Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/HcsVnCImDIeG5mxWXw5tpqHcvKo.roa
File: HcsVnCImDIeG5mxWXw5tpqHcvKo.roa (raw, json)
Hash identifier: JVYQlwL0lwZkOYwUmVcWiQQL/lE1DDaGLGz/rcH4y+0=
Subject key identifier: 1D:CB:15:9C:22:26:0C:87:86:E6:6C:56:5F:0E:6D:A6:A1:DC:BC:AA
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018553E91278C1E27B4A003DC820746B825F
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/HcsVnCImDIeG5mxWXw5tpqHcvKo.roa
Signing time: Tue 27 Dec 2022 14:07:41 +0000
ROA not before: Tue 27 Dec 2022 14:07:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8772
IP address blocks: 2a0c:9240::/29 maxlen: 29
2a0f:e6c0::/29 maxlen: 29
2a0f:e7c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:53:e9:12:78:c1:e2:7b:4a:00:3d:c8:20:74:6b:82:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Dec 27 14:07:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1dcb159c22260c8786e66c565f0e6da6a1dcbcaa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:67:00:cb:48:0d:ac:04:e1:a3:00:76:94:a6:
0d:ac:67:89:b0:5f:e3:09:1f:65:02:f1:43:2c:62:
6c:91:fd:7b:e6:c9:e7:d0:f0:ab:28:16:c1:85:48:
6a:6a:f0:97:cb:25:6f:97:76:b1:ac:69:be:fc:ba:
ec:26:cb:ae:a6:c6:a2:4f:ca:f1:0e:5e:d7:d7:43:
da:2a:32:b3:da:df:a7:05:99:38:30:47:fb:80:11:
a9:c6:02:9c:1b:3c:e9:67:23:59:d5:af:93:86:96:
38:8b:dd:67:aa:75:29:6d:4c:cf:67:fb:57:ae:63:
6a:f4:58:21:1b:07:fb:0f:58:f9:91:40:5a:2c:00:
27:a6:fc:3b:d2:f7:c1:aa:0e:61:33:73:81:50:40:
96:65:d8:cc:95:4b:e6:93:46:54:50:ca:d9:c1:40:
3c:77:46:8e:67:d2:e8:0d:e3:30:17:af:98:f9:be:
a6:34:d2:f8:df:dc:e8:a6:81:c1:9e:72:01:98:d2:
44:c2:bc:e5:7b:34:68:3e:43:3d:85:00:2d:21:41:
ee:2f:43:d9:b4:60:a9:01:97:36:11:69:a1:0e:c8:
09:c7:f2:3c:42:75:85:fa:e3:a5:66:b4:86:32:03:
77:8c:fd:5b:89:f3:a1:5e:2a:14:f4:4e:62:1f:b6:
b0:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:CB:15:9C:22:26:0C:87:86:E6:6C:56:5F:0E:6D:A6:A1:DC:BC:AA
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/HcsVnCImDIeG5mxWXw5tpqHcvKo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9240::/29
2a0f:e6c0::/29
2a0f:e7c0::/29
Signature Algorithm: sha256WithRSAEncryption
03:91:b8:a2:fa:91:c0:ce:19:53:d8:a3:34:43:99:83:09:6a:
38:e3:ad:4a:84:33:40:a9:4e:45:37:49:9c:c7:bd:83:e2:de:
bd:f8:b5:72:5f:f5:b9:17:3c:e9:dc:58:65:1b:67:79:bc:06:
bc:a9:4e:56:34:e7:f7:c4:83:ba:73:a9:1d:7a:6f:c7:ea:80:
31:17:93:4a:0d:6f:d6:d2:d4:4a:44:e7:f6:05:fa:58:d9:1e:
27:95:f5:9c:95:f0:06:80:8d:19:ed:be:25:5c:66:10:04:81:
e7:03:e1:e2:6d:8e:03:4c:29:e3:da:b4:2d:27:a6:ce:14:0f:
13:11:49:7f:50:3a:19:c8:49:4d:66:13:f2:97:dd:ac:20:c4:
3d:99:2c:f2:5b:5f:62:31:ce:10:bf:65:c8:23:c2:a4:4e:21:
4d:83:e4:7d:b5:4b:e2:5f:4e:3b:68:10:cc:fc:3c:aa:d4:fa:
68:d1:37:11:2f:2a:31:bd:06:d5:4b:aa:9f:ce:05:9d:ee:a7:
bb:df:f5:2a:7b:fd:15:54:57:dd:bd:6f:38:5b:12:f6:5a:93:
4a:d0:4a:e1:7e:de:8f:4e:11:8e:96:c8:9e:6b:4b:9c:75:ad:
f1:33:28:b6:98:8b:93:9f:11:91:c8:33:c5:00:19:5c:4c:6e:
14:f1:8d:ee
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVT6RJ4weJ7SgA9yCB0a4JfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjIxMjI3MTQwNzQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGNiMTU5YzIyMjYwYzg3ODZlNjZjNTY1ZjBlNmRhNmExZGNiY2FhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAomcAy0gNrAThowB2lKYNrGeJsF/j
CR9lAvFDLGJskf175snn0PCrKBbBhUhqavCXyyVvl3axrGm+/LrsJsuupsaiT8rx
Dl7X10PaKjKz2t+nBZk4MEf7gBGpxgKcGzzpZyNZ1a+ThpY4i91nqnUpbUzPZ/tX
rmNq9FghGwf7D1j5kUBaLAAnpvw70vfBqg5hM3OBUECWZdjMlUvmk0ZUUMrZwUA8
d0aOZ9LoDeMwF6+Y+b6mNNL439zopoHBnnIBmNJEwrzlezRoPkM9hQAtIUHuL0PZ
tGCpAZc2EWmhDsgJx/I8QnWF+uOlZrSGMgN3jP1bifOhXioU9E5iH7awlQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFB3LFZwiJgyHhuZsVl8Obaah3LyqMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvSGNzVm5DSW1ESWVHNW14V1h3NXRwcUhjdktvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUDKgySQAMF
AyoP5sADBQMqD+fAMA0GCSqGSIb3DQEBCwUAA4IBAQADkbii+pHAzhlT2KM0Q5mD
CWo4461KhDNAqU5FN0mcx72D4t69+LVyX/W5Fzzp3FhlG2d5vAa8qU5WNOf3xIO6
c6kdem/H6oAxF5NKDW/W0tRKROf2BfpY2R4nlfWclfAGgI0Z7b4lXGYQBIHnA+Hi
bY4DTCnj2rQtJ6bOFA8TEUl/UDoZyElNZhPyl92sIMQ9mSzyW19iMc4Qv2XII8Kk
TiFNg+R9tUviX047aBDM/Dyq1Ppo0TcRLyoxvQbVS6qfzgWd7qe73/Uqe/0VVFfd
vW84WxL2WpNK0Erhft6PThGOlsiea0ucda3xMyi2mIuTnxGRyDPFABlcTG4U8Y3u
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:14:48 2025 by rpki-client