Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/BF83-oX2tqo5dZJmCtRJddMSQ8w.roa
File: BF83-oX2tqo5dZJmCtRJddMSQ8w.roa (raw, json)
Hash identifier: X2RcwtTkd6A7GgqXddoh5CUMBHT0lxwvLVnjo5CI94Y=
Subject key identifier: 04:5F:37:FA:85:F6:B6:AA:39:75:92:66:0A:D4:49:75:D3:12:43:CC
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018B75F2EBD30FC2756FCEF1CBB5C5E25213
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/BF83-oX2tqo5dZJmCtRJddMSQ8w.roa
Signing time: Sat 28 Oct 2023 11:02:16 +0000
ROA not before: Sat 28 Oct 2023 11:02:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205544
IP address blocks: 2a13:e101:1::/48 maxlen: 48
2a0f:e1c0:1::/48 maxlen: 48
2a13:3380:1::/48 maxlen: 48
2a0f:e6c7:1::/48 maxlen: 48
2a0f:e6c5:1::/48 maxlen: 48
2a13:e100:1::/48 maxlen: 48
2a0f:e440::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:75:f2:eb:d3:0f:c2:75:6f:ce:f1:cb:b5:c5:e2:52:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Oct 28 11:02:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=045f37fa85f6b6aa397592660ad44975d31243cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:1e:58:e5:31:08:49:fa:8e:92:83:e0:f3:ae:
56:e3:8b:cd:97:0a:9f:d7:38:59:e4:34:5a:95:f1:
2f:b6:55:d3:bb:df:53:d1:c1:4e:df:86:90:24:bf:
3e:ee:35:87:1d:8e:fa:d8:b9:81:3f:f2:be:9b:c8:
4d:f4:39:f0:68:cb:ee:c6:64:89:39:33:82:1f:71:
4c:84:77:73:07:02:22:54:8a:ca:aa:43:bd:45:20:
98:7b:fb:79:a3:e6:ff:8e:69:55:29:4c:7b:47:63:
8a:89:d0:4f:a7:e3:69:97:97:2b:5b:fa:c1:5b:91:
17:c1:80:99:58:c1:29:78:3f:e5:97:2b:91:41:ad:
7e:e7:b6:d3:61:54:6f:4b:05:cd:a0:ae:b9:1e:38:
79:3f:41:f1:3f:62:ee:1d:0d:d0:a2:da:fa:7e:f2:
99:95:62:bf:7c:a6:c7:46:2e:92:0b:3a:fa:ca:a6:
54:d9:d6:74:5d:30:51:3b:ca:4f:21:50:bb:18:b6:
eb:11:e0:45:50:e1:3d:0e:82:5b:dd:7e:2a:ed:64:
21:f0:ef:5a:5b:c4:11:95:8f:2c:d7:1a:ab:06:f1:
50:04:37:c2:9f:a7:a3:2a:7f:fa:eb:b2:30:b8:de:
7e:cc:24:c3:97:55:ed:f6:70:1c:67:8d:17:94:60:
86:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:5F:37:FA:85:F6:B6:AA:39:75:92:66:0A:D4:49:75:D3:12:43:CC
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/BF83-oX2tqo5dZJmCtRJddMSQ8w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:e1c0:1::/48
2a0f:e440::/29
2a0f:e6c5:1::/48
2a0f:e6c7:1::/48
2a13:3380:1::/48
2a13:e100:1::/48
2a13:e101:1::/48
Signature Algorithm: sha256WithRSAEncryption
15:7f:cd:e5:e5:c5:79:7c:c1:5f:2c:aa:33:c3:66:8c:9f:2c:
f7:0e:79:53:76:77:9c:37:d4:a1:37:cf:8c:85:2f:34:dd:4b:
b7:8e:b5:28:ff:6c:4f:28:94:b4:ff:02:7b:db:c0:e4:2c:22:
b5:f5:34:17:cd:72:43:3d:24:8d:2b:99:e5:75:d2:e5:34:e2:
ff:a6:4f:df:89:f8:91:11:63:e1:58:04:b0:ae:50:5b:6c:80:
39:e3:62:e0:01:23:b5:11:1a:a7:a0:39:81:28:1c:3d:a8:ef:
49:cd:c1:0b:33:4d:98:c5:93:b0:f9:2a:29:9b:bd:97:43:a2:
6b:36:39:d4:56:a7:a8:9d:c5:6b:41:72:47:db:e1:2b:69:f3:
58:9f:50:b3:bc:e1:bf:ec:c2:f2:3d:b1:78:92:38:a3:dc:e9:
df:b3:f9:cc:b8:cd:9b:19:5e:c3:6f:3a:8a:b8:0e:41:f1:10:
6a:c5:47:f5:65:0a:ba:4c:1d:56:8f:66:69:31:63:49:a0:94:
05:b7:f7:fd:18:b3:82:e2:8b:9a:17:8b:34:36:25:87:d4:f7:
ff:55:eb:94:cf:0b:74:3f:83:ef:4a:7c:b2:9b:2a:50:01:15:
38:ea:65:79:3a:af:e7:5f:1a:92:31:64:aa:13:2d:1b:dc:43:
2e:36:a0:65
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgISAYt18uvTD8J1b87xy7XF4lITMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMxMDI4MTEwMjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDVmMzdmYTg1ZjZiNmFhMzk3NTkyNjYwYWQ0NDk3NWQzMTI0M2NjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoB5Y5TEISfqOkoPg865W44vNlwqf
1zhZ5DRalfEvtlXTu99T0cFO34aQJL8+7jWHHY762LmBP/K+m8hN9DnwaMvuxmSJ
OTOCH3FMhHdzBwIiVIrKqkO9RSCYe/t5o+b/jmlVKUx7R2OKidBPp+Npl5crW/rB
W5EXwYCZWMEpeD/llyuRQa1+57bTYVRvSwXNoK65Hjh5P0HxP2LuHQ3Qotr6fvKZ
lWK/fKbHRi6SCzr6yqZU2dZ0XTBRO8pPIVC7GLbrEeBFUOE9DoJb3X4q7WQh8O9a
W8QRlY8s1xqrBvFQBDfCn6ejKn/667IwuN5+zCTDl1Xt9nAcZ40XlGCG/QIDAQAB
o4ICQDCCAjwwHQYDVR0OBBYEFARfN/qF9raqOXWSZgrUSXXTEkPMMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvQkY4My1vWDJ0cW81ZFpKbUN0UkpkZE1TUTh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFYGCCsGAQUFBwEHAQH/BEcwRTBDBAIAAjA9AwcAKg/hwAAB
AwUDKg/kQAMHACoP5sUAAQMHACoP5scAAQMHACoTM4AAAQMHACoT4QAAAQMHACoT
4QEAATANBgkqhkiG9w0BAQsFAAOCAQEAFX/N5eXFeXzBXyyqM8NmjJ8s9w55U3Z3
nDfUoTfPjIUvNN1Lt461KP9sTyiUtP8Ce9vA5CwitfU0F81yQz0kjSuZ5XXS5TTi
/6ZP34n4kRFj4VgEsK5QW2yAOeNi4AEjtREap6A5gSgcPajvSc3BCzNNmMWTsPkq
KZu9l0OiazY51FanqJ3Fa0FyR9vhK2nzWJ9Qs7zhv+zC8j2xeJI4o9zp37P5zLjN
mxlew286irgOQfEQasVH9WUKukwdVo9maTFjSaCUBbf3/RizguKLmheLNDYlh9T3
/1XrlM8LdD+D70p8spsqUAEVOOpleTqv518akjFkqhMtG9xDLjagZQ==
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:06:44 2025 by rpki-client