Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Ids6ca_pCFtf3VYXU-5V6iqmdGk.roa
File: Ids6ca_pCFtf3VYXU-5V6iqmdGk.roa (raw, json)
Hash identifier: kDwwZXR/0HiUDnNo03VIRTVgJjrqE5Uk7r+k3Q7mqF4=
Subject key identifier: 21:DB:3A:71:AF:E9:08:5B:5F:DD:56:17:53:EE:55:EA:2A:A6:74:69
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018B9A09815DC3784413A486B272F795CF23
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Ids6ca_pCFtf3VYXU-5V6iqmdGk.roa
Signing time: Sat 04 Nov 2023 11:13:16 +0000
ROA not before: Sat 04 Nov 2023 11:13:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57043
IP address blocks: 2a11:3500::/29 maxlen: 29
2a0e:5800::/29 maxlen: 29
2a0f:2500::/29 maxlen: 29
2a0f:dfc0::/29 maxlen: 29
2a0d:1140::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:9a:09:81:5d:c3:78:44:13:a4:86:b2:72:f7:95:cf:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Nov 4 11:13:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=21db3a71afe9085b5fdd561753ee55ea2aa67469
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:85:41:2c:17:45:71:65:96:09:c0:4a:49:a3:
4a:d5:85:79:c6:4e:16:5f:a2:c0:9f:f1:b5:a5:b4:
1d:01:3b:24:67:2f:68:14:39:76:7d:a4:79:d9:61:
86:6f:e6:14:d6:da:25:eb:c7:2d:47:f4:f0:55:9a:
f3:9d:75:be:dd:17:a3:ff:a9:61:d0:63:9d:72:cb:
06:e3:55:7d:65:c5:55:23:66:e2:7e:4f:ae:28:be:
ea:48:f3:4d:fa:65:7c:4d:5e:c5:70:2e:22:10:90:
8f:98:6d:b8:0d:6f:3f:dd:07:d7:76:c7:44:4e:43:
3b:45:c6:4f:90:d0:99:6b:1f:61:79:06:80:d0:0b:
d4:e9:d3:6d:cf:2d:34:41:cf:c9:d5:aa:4f:07:31:
d6:45:b7:a6:f7:84:33:45:1e:a5:68:32:66:8c:49:
e4:c3:26:1d:23:b9:04:c8:ba:f1:f4:94:f1:77:76:
17:e4:34:ad:33:e7:bd:96:b9:19:b0:46:4c:83:b1:
32:d4:f9:61:52:93:ec:5c:2c:a0:0f:c4:c2:d2:73:
2b:ef:85:ae:b7:fb:9c:01:fd:8a:3d:e7:ff:4b:44:
43:88:96:c1:94:bf:79:e4:1d:47:05:3b:18:3e:64:
6d:ee:e0:dc:0c:3b:12:93:a3:ee:c2:80:48:a9:ac:
92:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:DB:3A:71:AF:E9:08:5B:5F:DD:56:17:53:EE:55:EA:2A:A6:74:69
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Ids6ca_pCFtf3VYXU-5V6iqmdGk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:1140::/29
2a0e:5800::/29
2a0f:2500::/29
2a0f:dfc0::/29
2a11:3500::/29
Signature Algorithm: sha256WithRSAEncryption
33:9f:f8:50:27:04:8e:42:78:20:22:b5:4a:97:dd:97:72:d6:
37:a2:c4:35:06:e5:d6:59:7e:9e:66:39:de:e7:05:4f:84:cb:
a6:1e:7c:44:88:99:88:81:56:6c:c9:fa:49:81:2c:c8:b4:b3:
d4:78:be:0c:d9:e0:29:d3:8d:48:d0:78:a3:1f:ea:c7:c9:3c:
9b:b8:d8:ba:9b:ca:52:e7:64:ab:3a:95:20:1f:17:ee:02:ee:
61:6c:e6:c3:1a:06:0c:14:53:5c:3b:9a:d3:bc:6e:82:da:70:
23:38:dd:2b:75:d0:1d:ef:c2:bc:30:b5:5b:65:a5:0f:1c:04:
0f:bf:a4:86:31:07:b1:5e:76:ab:d7:fb:7b:20:ec:3e:82:8c:
11:30:65:26:9b:84:64:2b:13:81:d8:18:92:22:bc:de:2c:82:
84:bf:75:88:cc:5d:38:b3:a2:f3:81:66:3d:42:04:97:e8:f1:
10:ca:c1:02:85:95:77:90:59:49:d7:dd:03:f4:05:eb:51:5b:
c1:9b:71:70:f5:02:cf:90:c4:86:f6:e9:96:18:a8:df:b0:03:
c8:60:d1:78:fa:c9:b0:aa:74:28:1e:5e:e1:c5:e2:b9:64:78:
01:89:74:51:85:b0:9d:a4:42:9f:7c:8e:19:55:28:c2:c4:07:
76:2f:a9:8d
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYuaCYFdw3hEE6SGsnL3lc8jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMxMTA0MTExMzE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWRiM2E3MWFmZTkwODViNWZkZDU2MTc1M2VlNTVlYTJhYTY3NDY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhoVBLBdFcWWWCcBKSaNK1YV5xk4W
X6LAn/G1pbQdATskZy9oFDl2faR52WGGb+YU1tol68ctR/TwVZrznXW+3Rej/6lh
0GOdcssG41V9ZcVVI2bifk+uKL7qSPNN+mV8TV7FcC4iEJCPmG24DW8/3QfXdsdE
TkM7RcZPkNCZax9heQaA0AvU6dNtzy00Qc/J1apPBzHWRbem94QzRR6laDJmjEnk
wyYdI7kEyLrx9JTxd3YX5DStM+e9lrkZsEZMg7Ey1PlhUpPsXCygD8TC0nMr74Wu
t/ucAf2KPef/S0RDiJbBlL955B1HBTsYPmRt7uDcDDsSk6PuwoBIqayS7wIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFCHbOnGv6QhbX91WF1PuVeoqpnRpMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvSWRzNmNhX3BDRnRmM1ZZWFUtNVY2aXFtZEdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzApBAIAAjAjAwUDKg0RQAMF
AyoOWAADBQMqDyUAAwUDKg/fwAMFAyoRNQAwDQYJKoZIhvcNAQELBQADggEBADOf
+FAnBI5CeCAitUqX3Zdy1jeixDUG5dZZfp5mOd7nBU+Ey6YefESImYiBVmzJ+kmB
LMi0s9R4vgzZ4CnTjUjQeKMf6sfJPJu42LqbylLnZKs6lSAfF+4C7mFs5sMaBgwU
U1w7mtO8boLacCM43St10B3vwrwwtVtlpQ8cBA+/pIYxB7FedqvX+3sg7D6CjBEw
ZSabhGQrE4HYGJIivN4sgoS/dYjMXTizovOBZj1CBJfo8RDKwQKFlXeQWUnX3QP0
BetRW8GbcXD1As+QxIb26ZYYqN+wA8hg0Xj6ybCqdCgeXuHF4rlkeAGJdFGFsJ2k
Qp98jhlVKMLEB3YvqY0=
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:01:30 2025 by rpki-client