Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/HFfC4DkiusJOjXY7LI8GVo1vU1E.roa
File: HFfC4DkiusJOjXY7LI8GVo1vU1E.roa (raw, json)
Hash identifier: 6J6g9u+U21verRqlQ4iwtBJ2h3aTHGMGTKuK7ct+Uqs=
Subject key identifier: 1C:57:C2:E0:39:22:BA:C2:4E:8D:76:3B:2C:8F:06:56:8D:6F:53:51
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018AFAD947646B5CC980EADEA59853B35AC8
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/HFfC4DkiusJOjXY7LI8GVo1vU1E.roa
Signing time: Wed 04 Oct 2023 13:20:58 +0000
ROA not before: Wed 04 Oct 2023 13:20:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205544
IP address blocks: 2a0f:e6c6:1::/48 maxlen: 48
2a0f:e1c0:1::/48 maxlen: 48
2a13:3380:1::/48 maxlen: 48
2a0f:e6c7:1::/48 maxlen: 48
2a0f:e6c5:1::/48 maxlen: 48
2a13:e100:1::/48 maxlen: 48
2a0f:e440::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:fa:d9:47:64:6b:5c:c9:80:ea:de:a5:98:53:b3:5a:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Oct 4 13:20:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1c57c2e03922bac24e8d763b2c8f06568d6f5351
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:65:30:b5:98:76:51:ac:22:11:20:f6:29:b4:
d1:43:a6:92:af:0b:d9:b2:cb:a3:60:29:85:6e:aa:
0c:54:28:f5:b0:bd:2f:24:d5:d3:66:a6:44:d9:9d:
df:69:2b:9c:82:af:90:b8:63:03:a5:07:1d:7a:f2:
e2:d4:1d:e5:34:dc:3d:c1:84:ac:50:76:7d:55:a4:
3e:a1:04:88:e2:be:ff:b8:1d:0b:57:48:73:cd:49:
9a:23:83:1d:38:c3:9d:d5:fc:52:d2:40:f3:6c:61:
3f:38:dd:6f:ef:46:81:ed:53:cf:2c:a5:2d:2a:fe:
eb:8d:10:f3:65:16:6b:a0:79:26:4e:22:a3:87:2c:
b3:f3:e1:fc:5e:24:3a:37:d1:00:e5:8f:65:03:66:
0c:4e:2e:f5:27:44:ea:6d:83:16:f9:90:e2:b6:ea:
ad:e8:e6:66:d5:1e:09:e6:cf:1c:b8:c1:ab:79:0a:
f3:1f:b0:16:59:12:8c:af:ec:e9:80:56:e2:d9:e4:
fa:ac:12:b6:5e:c6:73:7b:5e:41:00:56:68:d4:e6:
2d:2c:3d:8e:c1:38:94:e8:a6:12:ce:54:97:7a:26:
c1:16:bb:7a:e8:c0:6b:14:0d:15:34:81:99:b9:dd:
07:0e:6e:a9:17:d9:5e:a7:d6:4f:fd:14:4b:e2:01:
77:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:57:C2:E0:39:22:BA:C2:4E:8D:76:3B:2C:8F:06:56:8D:6F:53:51
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/HFfC4DkiusJOjXY7LI8GVo1vU1E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:e1c0:1::/48
2a0f:e440::/29
2a0f:e6c5:1::/48
2a0f:e6c6:1::/48
2a0f:e6c7:1::/48
2a13:3380:1::/48
2a13:e100:1::/48
Signature Algorithm: sha256WithRSAEncryption
a4:f9:15:dc:32:d5:9a:fd:7d:fc:12:22:c9:21:83:23:69:93:
2a:c7:8e:2a:2a:d0:96:63:2a:1d:32:c8:42:55:d8:c8:ee:14:
0b:93:27:03:1d:d9:84:d9:63:cb:b7:3c:6b:36:5a:4a:52:fd:
e0:05:92:6b:47:be:96:a5:bb:c5:9b:bb:9e:38:a7:5c:16:4c:
46:03:0c:19:c6:9d:cb:ed:ca:b2:e5:f7:9d:21:0e:08:de:9f:
7f:ab:74:e5:40:10:56:22:81:27:c4:80:a0:38:e2:6a:d2:38:
2e:8a:d1:ef:9e:18:82:50:a1:32:d6:e6:ed:f0:81:04:27:de:
93:f5:f2:b1:e2:7e:c5:64:f9:75:a2:46:40:10:4c:b6:06:c8:
d4:52:46:d3:49:9f:21:2e:62:b1:1c:f2:6c:1e:ff:e7:f7:5c:
fc:db:bb:c3:46:18:ec:13:7c:5a:86:b2:50:17:9d:05:b0:02:
72:3d:1b:07:41:c3:a0:df:e3:22:fa:06:5f:b7:86:c9:ad:4c:
b9:2a:64:57:a2:a2:6a:b5:c5:9b:1f:de:b7:8c:e5:8b:b4:6c:
b5:d2:05:5f:c0:80:39:6c:a8:a5:ee:7a:79:0c:e7:01:1c:c6:
ad:91:b7:10:ae:4a:04:3b:a7:07:b5:75:7f:63:c2:47:a3:96:
b9:09:75:d3
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgISAYr62Udka1zJgOrepZhTs1rIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMxMDA0MTMyMDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzU3YzJlMDM5MjJiYWMyNGU4ZDc2M2IyYzhmMDY1NjhkNmY1MzUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhWUwtZh2UawiESD2KbTRQ6aSrwvZ
ssujYCmFbqoMVCj1sL0vJNXTZqZE2Z3faSucgq+QuGMDpQcdevLi1B3lNNw9wYSs
UHZ9VaQ+oQSI4r7/uB0LV0hzzUmaI4MdOMOd1fxS0kDzbGE/ON1v70aB7VPPLKUt
Kv7rjRDzZRZroHkmTiKjhyyz8+H8XiQ6N9EA5Y9lA2YMTi71J0TqbYMW+ZDituqt
6OZm1R4J5s8cuMGreQrzH7AWWRKMr+zpgFbi2eT6rBK2XsZze15BAFZo1OYtLD2O
wTiU6KYSzlSXeibBFrt66MBrFA0VNIGZud0HDm6pF9lep9ZP/RRL4gF3UwIDAQAB
o4ICQDCCAjwwHQYDVR0OBBYEFBxXwuA5IrrCTo12OyyPBlaNb1NRMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvSEZmQzREa2l1c0pPalhZN0xJOEdWbzF2VTFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFYGCCsGAQUFBwEHAQH/BEcwRTBDBAIAAjA9AwcAKg/hwAAB
AwUDKg/kQAMHACoP5sUAAQMHACoP5sYAAQMHACoP5scAAQMHACoTM4AAAQMHACoT
4QAAATANBgkqhkiG9w0BAQsFAAOCAQEApPkV3DLVmv19/BIiySGDI2mTKseOKirQ
lmMqHTLIQlXYyO4UC5MnAx3ZhNljy7c8azZaSlL94AWSa0e+lqW7xZu7njinXBZM
RgMMGcady+3KsuX3nSEOCN6ff6t05UAQViKBJ8SAoDjiatI4LorR754YglChMtbm
7fCBBCfek/XyseJ+xWT5daJGQBBMtgbI1FJG00mfIS5isRzybB7/5/dc/Nu7w0YY
7BN8WoayUBedBbACcj0bB0HDoN/jIvoGX7eGya1MuSpkV6KiarXFmx/et4zli7Rs
tdIFX8CAOWyope56eQznARzGrZG3EK5KBDunB7V1f2PCR6OWuQl10w==
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:00:11 2025 by rpki-client