Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/9ang64KoNGOhtV9xTcJl45iyb28.roa
File: 9ang64KoNGOhtV9xTcJl45iyb28.roa (raw, json)
Hash identifier: os2JD4XV2NmFw5mddi07m0/yy2lvX/53A54GdDoFbCg=
Subject key identifier: F5:A9:E0:EB:82:A8:34:63:A1:B5:5F:71:4D:C2:65:E3:98:B2:6F:6F
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01899B3A26FF44BCC4365280189025474973
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/9ang64KoNGOhtV9xTcJl45iyb28.roa
Signing time: Fri 28 Jul 2023 06:40:26 +0000
ROA not before: Fri 28 Jul 2023 06:40:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20473
IP address blocks: 2a0f:7d00:1::/48 maxlen: 48
2a0a:2d00:1::/48 maxlen: 48
2a0c:7884::/32 maxlen: 32
2a0f:ea00::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:9b:3a:26:ff:44:bc:c4:36:52:80:18:90:25:47:49:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jul 28 06:40:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f5a9e0eb82a83463a1b55f714dc265e398b26f6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:7d:05:8d:f8:ca:01:9b:2a:c9:61:62:c6:a8:
ad:be:84:a3:b1:75:8f:6e:16:37:17:e7:e6:f7:0a:
4d:1e:12:5b:0c:a8:e2:6b:77:ee:58:66:d6:13:b2:
2a:2a:00:98:aa:3f:b8:26:a0:41:96:3f:e9:96:42:
86:ef:8f:6f:c2:84:8b:20:07:56:07:48:db:db:6b:
8d:4a:c8:6f:94:89:1f:5b:ff:f6:19:88:77:b9:3e:
7d:c8:ba:de:6f:5f:ab:cd:32:5f:ed:74:fd:1e:f3:
8e:1d:78:b5:c5:90:7a:57:71:b4:a4:1f:05:c4:93:
76:92:2e:97:59:bb:58:6a:57:92:e4:fd:de:90:9a:
11:90:bd:f9:cd:f9:6e:9f:7e:bf:76:82:74:ac:2e:
6e:56:31:81:06:e9:b6:38:d2:93:ee:a1:34:10:6c:
c9:20:ee:0c:a3:85:66:d3:8b:b9:6f:dd:be:af:92:
45:fa:ec:12:58:f9:0c:5d:6b:71:3f:48:ae:4d:6b:
06:95:92:10:19:d8:3e:80:0b:22:54:7b:11:53:73:
54:00:74:be:1d:8a:b9:b8:a2:45:5a:46:aa:67:93:
b0:f7:45:f3:98:47:5a:e1:f6:4d:a2:ea:32:39:2e:
49:8b:69:80:f2:94:f0:50:35:d6:4a:5e:fc:4c:6d:
f4:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:A9:E0:EB:82:A8:34:63:A1:B5:5F:71:4D:C2:65:E3:98:B2:6F:6F
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/9ang64KoNGOhtV9xTcJl45iyb28.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:2d00:1::/48
2a0c:7884::/32
2a0f:7d00:1::/48
2a0f:ea00::/29
Signature Algorithm: sha256WithRSAEncryption
3a:f7:15:a7:a6:ca:10:60:05:38:ff:d8:59:f6:ea:30:d2:e6:
18:fd:23:bd:82:a7:57:eb:22:86:a3:a5:62:58:a6:a8:63:6e:
8a:82:5c:da:81:4b:67:6f:c3:94:8e:3d:ff:fd:62:4b:15:c4:
b5:7b:2a:12:15:d7:7f:5a:8c:fd:59:5a:b5:03:2b:58:94:90:
4a:e9:89:a7:c9:c8:dc:b1:9b:78:01:63:d4:29:8e:0c:48:8a:
f9:c9:03:61:20:5b:e6:e2:d2:57:02:12:f1:b6:07:39:7a:1a:
9e:e6:47:3b:90:da:38:e1:9f:df:dd:2e:32:1d:ea:64:d2:ac:
df:a0:6a:16:1e:41:dc:ec:6f:34:ea:d8:ec:b5:71:24:af:9c:
f1:c7:e3:18:bf:b1:40:b7:e9:7f:ff:9c:46:87:3b:94:b3:86:
77:2c:bc:6b:46:89:58:90:de:17:cb:90:84:ba:4a:c6:28:3b:
ed:a4:6b:4e:f3:e5:03:a4:28:2a:fe:2c:20:01:85:6c:cc:eb:
94:63:c1:4f:56:c8:00:16:90:25:3d:f4:95:72:da:83:09:19:
9b:66:76:4a:ef:52:9d:be:2f:d2:81:38:55:50:3d:75:cf:a3:
05:a3:b9:b4:50:12:ab:84:5c:53:a5:79:cb:e6:1f:b9:e7:34:
fa:7f:2c:c1
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYmbOib/RLzENlKAGJAlR0lzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMwNzI4MDY0MDI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNWE5ZTBlYjgyYTgzNDYzYTFiNTVmNzE0ZGMyNjVlMzk4YjI2ZjZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu30FjfjKAZsqyWFixqitvoSjsXWP
bhY3F+fm9wpNHhJbDKjia3fuWGbWE7IqKgCYqj+4JqBBlj/plkKG749vwoSLIAdW
B0jb22uNSshvlIkfW//2GYh3uT59yLreb1+rzTJf7XT9HvOOHXi1xZB6V3G0pB8F
xJN2ki6XWbtYaleS5P3ekJoRkL35zflun36/doJ0rC5uVjGBBum2ONKT7qE0EGzJ
IO4Mo4Vm04u5b92+r5JF+uwSWPkMXWtxP0iuTWsGlZIQGdg+gAsiVHsRU3NUAHS+
HYq5uKJFWkaqZ5Ow90XzmEda4fZNouoyOS5Ji2mA8pTwUDXWSl78TG30SQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFPWp4OuCqDRjobVfcU3CZeOYsm9vMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvOWFuZzY0S29OR09odFY5eFRjSmw0NWl5YjI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAAjAgAwcAKgotAAAB
AwUAKgx4hAMHACoPfQAAAQMFAyoP6gAwDQYJKoZIhvcNAQELBQADggEBADr3Faem
yhBgBTj/2Fn26jDS5hj9I72Cp1frIoajpWJYpqhjboqCXNqBS2dvw5SOPf/9YksV
xLV7KhIV139ajP1ZWrUDK1iUkErpiafJyNyxm3gBY9QpjgxIivnJA2EgW+bi0lcC
EvG2Bzl6Gp7mRzuQ2jjhn9/dLjId6mTSrN+gahYeQdzsbzTq2Oy1cSSvnPHH4xi/
sUC36X//nEaHO5SzhncsvGtGiViQ3hfLkIS6SsYoO+2ka07z5QOkKCr+LCABhWzM
65RjwU9WyAAWkCU99JVy2oMJGZtmdkrvUp2+L9KBOFVQPXXPowWjubRQEquEXFOl
ecvmH7nnNPp/LME=
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:07:27 2025 by rpki-client