Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/CDiPG0qeNM7nxA1VI_nuNyczivQ.roa
File: CDiPG0qeNM7nxA1VI_nuNyczivQ.roa (raw, json)
Hash identifier: yxJNT64a1lVcMfkqEEWLFRPEsV+rBTpCd3Hw/ysAdjc=
Subject key identifier: 08:38:8F:1B:4A:9E:34:CE:E7:C4:0D:55:23:F9:EE:37:27:33:8A:F4
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018AD56F796F4A71A721CC5A3FE7D20E84FD
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/CDiPG0qeNM7nxA1VI_nuNyczivQ.roa
Signing time: Wed 27 Sep 2023 06:59:27 +0000
ROA not before: Wed 27 Sep 2023 06:59:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 135073
IP address blocks: 2a0e:2240:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:d5:6f:79:6f:4a:71:a7:21:cc:5a:3f:e7:d2:0e:84:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Sep 27 06:59:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=08388f1b4a9e34cee7c40d5523f9ee3727338af4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:4f:f9:e5:ec:9b:f8:f1:91:0e:a6:11:12:c0:
99:ad:fa:4a:fb:01:c8:e8:d4:f4:6c:2d:99:56:bd:
48:e7:65:12:25:e5:d6:40:4e:75:87:98:12:35:7b:
5b:b5:34:31:c3:83:95:7a:6a:89:25:58:da:b8:fd:
bf:15:7b:a8:db:66:e2:bc:b1:1c:24:8b:a3:d9:a6:
61:7d:3a:e9:cd:99:3c:28:aa:02:4d:33:d2:fd:82:
a1:78:51:6d:e3:1d:9a:a9:7c:b3:54:b3:dc:b4:ec:
8f:b8:4f:17:4b:d4:92:92:d9:46:37:8a:43:99:23:
0f:7d:86:4b:0d:b1:fe:7c:07:fb:8b:0b:5b:39:a6:
e5:7a:a1:d2:43:83:76:b6:3d:ed:ad:37:5f:3b:50:
41:da:94:3c:83:83:69:d4:a4:e6:8f:ba:bf:ec:8a:
6e:1b:36:c8:5a:87:2d:80:1f:a5:e6:c7:f9:88:e9:
2e:ec:a2:7e:cf:5a:81:cc:26:64:66:1a:de:1d:db:
6f:c0:28:93:a4:c0:1e:b5:9f:23:c5:18:05:c3:64:
79:cd:6d:ad:54:cf:12:fe:14:8f:85:30:b1:93:30:
30:5c:74:87:73:0d:0e:f9:82:c7:72:f6:cd:61:a6:
6e:00:b2:2a:bf:cf:30:de:c6:5c:c2:ac:71:8d:41:
f8:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:38:8F:1B:4A:9E:34:CE:E7:C4:0D:55:23:F9:EE:37:27:33:8A:F4
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/CDiPG0qeNM7nxA1VI_nuNyczivQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:2240:1::/48
Signature Algorithm: sha256WithRSAEncryption
1a:16:71:d5:aa:04:e3:3a:a6:b9:87:d1:ee:50:72:8d:90:1c:
2e:98:18:61:4e:54:2a:ac:11:0f:27:ed:1d:96:c2:0f:16:26:
6f:9c:ce:23:54:f5:42:69:0a:30:0a:ed:cb:8e:05:14:dd:78:
d8:cb:50:59:7e:0f:48:21:cf:0b:c9:aa:6c:83:35:cc:45:76:
2b:ed:ed:d7:40:5e:64:91:15:aa:c2:d2:f5:83:f4:f3:4a:1f:
16:af:7c:34:fb:47:df:c7:bc:22:04:bf:63:26:95:54:23:9f:
f4:ca:2d:92:e8:68:95:85:d8:10:9d:49:28:22:27:c0:10:af:
79:af:0d:d9:35:17:49:cf:27:54:bf:b5:dc:70:50:5a:97:25:
0e:f9:6c:0e:78:a0:b6:ac:89:20:ad:48:20:da:79:cc:05:68:
51:c8:ad:2b:b2:e1:72:17:7c:12:03:55:fa:c9:94:7c:05:bc:
7e:ef:4a:66:c1:01:18:f0:01:53:4c:b9:71:5a:16:2a:53:b4:
2e:d4:2e:48:fc:06:0f:8c:07:d3:e1:fb:ae:15:04:c3:7a:d4:
9e:a8:04:4e:06:28:87:ca:d7:3c:a2:95:1e:1e:c6:55:d4:2e:
0e:68:36:82:51:02:2e:81:bc:b4:e6:b6:cf:af:04:76:78:cc:
c3:7a:db:14
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYrVb3lvSnGnIcxaP+fSDoT9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMwOTI3MDY1OTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODM4OGYxYjRhOWUzNGNlZTdjNDBkNTUyM2Y5ZWUzNzI3MzM4YWY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwU/55eyb+PGRDqYREsCZrfpK+wHI
6NT0bC2ZVr1I52USJeXWQE51h5gSNXtbtTQxw4OVemqJJVjauP2/FXuo22bivLEc
JIuj2aZhfTrpzZk8KKoCTTPS/YKheFFt4x2aqXyzVLPctOyPuE8XS9SSktlGN4pD
mSMPfYZLDbH+fAf7iwtbOableqHSQ4N2tj3trTdfO1BB2pQ8g4Np1KTmj7q/7Ipu
GzbIWoctgB+l5sf5iOku7KJ+z1qBzCZkZhreHdtvwCiTpMAetZ8jxRgFw2R5zW2t
VM8S/hSPhTCxkzAwXHSHcw0O+YLHcvbNYaZuALIqv88w3sZcwqxxjUH4EQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFAg4jxtKnjTO58QNVSP57jcnM4r0MB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvQ0RpUEcwcWVOTTdueEExVklfbnVOeWN6aXZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg4iQAAB
MA0GCSqGSIb3DQEBCwUAA4IBAQAaFnHVqgTjOqa5h9HuUHKNkBwumBhhTlQqrBEP
J+0dlsIPFiZvnM4jVPVCaQowCu3LjgUU3XjYy1BZfg9IIc8LyapsgzXMRXYr7e3X
QF5kkRWqwtL1g/TzSh8Wr3w0+0ffx7wiBL9jJpVUI5/0yi2S6GiVhdgQnUkoIifA
EK95rw3ZNRdJzydUv7XccFBalyUO+WwOeKC2rIkgrUgg2nnMBWhRyK0rsuFyF3wS
A1X6yZR8Bbx+70pmwQEY8AFTTLlxWhYqU7Qu1C5I/AYPjAfT4fuuFQTDetSeqARO
BiiHytc8opUeHsZV1C4OaDaCUQIugby05rbPrwR2eMzDetsU
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:14:55 2025 by rpki-client