Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/AOqEMs7YTH0e6BJ3mRNicjzULM0.roa
File: AOqEMs7YTH0e6BJ3mRNicjzULM0.roa (raw, json)
Hash identifier: PyZi+NOXop2WL59NnOnT0qLajMGSk5hHdZaCOjuJBKc=
Subject key identifier: 00:EA:84:32:CE:D8:4C:7D:1E:E8:12:77:99:13:62:72:3C:D4:2C:CD
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01867848B99B359BD359B8FDEC552052F24A
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/AOqEMs7YTH0e6BJ3mRNicjzULM0.roa
Signing time: Wed 22 Feb 2023 08:41:17 +0000
ROA not before: Wed 22 Feb 2023 08:41:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8772
IP address blocks: 2a12:d6c0::/29 maxlen: 29
2a0c:9240::/29 maxlen: 29
2a0f:8300::/29 maxlen: 29
2a0f:dd40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:78:48:b9:9b:35:9b:d3:59:b8:fd:ec:55:20:52:f2:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Feb 22 08:41:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=00ea8432ced84c7d1ee81277991362723cd42ccd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:55:7d:a2:f1:01:0b:8c:90:74:e5:0f:ab:bf:
35:12:63:dd:ad:a8:eb:25:3f:b8:e2:bf:ad:8e:c1:
a5:81:a6:d1:fa:ee:c9:d4:07:01:35:00:9f:69:a4:
6c:8d:e5:ea:08:43:55:f5:1c:8e:b0:7f:44:1b:8a:
50:33:03:a7:a8:9e:40:e7:39:e0:17:4b:d8:71:1c:
e4:d1:6d:1e:07:74:70:39:aa:71:61:dc:da:3c:48:
f5:a4:94:47:2b:36:64:be:f4:67:3d:c8:04:b5:3b:
8c:02:bb:ae:6c:97:27:ea:33:3d:a0:1a:84:62:e6:
bc:8a:00:6e:26:33:0c:87:70:72:f8:8e:87:4c:16:
49:f8:a7:fd:69:59:03:f7:87:02:50:ff:cd:0e:bb:
69:55:88:33:cf:2f:29:fe:f1:90:73:fe:39:c6:15:
0b:ac:bb:a1:f1:7d:11:f5:cf:b3:2c:c2:13:b8:e2:
d2:19:34:22:1e:53:c8:71:ba:e4:9b:35:35:b9:2d:
f0:d6:e4:47:18:17:07:45:23:c6:09:e5:ba:89:60:
5a:b5:1e:f5:c0:ab:f3:af:9d:ad:30:c4:ef:1b:3a:
81:ef:fe:4a:10:45:2b:d9:80:22:46:00:3e:8e:2c:
f0:c0:02:27:21:83:45:e5:38:7c:2f:94:7b:4f:f2:
3e:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:EA:84:32:CE:D8:4C:7D:1E:E8:12:77:99:13:62:72:3C:D4:2C:CD
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/AOqEMs7YTH0e6BJ3mRNicjzULM0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9240::/29
2a0f:8300::/29
2a0f:dd40::/29
2a12:d6c0::/29
Signature Algorithm: sha256WithRSAEncryption
46:a6:b6:bf:32:e4:43:60:c6:2f:99:af:17:ca:c7:e8:f3:b6:
f4:a4:96:5c:73:b1:90:69:ca:ea:ed:c6:22:53:27:6e:36:bb:
8c:94:f8:59:ea:88:65:f5:e9:1e:b4:bf:5d:2d:70:45:f2:89:
81:4a:be:d0:37:c0:a7:b6:a4:00:be:a9:54:40:59:72:02:2d:
6c:ca:3a:9a:b5:3e:f2:91:a1:b5:9c:3f:08:6c:9d:17:f9:ff:
1a:76:29:b9:67:8a:4f:77:87:59:27:bb:c7:31:8b:6e:bb:e8:
e1:7e:2d:9d:27:2f:74:31:2a:34:a6:12:65:f3:5b:60:4a:e1:
04:a7:aa:12:63:44:b5:d3:31:76:7f:c0:c6:8a:40:a5:ea:86:
25:1f:f7:5e:d5:63:7f:eb:34:3b:46:3c:cf:15:0e:bb:a3:5d:
ec:45:5a:5b:fa:dd:ef:de:1e:57:ea:12:58:30:64:06:c0:7e:
fb:80:32:7b:2c:23:48:3f:f0:e8:4f:2e:fc:7e:59:e3:61:8e:
d1:03:e9:83:3d:15:2d:d4:63:12:dc:96:b7:5b:cb:a1:84:41:
35:88:d8:c0:10:14:60:4f:e5:b3:9a:20:54:df:fa:ff:f0:d9:
31:ff:c8:0c:d0:b2:33:c1:13:f4:9d:1b:9c:8f:c1:7b:af:c9:
03:95:81:ca
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYZ4SLmbNZvTWbj97FUgUvJKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMwMjIyMDg0MTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGVhODQzMmNlZDg0YzdkMWVlODEyNzc5OTEzNjI3MjNjZDQyY2NkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3VV9ovEBC4yQdOUPq781EmPdrajr
JT+44r+tjsGlgabR+u7J1AcBNQCfaaRsjeXqCENV9RyOsH9EG4pQMwOnqJ5A5zng
F0vYcRzk0W0eB3RwOapxYdzaPEj1pJRHKzZkvvRnPcgEtTuMAruubJcn6jM9oBqE
Yua8igBuJjMMh3By+I6HTBZJ+Kf9aVkD94cCUP/NDrtpVYgzzy8p/vGQc/45xhUL
rLuh8X0R9c+zLMITuOLSGTQiHlPIcbrkmzU1uS3w1uRHGBcHRSPGCeW6iWBatR71
wKvzr52tMMTvGzqB7/5KEEUr2YAiRgA+jizwwAInIYNF5Th8L5R7T/I+vQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFADqhDLO2Ex9HugSd5kTYnI81CzNMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvQU9xRU1zN1lUSDBlNkJKM21STmljanpVTE0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUDKgySQAMF
AyoPgwADBQMqD91AAwUDKhLWwDANBgkqhkiG9w0BAQsFAAOCAQEARqa2vzLkQ2DG
L5mvF8rH6PO29KSWXHOxkGnK6u3GIlMnbja7jJT4WeqIZfXpHrS/XS1wRfKJgUq+
0DfAp7akAL6pVEBZcgItbMo6mrU+8pGhtZw/CGydF/n/GnYpuWeKT3eHWSe7xzGL
brvo4X4tnScvdDEqNKYSZfNbYErhBKeqEmNEtdMxdn/AxopApeqGJR/3XtVjf+s0
O0Y8zxUOu6Nd7EVaW/rd794eV+oSWDBkBsB++4AyeywjSD/w6E8u/H5Z42GO0QPp
gz0VLdRjEtyWt1vLoYRBNYjYwBAUYE/ls5ogVN/6//DZMf/IDNCyM8ET9J0bnI/B
e6/JA5WByg==
-----END CERTIFICATE-----
Generated at Tue Apr 22 03:33:26 2025 by rpki-client