Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Dn3HbQWIY7F9QcBgJv8KmWDwB40.roa
File: Dn3HbQWIY7F9QcBgJv8KmWDwB40.roa (raw, json)
Hash identifier: I0Dwm/F0dysVfPYDQF8LpNrtqupJlNnyKri9A7q+9yw=
Subject key identifier: 0E:7D:C7:6D:05:88:63:B1:7D:41:C0:60:26:FF:0A:99:60:F0:07:8D
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01892537467AF4F56E436CCDCF88D9BD5268
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Dn3HbQWIY7F9QcBgJv8KmWDwB40.roa
Signing time: Wed 05 Jul 2023 08:42:06 +0000
ROA not before: Wed 05 Jul 2023 08:42:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 40676
IP address blocks: 2a0f:dec0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:25:37:46:7a:f4:f5:6e:43:6c:cd:cf:88:d9:bd:52:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jul 5 08:42:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0e7dc76d058863b17d41c06026ff0a9960f0078d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:cb:47:01:1d:c7:4d:1d:00:64:b2:f2:da:3d:
e7:5b:57:d1:3d:de:7f:ff:90:83:93:96:21:68:20:
b7:75:11:32:9b:98:5a:10:20:e8:dc:07:c5:e6:7d:
0c:be:5b:bd:d0:61:40:e6:a0:53:e0:3e:29:15:f4:
15:7d:c7:83:b2:41:98:5d:2e:9d:7b:48:2b:ea:e1:
a8:ea:3d:e8:df:af:79:4d:84:d9:12:97:2d:a1:ed:
11:ee:01:df:ae:b7:6b:ef:b4:a6:77:ff:76:7a:09:
88:e3:13:f0:08:ff:88:d7:93:7f:9d:5b:3a:3c:a4:
b8:20:71:1d:a1:31:88:61:b8:0c:77:f2:79:77:91:
f2:65:09:ee:92:5d:8a:b4:ff:cd:9a:ab:df:5a:36:
9a:bf:6c:ed:c3:20:cf:e7:60:05:50:bd:0a:1d:ac:
d9:04:70:23:c4:2f:54:81:fe:05:dc:1c:0b:91:c8:
22:0a:1e:21:67:6f:72:4a:47:bb:0f:b9:65:67:e1:
2e:8d:bd:51:a4:f6:51:66:51:62:91:ce:db:8d:01:
eb:01:fc:9e:ce:ef:90:cd:ae:5a:c9:69:e6:59:9c:
9d:80:86:57:c0:c0:61:f5:95:90:ef:2c:3a:b2:74:
46:ec:be:52:da:9b:ad:c7:5a:a6:18:8b:af:a8:ca:
3c:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:7D:C7:6D:05:88:63:B1:7D:41:C0:60:26:FF:0A:99:60:F0:07:8D
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Dn3HbQWIY7F9QcBgJv8KmWDwB40.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:dec0::/29
Signature Algorithm: sha256WithRSAEncryption
91:34:b9:c8:8a:0b:2d:aa:e6:f4:ee:f9:aa:f1:0a:f5:6c:9d:
13:29:6d:6d:c3:5a:c2:9a:92:94:74:5f:ab:99:85:67:49:5f:
8a:5d:fa:eb:d9:64:80:9a:f3:ab:eb:b7:42:65:8e:d6:23:8f:
6e:cd:59:c0:d6:19:5b:2b:0b:b3:4b:58:0e:99:75:1b:70:7f:
15:90:af:60:8e:b4:bf:bd:c9:7a:50:00:00:ec:15:51:bb:ed:
fa:14:9f:72:92:b6:59:3a:9d:70:5b:e4:6b:a7:dc:6b:5b:c6:
bc:48:e2:07:e8:3d:49:6f:72:51:22:8a:99:03:51:ce:fe:78:
34:f5:c7:7f:b3:1c:2e:6b:42:3b:61:41:c2:a4:eb:43:8c:3a:
22:a8:4c:84:81:04:d8:37:1f:07:95:72:38:ce:63:1c:6e:ea:
8e:4d:8f:c0:df:62:61:44:5b:48:3f:6b:cf:09:1b:d1:30:a1:
78:a7:c4:c0:b7:29:fe:80:b1:8f:ee:50:f9:b5:52:da:b5:12:
a4:e2:a1:f6:e5:a6:42:8f:b3:b3:50:62:37:ef:c7:78:bf:b3:
62:56:4b:05:de:c7:d9:56:f9:50:26:d0:ef:af:8a:34:f4:f2:
82:76:1a:8a:4f:52:9d:d8:e5:a5:55:38:b3:69:15:58:1e:d5:
6e:1c:71:12
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYklN0Z69PVuQ2zNz4jZvVJoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMwNzA1MDg0MjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTdkYzc2ZDA1ODg2M2IxN2Q0MWMwNjAyNmZmMGE5OTYwZjAwNzhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgctHAR3HTR0AZLLy2j3nW1fRPd5/
/5CDk5YhaCC3dREym5haECDo3AfF5n0Mvlu90GFA5qBT4D4pFfQVfceDskGYXS6d
e0gr6uGo6j3o3695TYTZEpctoe0R7gHfrrdr77Smd/92egmI4xPwCP+I15N/nVs6
PKS4IHEdoTGIYbgMd/J5d5HyZQnukl2KtP/NmqvfWjaav2ztwyDP52AFUL0KHazZ
BHAjxC9Ugf4F3BwLkcgiCh4hZ29ySke7D7llZ+Eujb1RpPZRZlFikc7bjQHrAfye
zu+Qza5ayWnmWZydgIZXwMBh9ZWQ7yw6snRG7L5S2putx1qmGIuvqMo8UQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFA59x20FiGOxfUHAYCb/Cplg8AeNMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvRG4zSGJRV0lZN0Y5UWNCZ0p2OEttV0R3QjQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg/ewDAN
BgkqhkiG9w0BAQsFAAOCAQEAkTS5yIoLLarm9O75qvEK9WydEyltbcNawpqSlHRf
q5mFZ0lfil3669lkgJrzq+u3QmWO1iOPbs1ZwNYZWysLs0tYDpl1G3B/FZCvYI60
v73JelAAAOwVUbvt+hSfcpK2WTqdcFvka6fca1vGvEjiB+g9SW9yUSKKmQNRzv54
NPXHf7McLmtCO2FBwqTrQ4w6IqhMhIEE2DcfB5VyOM5jHG7qjk2PwN9iYURbSD9r
zwkb0TCheKfEwLcp/oCxj+5Q+bVS2rUSpOKh9uWmQo+zs1BiN+/HeL+zYlZLBd7H
2Vb5UCbQ76+KNPTygnYaik9SndjlpVU4s2kVWB7VbhxxEg==
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:14:51 2025 by rpki-client