Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Gt386T2qttVaQTXLf9ZtXAMSRSM.roa
File: Gt386T2qttVaQTXLf9ZtXAMSRSM.roa (raw, json)
Hash identifier: HKMmQL1H3o2tzL6W3vFNd63S8DnTGoDKaCFEiCoq9Fk=
Subject key identifier: 1A:DD:FC:E9:3D:AA:B6:D5:5A:41:35:CB:7F:D6:6D:5C:03:12:45:23
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01848473ADB65483AF0FF199DAE092D12731
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Gt386T2qttVaQTXLf9ZtXAMSRSM.roa
Signing time: Thu 17 Nov 2022 07:18:04 +0000
ROA not before: Thu 17 Nov 2022 07:18:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8772
IP address blocks: 2a0c:9240::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:84:73:ad:b6:54:83:af:0f:f1:99:da:e0:92:d1:27:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Nov 17 07:18:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1addfce93daab6d55a4135cb7fd66d5c03124523
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:be:c1:1a:ad:ba:a1:39:12:84:9f:5b:35:51:
23:1e:8b:5e:dd:a9:e4:81:92:8d:6b:9b:0f:4c:c6:
eb:a1:81:f9:55:8c:0b:46:1f:c4:95:f1:68:af:03:
0c:f4:51:41:c1:1e:f9:82:6b:00:ad:62:0b:2e:30:
ce:56:57:e4:7c:db:a6:09:08:ee:07:e1:f8:ac:5c:
f2:e0:b6:6d:1c:81:9c:b2:df:de:76:a9:58:e3:06:
1b:c0:07:ea:17:fc:52:2f:9b:49:5f:07:52:87:cc:
70:f3:00:12:cf:94:75:40:ce:2e:a8:ea:38:7e:ae:
1d:21:19:71:3f:5a:bb:c8:13:0d:85:e6:1a:bf:bb:
85:ad:b8:32:de:8e:2a:87:4f:2b:38:6a:cd:77:30:
85:bd:75:14:9f:0f:8a:12:97:bf:16:36:33:26:18:
39:39:5f:3f:33:02:05:21:d4:14:43:41:8f:69:95:
ed:92:c8:cc:34:81:14:ee:47:76:4b:78:54:10:5f:
94:2c:8c:4a:32:de:3c:ff:9b:1d:51:c6:24:c0:72:
36:01:4a:1e:6c:6c:7b:8b:40:ef:a7:d7:69:89:83:
67:a4:ac:02:04:df:1c:cd:32:e5:25:bf:3a:e7:9d:
24:64:79:e6:60:b5:74:17:f3:d7:88:c0:dc:1d:85:
ed:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:DD:FC:E9:3D:AA:B6:D5:5A:41:35:CB:7F:D6:6D:5C:03:12:45:23
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Gt386T2qttVaQTXLf9ZtXAMSRSM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9240::/29
Signature Algorithm: sha256WithRSAEncryption
bc:9f:d7:62:f0:4b:47:02:53:83:b7:20:b7:e1:00:0f:6c:5a:
68:99:5d:79:42:9e:77:28:c2:78:ad:b6:57:d2:3a:3b:83:ff:
b5:ef:22:53:72:6e:a5:60:9b:8c:58:63:4f:c1:a1:36:36:b3:
01:66:12:6d:f1:90:6c:55:6a:ac:24:89:9e:d7:b9:44:75:f7:
29:47:07:f8:83:ad:9a:1b:de:64:f0:f5:fd:43:b0:84:bb:77:
5b:6a:d2:fd:85:6e:e6:15:12:cf:ce:33:ad:47:ce:76:3d:c3:
01:f6:4c:5f:7e:31:17:d8:84:f4:8c:7a:4c:b0:a3:61:72:bf:
44:71:9f:a7:59:29:b1:c9:de:39:21:b0:2d:a1:5c:94:0c:e4:
af:75:78:aa:58:a8:99:78:1e:c1:8a:6f:5b:7b:18:32:a5:9d:
b1:d3:79:3f:89:d4:b7:18:3c:fa:8b:22:80:ca:92:ca:9d:73:
bf:87:b1:59:6f:5a:0e:08:c8:79:70:b4:03:65:37:32:49:c1:
4b:cd:12:f3:f0:08:91:8f:6c:f3:9d:ee:75:9d:d7:da:61:53:
5d:23:f5:7d:a0:9c:58:fd:59:45:1d:28:7d:2e:d6:da:f0:d2:
26:8a:de:42:d4:3a:9f:c0:8a:58:78:9b:84:2b:e3:53:9d:c3:
42:7b:1a:ff
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYSEc622VIOvD/GZ2uCS0ScxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjIxMTE3MDcxODA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYWRkZmNlOTNkYWFiNmQ1NWE0MTM1Y2I3ZmQ2NmQ1YzAzMTI0NTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgb7BGq26oTkShJ9bNVEjHote3ank
gZKNa5sPTMbroYH5VYwLRh/ElfForwMM9FFBwR75gmsArWILLjDOVlfkfNumCQju
B+H4rFzy4LZtHIGcst/edqlY4wYbwAfqF/xSL5tJXwdSh8xw8wASz5R1QM4uqOo4
fq4dIRlxP1q7yBMNheYav7uFrbgy3o4qh08rOGrNdzCFvXUUnw+KEpe/FjYzJhg5
OV8/MwIFIdQUQ0GPaZXtksjMNIEU7kd2S3hUEF+ULIxKMt48/5sdUcYkwHI2AUoe
bGx7i0Dvp9dpiYNnpKwCBN8czTLlJb86550kZHnmYLV0F/PXiMDcHYXtwwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFBrd/Ok9qrbVWkE1y3/WbVwDEkUjMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvR3QzODZUMnF0dFZhUVRYTGY5WnRYQU1TUlNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgySQDAN
BgkqhkiG9w0BAQsFAAOCAQEAvJ/XYvBLRwJTg7cgt+EAD2xaaJldeUKedyjCeK22
V9I6O4P/te8iU3JupWCbjFhjT8GhNjazAWYSbfGQbFVqrCSJnte5RHX3KUcH+IOt
mhveZPD1/UOwhLt3W2rS/YVu5hUSz84zrUfOdj3DAfZMX34xF9iE9Ix6TLCjYXK/
RHGfp1kpscneOSGwLaFclAzkr3V4qliomXgewYpvW3sYMqWdsdN5P4nUtxg8+osi
gMqSyp1zv4exWW9aDgjIeXC0A2U3MknBS80S8/AIkY9s853udZ3X2mFTXSP1faCc
WP1ZRR0ofS7W2vDSJoreQtQ6n8CKWHibhCvjU53DQnsa/w==
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:05:10 2025 by rpki-client