Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Fty5ynhaVq1lGx_tNDO4angcYus.roa
File: Fty5ynhaVq1lGx_tNDO4angcYus.roa (raw, json)
Hash identifier: h7TYG56ndFhTF8AFcJ/byS2tlF5yVh6RWNlMKPUr5uw=
Subject key identifier: 16:DC:B9:CA:78:5A:56:AD:65:1B:1F:ED:34:33:B8:6A:78:1C:62:EB
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01856DCAEC4DEE404CBFDAF07D0C8B898F88
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Fty5ynhaVq1lGx_tNDO4angcYus.roa
Signing time: Sun 01 Jan 2023 14:44:53 +0000
ROA not before: Sun 01 Jan 2023 14:44:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29066
IP address blocks: 2a0f:4a00::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:ca:ec:4d:ee:40:4c:bf:da:f0:7d:0c:8b:89:8f:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jan 1 14:44:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=16dcb9ca785a56ad651b1fed3433b86a781c62eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:68:15:d4:1b:c7:96:70:e7:f0:f9:77:4a:e2:
31:b8:d4:3a:0a:34:9e:0d:75:4e:8b:f6:eb:db:4f:
1f:5d:ab:14:43:c8:37:18:f4:3a:d1:5d:88:d7:79:
01:dd:ab:6c:a6:d0:aa:7e:ef:61:a6:87:e1:bf:54:
33:14:e2:5c:ad:0e:eb:ae:e3:13:89:5e:2d:36:7c:
f1:48:b2:ea:31:10:1c:0e:87:d7:25:6b:6f:46:01:
9e:3d:0f:74:57:e8:05:11:d3:01:85:02:45:2c:f9:
c6:fa:11:61:80:a3:04:9b:30:79:bc:0a:af:7e:25:
49:42:b8:1d:22:7e:92:0e:88:90:b1:30:75:64:87:
be:fd:fd:5b:55:07:de:f4:8a:6c:ba:b8:07:ee:23:
3a:e3:cb:bd:e1:ea:c7:4b:a0:69:14:5a:e0:3d:35:
07:bd:2f:7b:f4:6a:e1:d1:56:19:4c:e7:05:f2:e5:
69:aa:fe:5d:1e:a3:2c:8c:02:97:35:e7:2a:a7:88:
3c:0a:74:df:d0:b2:ae:af:bf:46:a5:c4:03:66:34:
a7:1b:10:42:5f:88:17:25:67:ee:e9:73:e6:02:2a:
ca:3c:5d:1a:bf:35:2d:aa:b5:93:96:54:94:a5:0f:
50:5a:ce:6a:2e:1c:94:5a:7d:c9:92:0b:78:25:13:
fa:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:DC:B9:CA:78:5A:56:AD:65:1B:1F:ED:34:33:B8:6A:78:1C:62:EB
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Fty5ynhaVq1lGx_tNDO4angcYus.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:4a00::/29
Signature Algorithm: sha256WithRSAEncryption
9c:b4:26:82:5a:aa:02:ec:66:bc:53:d6:65:19:36:06:e7:41:
59:79:8c:7f:a5:01:7e:d7:81:00:c9:2e:72:f0:e0:c9:db:08:
29:a4:79:27:94:0a:d7:a4:29:56:90:ec:79:54:3b:70:92:3e:
8d:ab:88:56:b7:41:52:4a:bb:b2:a8:ca:64:7b:a7:01:2e:f4:
7b:fa:7f:b7:e5:84:17:2b:cf:c5:e5:f3:a4:11:98:9d:ba:b0:
04:21:f8:74:86:ee:88:f8:f0:8d:83:e1:b6:1a:9f:42:d7:63:
a6:b6:b8:fc:e5:39:7a:fc:e5:e2:3f:9f:f6:82:ce:6d:60:ef:
11:ae:9b:06:61:e9:46:0f:63:3b:43:24:ba:4a:3f:0d:2c:52:
35:29:20:1e:cb:c3:76:7c:8c:7c:3e:ad:f7:c8:13:60:99:52:
bf:dd:9e:45:ef:4c:ce:19:2a:df:42:f9:a5:86:70:91:57:e5:
5b:56:ae:f7:69:5b:ac:8b:29:5b:19:c9:c9:0b:50:04:60:a7:
1f:b0:f8:3b:46:c9:11:2a:f1:5f:d6:17:25:9f:99:06:71:d6:
4e:1b:61:1a:48:d4:32:96:a9:fe:4a:90:ac:1e:e7:5d:62:24:
f4:8b:c3:06:10:fd:c9:21:b8:8d:c7:2d:a8:db:9e:50:02:90:
be:30:31:80
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVtyuxN7kBMv9rwfQyLiY+IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMwMTAxMTQ0NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNmRjYjljYTc4NWE1NmFkNjUxYjFmZWQzNDMzYjg2YTc4MWM2MmViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkmgV1BvHlnDn8Pl3SuIxuNQ6CjSe
DXVOi/br208fXasUQ8g3GPQ60V2I13kB3atsptCqfu9hpofhv1QzFOJcrQ7rruMT
iV4tNnzxSLLqMRAcDofXJWtvRgGePQ90V+gFEdMBhQJFLPnG+hFhgKMEmzB5vAqv
fiVJQrgdIn6SDoiQsTB1ZIe+/f1bVQfe9IpsurgH7iM648u94erHS6BpFFrgPTUH
vS979Grh0VYZTOcF8uVpqv5dHqMsjAKXNecqp4g8CnTf0LKur79GpcQDZjSnGxBC
X4gXJWfu6XPmAirKPF0avzUtqrWTllSUpQ9QWs5qLhyUWn3Jkgt4JRP6HQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFBbcucp4WlatZRsf7TQzuGp4HGLrMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvRnR5NXluaGFWcTFsR3hfdE5ETzRhbmdjWXVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg9KADAN
BgkqhkiG9w0BAQsFAAOCAQEAnLQmglqqAuxmvFPWZRk2BudBWXmMf6UBfteBAMku
cvDgydsIKaR5J5QK16QpVpDseVQ7cJI+jauIVrdBUkq7sqjKZHunAS70e/p/t+WE
FyvPxeXzpBGYnbqwBCH4dIbuiPjwjYPhthqfQtdjpra4/OU5evzl4j+f9oLObWDv
Ea6bBmHpRg9jO0Mkuko/DSxSNSkgHsvDdnyMfD6t98gTYJlSv92eRe9Mzhkq30L5
pYZwkVflW1au92lbrIspWxnJyQtQBGCnH7D4O0bJESrxX9YXJZ+ZBnHWThthGkjU
Mpap/kqQrB7nXWIk9IvDBhD9ySG4jcctqNueUAKQvjAxgA==
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:55:57 2025 by rpki-client