Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/AYiBeaIDi0027LlzTNMdCSIuzFU.roa
File: AYiBeaIDi0027LlzTNMdCSIuzFU.roa (raw, json)
Hash identifier: oT4m3IMOHcfDdAdKJMHUJ1nqMJd5tFJLQjKOiz6t/y8=
Subject key identifier: 01:88:81:79:A2:03:8B:4D:36:EC:B9:73:4C:D3:1D:09:22:2E:CC:55
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01856DCAFD213812C8947B7C632B033CA980
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/AYiBeaIDi0027LlzTNMdCSIuzFU.roa
Signing time: Sun 01 Jan 2023 14:44:57 +0000
ROA not before: Sun 01 Jan 2023 14:44:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 400522
IP address blocks: 2a13:7b00::/29 maxlen: 29
2a13:7900::/29 maxlen: 29
2a13:4f00::/29 maxlen: 29
2a0f:6d80::/29 maxlen: 29
2a13:7400::/29 maxlen: 29
2a0f:e0c0::/29 maxlen: 29
2a0f:e140::/29 maxlen: 29
2a13:600::/29 maxlen: 29
2a0f:ec00::/29 maxlen: 29
2a0f:df40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:ca:fd:21:38:12:c8:94:7b:7c:63:2b:03:3c:a9:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jan 1 14:44:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=01888179a2038b4d36ecb9734cd31d09222ecc55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:f2:7e:66:55:88:3d:d6:be:b6:39:76:22:b3:
67:3e:62:30:08:32:81:04:bf:67:dd:e4:46:63:69:
1b:f7:9e:96:42:38:b4:b4:7e:a1:a9:d2:c9:85:0e:
43:15:17:c2:d6:c9:45:dd:26:a6:c8:c5:35:7d:80:
4f:5e:5e:ee:90:99:b2:00:a2:d1:d1:02:a5:36:8d:
ad:2c:e7:b1:d0:20:6b:48:4a:49:91:fa:d3:ec:72:
a2:00:48:f4:81:fc:6a:76:1d:92:65:98:d3:ba:3f:
dc:44:61:a8:7d:77:f9:97:01:48:1c:7b:5e:e4:8e:
75:45:f2:38:28:c4:a4:69:d7:5f:35:98:8c:73:b4:
e8:e5:63:84:6f:33:b7:31:33:c5:18:ea:22:13:ee:
33:49:6a:41:cd:35:95:72:ff:1e:9b:c1:34:56:bf:
1c:23:23:08:31:43:cd:63:9f:c5:a9:65:81:b8:69:
4f:2e:e3:34:a8:84:91:8b:03:9c:c0:96:36:08:72:
28:8b:69:2b:d0:11:1d:f7:d3:a1:81:6f:c2:e5:57:
b2:0f:50:61:ef:a4:99:11:3e:6c:21:53:08:db:56:
2c:7a:37:fd:73:0d:51:4f:a8:02:4c:3c:41:01:72:
db:aa:a1:96:5d:c2:eb:ce:a9:b9:c4:e1:51:0a:76:
c0:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:88:81:79:A2:03:8B:4D:36:EC:B9:73:4C:D3:1D:09:22:2E:CC:55
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/AYiBeaIDi0027LlzTNMdCSIuzFU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:6d80::/29
2a0f:df40::/29
2a0f:e0c0::/29
2a0f:e140::/29
2a0f:ec00::/29
2a13:600::/29
2a13:4f00::/29
2a13:7400::/29
2a13:7900::/29
2a13:7b00::/29
Signature Algorithm: sha256WithRSAEncryption
7a:4f:8f:b0:ba:ba:a5:5e:98:21:82:36:89:d8:c2:8b:8f:e1:
6f:5f:3f:d0:f0:f4:f8:6a:96:58:da:0f:8a:29:83:29:8d:22:
02:13:5c:4d:fe:48:ee:7b:38:76:ac:a7:02:a3:63:ef:68:58:
83:d1:c6:3c:c4:8a:80:ba:54:34:22:62:73:89:77:d5:1c:ac:
d5:09:73:bf:13:ce:c6:7f:75:20:0f:5c:e0:d5:28:f6:b8:b4:
9d:4a:a6:08:2e:a3:22:98:08:33:c3:53:45:16:19:44:3c:c6:
d2:45:2e:d2:d9:90:61:8a:5b:b2:15:75:24:81:e4:a1:ea:25:
25:d3:a9:f2:9a:9b:db:d4:38:a2:4a:2b:4b:7d:b0:11:52:8f:
85:9f:1c:b3:1f:11:8a:f3:77:74:37:6e:71:75:94:96:b9:e2:
07:f8:92:fe:99:20:b2:0b:99:42:f0:20:9c:18:a4:09:0b:7c:
bd:5d:f1:33:ff:38:1d:5f:f0:db:7e:b2:cd:9c:ba:7a:8e:0b:
ef:73:a0:45:e2:e0:d5:f1:7d:13:bb:e6:c5:7e:c4:89:1b:41:
af:28:fc:20:57:81:b3:22:d7:8b:3e:cb:68:53:93:05:fa:1b:
e3:3e:ed:a6:54:63:bc:74:f4:2f:c8:05:61:e1:8d:05:77:ca:
7d:b4:67:d3
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAYVtyv0hOBLIlHt8YysDPKmAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMwMTAxMTQ0NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTg4ODE3OWEyMDM4YjRkMzZlY2I5NzM0Y2QzMWQwOTIyMmVjYzU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh/J+ZlWIPda+tjl2IrNnPmIwCDKB
BL9n3eRGY2kb956WQji0tH6hqdLJhQ5DFRfC1slF3SamyMU1fYBPXl7ukJmyAKLR
0QKlNo2tLOex0CBrSEpJkfrT7HKiAEj0gfxqdh2SZZjTuj/cRGGofXf5lwFIHHte
5I51RfI4KMSkaddfNZiMc7To5WOEbzO3MTPFGOoiE+4zSWpBzTWVcv8em8E0Vr8c
IyMIMUPNY5/FqWWBuGlPLuM0qISRiwOcwJY2CHIoi2kr0BEd99OhgW/C5VeyD1Bh
76SZET5sIVMI21Ysejf9cw1RT6gCTDxBAXLbqqGWXcLrzqm5xOFRCnbAOwIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFAGIgXmiA4tNNuy5c0zTHQkiLsxVMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvQVlpQmVhSURpMDAyN0xselROTWRDU0l1ekZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjBMBAIAAjBGAwUDKg9tgAMF
AyoP30ADBQMqD+DAAwUDKg/hQAMFAyoP7AADBQMqEwYAAwUDKhNPAAMFAyoTdAAD
BQMqE3kAAwUDKhN7ADANBgkqhkiG9w0BAQsFAAOCAQEAek+PsLq6pV6YIYI2idjC
i4/hb18/0PD0+GqWWNoPiimDKY0iAhNcTf5I7ns4dqynAqNj72hYg9HGPMSKgLpU
NCJic4l31Rys1QlzvxPOxn91IA9c4NUo9ri0nUqmCC6jIpgIM8NTRRYZRDzG0kUu
0tmQYYpbshV1JIHkoeolJdOp8pqb29Q4okorS32wEVKPhZ8csx8RivN3dDducXWU
lrniB/iS/pkgsguZQvAgnBikCQt8vV3xM/84HV/w236yzZy6eo4L73OgReLg1fF9
E7vmxX7EiRtBryj8IFeBsyLXiz7LaFOTBfob4z7tplRjvHT0L8gFYeGNBXfKfbRn
0w==
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:55:47 2025 by rpki-client