Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/DutG2W1HtYWUOu3Asp2-sPrL1uw.roa
File: DutG2W1HtYWUOu3Asp2-sPrL1uw.roa (raw, json)
Hash identifier: SQONVLzCdjlRDnVgDF/CtuqSITQrWjcv7VltCeC7qGM=
Subject key identifier: 0E:EB:46:D9:6D:47:B5:85:94:3A:ED:C0:B2:9D:BE:B0:FA:CB:D6:EC
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0184BFB85E9D3B396ED4FEAAB9D1674E487B
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/DutG2W1HtYWUOu3Asp2-sPrL1uw.roa
Signing time: Mon 28 Nov 2022 19:30:41 +0000
ROA not before: Mon 28 Nov 2022 19:30:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20473
IP address blocks: 2a0f:7d00:1::/48 maxlen: 48
2a0e:15c1::/32 maxlen: 32
2a12:d6c1::/32 maxlen: 32
2a12:d6c0::/29 maxlen: 29
2a0e:2240:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:bf:b8:5e:9d:3b:39:6e:d4:fe:aa:b9:d1:67:4e:48:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Nov 28 19:30:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0eeb46d96d47b585943aedc0b29dbeb0facbd6ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:54:a8:23:b9:1d:e0:ed:09:db:17:8e:05:48:
b6:65:70:ad:ef:b7:26:a9:59:0b:68:7b:fe:44:56:
b1:a4:cf:76:11:97:37:15:ea:00:91:62:2f:54:e7:
56:41:4e:41:b2:77:9d:c6:8e:ab:82:f4:5a:4a:45:
59:3e:1f:d9:ac:f2:1d:e2:e2:b8:b1:3c:76:ca:b6:
92:be:7f:e2:43:0f:58:ce:7f:75:7a:f2:90:fe:b2:
41:d1:0a:ac:53:51:8e:d2:d6:66:04:91:d7:0b:d7:
c8:55:bd:c7:fb:16:17:3a:63:21:a1:6a:49:65:0c:
a6:53:55:ef:25:f3:3e:20:53:2f:72:36:cf:8a:77:
28:9a:84:09:51:8d:13:c1:01:e2:5c:5f:42:01:aa:
87:2f:d2:9c:86:9a:fc:e0:32:a5:bf:c3:3a:c4:83:
89:a0:49:ac:18:45:d8:90:6c:95:95:a0:e5:43:c2:
b2:28:c9:f4:59:0a:75:50:e5:69:f0:8c:6c:6b:4e:
9d:cc:9d:0d:6c:1a:65:3f:72:d4:98:ca:58:d3:82:
a7:d8:09:6f:54:7d:11:24:79:6c:f8:45:5b:78:ce:
39:9a:17:f8:b8:db:8f:b8:b9:e3:33:0f:22:a0:cb:
63:52:57:ef:79:e6:f5:76:b8:77:f8:91:4e:05:4e:
9e:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:EB:46:D9:6D:47:B5:85:94:3A:ED:C0:B2:9D:BE:B0:FA:CB:D6:EC
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/DutG2W1HtYWUOu3Asp2-sPrL1uw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:15c1::/32
2a0e:2240:1::/48
2a0f:7d00:1::/48
2a12:d6c0::/29
Signature Algorithm: sha256WithRSAEncryption
9a:a2:3d:ff:54:31:b3:9a:ce:15:3b:0c:9b:df:39:8a:ff:e2:
d0:5c:de:2c:34:f9:19:2a:fb:2f:9e:78:a9:65:30:82:fc:01:
5c:a0:de:4d:6a:84:df:aa:cd:3e:3b:91:75:d6:91:aa:3c:65:
c1:c9:85:d1:f8:5f:83:b1:6a:7f:6d:5f:87:10:58:1b:12:70:
2e:27:78:4a:d0:27:cb:2a:53:0f:22:12:c1:46:e2:98:48:78:
af:5d:da:d4:44:2f:8a:3e:96:ba:b3:b6:02:93:78:af:36:cb:
05:97:b5:cf:b6:01:7b:5a:78:48:c6:44:1f:80:75:4f:34:ec:
6b:74:fb:47:46:be:8d:ac:d5:e3:5f:6d:d5:3e:d9:c3:1f:18:
ac:be:79:6e:8b:0b:ce:a7:30:16:18:c5:e4:c6:7a:38:af:2b:
0a:05:92:b7:45:d1:56:15:43:2a:7e:94:33:f4:6b:eb:e6:b0:
ea:70:48:ec:99:3c:38:a9:7b:d7:7f:76:ee:26:c9:ab:6b:41:
8a:0c:33:e0:d9:f8:9d:e7:c3:a0:29:08:58:a3:6c:63:06:80:
0d:48:8a:44:a4:8e:c7:44:65:85:ec:25:b6:86:1a:50:e8:8e:
45:1f:fd:12:ac:cd:5b:d6:10:05:01:9e:8f:46:4d:70:50:bd:
15:92:61:bb
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYS/uF6dOzlu1P6qudFnTkh7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjIxMTI4MTkzMDQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZWViNDZkOTZkNDdiNTg1OTQzYWVkYzBiMjlkYmViMGZhY2JkNmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq1SoI7kd4O0J2xeOBUi2ZXCt77cm
qVkLaHv+RFaxpM92EZc3FeoAkWIvVOdWQU5Bsnedxo6rgvRaSkVZPh/ZrPId4uK4
sTx2yraSvn/iQw9Yzn91evKQ/rJB0QqsU1GO0tZmBJHXC9fIVb3H+xYXOmMhoWpJ
ZQymU1XvJfM+IFMvcjbPincomoQJUY0TwQHiXF9CAaqHL9Kchpr84DKlv8M6xIOJ
oEmsGEXYkGyVlaDlQ8KyKMn0WQp1UOVp8Ixsa06dzJ0NbBplP3LUmMpY04Kn2Alv
VH0RJHls+EVbeM45mhf4uNuPuLnjMw8ioMtjUlfveeb1drh3+JFOBU6e+QIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFA7rRtltR7WFlDrtwLKdvrD6y9bsMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvRHV0RzJXMUh0WVdVT3UzQXNwMi1zUHJMMXV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAAjAgAwUAKg4VwQMH
ACoOIkAAAQMHACoPfQAAAQMFAyoS1sAwDQYJKoZIhvcNAQELBQADggEBAJqiPf9U
MbOazhU7DJvfOYr/4tBc3iw0+Rkq+y+eeKllMIL8AVyg3k1qhN+qzT47kXXWkao8
ZcHJhdH4X4Oxan9tX4cQWBsScC4neErQJ8sqUw8iEsFG4phIeK9d2tREL4o+lrqz
tgKTeK82ywWXtc+2AXtaeEjGRB+AdU807Gt0+0dGvo2s1eNfbdU+2cMfGKy+eW6L
C86nMBYYxeTGejivKwoFkrdF0VYVQyp+lDP0a+vmsOpwSOyZPDipe9d/du4myatr
QYoMM+DZ+J3nw6ApCFijbGMGgA1IikSkjsdEZYXsJbaGGlDojkUf/RKszVvWEAUB
no9GTXBQvRWSYbs=
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:01:50 2025 by rpki-client