Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/ITdLdY-v0T6vQN97zXXJQu4rVr8.roa
File: ITdLdY-v0T6vQN97zXXJQu4rVr8.roa (raw, json)
Hash identifier: Dk+xOySBxbava5qZnWCopUgpIQ2vAsLwGc6amAQNc4Y=
Subject key identifier: 21:37:4B:75:8F:AF:D1:3E:AF:40:DF:7B:CD:75:C9:42:EE:2B:56:BF
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018ACB7379EC2F259F09B396FD604B75BA16
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/ITdLdY-v0T6vQN97zXXJQu4rVr8.roa
Signing time: Mon 25 Sep 2023 08:27:37 +0000
ROA not before: Mon 25 Sep 2023 08:27:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 53667
IP address blocks: 2a0f:dec0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:cb:73:79:ec:2f:25:9f:09:b3:96:fd:60:4b:75:ba:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Sep 25 08:27:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=21374b758fafd13eaf40df7bcd75c942ee2b56bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:38:df:46:10:16:9f:8d:02:8a:64:3c:79:be:
bc:25:4a:78:b1:3e:fa:ba:06:47:40:01:dc:63:26:
81:53:48:14:60:94:4d:83:c4:27:10:b8:f8:67:11:
c0:63:bc:c4:cc:c3:de:38:75:7f:44:bd:ae:03:06:
8e:8a:0f:11:93:c8:bc:d2:76:26:bd:07:af:90:db:
e4:6c:35:a3:8e:81:43:8a:a6:39:89:b3:5b:87:a0:
0d:4b:05:98:e3:46:a5:16:80:fb:32:f4:f0:31:b9:
bc:75:a7:db:0f:ef:81:8b:c7:63:ce:10:a8:6f:63:
a3:7f:80:da:7f:b8:29:08:fa:6c:c9:91:5b:58:54:
d0:b6:34:0a:d2:e9:ab:17:8d:33:21:bc:f0:e2:2f:
96:67:5f:04:24:5f:61:b6:5a:51:0c:ac:81:a8:22:
7e:1e:eb:0f:96:cf:38:ab:be:76:f1:f7:b7:e9:d7:
0b:8d:b9:97:b1:72:42:ba:69:76:37:3d:32:a4:bb:
9f:cf:e3:13:2e:0d:7f:aa:3e:74:fb:34:7a:27:f4:
bb:10:8c:1f:76:92:ff:e3:65:ba:df:4e:de:c7:a4:
c9:98:62:7b:68:0e:f5:a2:eb:41:d7:d4:eb:56:3e:
ab:9a:6b:b2:22:2d:3a:43:dd:fb:14:87:94:3a:ae:
fe:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:37:4B:75:8F:AF:D1:3E:AF:40:DF:7B:CD:75:C9:42:EE:2B:56:BF
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/ITdLdY-v0T6vQN97zXXJQu4rVr8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:dec0::/29
Signature Algorithm: sha256WithRSAEncryption
02:66:db:bc:3e:1f:25:18:4b:a2:44:b9:66:c4:3f:7f:a7:c9:
c4:24:8b:e4:0a:56:e1:10:53:39:43:6c:ee:b6:29:57:c5:c6:
11:d0:74:ee:14:df:8c:c0:17:71:c3:ed:41:4a:95:42:04:d6:
f6:57:6d:40:ab:de:aa:9e:45:be:bf:0b:43:5d:ec:ce:ed:f6:
8a:b0:51:46:0f:93:65:d0:3e:e8:2c:70:bd:35:65:62:33:94:
1e:5b:85:16:f4:1b:42:63:08:a9:0f:7c:f3:13:46:1c:d5:74:
16:6b:8f:0e:8b:a6:e6:ef:08:61:21:64:ed:d8:d9:7f:bb:69:
30:cf:b9:16:c8:1a:54:34:55:af:a9:fb:5f:80:a4:db:91:22:
3b:70:67:6b:c4:89:76:9d:38:a3:ad:f6:99:43:74:ee:22:1e:
03:3d:bf:ed:43:ac:97:ad:a5:59:eb:52:9d:8d:07:f0:36:70:
f4:b3:af:31:f3:2e:e5:82:65:f1:4d:de:d3:93:b0:7e:7e:9d:
c9:3a:57:a7:f6:a6:fd:74:74:9a:52:f2:5a:f1:51:c7:b6:37:
8d:66:cb:fd:d8:2b:c0:c2:a9:85:06:04:2a:b2:98:cf:9a:44:
17:ac:4c:ce:c6:23:63:0f:d7:22:4d:71:18:c1:89:d4:f4:85:
08:d4:08:f6
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYrLc3nsLyWfCbOW/WBLdboWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMwOTI1MDgyNzM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTM3NGI3NThmYWZkMTNlYWY0MGRmN2JjZDc1Yzk0MmVlMmI1NmJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjzjfRhAWn40CimQ8eb68JUp4sT76
ugZHQAHcYyaBU0gUYJRNg8QnELj4ZxHAY7zEzMPeOHV/RL2uAwaOig8Rk8i80nYm
vQevkNvkbDWjjoFDiqY5ibNbh6ANSwWY40alFoD7MvTwMbm8dafbD++Bi8djzhCo
b2Ojf4Daf7gpCPpsyZFbWFTQtjQK0umrF40zIbzw4i+WZ18EJF9htlpRDKyBqCJ+
HusPls84q7528fe36dcLjbmXsXJCuml2Nz0ypLufz+MTLg1/qj50+zR6J/S7EIwf
dpL/42W6307ex6TJmGJ7aA71outB19TrVj6rmmuyIi06Q937FIeUOq7++wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFCE3S3WPr9E+r0Dfe811yULuK1a/MB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvSVRkTGRZLXYwVDZ2UU45N3pYWEpRdTRyVnI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg/ewDAN
BgkqhkiG9w0BAQsFAAOCAQEAAmbbvD4fJRhLokS5ZsQ/f6fJxCSL5ApW4RBTOUNs
7rYpV8XGEdB07hTfjMAXccPtQUqVQgTW9ldtQKveqp5Fvr8LQ13szu32irBRRg+T
ZdA+6CxwvTVlYjOUHluFFvQbQmMIqQ988xNGHNV0FmuPDoum5u8IYSFk7djZf7tp
MM+5FsgaVDRVr6n7X4Ck25EiO3Bna8SJdp04o632mUN07iIeAz2/7UOsl62lWetS
nY0H8DZw9LOvMfMu5YJl8U3e05Owfn6dyTpXp/am/XR0mlLyWvFRx7Y3jWbL/dgr
wMKphQYEKrKYz5pEF6xMzsYjYw/XIk1xGMGJ1PSFCNQI9g==
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:14:43 2025 by rpki-client