Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/G4uzJJhgiUZOb1aF-fWBWNLVCHc.roa
File: G4uzJJhgiUZOb1aF-fWBWNLVCHc.roa (raw, json)
Hash identifier: IbzZAMmbBIYqjCBJKI8m2CY+py0gr6jiPjsNN6kt4cs=
Subject key identifier: 1B:8B:B3:24:98:60:89:46:4E:6F:56:85:F9:F5:81:58:D2:D5:08:77
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0186BC18B456FC6E7B1F2AD7D92CDC1AC8DE
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/G4uzJJhgiUZOb1aF-fWBWNLVCHc.roa
Signing time: Tue 07 Mar 2023 12:43:00 +0000
ROA not before: Tue 07 Mar 2023 12:43:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212238
IP address blocks: 2a13:2cc0::/29 maxlen: 29
2a13:2b40::/29 maxlen: 29
2a0d:1140::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:bc:18:b4:56:fc:6e:7b:1f:2a:d7:d9:2c:dc:1a:c8:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Mar 7 12:43:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1b8bb324986089464e6f5685f9f58158d2d50877
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:2f:98:c0:95:f4:4c:b6:ef:bb:a2:49:a5:4f:
13:b9:8a:d7:29:71:61:fb:b0:7e:36:6f:c9:63:00:
18:37:17:e2:2f:ad:90:73:a5:6a:98:74:f8:13:59:
af:07:d6:12:f8:f5:51:05:a1:98:25:cb:a7:d2:9c:
40:84:e7:35:e4:01:bf:ce:5e:35:cb:f9:c9:05:90:
c9:65:9d:66:48:6d:8c:8a:24:76:f7:43:79:e1:7b:
8e:e8:eb:16:3d:40:ff:4d:bc:09:93:fc:4a:a2:43:
57:9b:c4:8a:f4:40:1b:86:33:4f:6a:82:e6:3a:56:
39:f3:86:42:b9:02:0b:e4:d6:0e:9d:d7:ca:16:bb:
8f:7b:f4:f4:da:ac:bf:ec:43:56:bf:0d:e1:47:3d:
61:2f:7a:f8:63:ac:1e:69:f7:af:5b:d5:63:12:ec:
c1:0f:4a:a4:4f:fa:2b:a4:7a:0c:01:aa:97:c9:3e:
87:af:24:80:ee:fd:7d:15:57:19:59:d0:3a:5e:23:
f8:c4:5a:f7:be:56:1d:f5:dd:a1:c8:99:14:78:a7:
6e:21:c4:5e:8f:a5:9e:34:3c:4a:e1:8c:bd:4f:7a:
fc:b8:bc:68:a4:64:ac:88:30:6f:15:42:f8:9a:8d:
15:c6:b1:94:b0:83:4d:04:be:32:be:21:60:9e:d3:
a0:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:8B:B3:24:98:60:89:46:4E:6F:56:85:F9:F5:81:58:D2:D5:08:77
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/G4uzJJhgiUZOb1aF-fWBWNLVCHc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:1140::/29
2a13:2b40::/29
2a13:2cc0::/29
Signature Algorithm: sha256WithRSAEncryption
a1:4d:63:05:b3:c2:9e:e8:f3:15:a3:2a:b6:64:16:c2:1f:51:
35:2c:3b:bf:f2:87:45:1e:ef:30:40:c2:ba:fb:ca:8c:1b:21:
66:65:59:3e:88:e0:bf:ab:d1:a2:bb:a7:da:75:5b:5a:9d:6a:
90:ff:fa:27:56:e5:f0:6b:60:a5:5d:97:85:a7:cb:2f:b0:f1:
be:19:11:7b:17:4b:ca:0d:66:c6:e9:17:ae:8a:0f:2b:fd:ab:
da:67:d2:a5:d1:44:9c:70:52:40:55:65:6f:3c:c3:a5:5f:bb:
b3:9b:25:b3:96:0f:5c:a6:e1:f7:33:af:58:48:1f:71:a2:de:
94:04:dd:38:80:da:10:e0:7c:ca:ce:67:07:5b:30:53:2f:6d:
b4:9f:70:bb:e8:66:0b:88:3d:24:d6:89:1b:b6:7c:63:fe:9e:
22:18:a4:6f:41:b5:49:58:28:35:41:b9:23:70:bb:92:7a:13:
76:a0:6f:1e:53:cc:50:08:8f:35:1e:9d:19:9c:c6:5f:1f:db:
fa:1b:6d:23:f8:96:14:25:91:33:36:c2:a7:9c:14:01:d4:2f:
c8:55:cd:10:39:9e:b8:bc:2b:af:fe:0e:01:7c:3c:ee:ed:d9:
9e:b9:eb:f8:50:64:7c:38:1c:c7:07:c0:20:19:e6:f1:ab:ce:
01:70:31:0c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYa8GLRW/G57HyrX2SzcGsjeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMwMzA3MTI0MzAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjhiYjMyNDk4NjA4OTQ2NGU2ZjU2ODVmOWY1ODE1OGQyZDUwODc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkC+YwJX0TLbvu6JJpU8TuYrXKXFh
+7B+Nm/JYwAYNxfiL62Qc6VqmHT4E1mvB9YS+PVRBaGYJcun0pxAhOc15AG/zl41
y/nJBZDJZZ1mSG2MiiR290N54XuO6OsWPUD/TbwJk/xKokNXm8SK9EAbhjNPaoLm
OlY584ZCuQIL5NYOndfKFruPe/T02qy/7ENWvw3hRz1hL3r4Y6weafevW9VjEuzB
D0qkT/orpHoMAaqXyT6HrySA7v19FVcZWdA6XiP4xFr3vlYd9d2hyJkUeKduIcRe
j6WeNDxK4Yy9T3r8uLxopGSsiDBvFUL4mo0VxrGUsINNBL4yviFgntOg/wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBuLsySYYIlGTm9Whfn1gVjS1Qh3MB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvRzR1ekpKaGdpVVpPYjFhRi1mV0JXTkxWQ0hjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUDKg0RQAMF
AyoTK0ADBQMqEyzAMA0GCSqGSIb3DQEBCwUAA4IBAQChTWMFs8Ke6PMVoyq2ZBbC
H1E1LDu/8odFHu8wQMK6+8qMGyFmZVk+iOC/q9Giu6fadVtanWqQ//onVuXwa2Cl
XZeFp8svsPG+GRF7F0vKDWbG6Reuig8r/avaZ9Kl0USccFJAVWVvPMOlX7uzmyWz
lg9cpuH3M69YSB9xot6UBN04gNoQ4HzKzmcHWzBTL220n3C76GYLiD0k1okbtnxj
/p4iGKRvQbVJWCg1QbkjcLuSehN2oG8eU8xQCI81Hp0ZnMZfH9v6G20j+JYUJZEz
NsKnnBQB1C/IVc0QOZ64vCuv/g4BfDzu7dmeuev4UGR8OBzHB8AgGebxq84BcDEM
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:00:13 2025 by rpki-client