Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/DGcQZ4puU6woXAAD7XNxJToG5KM.roa
File: DGcQZ4puU6woXAAD7XNxJToG5KM.roa (raw, json)
Hash identifier: 8JDXypFWHKeuid7jB4+auH9TPDRdRad6o7a60noR4FU=
Subject key identifier: 0C:67:10:67:8A:6E:53:AC:28:5C:00:03:ED:73:71:25:3A:06:E4:A3
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01865E4618C023312308916230C6B2165895
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/DGcQZ4puU6woXAAD7XNxJToG5KM.roa
Signing time: Fri 17 Feb 2023 07:28:17 +0000
ROA not before: Fri 17 Feb 2023 07:28:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8772
IP address blocks: 2a0a:1400::/29 maxlen: 29
2a0c:9240::/29 maxlen: 29
2a0f:8300::/29 maxlen: 29
2a0f:dd40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:5e:46:18:c0:23:31:23:08:91:62:30:c6:b2:16:58:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Feb 17 07:28:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0c6710678a6e53ac285c0003ed7371253a06e4a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:99:4d:ab:32:2e:c5:62:a4:fc:c0:c9:df:de:
40:30:29:27:fa:27:20:2d:77:63:1a:3e:05:8b:de:
4d:91:6e:0f:0d:8b:bf:86:f8:be:78:d2:13:11:9d:
ca:ea:2c:6c:6a:e6:52:94:ba:4b:6e:8d:33:b9:5f:
2c:87:b5:02:64:f5:37:e0:11:d5:8a:08:45:b7:0e:
ed:0b:56:bd:7b:3c:96:a6:2e:e2:b5:71:38:90:05:
91:16:11:b5:b0:37:20:24:24:83:9a:cf:0f:d4:1c:
a2:77:94:e8:c1:56:0f:c4:52:50:12:eb:cd:f6:17:
75:b2:17:0f:06:3f:ad:d3:21:05:d3:b8:db:93:0a:
dd:c7:9c:b3:46:f2:b1:9c:73:1d:d8:f3:bd:35:ea:
1a:52:b3:dd:c2:39:50:90:78:d5:a9:0f:25:c8:94:
25:65:ae:96:c7:e5:22:0f:fb:fc:4b:e0:c0:0c:90:
7c:e1:b6:65:cc:6f:ed:5a:b8:ac:59:ac:38:91:d1:
ec:69:01:11:15:cc:a9:5c:bd:11:aa:b9:43:c6:ce:
03:83:55:07:7f:5d:89:53:c3:5c:10:d7:6a:c5:c3:
c4:68:c9:ab:8e:37:78:39:85:dc:ee:70:77:25:a2:
db:69:a4:4d:44:6b:81:93:8a:9a:79:8e:fd:a0:65:
ce:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:67:10:67:8A:6E:53:AC:28:5C:00:03:ED:73:71:25:3A:06:E4:A3
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/DGcQZ4puU6woXAAD7XNxJToG5KM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:1400::/29
2a0c:9240::/29
2a0f:8300::/29
2a0f:dd40::/29
Signature Algorithm: sha256WithRSAEncryption
46:90:01:94:e1:e4:2f:2b:da:db:90:f9:60:c8:56:2e:28:a7:
6d:7f:a5:90:97:92:2a:1a:07:21:af:1b:33:b3:75:cd:f2:2e:
97:ff:4d:a3:58:da:b8:50:74:a4:c9:5a:80:14:f6:a4:d6:16:
53:f5:16:ce:32:9f:7d:6d:98:58:5d:de:df:8b:44:71:cc:ac:
69:bd:65:4c:b7:0a:be:f8:74:6b:0b:e2:14:0f:db:60:32:30:
ed:e7:64:c4:cc:71:fe:e4:9e:f1:12:ff:08:73:0f:e7:e9:00:
e8:46:0b:76:70:c5:e9:9d:6c:86:2a:76:17:e6:ea:4a:f6:42:
57:32:54:cb:e1:67:98:d7:bf:d5:40:14:e4:1b:90:da:32:87:
fe:3d:d3:00:ed:fd:f0:bf:6a:49:70:bb:40:e9:4c:e1:00:21:
f6:37:14:ba:60:ff:fc:06:d9:5b:3e:a5:ff:26:3c:7c:69:96:
8a:73:a3:a5:79:4e:8d:53:a6:f9:07:6a:2b:8a:96:3f:45:3e:
70:2c:3e:56:c4:8b:cf:83:18:dc:34:ce:d8:da:66:5f:42:f2:
43:a4:33:c4:a7:e4:60:fa:75:35:91:a9:7e:ff:79:25:a4:cf:
7b:da:9c:5b:87:61:a2:84:0d:3e:20:0b:bd:de:e8:15:e2:e6:
31:bd:63:e9
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYZeRhjAIzEjCJFiMMayFliVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMwMjE3MDcyODE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzY3MTA2NzhhNmU1M2FjMjg1YzAwMDNlZDczNzEyNTNhMDZlNGEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxJlNqzIuxWKk/MDJ395AMCkn+icg
LXdjGj4Fi95NkW4PDYu/hvi+eNITEZ3K6ixsauZSlLpLbo0zuV8sh7UCZPU34BHV
ighFtw7tC1a9ezyWpi7itXE4kAWRFhG1sDcgJCSDms8P1Byid5TowVYPxFJQEuvN
9hd1shcPBj+t0yEF07jbkwrdx5yzRvKxnHMd2PO9NeoaUrPdwjlQkHjVqQ8lyJQl
Za6Wx+UiD/v8S+DADJB84bZlzG/tWrisWaw4kdHsaQERFcypXL0RqrlDxs4Dg1UH
f12JU8NcENdqxcPEaMmrjjd4OYXc7nB3JaLbaaRNRGuBk4qaeY79oGXOqQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFAxnEGeKblOsKFwAA+1zcSU6BuSjMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvREdjUVo0cHVVNndvWEFBRDdYTnhKVG9HNUtNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUDKgoUAAMF
AyoMkkADBQMqD4MAAwUDKg/dQDANBgkqhkiG9w0BAQsFAAOCAQEARpABlOHkLyva
25D5YMhWLiinbX+lkJeSKhoHIa8bM7N1zfIul/9No1jauFB0pMlagBT2pNYWU/UW
zjKffW2YWF3e34tEccysab1lTLcKvvh0awviFA/bYDIw7edkxMxx/uSe8RL/CHMP
5+kA6EYLdnDF6Z1ship2F+bqSvZCVzJUy+FnmNe/1UAU5BuQ2jKH/j3TAO398L9q
SXC7QOlM4QAh9jcUumD//AbZWz6l/yY8fGmWinOjpXlOjVOm+QdqK4qWP0U+cCw+
VsSLz4MY3DTO2NpmX0LyQ6QzxKfkYPp1NZGpfv95JaTPe9qcW4dhooQNPiALvd7o
FeLmMb1j6Q==
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:05:13 2025 by rpki-client