Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/HIJ7zHJKm1yuMOoSY311vZzjv28.roa
File: HIJ7zHJKm1yuMOoSY311vZzjv28.roa (raw, json)
Hash identifier: BxQyq49nKjiu1j8Jv0qXpq+L4m+Wliab893r1z200fw=
Subject key identifier: 1C:82:7B:CC:72:4A:9B:5C:AE:30:EA:12:63:7D:75:BD:9C:E3:BF:6F
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018AB6DA0A157420D03D228DA4A613452E7D
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/HIJ7zHJKm1yuMOoSY311vZzjv28.roa
Signing time: Thu 21 Sep 2023 08:27:37 +0000
ROA not before: Thu 21 Sep 2023 08:27:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198231
IP address blocks: 2a13:d902::/32 maxlen: 32
2a13:2dc5::/32 maxlen: 32
2a13:2d41::/32 maxlen: 32
2a13:2d42::/32 maxlen: 32
2a13:d901::/32 maxlen: 32
2a13:2dc4::/32 maxlen: 32
2a13:2d43::/32 maxlen: 32
2a13:2dc7::/32 maxlen: 32
2a13:d900::/32 maxlen: 32
2a13:d903::/32 maxlen: 32
2a13:fd00::/29 maxlen: 29
2a13:2d40::/32 maxlen: 32
2a13:2d46::/32 maxlen: 32
2a13:2d45::/32 maxlen: 32
2a13:2dc1::/32 maxlen: 32
2a13:2dc2::/32 maxlen: 32
2a13:d906::/32 maxlen: 32
2a13:2d44::/32 maxlen: 32
2a13:d907::/32 maxlen: 32
2a13:d904::/32 maxlen: 32
2a13:d700::/29 maxlen: 29
2a13:2d47::/32 maxlen: 32
2a13:2dc6::/32 maxlen: 32
2a13:d905::/32 maxlen: 32
2a13:2dc0::/32 maxlen: 32
2a13:2dc3::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:b6:da:0a:15:74:20:d0:3d:22:8d:a4:a6:13:45:2e:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Sep 21 08:27:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1c827bcc724a9b5cae30ea12637d75bd9ce3bf6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:c5:5c:3c:cd:33:44:05:e4:6e:65:f9:d9:a5:
26:10:88:30:23:4c:cb:71:85:93:a3:0f:01:bd:24:
ca:c2:a9:20:75:f8:27:2b:33:ee:e4:1b:6f:00:a4:
8d:fa:bc:d9:47:01:e3:cc:45:db:d3:ec:23:ef:76:
d7:09:33:12:e9:e6:5a:5c:c0:c6:bf:b7:f9:01:65:
55:92:9f:fe:36:c8:7d:33:e9:be:0e:5c:c7:96:91:
8e:7d:da:d2:16:91:4b:32:8f:26:6c:8c:a4:88:4d:
18:f4:00:84:51:9d:19:87:01:2f:b4:fb:49:72:f2:
19:c3:da:bf:db:03:ad:61:b1:3f:12:fe:38:e4:7e:
d6:66:11:41:96:96:c2:29:48:1b:74:9f:d3:f2:d7:
e1:4a:33:d3:50:e9:a5:8e:8f:dc:72:d0:90:a8:2b:
48:6b:26:cc:1b:e2:3c:f4:e5:c6:b3:3b:bc:b6:70:
a6:cf:91:a8:1d:94:4d:65:4b:b4:f5:e3:1f:23:74:
73:4d:9c:ec:9b:20:af:6a:a6:7c:fc:5f:97:ed:46:
56:fb:21:a8:22:72:02:fc:91:db:ed:f3:07:6d:3c:
46:19:d6:93:cc:9c:ca:69:4d:44:a7:93:1d:f5:a3:
df:56:ae:77:de:7b:f2:7b:13:71:e4:84:dd:4a:eb:
5d:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:82:7B:CC:72:4A:9B:5C:AE:30:EA:12:63:7D:75:BD:9C:E3:BF:6F
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/HIJ7zHJKm1yuMOoSY311vZzjv28.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:2d40::/29
2a13:2dc0::/29
2a13:d700::/29
2a13:d900::/29
2a13:fd00::/29
Signature Algorithm: sha256WithRSAEncryption
cf:ad:67:2d:32:ee:3a:cc:1b:7b:c4:c3:43:b6:05:84:9f:5c:
e1:f8:42:a6:af:86:7b:1e:83:62:97:6c:6a:73:c8:1d:08:32:
b3:ac:25:5a:4f:2f:62:6d:3b:54:fc:3e:96:31:7a:e9:99:43:
6e:58:fd:dc:4f:09:59:5a:a2:0c:c0:36:fb:5b:cf:f5:67:e1:
af:8b:67:17:ce:30:f2:94:d9:d0:35:89:d8:30:51:95:fc:14:
cb:f8:ac:fc:83:8b:3d:4a:fb:de:aa:eb:cc:eb:af:a7:a1:d3:
7d:f2:7d:01:12:c4:cf:d8:0b:38:1d:45:72:8d:aa:63:df:07:
6d:4b:28:6a:2f:df:df:7f:30:e3:95:66:02:d5:e4:c3:36:59:
df:6f:20:9f:90:c7:cb:89:fc:94:61:03:eb:54:67:9c:43:0c:
13:13:c5:6a:77:be:39:e7:ca:74:f0:64:93:bd:c6:13:3d:1e:
af:c7:f4:6b:7e:27:2f:ed:48:11:e7:7a:6a:df:87:d9:dd:48:
e4:55:cd:69:9d:73:a8:31:cd:bb:f8:63:b7:b1:9a:1e:ba:6c:
e2:a7:1a:a0:d1:a2:b4:56:46:a5:ef:bb:39:f5:b3:f3:8a:99:
6b:19:d7:e7:52:56:32:6d:1f:3e:73:aa:52:47:17:53:98:b9:
73:fb:8d:7b
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYq22goVdCDQPSKNpKYTRS59MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMwOTIxMDgyNzM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzgyN2JjYzcyNGE5YjVjYWUzMGVhMTI2MzdkNzViZDljZTNiZjZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlsVcPM0zRAXkbmX52aUmEIgwI0zL
cYWTow8BvSTKwqkgdfgnKzPu5BtvAKSN+rzZRwHjzEXb0+wj73bXCTMS6eZaXMDG
v7f5AWVVkp/+Nsh9M+m+DlzHlpGOfdrSFpFLMo8mbIykiE0Y9ACEUZ0ZhwEvtPtJ
cvIZw9q/2wOtYbE/Ev445H7WZhFBlpbCKUgbdJ/T8tfhSjPTUOmljo/cctCQqCtI
aybMG+I89OXGszu8tnCmz5GoHZRNZUu09eMfI3RzTZzsmyCvaqZ8/F+X7UZW+yGo
InIC/JHb7fMHbTxGGdaTzJzKaU1Ep5Md9aPfVq533nvyexNx5ITdSutdawIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFByCe8xySptcrjDqEmN9db2c479vMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvSElKN3pISkttMXl1TU9vU1kzMTF2WnpqdjI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzApBAIAAjAjAwUDKhMtQAMF
AyoTLcADBQMqE9cAAwUDKhPZAAMFAyoT/QAwDQYJKoZIhvcNAQELBQADggEBAM+t
Zy0y7jrMG3vEw0O2BYSfXOH4Qqavhnseg2KXbGpzyB0IMrOsJVpPL2JtO1T8PpYx
eumZQ25Y/dxPCVlaogzANvtbz/Vn4a+LZxfOMPKU2dA1idgwUZX8FMv4rPyDiz1K
+96q68zrr6eh033yfQESxM/YCzgdRXKNqmPfB21LKGov399/MOOVZgLV5MM2Wd9v
IJ+Qx8uJ/JRhA+tUZ5xDDBMTxWp3vjnnynTwZJO9xhM9Hq/H9Gt+Jy/tSBHnemrf
h9ndSORVzWmdc6gxzbv4Y7exmh66bOKnGqDRorRWRqXvuzn1s/OKmWsZ1+dSVjJt
Hz5zqlJHF1OYuXP7jXs=
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:07:16 2025 by rpki-client