Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Baf1MPn_bpXRiVIZYdmEoIaGUSo.roa
File: Baf1MPn_bpXRiVIZYdmEoIaGUSo.roa (raw, json)
Hash identifier: pUmSG8Nb4BGobTYcI2HlJaGegLEjrSqe2x5C4GaL/eg=
Subject key identifier: 05:A7:F5:30:F9:FF:6E:95:D1:89:52:19:61:D9:84:A0:86:86:51:2A
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018BCCFE9146601DA0D8986B69F5C989E3AE
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Baf1MPn_bpXRiVIZYdmEoIaGUSo.roa
Signing time: Tue 14 Nov 2023 08:41:57 +0000
ROA not before: Tue 14 Nov 2023 08:41:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 396362
IP address blocks: 2a0f:e841::/32 maxlen: 32
2a0e:1a82::/32 maxlen: 32
2a0f:1e80:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:cc:fe:91:46:60:1d:a0:d8:98:6b:69:f5:c9:89:e3:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Nov 14 08:41:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=05a7f530f9ff6e95d189521961d984a08686512a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:4a:79:50:ae:31:33:3a:51:cb:b9:69:9a:3e:
0e:32:1e:cb:ce:50:00:58:b1:1b:07:35:87:0f:06:
02:df:a9:b5:82:94:bf:20:b7:04:ae:b8:dc:dd:e7:
50:50:bd:9d:ed:1e:57:8c:21:12:8d:31:5f:f9:1e:
e6:f5:bb:00:8e:97:24:f7:ec:c2:8a:26:ce:81:9f:
4f:c1:8e:83:1c:52:0c:3a:0d:e3:04:4a:c4:f6:d2:
ff:57:53:43:ae:d6:dd:3c:83:86:a5:1e:b3:12:92:
1c:35:d5:29:82:76:bd:df:69:9c:ba:74:d5:f9:57:
d8:62:97:77:73:7f:bb:d0:f5:11:79:55:25:9c:09:
95:e4:1e:4d:e2:10:7c:ed:24:7e:3a:61:74:5d:7c:
a7:61:63:c0:9c:e2:9a:74:3a:6b:cb:51:72:38:71:
46:e2:57:3f:f4:61:e9:39:eb:77:1e:36:56:13:78:
c0:cd:90:7c:3e:f5:66:af:fe:e0:3f:f3:1f:ea:92:
17:8f:bb:b3:64:9c:43:27:f9:49:b5:4d:d2:00:73:
b7:b2:16:32:64:c6:8d:dd:60:56:aa:43:3e:8b:29:
ca:fa:87:9b:02:47:c3:72:23:44:41:ef:b9:d2:54:
8c:5f:37:b4:7f:94:42:52:6e:a1:c4:17:d4:0c:14:
d6:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:A7:F5:30:F9:FF:6E:95:D1:89:52:19:61:D9:84:A0:86:86:51:2A
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Baf1MPn_bpXRiVIZYdmEoIaGUSo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:1a82::/32
2a0f:1e80:1::/48
2a0f:e841::/32
Signature Algorithm: sha256WithRSAEncryption
57:7c:b5:a5:a4:fe:f1:d2:72:a6:f5:58:75:f4:4c:b9:61:76:
61:a0:05:00:25:d1:2f:3b:98:65:5b:e0:9e:7f:ff:03:d0:a6:
16:da:39:5e:80:61:26:f7:ad:85:60:b2:b4:d5:3c:14:37:74:
47:d8:91:88:f5:be:47:10:27:03:df:5f:bf:b8:5e:74:49:49:
4c:83:65:0e:5f:f6:95:42:5e:1b:49:39:2a:a1:74:20:89:38:
50:9d:e9:e6:d3:40:b6:a9:fa:10:33:cc:28:38:58:d1:52:d7:
e3:cd:aa:a0:67:42:c9:47:14:0e:99:06:e7:57:45:2d:c4:91:
9b:59:0a:ae:2b:54:1c:d1:e1:c1:80:3d:00:47:c7:97:e6:5d:
83:a8:d0:c5:6a:14:12:7d:78:12:17:8c:ce:a1:bb:71:1a:90:
a2:79:d5:c0:29:6e:04:4e:1c:10:36:91:e6:54:4b:b4:ef:ed:
2d:ef:65:64:92:53:09:bb:80:2d:5f:a6:81:e7:cd:c5:ee:9c:
99:8f:37:7d:cd:ef:ff:b2:e1:59:ca:59:68:be:1c:70:12:b8:
52:b4:90:5b:c9:57:a6:c7:d6:fd:a4:8c:7d:90:59:83:2e:93:
a3:08:6a:25:25:8e:25:91:30:6b:fa:7c:2d:17:1a:65:98:b1:
2e:00:67:7c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYvM/pFGYB2g2JhrafXJieOuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMxMTE0MDg0MTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWE3ZjUzMGY5ZmY2ZTk1ZDE4OTUyMTk2MWQ5ODRhMDg2ODY1MTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+Up5UK4xMzpRy7lpmj4OMh7LzlAA
WLEbBzWHDwYC36m1gpS/ILcErrjc3edQUL2d7R5XjCESjTFf+R7m9bsAjpck9+zC
iibOgZ9PwY6DHFIMOg3jBErE9tL/V1NDrtbdPIOGpR6zEpIcNdUpgna932mcunTV
+VfYYpd3c3+70PUReVUlnAmV5B5N4hB87SR+OmF0XXynYWPAnOKadDpry1FyOHFG
4lc/9GHpOet3HjZWE3jAzZB8PvVmr/7gP/Mf6pIXj7uzZJxDJ/lJtU3SAHO3shYy
ZMaN3WBWqkM+iynK+oebAkfDciNEQe+50lSMXze0f5RCUm6hxBfUDBTWiQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAWn9TD5/26V0YlSGWHZhKCGhlEqMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvQmFmMU1Qbl9icFhSaVZJWllkbUVvSWFHVVNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAdBAIAAjAXAwUAKg4aggMH
ACoPHoAAAQMFACoP6EEwDQYJKoZIhvcNAQELBQADggEBAFd8taWk/vHScqb1WHX0
TLlhdmGgBQAl0S87mGVb4J5//wPQphbaOV6AYSb3rYVgsrTVPBQ3dEfYkYj1vkcQ
JwPfX7+4XnRJSUyDZQ5f9pVCXhtJOSqhdCCJOFCd6ebTQLap+hAzzCg4WNFS1+PN
qqBnQslHFA6ZBudXRS3EkZtZCq4rVBzR4cGAPQBHx5fmXYOo0MVqFBJ9eBIXjM6h
u3EakKJ51cApbgROHBA2keZUS7Tv7S3vZWSSUwm7gC1fpoHnzcXunJmPN33N7/+y
4VnKWWi+HHASuFK0kFvJV6bH1v2kjH2QWYMuk6MIaiUljiWRMGv6fC0XGmWYsS4A
Z3w=
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:00:18 2025 by rpki-client