Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/CwHNil2f2s0f1o8pw8KgeBwPdZo.roa
File: CwHNil2f2s0f1o8pw8KgeBwPdZo.roa (raw, json)
Hash identifier: Uqky0FjxeL0QzHGjBxYfo5LkokE+nQ+dYIhK+D3nDoM=
Subject key identifier: 0B:01:CD:8A:5D:9F:DA:CD:1F:D6:8F:29:C3:C2:A0:78:1C:0F:75:9A
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0186358DC89FEA6FEA24590BBB16066310AC
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/CwHNil2f2s0f1o8pw8KgeBwPdZo.roa
Signing time: Thu 09 Feb 2023 09:42:09 +0000
ROA not before: Thu 09 Feb 2023 09:42:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 40676
IP address blocks: 2a0e:15c0:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:35:8d:c8:9f:ea:6f:ea:24:59:0b:bb:16:06:63:10:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Feb 9 09:42:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0b01cd8a5d9fdacd1fd68f29c3c2a0781c0f759a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:3f:25:18:aa:eb:f6:fa:a3:98:06:02:61:de:
f2:71:25:84:71:88:a0:14:ee:ae:e5:d4:eb:b5:37:
c4:29:d2:8a:f5:bc:43:1a:c5:9e:79:40:31:26:6f:
a1:10:0a:0c:90:29:a8:5f:82:47:4f:f6:56:fa:a9:
51:83:56:0d:7f:72:03:1e:8e:82:c9:73:24:98:3f:
9b:7d:a7:c0:09:cf:dc:82:a2:a3:cf:46:6d:9b:39:
7a:d3:ff:cc:1b:ad:c8:25:c3:fe:a8:7d:9e:9f:96:
f5:9f:cb:f8:61:d4:d5:ad:1c:1f:7c:0f:3c:0f:f1:
f1:36:82:09:ed:b6:f9:e5:d2:1b:64:e3:b6:77:f7:
cf:04:a5:02:1e:18:2e:f4:fb:d4:96:2c:41:b6:b2:
9b:82:05:5c:c0:a4:a8:f0:d8:f6:b3:3f:60:51:9c:
3d:d2:a8:b1:50:f3:3a:98:19:f8:12:b7:8e:bf:7c:
01:77:92:7e:c2:7a:e1:bf:4b:b8:f5:a6:18:d9:15:
59:8f:9a:c0:73:c9:0b:f9:60:38:92:46:f7:77:7f:
5a:7a:52:05:3c:8a:f9:cf:3d:f9:e7:6a:56:7a:4f:
af:0f:83:a4:58:bd:bc:3d:43:89:fa:e8:e5:03:08:
98:aa:5a:dd:39:e4:0d:45:70:45:1d:ce:e2:a0:48:
7c:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:01:CD:8A:5D:9F:DA:CD:1F:D6:8F:29:C3:C2:A0:78:1C:0F:75:9A
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/CwHNil2f2s0f1o8pw8KgeBwPdZo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:15c0:1::/48
Signature Algorithm: sha256WithRSAEncryption
b2:2f:22:14:06:57:6c:01:82:88:53:cb:03:7b:d2:55:a6:47:
c9:7c:8c:fa:b9:19:7e:fe:c0:71:22:b5:ec:8a:62:c3:56:27:
c2:ee:5d:9e:5e:a5:35:6d:22:25:f2:30:b3:1f:4d:b4:31:d0:
1b:07:f4:1d:2f:e8:d1:d2:9b:c7:ac:aa:68:2e:4c:3f:69:1a:
f7:d5:38:65:88:c6:b2:f9:06:d0:0a:37:63:51:43:94:62:55:
b4:1c:8d:10:12:80:8d:1d:89:2f:eb:9b:90:f6:46:e9:7e:26:
f6:f2:13:ef:8d:b0:b6:2c:3f:88:b5:c4:83:77:a7:9f:8b:4a:
0e:1b:db:3f:32:bb:3c:c6:06:ff:bf:78:0f:e4:5f:d2:a0:b6:
28:84:37:90:f6:6e:4d:ec:f9:3d:87:e7:6c:8d:07:8d:df:62:
a4:25:00:5b:6e:97:81:64:0c:53:c9:df:51:65:cc:b3:4c:9c:
60:d2:3f:32:b6:08:7a:95:3b:a3:db:7b:66:df:94:43:6b:57:
ed:05:dc:91:a1:6e:66:7d:c3:b9:90:6c:18:9a:5a:41:83:10:
2c:51:fb:1a:be:96:a5:b1:43:c6:dc:ff:4b:86:47:1e:61:83:
a6:91:56:9e:c1:cc:9b:ec:c0:1d:fb:ac:61:70:45:45:f2:87:
fe:ab:ce:52
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYY1jcif6m/qJFkLuxYGYxCsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMwMjA5MDk0MjA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjAxY2Q4YTVkOWZkYWNkMWZkNjhmMjljM2MyYTA3ODFjMGY3NTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlj8lGKrr9vqjmAYCYd7ycSWEcYig
FO6u5dTrtTfEKdKK9bxDGsWeeUAxJm+hEAoMkCmoX4JHT/ZW+qlRg1YNf3IDHo6C
yXMkmD+bfafACc/cgqKjz0Ztmzl60//MG63IJcP+qH2en5b1n8v4YdTVrRwffA88
D/HxNoIJ7bb55dIbZOO2d/fPBKUCHhgu9PvUlixBtrKbggVcwKSo8Nj2sz9gUZw9
0qixUPM6mBn4EreOv3wBd5J+wnrhv0u49aYY2RVZj5rAc8kL+WA4kkb3d39aelIF
PIr5zz3552pWek+vD4OkWL28PUOJ+ujlAwiYqlrdOeQNRXBFHc7ioEh8bwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFAsBzYpdn9rNH9aPKcPCoHgcD3WaMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvQ3dITmlsMmYyczBmMW84cHc4S2dlQndQZFpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg4VwAAB
MA0GCSqGSIb3DQEBCwUAA4IBAQCyLyIUBldsAYKIU8sDe9JVpkfJfIz6uRl+/sBx
IrXsimLDVifC7l2eXqU1bSIl8jCzH020MdAbB/QdL+jR0pvHrKpoLkw/aRr31Thl
iMay+QbQCjdjUUOUYlW0HI0QEoCNHYkv65uQ9kbpfib28hPvjbC2LD+ItcSDd6ef
i0oOG9s/Mrs8xgb/v3gP5F/SoLYohDeQ9m5N7Pk9h+dsjQeN32KkJQBbbpeBZAxT
yd9RZcyzTJxg0j8ytgh6lTuj23tm35RDa1ftBdyRoW5mfcO5kGwYmlpBgxAsUfsa
vpalsUPG3P9LhkceYYOmkVaewcyb7MAd+6xhcEVF8of+q85S
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:00:40 2025 by rpki-client