Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/AX-2N29jzLEA-r1of5r5k7a8x5k.roa
File: AX-2N29jzLEA-r1of5r5k7a8x5k.roa (raw, json)
Hash identifier: yNerpJ/lLdGsvu0JO8qqC+Kdfc0TcIZT7OVKRjPOVY0=
Subject key identifier: 01:7F:B6:37:6F:63:CC:B1:00:FA:BD:68:7F:9A:F9:93:B6:BC:C7:99
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01893EF4FED43A88B45141956633C0E45D6B
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/AX-2N29jzLEA-r1of5r5k7a8x5k.roa
Signing time: Mon 10 Jul 2023 08:39:50 +0000
ROA not before: Mon 10 Jul 2023 08:39:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197992
IP address blocks: 2a0f:7f00::/29 maxlen: 29
2a13:2cc0::/29 maxlen: 29
2a13:2b40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:3e:f4:fe:d4:3a:88:b4:51:41:95:66:33:c0:e4:5d:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jul 10 08:39:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=017fb6376f63ccb100fabd687f9af993b6bcc799
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:5c:ab:9b:14:b3:65:b0:b5:67:0f:7d:eb:ff:
38:53:a4:d7:ab:0c:c5:d4:7b:5a:7c:ab:eb:39:97:
fd:b8:c8:b4:68:a6:9e:29:05:3e:3d:dc:cc:1d:46:
0e:2d:3f:5e:00:a0:b1:5c:f8:ca:d1:5d:c4:55:e0:
21:23:99:1a:ff:16:f5:df:ec:59:a8:17:63:79:91:
11:e8:34:e2:09:05:fd:b0:e0:fc:f2:52:a1:a0:9a:
49:44:ba:09:e8:95:82:fb:bd:2c:86:20:d5:60:b2:
8a:93:fd:0b:d5:c0:ac:96:14:38:fb:94:72:5c:a7:
93:f8:5c:ee:a2:5b:ca:db:ff:97:b5:2d:bd:1b:fe:
df:f5:83:04:ed:f2:83:3f:ff:ac:06:f1:60:4d:63:
0c:cd:60:8d:c2:5e:03:16:5f:36:90:71:f1:47:ea:
66:c0:d6:cf:ec:69:ae:8c:73:f3:5f:f5:31:21:ba:
43:e0:90:89:f5:fb:e5:48:cb:01:cc:f9:f7:a0:9b:
f7:87:fa:b3:77:7c:b2:7d:e5:93:20:73:e1:41:2d:
0d:c7:89:24:7a:75:9d:21:8b:11:cf:5b:bb:28:9c:
c0:85:94:db:00:bd:1a:53:22:05:35:ed:13:85:55:
6a:ce:64:f0:de:45:d2:08:bb:7d:5b:22:52:e1:72:
6e:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:7F:B6:37:6F:63:CC:B1:00:FA:BD:68:7F:9A:F9:93:B6:BC:C7:99
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/AX-2N29jzLEA-r1of5r5k7a8x5k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:7f00::/29
2a13:2b40::/29
2a13:2cc0::/29
Signature Algorithm: sha256WithRSAEncryption
93:04:4c:a8:c8:da:9f:d1:c6:8b:5c:90:65:6f:9a:c3:06:c5:
6f:d4:69:83:cf:68:00:e5:06:00:94:aa:53:5f:a6:d3:62:8d:
39:90:98:b0:26:05:45:47:7d:7a:1c:d2:79:0d:b0:09:7a:96:
6a:c3:55:8c:cd:96:50:1d:2c:07:14:35:30:cd:d4:d8:10:e1:
52:8c:f6:a3:68:b3:29:2e:03:b8:e6:a0:c6:0b:86:c7:0e:11:
e1:e0:fe:d2:2c:6f:40:3e:19:3a:76:17:1e:3d:b5:d0:74:99:
25:65:d2:c6:32:80:39:55:4c:86:fa:48:78:3e:80:1f:0d:93:
19:ed:29:ab:4a:c4:d3:ae:a6:8f:2c:0f:4a:61:34:68:8a:42:
f4:08:c3:00:60:bc:1c:50:1c:6b:f1:f2:ba:11:59:59:f3:b8:
02:2b:7b:c8:ab:b8:c0:2a:51:97:75:eb:95:9f:ed:4d:90:03:
da:39:e9:7a:46:60:f6:b1:8d:c3:71:66:3d:fd:04:a7:c9:18:
18:f7:4f:fd:67:7a:ce:ba:b2:55:c8:65:7a:0e:cd:75:b7:f3:
78:2c:5c:5d:e7:7e:21:c4:7d:2e:0d:fe:6f:ee:fe:b5:35:c6:
fd:33:4d:e7:ec:38:67:90:da:2a:77:95:94:88:e7:8b:ad:f8:
25:d3:18:fc
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYk+9P7UOoi0UUGVZjPA5F1rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMwNzEwMDgzOTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTdmYjYzNzZmNjNjY2IxMDBmYWJkNjg3ZjlhZjk5M2I2YmNjNzk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjlyrmxSzZbC1Zw996/84U6TXqwzF
1HtafKvrOZf9uMi0aKaeKQU+PdzMHUYOLT9eAKCxXPjK0V3EVeAhI5ka/xb13+xZ
qBdjeZER6DTiCQX9sOD88lKhoJpJRLoJ6JWC+70shiDVYLKKk/0L1cCslhQ4+5Ry
XKeT+FzuolvK2/+XtS29G/7f9YME7fKDP/+sBvFgTWMMzWCNwl4DFl82kHHxR+pm
wNbP7GmujHPzX/UxIbpD4JCJ9fvlSMsBzPn3oJv3h/qzd3yyfeWTIHPhQS0Nx4kk
enWdIYsRz1u7KJzAhZTbAL0aUyIFNe0ThVVqzmTw3kXSCLt9WyJS4XJuHwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAF/tjdvY8yxAPq9aH+a+ZO2vMeZMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvQVgtMk4yOWp6TEVBLXIxb2Y1cjVrN2E4eDVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUDKg9/AAMF
AyoTK0ADBQMqEyzAMA0GCSqGSIb3DQEBCwUAA4IBAQCTBEyoyNqf0caLXJBlb5rD
BsVv1GmDz2gA5QYAlKpTX6bTYo05kJiwJgVFR316HNJ5DbAJepZqw1WMzZZQHSwH
FDUwzdTYEOFSjPajaLMpLgO45qDGC4bHDhHh4P7SLG9APhk6dhcePbXQdJklZdLG
MoA5VUyG+kh4PoAfDZMZ7SmrSsTTrqaPLA9KYTRoikL0CMMAYLwcUBxr8fK6EVlZ
87gCK3vIq7jAKlGXdeuVn+1NkAPaOel6RmD2sY3DcWY9/QSnyRgY90/9Z3rOurJV
yGV6Ds11t/N4LFxd534hxH0uDf5v7v61Ncb9M03n7DhnkNoqd5WUiOeLrfgl0xj8
-----END CERTIFICATE-----
Generated at Mon Apr 21 22:21:50 2025 by rpki-client