Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/AFGMXjtSP1oVXnXcWcDA1lhvcy8.roa
File: AFGMXjtSP1oVXnXcWcDA1lhvcy8.roa (raw, json)
Hash identifier: WdRsPKkTeDE8pUvI1nRZg+Z2COnv/GN+WtZs6GDjo4w=
Subject key identifier: 00:51:8C:5E:3B:52:3F:5A:15:5E:75:DC:59:C0:C0:D6:58:6F:73:2F
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01848473AE336C7E17FC548812349DE8434C
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/AFGMXjtSP1oVXnXcWcDA1lhvcy8.roa
Signing time: Thu 17 Nov 2022 07:18:04 +0000
ROA not before: Thu 17 Nov 2022 07:18:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 30633
IP address blocks: 2a0f:1e00:987::/48 maxlen: 48
2a0f:1e81:92e8::/48 maxlen: 48
2a0e:c780::/32 maxlen: 32
2a12:ac40::/48 maxlen: 48
2a0f:e940::/29 maxlen: 29
2a0f:1e81:4319::/48 maxlen: 48
2a0f:1e00:456::/48 maxlen: 48
2a0f:a00::/32 maxlen: 32
2a0f:3d84::/32 maxlen: 32
2a0e:5a80::/29 maxlen: 29
2a0f:3d80:123::/48 maxlen: 48
2a12:d540::/29 maxlen: 29
2a12:f540::/29 maxlen: 29
2a0f:1e81:cdae::/48 maxlen: 48
2a07:f300::/29 maxlen: 29
2a0e:1a80::/32 maxlen: 32
2a0f:1e81:1293::/48 maxlen: 48
2a0f:3d87::/32 maxlen: 32
2a0f:1e00:abc::/48 maxlen: 48
2a0f:1e81:a3d0::/48 maxlen: 48
2a12:ac40:f::/48 maxlen: 48
2a0f:a01::/32 maxlen: 32
2a0f:1e00:123::/48 maxlen: 48
2a0f:1e00:def9::/48 maxlen: 48
2a0f:3d82::/32 maxlen: 32
2a0f:e842::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:84:73:ae:33:6c:7e:17:fc:54:88:12:34:9d:e8:43:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Nov 17 07:18:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=00518c5e3b523f5a155e75dc59c0c0d6586f732f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:4c:31:b4:b5:9b:04:83:77:2c:a2:ee:c4:cd:
3d:9b:a4:e1:38:a5:6b:a4:57:bb:a1:fc:39:d4:2c:
8d:33:98:7f:85:d9:ec:a5:8a:7c:ba:f4:41:bc:79:
af:5e:68:5b:f5:37:d4:54:75:b4:82:f3:1a:9a:d9:
df:5f:33:56:81:c7:8a:10:35:96:30:ff:20:b8:d0:
2e:93:f7:9b:a2:94:72:45:81:44:e1:80:a9:b8:95:
07:61:0f:1d:44:2a:97:f2:7c:22:66:ff:30:08:c9:
3d:fb:26:9a:f5:7d:c3:13:ae:45:c4:59:40:a2:af:
04:cd:1c:c5:f9:07:d5:c5:54:53:6e:8d:c3:ae:4c:
d7:b0:f4:34:ce:c1:29:b2:12:5b:e4:93:c5:2c:bc:
73:fb:d1:93:d7:07:03:8a:9d:cf:42:55:ee:c6:70:
90:24:95:cd:c3:be:7a:0e:27:39:2f:88:47:5b:3f:
2d:44:d9:cd:9a:b4:b3:20:74:d1:9e:6b:6f:da:de:
5c:93:a0:5d:b4:8a:f7:c9:60:84:c4:58:00:c7:cb:
f1:c0:dd:92:71:79:df:61:6f:18:bc:7b:52:43:7a:
21:c2:6f:21:ad:53:a6:a2:12:8c:14:16:1a:ad:20:
60:61:b1:95:3f:a9:00:5a:62:63:d3:96:46:6a:64:
a3:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:51:8C:5E:3B:52:3F:5A:15:5E:75:DC:59:C0:C0:D6:58:6F:73:2F
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/AFGMXjtSP1oVXnXcWcDA1lhvcy8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:f300::/29
2a0e:1a80::/32
2a0e:5a80::/29
2a0e:c780::/32
2a0f:a00::/31
2a0f:1e00:123::/48
2a0f:1e00:456::/48
2a0f:1e00:987::/48
2a0f:1e00:abc::/48
2a0f:1e00:def9::/48
2a0f:1e81:1293::/48
2a0f:1e81:4319::/48
2a0f:1e81:92e8::/48
2a0f:1e81:a3d0::/48
2a0f:1e81:cdae::/48
2a0f:3d80:123::/48
2a0f:3d82::/32
2a0f:3d84::/32
2a0f:3d87::/32
2a0f:e842::/32
2a0f:e940::/29
2a12:ac40::/48
2a12:ac40:f::/48
2a12:d540::/29
2a12:f540::/29
Signature Algorithm: sha256WithRSAEncryption
56:f9:88:c4:03:e0:76:46:81:97:0f:40:8b:64:5e:fb:05:c2:
6f:0c:5c:cd:f9:53:d1:1c:7a:e8:02:46:91:82:31:40:b9:dd:
2e:6f:76:14:ba:3a:eb:5d:c1:4e:a8:c4:15:c9:2f:d7:7a:5e:
c9:7d:60:41:3e:6f:a1:5f:b3:df:b4:96:cc:1a:3d:b8:69:99:
48:6d:e0:ca:e5:0b:59:99:40:e2:40:19:98:78:f2:70:18:9c:
45:68:4b:c7:02:79:78:16:4c:44:5e:17:50:b3:b3:9a:fb:ef:
0a:e8:b9:ec:fe:c9:bc:d6:e6:d8:b2:7b:38:7c:80:7f:f0:62:
2c:68:6e:17:2a:d9:29:a1:31:e0:ff:b0:76:dc:d0:7a:ac:78:
32:75:ac:d5:10:19:d5:cc:75:38:4d:2b:c0:7d:84:77:ac:c9:
db:de:54:56:75:93:f4:66:86:b5:98:76:31:2b:1b:f9:64:d2:
f4:86:df:46:1a:bc:90:02:cb:27:2d:cc:cf:05:8b:d3:68:93:
15:2a:02:ff:53:d9:c0:e5:9c:26:fa:37:4e:2d:3c:ef:12:3d:
f1:37:1e:68:59:32:c9:f0:e0:b6:45:f4:52:76:56:b9:fe:a8:
53:2a:bf:bb:16:80:40:33:84:fe:1e:35:f2:8d:da:3a:55:7a:
72:6d:1c:96
-----BEGIN CERTIFICATE-----
MIIFxTCCBK2gAwIBAgISAYSEc64zbH4X/FSIEjSd6ENMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjIxMTE3MDcxODA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDUxOGM1ZTNiNTIzZjVhMTU1ZTc1ZGM1OWMwYzBkNjU4NmY3MzJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp0wxtLWbBIN3LKLuxM09m6ThOKVr
pFe7ofw51CyNM5h/hdnspYp8uvRBvHmvXmhb9TfUVHW0gvMamtnfXzNWgceKEDWW
MP8guNAuk/ebopRyRYFE4YCpuJUHYQ8dRCqX8nwiZv8wCMk9+yaa9X3DE65FxFlA
oq8EzRzF+QfVxVRTbo3DrkzXsPQ0zsEpshJb5JPFLLxz+9GT1wcDip3PQlXuxnCQ
JJXNw756Dic5L4hHWz8tRNnNmrSzIHTRnmtv2t5ck6BdtIr3yWCExFgAx8vxwN2S
cXnfYW8YvHtSQ3ohwm8hrVOmohKMFBYarSBgYbGVP6kAWmJj05ZGamSjxwIDAQAB
o4IC0TCCAs0wHQYDVR0OBBYEFABRjF47Uj9aFV513FnAwNZYb3MvMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvQUZHTVhqdFNQMW9WWG5YY1djREExbGh2Y3k4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHmBggrBgEFBQcBBwEB/wSB1jCB0zCB0AQCAAIwgckDBQMq
B/MAAwUAKg4agAMFAyoOWoADBQAqDseAAwUBKg8KAAMHACoPHgABIwMHACoPHgAE
VgMHACoPHgAJhwMHACoPHgAKvAMHACoPHgDe+QMHACoPHoESkwMHACoPHoFDGQMH
ACoPHoGS6AMHACoPHoGj0AMHACoPHoHNrgMHACoPPYABIwMFACoPPYIDBQAqDz2E
AwUAKg89hwMFACoP6EIDBQMqD+lAAwcAKhKsQAAAAwcAKhKsQAAPAwUDKhLVQAMF
AyoS9UAwDQYJKoZIhvcNAQELBQADggEBAFb5iMQD4HZGgZcPQItkXvsFwm8MXM35
U9EceugCRpGCMUC53S5vdhS6OutdwU6oxBXJL9d6Xsl9YEE+b6Ffs9+0lswaPbhp
mUht4MrlC1mZQOJAGZh48nAYnEVoS8cCeXgWTEReF1Czs5r77wrouez+ybzW5tiy
ezh8gH/wYixobhcq2SmhMeD/sHbc0HqseDJ1rNUQGdXMdThNK8B9hHesydveVFZ1
k/RmhrWYdjErG/lk0vSG30YavJACyyctzM8Fi9NokxUqAv9T2cDlnCb6N04tPO8S
PfE3HmhZMsnw4LZF9FJ2Vrn+qFMqv7sWgEAzhP4eNfKN2jpVenJtHJY=
-----END CERTIFICATE-----
Generated at Tue Apr 22 01:13:45 2025 by rpki-client