Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/CkG7PjKF8xPB8I4fv9NjHHpKv8M.roa
File: CkG7PjKF8xPB8I4fv9NjHHpKv8M.roa (raw, json)
Hash identifier: nzd27ycI6vI6JlTCw2jWs8mV5dd/X/8GFEQYfZPG48Q=
Subject key identifier: 0A:41:BB:3E:32:85:F3:13:C1:F0:8E:1F:BF:D3:63:1C:7A:4A:BF:C3
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0184BD8A5A020A7F4C409F45B886A07555E8
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/CkG7PjKF8xPB8I4fv9NjHHpKv8M.roa
Signing time: Mon 28 Nov 2022 09:21:11 +0000
ROA not before: Mon 28 Nov 2022 09:21:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 63023
IP address blocks: 2a0e:5800::/29 maxlen: 29
2a13:200::/29 maxlen: 29
2a13:4900::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:bd:8a:5a:02:0a:7f:4c:40:9f:45:b8:86:a0:75:55:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Nov 28 09:21:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0a41bb3e3285f313c1f08e1fbfd3631c7a4abfc3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:06:5f:ec:8f:60:40:a8:46:1b:be:40:6d:00:
ff:47:f7:1c:4b:09:59:9c:b3:fc:bc:9c:ed:fd:4b:
18:59:d2:2e:f6:fc:af:1e:66:fd:be:5b:55:c9:92:
9a:1d:68:91:f0:ff:88:8e:32:67:d9:86:cc:fd:49:
0d:e7:af:ed:4e:68:05:0f:9a:3f:0d:64:ad:4a:de:
da:81:c0:7c:57:69:52:28:e8:f0:8e:99:70:3d:8e:
15:4e:32:1f:38:50:be:44:42:5f:4d:9f:53:9c:6e:
f9:83:5a:3a:76:aa:60:15:b5:da:7e:6b:82:9b:53:
06:3f:2b:39:5c:8a:0d:34:08:20:98:86:af:9a:9e:
37:d3:65:78:0c:b4:3f:b0:c8:1d:d1:e0:20:8a:58:
25:05:60:5a:15:1e:34:36:d7:67:c3:3e:d9:84:4f:
14:ca:b7:b1:ed:5c:a9:8b:ee:b7:cd:24:90:a2:21:
ab:8a:21:b3:88:e5:66:2a:15:4c:f8:bd:f5:58:b8:
f0:44:65:3e:f8:68:71:32:e4:e5:cf:72:03:4b:59:
95:bf:07:14:58:14:76:f0:7c:40:e4:cb:2a:8e:80:
ec:3b:64:e6:7c:d3:d8:df:c9:0f:ce:49:7b:99:e0:
47:8d:af:0a:71:9c:9b:8c:8e:bf:fe:a1:6b:29:ae:
69:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:41:BB:3E:32:85:F3:13:C1:F0:8E:1F:BF:D3:63:1C:7A:4A:BF:C3
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/CkG7PjKF8xPB8I4fv9NjHHpKv8M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:5800::/29
2a13:200::/29
2a13:4900::/29
Signature Algorithm: sha256WithRSAEncryption
50:31:bc:58:78:36:f8:7d:70:24:fc:d8:3c:df:9c:6c:ca:29:
22:ce:94:43:7e:d7:0f:be:ce:4e:7c:70:4f:4a:ec:44:b4:a7:
32:ac:d1:f6:4f:f0:02:45:a4:a6:65:53:7b:22:0e:19:32:17:
ae:d4:7a:d2:5b:21:a1:86:b3:2e:35:ee:1e:aa:06:4d:13:a7:
78:0a:b2:1b:9c:b2:41:58:bb:41:ea:fe:66:42:36:d4:70:4d:
d6:ce:39:c9:5c:7d:9e:51:4a:24:73:78:99:d5:32:30:8e:ab:
1d:09:86:10:4c:90:74:74:f3:c0:9d:4b:9a:c9:2e:1d:f5:e8:
08:d1:df:69:5e:0c:31:5e:63:2c:13:3b:73:89:d9:3d:47:86:
9d:a3:38:b0:81:80:44:8d:8a:ac:4f:79:ce:d7:47:d0:d3:3b:
8d:04:e5:e3:78:13:97:69:6e:a7:f2:ff:1d:bd:9d:ed:df:1c:
30:c6:eb:67:e2:e8:33:17:cf:0b:64:f2:b6:9c:16:72:25:33:
78:5c:c7:a0:d8:bd:f3:a2:31:ce:48:a0:e6:6d:44:32:d5:ed:
b7:7a:4a:63:16:50:95:68:a4:41:1f:1b:2c:b8:f0:1d:ea:fb:
7d:ed:e0:fb:7b:6d:96:79:26:1c:64:12:ab:73:3d:54:aa:d5:
61:f1:5e:2d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYS9iloCCn9MQJ9FuIagdVXoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjIxMTI4MDkyMTExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTQxYmIzZTMyODVmMzEzYzFmMDhlMWZiZmQzNjMxYzdhNGFiZmMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiQZf7I9gQKhGG75AbQD/R/ccSwlZ
nLP8vJzt/UsYWdIu9vyvHmb9vltVyZKaHWiR8P+IjjJn2YbM/UkN56/tTmgFD5o/
DWStSt7agcB8V2lSKOjwjplwPY4VTjIfOFC+REJfTZ9TnG75g1o6dqpgFbXafmuC
m1MGPys5XIoNNAggmIavmp4302V4DLQ/sMgd0eAgilglBWBaFR40Ntdnwz7ZhE8U
yrex7Vypi+63zSSQoiGriiGziOVmKhVM+L31WLjwRGU++GhxMuTlz3IDS1mVvwcU
WBR28HxA5MsqjoDsO2TmfNPY38kPzkl7meBHja8KcZybjI6//qFrKa5ptQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFApBuz4yhfMTwfCOH7/TYxx6Sr/DMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvQ2tHN1BqS0Y4eFBCOEk0ZnY5TmpISHBLdjhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUDKg5YAAMF
AyoTAgADBQMqE0kAMA0GCSqGSIb3DQEBCwUAA4IBAQBQMbxYeDb4fXAk/Ng835xs
yikizpRDftcPvs5OfHBPSuxEtKcyrNH2T/ACRaSmZVN7Ig4ZMheu1HrSWyGhhrMu
Ne4eqgZNE6d4CrIbnLJBWLtB6v5mQjbUcE3WzjnJXH2eUUokc3iZ1TIwjqsdCYYQ
TJB0dPPAnUuayS4d9egI0d9pXgwxXmMsEztzidk9R4adoziwgYBEjYqsT3nO10fQ
0zuNBOXjeBOXaW6n8v8dvZ3t3xwwxutn4ugzF88LZPK2nBZyJTN4XMeg2L3zojHO
SKDmbUQy1e23ekpjFlCVaKRBHxssuPAd6vt97eD7e22WeSYcZBKrcz1UqtVh8V4t
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:01:27 2025 by rpki-client