Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/K7xgTKz8ZvyBBSLOe9W8yPzuL-4.roa
File: K7xgTKz8ZvyBBSLOe9W8yPzuL-4.roa (raw, json)
Hash identifier: /FN/fuDK7qtVq9JfMtbPqfGJ42xSzbJabeG2Si0r45Q=
Subject key identifier: 2B:BC:60:4C:AC:FC:66:FC:81:05:22:CE:7B:D5:BC:C8:FC:EE:2F:EE
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01857A1AE986632C193FBFFE07E2BAC02244
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/K7xgTKz8ZvyBBSLOe9W8yPzuL-4.roa
Signing time: Wed 04 Jan 2023 00:07:42 +0000
ROA not before: Wed 04 Jan 2023 00:07:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 10753
IP address blocks: 2a0f:dec0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:7a:1a:e9:86:63:2c:19:3f:bf:fe:07:e2:ba:c0:22:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jan 4 00:07:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2bbc604cacfc66fc810522ce7bd5bcc8fcee2fee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:ae:7e:b2:e5:f5:db:72:6d:3f:f4:83:0d:c3:
1f:f3:59:24:e3:26:4a:64:76:99:f9:e5:95:4e:78:
85:b8:85:59:66:86:7e:8a:49:25:1a:5b:cd:11:2d:
fd:21:45:c7:9a:d0:aa:06:7e:49:de:58:3c:4d:87:
e6:24:9b:a4:b9:87:2d:5e:46:a3:0c:ea:35:42:f0:
c1:a4:71:b6:ab:36:b9:57:b4:61:f8:9f:da:3c:51:
9c:fc:95:87:a9:f2:fb:ff:f2:bb:bd:43:22:6e:87:
0d:f5:27:23:62:6a:28:21:52:8b:b8:34:80:c7:d4:
4e:ca:8c:fc:b4:a9:d2:49:2b:55:70:1c:6c:74:82:
fb:f4:59:81:be:52:17:a7:aa:d5:58:c6:5b:61:75:
c9:9e:ed:b1:1e:2d:48:7b:4d:32:a3:c1:30:32:00:
ca:e9:4a:7b:ae:78:3b:3e:22:0c:d0:7a:41:45:bd:
52:eb:25:39:64:57:0b:73:97:69:7b:c2:26:e0:98:
08:70:d0:67:52:64:39:ab:9b:99:ca:4e:8e:79:f8:
cf:2c:db:ae:7a:c2:d0:5e:00:a6:e1:04:59:18:1f:
dd:b4:7b:ec:85:d4:6b:8a:1b:18:d0:61:7e:b0:3d:
1f:47:76:59:e4:2f:ad:ff:89:20:3a:5b:82:9c:e3:
5b:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:BC:60:4C:AC:FC:66:FC:81:05:22:CE:7B:D5:BC:C8:FC:EE:2F:EE
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/K7xgTKz8ZvyBBSLOe9W8yPzuL-4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:dec0::/32
Signature Algorithm: sha256WithRSAEncryption
80:8b:6b:51:58:bf:e9:a3:58:76:54:2a:e8:6f:60:24:81:96:
c3:c7:2e:ec:bd:01:b2:0c:09:0d:01:e6:33:08:7d:66:88:13:
e5:d1:78:37:3e:49:b9:c3:c4:f0:47:37:87:93:2e:8e:f3:15:
04:ca:74:90:e0:80:40:48:06:3e:c5:dd:c3:41:0f:15:5a:6a:
e4:ea:17:fa:ac:35:8f:0a:74:ab:4a:2a:44:57:44:fe:98:5a:
59:c2:a8:98:ba:5c:c5:b4:e4:32:0e:a1:d4:ab:2e:12:dd:36:
d4:0a:0b:09:2a:0f:76:dc:5f:3e:36:ac:2e:74:4a:f6:a2:a3:
a4:29:d7:8b:31:05:3f:32:b6:4b:b4:b5:17:c7:f8:f1:f8:08:
fa:e2:04:cb:c6:1b:e3:38:b1:6c:93:59:73:60:b2:7c:2d:a7:
5c:1a:8c:41:e5:0d:c9:a9:3e:6e:f5:69:1c:62:f2:dc:aa:eb:
5b:ab:29:55:dc:32:7f:59:d7:ce:c3:2e:da:a8:b3:22:f0:9a:
dc:0e:2d:d8:76:4d:68:08:8e:79:c6:64:85:70:b9:f1:59:e3:
a3:64:70:5d:fb:2a:d3:68:21:0a:fe:6b:19:c3:47:ea:ed:a7:
c6:4d:e2:fb:0a:43:15:e6:a5:de:87:14:7d:d2:15:40:d7:fa:
f2:4c:10:8c
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYV6GumGYywZP7/+B+K6wCJEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMwMTA0MDAwNzQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmJjNjA0Y2FjZmM2NmZjODEwNTIyY2U3YmQ1YmNjOGZjZWUyZmVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApK5+suX123JtP/SDDcMf81kk4yZK
ZHaZ+eWVTniFuIVZZoZ+ikklGlvNES39IUXHmtCqBn5J3lg8TYfmJJukuYctXkaj
DOo1QvDBpHG2qza5V7Rh+J/aPFGc/JWHqfL7//K7vUMibocN9ScjYmooIVKLuDSA
x9ROyoz8tKnSSStVcBxsdIL79FmBvlIXp6rVWMZbYXXJnu2xHi1Ie00yo8EwMgDK
6Up7rng7PiIM0HpBRb1S6yU5ZFcLc5dpe8Im4JgIcNBnUmQ5q5uZyk6OefjPLNuu
esLQXgCm4QRZGB/dtHvshdRrihsY0GF+sD0fR3ZZ5C+t/4kgOluCnONbawIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFCu8YEys/Gb8gQUiznvVvMj87i/uMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvSzd4Z1RLejhadnlCQlNMT2U5Vzh5UHp1TC00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKg/ewDAN
BgkqhkiG9w0BAQsFAAOCAQEAgItrUVi/6aNYdlQq6G9gJIGWw8cu7L0BsgwJDQHm
Mwh9ZogT5dF4Nz5JucPE8Ec3h5MujvMVBMp0kOCAQEgGPsXdw0EPFVpq5OoX+qw1
jwp0q0oqRFdE/phaWcKomLpcxbTkMg6h1KsuEt021AoLCSoPdtxfPjasLnRK9qKj
pCnXizEFPzK2S7S1F8f48fgI+uIEy8Yb4zixbJNZc2CyfC2nXBqMQeUNyak+bvVp
HGLy3KrrW6spVdwyf1nXzsMu2qizIvCa3A4t2HZNaAiOecZkhXC58Vnjo2RwXfsq
02ghCv5rGcNH6u2nxk3i+wpDFeal3ocUfdIVQNf68kwQjA==
-----END CERTIFICATE-----
Generated at Sun Jun 8 05:16:38 2025 by rpki-client