Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/KulR7uMOW_Z8mtLrxSCcJpHqc2c.roa
File: KulR7uMOW_Z8mtLrxSCcJpHqc2c.roa (raw, json)
Hash identifier: SOHHjtHU6v7WthxcA0U4yNQyBPZRO2R8/a4p1+kZZ5Y=
Subject key identifier: 2A:E9:51:EE:E3:0E:5B:F6:7C:9A:D2:EB:C5:20:9C:26:91:EA:73:67
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018443EAC5D9B117DB5D5A4A085DC1F6DD1C
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/KulR7uMOW_Z8mtLrxSCcJpHqc2c.roa
Signing time: Fri 04 Nov 2022 18:32:50 +0000
ROA not before: Fri 04 Nov 2022 18:32:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 399975
IP address blocks: 2a0f:140::/29 maxlen: 29
2a0f:e540::/29 maxlen: 29
2a0f:2e80::/29 maxlen: 29
2a0f:cc00::/29 maxlen: 29
2a13:1380::/29 maxlen: 29
2a0f:fc00::/29 maxlen: 29
2a0f:2f80::/29 maxlen: 29
2a0f:e4c0::/29 maxlen: 29
2a0f:2d80::/29 maxlen: 29
2a13:1480::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:43:ea:c5:d9:b1:17:db:5d:5a:4a:08:5d:c1:f6:dd:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Nov 4 18:32:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2ae951eee30e5bf67c9ad2ebc5209c2691ea7367
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:84:ba:33:4e:e1:1d:35:db:b4:e9:41:58:1e:
53:de:57:04:09:df:8b:d5:56:6f:1e:58:ec:a2:2b:
5b:61:5a:e2:a6:da:70:16:70:2c:51:96:2b:de:db:
7f:f6:97:42:b1:f6:69:d0:08:24:82:e9:c4:af:ef:
c7:97:e5:7e:f7:5f:36:54:ba:30:b9:ee:90:26:aa:
78:2e:65:6d:d7:ee:ff:bc:8b:89:2f:cc:69:4a:e6:
f0:41:04:89:29:7c:83:39:86:90:72:58:90:00:ad:
3c:e6:d8:db:94:f8:62:cb:f3:40:e3:57:0a:8c:39:
79:69:5e:17:07:1d:88:f1:94:8e:8f:61:df:4a:b9:
83:73:60:b9:a0:64:31:4e:5a:5a:8c:cd:8e:f3:0b:
d4:6f:d7:de:eb:52:2f:f1:02:dc:67:1e:f7:f0:4d:
2d:5b:f4:bb:f9:d9:40:b8:c3:a9:37:23:f5:54:56:
5f:af:1e:58:21:87:41:ed:53:32:ff:f8:51:7a:b8:
f4:d5:c8:e1:05:85:55:1f:f6:3c:78:78:79:90:f8:
7d:49:16:18:e5:12:ca:a8:2d:6f:1e:23:5b:f0:f6:
8b:d5:e7:80:af:8a:34:da:1c:61:28:67:c2:57:e9:
1a:4b:83:be:f2:30:a6:ac:a6:af:c1:34:4c:90:dc:
71:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:E9:51:EE:E3:0E:5B:F6:7C:9A:D2:EB:C5:20:9C:26:91:EA:73:67
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/KulR7uMOW_Z8mtLrxSCcJpHqc2c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:140::/29
2a0f:2d80::/29
2a0f:2e80::/29
2a0f:2f80::/29
2a0f:cc00::/29
2a0f:e4c0::/29
2a0f:e540::/29
2a0f:fc00::/29
2a13:1380::/29
2a13:1480::/29
Signature Algorithm: sha256WithRSAEncryption
39:9b:6f:5b:d2:42:01:2c:08:db:b3:57:82:0e:58:b7:6b:58:
23:e1:0d:32:ca:17:2c:22:c7:af:85:3f:c1:d8:5e:46:ea:5a:
7a:1a:b2:8f:97:76:e6:a7:71:d7:6c:59:98:16:06:9e:66:e3:
69:e2:a8:22:4c:45:dc:6c:29:3a:1f:1e:59:21:3b:7a:bb:6e:
4c:98:6c:e7:04:67:98:3c:54:6c:cc:ab:82:5c:c9:32:21:47:
5e:1b:85:b9:3c:c0:78:53:7a:70:cc:82:71:fc:79:bf:70:5c:
f2:3b:fa:0e:87:9f:e8:bf:c8:06:64:fc:3c:20:10:56:2b:42:
d0:0f:da:93:ac:d9:a2:98:62:7c:7f:99:11:20:7f:6b:b2:6e:
cb:26:5e:24:06:bc:9f:52:83:98:ef:c6:f1:38:6d:9c:e7:11:
82:c3:d6:02:e8:1b:ca:b1:98:df:7d:21:46:10:49:d0:f7:d1:
60:7a:68:5e:f0:82:de:35:1d:f4:d2:b6:ac:1e:b3:ab:76:09:
4f:dc:ed:fe:56:e7:27:35:44:f1:5e:ca:ba:83:26:25:c3:39:
78:00:f8:63:1f:99:a3:88:b0:61:e7:c7:46:95:a4:4c:c0:57:
d1:a2:bf:b5:f8:56:f4:6a:42:21:a6:72:79:e4:39:8a:3d:82:
ad:82:a0:9d
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAYRD6sXZsRfbXVpKCF3B9t0cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjIxMTA0MTgzMjUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWU5NTFlZWUzMGU1YmY2N2M5YWQyZWJjNTIwOWMyNjkxZWE3MzY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3YS6M07hHTXbtOlBWB5T3lcECd+L
1VZvHljsoitbYVriptpwFnAsUZYr3tt/9pdCsfZp0AgkgunEr+/Hl+V+9182VLow
ue6QJqp4LmVt1+7/vIuJL8xpSubwQQSJKXyDOYaQcliQAK085tjblPhiy/NA41cK
jDl5aV4XBx2I8ZSOj2HfSrmDc2C5oGQxTlpajM2O8wvUb9fe61Iv8QLcZx738E0t
W/S7+dlAuMOpNyP1VFZfrx5YIYdB7VMy//hRerj01cjhBYVVH/Y8eHh5kPh9SRYY
5RLKqC1vHiNb8PaL1eeAr4o02hxhKGfCV+kaS4O+8jCmrKavwTRMkNxxQwIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFCrpUe7jDlv2fJrS68UgnCaR6nNnMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvS3VsUjd1TU9XX1o4bXRMcnhTQ2NKcEhxYzJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjBMBAIAAjBGAwUDKg8BQAMF
AyoPLYADBQMqDy6AAwUDKg8vgAMFAyoPzAADBQMqD+TAAwUDKg/lQAMFAyoP/AAD
BQMqExOAAwUDKhMUgDANBgkqhkiG9w0BAQsFAAOCAQEAOZtvW9JCASwI27NXgg5Y
t2tYI+ENMsoXLCLHr4U/wdheRupaehqyj5d25qdx12xZmBYGnmbjaeKoIkxF3Gwp
Oh8eWSE7ertuTJhs5wRnmDxUbMyrglzJMiFHXhuFuTzAeFN6cMyCcfx5v3Bc8jv6
Doef6L/IBmT8PCAQVitC0A/ak6zZophifH+ZESB/a7JuyyZeJAa8n1KDmO/G8Tht
nOcRgsPWAugbyrGY330hRhBJ0PfRYHpoXvCC3jUd9NK2rB6zq3YJT9zt/lbnJzVE
8V7KuoMmJcM5eAD4Yx+Zo4iwYefHRpWkTMBX0aK/tfhW9GpCIaZyeeQ5ij2CrYKg
nQ==
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:01:16 2025 by rpki-client