Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/LOUjjaHjOTf-oC35oNK-VzqGEEw.roa
File: LOUjjaHjOTf-oC35oNK-VzqGEEw.roa (raw, json)
Hash identifier: LtQSysNPqf/bYA9Rh/fy5GHLa5qeS0ASYV8yMWyHcPY=
Subject key identifier: 2C:E5:23:8D:A1:E3:39:37:FE:A0:2D:F9:A0:D2:BE:57:3A:86:10:4C
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01866EFC5AAE7A01BC87B5C455FBEA0D65A4
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/LOUjjaHjOTf-oC35oNK-VzqGEEw.roa
Signing time: Mon 20 Feb 2023 13:21:17 +0000
ROA not before: Mon 20 Feb 2023 13:21:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8772
IP address blocks: 2a0a:1400::/29 maxlen: 29
2a12:d6c0::/29 maxlen: 29
2a0c:9240::/29 maxlen: 29
2a0f:8300::/29 maxlen: 29
2a0f:dd40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:6e:fc:5a:ae:7a:01:bc:87:b5:c4:55:fb:ea:0d:65:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Feb 20 13:21:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2ce5238da1e33937fea02df9a0d2be573a86104c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:ef:b3:11:db:4a:a0:00:ca:db:54:18:35:ce:
32:91:06:55:08:04:34:9e:ea:66:24:fa:94:e7:d7:
55:aa:5b:ed:93:9c:be:e4:ff:de:b8:63:ac:62:36:
ea:9b:e0:73:0c:d7:da:39:48:2c:13:da:2c:a6:03:
ee:dd:ac:02:a5:f6:c5:72:a0:85:0c:1b:69:ff:0c:
4b:d0:71:0e:71:8f:1b:9d:60:35:2f:60:07:98:47:
a9:8c:15:60:b6:30:0e:d6:e3:72:40:e7:1f:70:44:
ab:3d:15:50:34:18:37:3d:2f:72:75:05:53:b3:95:
67:7f:9f:c6:c6:3c:f6:90:63:f0:5d:08:d1:2c:67:
91:0a:1b:a6:51:7c:fd:ec:14:86:4b:57:eb:a5:89:
d6:4a:21:f1:04:eb:54:ac:38:a2:08:bb:20:5c:5d:
98:0a:32:c2:ae:d5:46:d3:a5:38:82:2a:aa:b5:5e:
69:a1:ae:17:bd:f8:ef:e3:38:e7:ca:92:0f:8d:5b:
82:62:49:43:a6:84:11:23:a3:33:a7:75:29:d5:97:
9b:c5:4c:22:fd:19:1d:11:47:7b:26:ed:d8:d7:d5:
c9:72:be:f7:8b:a8:10:6d:70:8f:f7:bf:64:1c:b2:
d9:67:8e:29:1f:84:58:90:77:02:dd:84:f6:85:e8:
61:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:E5:23:8D:A1:E3:39:37:FE:A0:2D:F9:A0:D2:BE:57:3A:86:10:4C
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/LOUjjaHjOTf-oC35oNK-VzqGEEw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:1400::/29
2a0c:9240::/29
2a0f:8300::/29
2a0f:dd40::/29
2a12:d6c0::/29
Signature Algorithm: sha256WithRSAEncryption
26:c0:61:b3:f3:74:c1:5f:10:4d:f1:8b:25:32:50:63:e5:32:
2d:ff:fe:ac:2f:e3:ec:bc:a5:0c:02:00:a7:45:d9:c2:51:9f:
51:ba:fd:bd:8e:b2:1a:79:45:c0:1b:93:fb:34:c2:b4:d6:25:
54:d8:6e:16:f3:b1:aa:d9:fc:13:9f:d1:3e:91:e7:4f:a5:88:
d7:77:d2:c5:b3:b1:12:99:f9:83:a6:6a:ca:8e:10:61:5e:03:
49:4f:45:aa:6c:11:15:8e:b0:13:64:b9:b1:e7:4e:64:c7:ce:
b3:8d:33:7b:5e:18:57:08:2f:c9:04:44:4a:8f:2d:9f:7a:c7:
68:9a:36:1b:d0:9a:3a:6c:34:eb:41:b8:00:55:e0:b5:f3:b8:
52:68:18:9d:2a:23:95:91:7d:67:2d:b5:43:b2:ec:5a:6a:6a:
0a:e2:23:ed:ea:22:3b:69:b1:af:17:99:de:57:ef:c2:3f:27:
09:4a:27:f9:67:47:5b:c7:58:c3:58:79:c4:63:fa:3d:cb:7c:
de:38:9f:cf:bf:58:1f:a9:98:40:0b:da:00:d0:f1:53:8a:fa:
99:8c:0f:3c:b7:8c:bc:f0:e4:a2:00:fc:de:d3:aa:d5:46:e9:
1d:44:99:37:0f:68:9b:69:ae:21:a8:90:79:16:0e:fc:25:57:
17:40:f7:6e
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYZu/FquegG8h7XEVfvqDWWkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMwMjIwMTMyMTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyY2U1MjM4ZGExZTMzOTM3ZmVhMDJkZjlhMGQyYmU1NzNhODYxMDRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqe+zEdtKoADK21QYNc4ykQZVCAQ0
nupmJPqU59dVqlvtk5y+5P/euGOsYjbqm+BzDNfaOUgsE9ospgPu3awCpfbFcqCF
DBtp/wxL0HEOcY8bnWA1L2AHmEepjBVgtjAO1uNyQOcfcESrPRVQNBg3PS9ydQVT
s5Vnf5/Gxjz2kGPwXQjRLGeRChumUXz97BSGS1frpYnWSiHxBOtUrDiiCLsgXF2Y
CjLCrtVG06U4giqqtV5poa4Xvfjv4zjnypIPjVuCYklDpoQRI6Mzp3Up1ZebxUwi
/RkdEUd7Ju3Y19XJcr73i6gQbXCP979kHLLZZ44pH4RYkHcC3YT2hehh3wIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFCzlI42h4zk3/qAt+aDSvlc6hhBMMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvTE9VamphSGpPVGYtb0MzNW9OSy1WenFHRUV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzApBAIAAjAjAwUDKgoUAAMF
AyoMkkADBQMqD4MAAwUDKg/dQAMFAyoS1sAwDQYJKoZIhvcNAQELBQADggEBACbA
YbPzdMFfEE3xiyUyUGPlMi3//qwv4+y8pQwCAKdF2cJRn1G6/b2Oshp5RcAbk/s0
wrTWJVTYbhbzsarZ/BOf0T6R50+liNd30sWzsRKZ+YOmasqOEGFeA0lPRapsERWO
sBNkubHnTmTHzrONM3teGFcIL8kEREqPLZ96x2iaNhvQmjpsNOtBuABV4LXzuFJo
GJ0qI5WRfWcttUOy7FpqagriI+3qIjtpsa8Xmd5X78I/JwlKJ/lnR1vHWMNYecRj
+j3LfN44n8+/WB+pmEAL2gDQ8VOK+pmMDzy3jLzw5KIA/N7TqtVG6R1EmTcPaJtp
riGokHkWDvwlVxdA924=
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:05:18 2025 by rpki-client