabNGRR6clxGMA83psdVNNqoklA4sjGkDil+sTP32boynlR
Iam6398ZBFmutJg+iFdaHcTXcaQrElKIovtQVxoAO5ZQiTqUCBoOgA0=
-----END CERTIFICATE-----
Generated at Mon Apr 21 16:14:44 2025 by rpki-client