Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/8Pb6tUGnOjinZ5Uj2-iP-zdw5H4.roa
File: 8Pb6tUGnOjinZ5Uj2-iP-zdw5H4.roa (raw, json)
Hash identifier: Q7JFFu/+v5wu3pW3UwIqZWazqgPllXHt4PLq+yGhOTg=
Subject key identifier: F0:F6:FA:B5:41:A7:3A:38:A7:67:95:23:DB:E8:8F:FB:37:70:E4:7E
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018A462EC50F706153F70EAC24CBB38420A5
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/8Pb6tUGnOjinZ5Uj2-iP-zdw5H4.roa
Signing time: Wed 30 Aug 2023 11:23:04 +0000
ROA not before: Wed 30 Aug 2023 11:23:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57043
IP address blocks: 2a11:3500::/29 maxlen: 29
2a0e:5800::/29 maxlen: 29
2a0f:dfc0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:46:2e:c5:0f:70:61:53:f7:0e:ac:24:cb:b3:84:20:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Aug 30 11:23:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f0f6fab541a73a38a7679523dbe88ffb3770e47e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:a5:0b:3f:57:fb:0f:30:05:ec:f1:7e:51:8d:
bd:ea:83:a9:82:ba:0d:49:ca:b9:ee:7c:6d:c7:fb:
35:a9:a4:3e:d6:eb:c6:a6:73:ae:bb:af:3b:27:55:
30:11:5a:3d:5c:a8:a0:75:9a:60:d9:e9:ff:2c:2c:
31:ea:6a:01:2f:3c:45:a9:45:74:ea:4a:55:98:30:
ab:2a:71:09:2a:45:71:c6:e7:53:0f:52:08:a6:35:
15:40:68:a1:13:b7:de:43:57:6b:fb:d8:1d:28:c4:
34:95:f0:7d:b6:3a:8b:af:be:2f:ea:85:d5:97:cf:
9a:15:34:27:b1:1f:1f:56:bc:63:39:b0:2e:cc:ac:
4d:97:ea:6a:a0:dc:c7:ce:8f:9e:4d:1c:51:a5:a4:
f0:89:69:3d:83:58:a5:68:dd:b9:57:34:d1:ad:83:
d5:e7:92:95:41:d7:a4:f8:17:0d:f5:ac:3f:51:34:
0a:1e:c3:3d:63:a2:b3:e5:c7:d9:50:72:70:04:9d:
6b:28:41:79:c4:89:49:3f:da:5b:f2:ec:44:da:45:
90:c3:98:06:b7:7c:03:eb:c9:17:5d:f7:21:14:81:
fc:66:72:95:78:f2:ca:7a:12:53:1b:5b:29:c4:ed:
d8:58:e2:cc:a4:d7:b6:cd:30:47:e7:17:36:f4:ab:
44:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:F6:FA:B5:41:A7:3A:38:A7:67:95:23:DB:E8:8F:FB:37:70:E4:7E
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/8Pb6tUGnOjinZ5Uj2-iP-zdw5H4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:5800::/29
2a0f:dfc0::/29
2a11:3500::/29
Signature Algorithm: sha256WithRSAEncryption
26:fe:29:2e:b7:97:27:b3:39:ec:e7:be:11:ea:1f:cf:a8:c0:
54:22:90:b5:8b:b1:7e:71:b2:71:9f:29:68:1d:ca:5d:3e:d8:
70:09:fa:50:f7:94:fe:87:5e:57:03:28:c1:36:44:be:5e:ac:
b9:55:0e:5a:4f:73:da:da:d5:34:b3:3d:c7:3d:fe:fe:a3:a4:
a0:7c:3b:73:b8:df:94:99:2a:ed:b0:bd:b1:58:26:69:ce:e2:
a3:52:1f:e5:4d:4c:ae:de:91:25:d6:04:53:65:55:3b:f7:27:
a2:1f:e9:de:2e:45:8e:3b:52:a6:1a:b0:95:63:52:94:a1:e3:
91:51:7d:5a:f3:8d:94:91:8d:d3:28:b3:41:c4:ce:5c:da:58:
fc:9d:f4:5f:00:04:f5:82:db:a0:e4:e2:15:07:d4:d4:e8:6f:
39:09:29:0b:c0:e7:f8:cd:87:a6:5e:6c:69:3d:ad:38:41:56:
28:84:c9:30:f4:d3:3f:bf:93:5c:2a:ca:81:aa:9e:7e:a7:f8:
e2:17:87:73:aa:59:40:a1:47:e0:cc:1e:ef:a4:f8:1b:da:86:
53:7a:d8:68:fc:d9:e8:bd:a2:57:4e:a9:53:35:3d:b0:68:06:
74:04:e7:b7:4d:be:3d:e5:e4:9a:72:ea:72:f6:47:12:f7:f8:
94:a2:6d:33
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYpGLsUPcGFT9w6sJMuzhCClMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMwODMwMTEyMzA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMGY2ZmFiNTQxYTczYTM4YTc2Nzk1MjNkYmU4OGZmYjM3NzBlNDdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoKULP1f7DzAF7PF+UY296oOpgroN
Scq57nxtx/s1qaQ+1uvGpnOuu687J1UwEVo9XKigdZpg2en/LCwx6moBLzxFqUV0
6kpVmDCrKnEJKkVxxudTD1IIpjUVQGihE7feQ1dr+9gdKMQ0lfB9tjqLr74v6oXV
l8+aFTQnsR8fVrxjObAuzKxNl+pqoNzHzo+eTRxRpaTwiWk9g1ilaN25VzTRrYPV
55KVQdek+BcN9aw/UTQKHsM9Y6Kz5cfZUHJwBJ1rKEF5xIlJP9pb8uxE2kWQw5gG
t3wD68kXXfchFIH8ZnKVePLKehJTG1spxO3YWOLMpNe2zTBH5xc29KtEIwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPD2+rVBpzo4p2eVI9voj/s3cOR+MB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvOFBiNnRVR25PamluWjVVajItaVAtemR3NUg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUDKg5YAAMF
AyoP38ADBQMqETUAMA0GCSqGSIb3DQEBCwUAA4IBAQAm/ikut5cnszns574R6h/P
qMBUIpC1i7F+cbJxnyloHcpdPthwCfpQ95T+h15XAyjBNkS+Xqy5VQ5aT3Pa2tU0
sz3HPf7+o6SgfDtzuN+UmSrtsL2xWCZpzuKjUh/lTUyu3pEl1gRTZVU79yeiH+ne
LkWOO1KmGrCVY1KUoeORUX1a842UkY3TKLNBxM5c2lj8nfRfAAT1gtug5OIVB9TU
6G85CSkLwOf4zYemXmxpPa04QVYohMkw9NM/v5NcKsqBqp5+p/jiF4dzqllAoUfg
zB7vpPgb2oZTetho/NnovaJXTqlTNT2waAZ0BOe3Tb495eSacupy9kcS9/iUom0z
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:59:00 2025 by rpki-client