Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/DUdm_Icdk_TZh8gEcRHkDocfXfY.roa
File: DUdm_Icdk_TZh8gEcRHkDocfXfY.roa (raw, json)
Hash identifier: DCaNPH+99nj8sgs9KK18us5ihUeBfY1hefZD+ZqRAeo=
Subject key identifier: 0D:47:66:FC:87:1D:93:F4:D9:87:C8:04:71:11:E4:0E:87:1F:5D:F6
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01842FFC889514C5C8C8BFC32BD16E4008D9
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/DUdm_Icdk_TZh8gEcRHkDocfXfY.roa
Signing time: Mon 31 Oct 2022 21:39:49 +0000
ROA not before: Mon 31 Oct 2022 21:39:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61003
IP address blocks: 2a13:200::/29 maxlen: 29
2a0f:e7c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:2f:fc:88:95:14:c5:c8:c8:bf:c3:2b:d1:6e:40:08:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Oct 31 21:39:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0d4766fc871d93f4d987c8047111e40e871f5df6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:d5:d5:91:b7:b6:a4:d7:d9:89:d3:36:98:f6:
c7:55:93:9d:3f:c6:2c:cf:d0:f0:d8:9d:b9:83:29:
e7:96:a7:63:22:ed:23:c5:5c:60:43:ca:34:06:0c:
1e:b6:5a:e8:9b:08:62:3c:78:8e:a2:f5:32:a7:2f:
ab:56:96:6f:4c:dd:7e:2b:b0:51:5b:c3:f6:a8:74:
dc:c0:9f:2e:c3:f1:40:b5:6c:05:c7:4b:5d:e0:59:
c6:61:e5:9e:8d:67:99:d5:9d:ce:54:ec:5e:1f:61:
5e:42:43:88:42:04:0f:08:d2:87:d1:1e:70:98:6c:
78:98:69:67:55:b6:b8:f6:f7:67:02:9e:7a:1c:c5:
90:b8:5d:01:1a:85:f1:4f:22:14:8d:4a:76:21:f6:
16:8c:58:48:5c:1c:10:ef:66:76:b4:d2:18:99:e2:
9b:ae:69:53:90:ea:05:65:e8:6c:8e:45:30:9f:d5:
c7:0e:6a:28:83:8a:e1:50:ff:73:93:49:c6:14:64:
d9:61:2e:f5:20:b5:a7:26:4b:93:8b:5e:b2:ca:be:
4c:e6:43:cf:82:aa:a8:af:d3:1d:dc:b7:05:27:56:
bc:7d:ab:16:99:12:95:7f:ba:1b:93:03:ea:b9:8e:
fa:1d:0c:62:61:09:c0:e4:6c:92:de:02:6e:72:f1:
fa:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:47:66:FC:87:1D:93:F4:D9:87:C8:04:71:11:E4:0E:87:1F:5D:F6
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/DUdm_Icdk_TZh8gEcRHkDocfXfY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:e7c0::/29
2a13:200::/29
Signature Algorithm: sha256WithRSAEncryption
a9:c2:d0:1a:1d:7f:7a:a2:bf:67:59:a5:f8:ba:b5:71:6a:d4:
f5:ac:9e:57:68:d8:22:9a:28:9e:8f:c5:0d:99:09:0a:65:a8:
08:af:44:2a:19:06:56:fb:fd:a4:2e:87:23:77:b3:23:20:94:
91:68:eb:54:7b:22:05:6d:08:f6:22:d3:a3:4b:07:25:19:69:
3c:61:82:ef:40:5a:63:28:a5:ed:d7:3b:15:2f:a8:b5:a9:6d:
25:5e:1c:5a:cc:56:31:06:9f:2c:8a:5a:6a:aa:f6:d7:c9:07:
86:c8:b9:8f:b9:ef:19:dc:bb:92:7d:c7:02:9a:0b:48:de:6b:
7a:83:ce:9d:b3:dd:37:e5:7b:65:3b:e2:6a:7f:3c:96:02:53:
d4:04:46:0c:4c:62:02:a0:8a:af:52:22:23:86:f6:81:43:32:
e9:f5:26:ab:02:a3:6b:d7:7b:51:97:f0:03:59:f8:f0:7c:25:
c9:b6:04:36:39:13:79:27:af:18:e1:2d:b3:cd:fa:13:09:9d:
bc:fb:22:e6:86:a2:54:94:ef:bb:78:b6:89:0a:ef:20:6d:3e:
5f:80:af:09:cd:9c:be:15:e7:74:dd:7f:38:53:5e:5c:03:89:
10:da:af:a1:0b:44:c7:c5:86:7d:9b:d1:00:d9:e3:1d:2a:37:
fd:96:bb:44
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYQv/IiVFMXIyL/DK9FuQAjZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjIxMDMxMjEzOTQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDQ3NjZmYzg3MWQ5M2Y0ZDk4N2M4MDQ3MTExZTQwZTg3MWY1ZGY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA29XVkbe2pNfZidM2mPbHVZOdP8Ys
z9Dw2J25gynnlqdjIu0jxVxgQ8o0BgwetlromwhiPHiOovUypy+rVpZvTN1+K7BR
W8P2qHTcwJ8uw/FAtWwFx0td4FnGYeWejWeZ1Z3OVOxeH2FeQkOIQgQPCNKH0R5w
mGx4mGlnVba49vdnAp56HMWQuF0BGoXxTyIUjUp2IfYWjFhIXBwQ72Z2tNIYmeKb
rmlTkOoFZehsjkUwn9XHDmoog4rhUP9zk0nGFGTZYS71ILWnJkuTi16yyr5M5kPP
gqqor9Md3LcFJ1a8fasWmRKVf7obkwPquY76HQxiYQnA5GyS3gJucvH6fwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFA1HZvyHHZP02YfIBHER5A6HH132MB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvRFVkbV9JY2RrX1RaaDhnRWNSSGtEb2NmWGZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKg/nwAMF
AyoTAgAwDQYJKoZIhvcNAQELBQADggEBAKnC0Bodf3qiv2dZpfi6tXFq1PWsnldo
2CKaKJ6PxQ2ZCQplqAivRCoZBlb7/aQuhyN3syMglJFo61R7IgVtCPYi06NLByUZ
aTxhgu9AWmMope3XOxUvqLWpbSVeHFrMVjEGnyyKWmqq9tfJB4bIuY+57xncu5J9
xwKaC0jea3qDzp2z3Tfle2U74mp/PJYCU9QERgxMYgKgiq9SIiOG9oFDMun1JqsC
o2vXe1GX8ANZ+PB8Jcm2BDY5E3knrxjhLbPN+hMJnbz7IuaGolSU77t4tokK7yBt
Pl+ArwnNnL4V53TdfzhTXlwDiRDar6ELRMfFhn2b0QDZ4x0qN/2Wu0Q=
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:01:25 2025 by rpki-client