Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/M9xSsO7MHp92uNb3l5RKzgzxj2s.roa
File: M9xSsO7MHp92uNb3l5RKzgzxj2s.roa (raw, json)
Hash identifier: h0mg0BG/Obp34vkgevrQFw35c1rA9Ctc7WDwOkRHkFI=
Subject key identifier: 33:DC:52:B0:EE:CC:1E:9F:76:B8:D6:F7:97:94:4A:CE:0C:F1:8F:6B
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018A21BAB9CD0517909875E3265CE72BF38D
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/M9xSsO7MHp92uNb3l5RKzgzxj2s.roa
Signing time: Wed 23 Aug 2023 09:29:59 +0000
ROA not before: Wed 23 Aug 2023 09:29:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 395839
IP address blocks: 2a0f:3940::/29 maxlen: 29
2a0f:39c0::/29 maxlen: 29
2a11:4e80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:21:ba:b9:cd:05:17:90:98:75:e3:26:5c:e7:2b:f3:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Aug 23 09:29:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=33dc52b0eecc1e9f76b8d6f797944ace0cf18f6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:04:09:78:f5:d7:e1:59:c7:77:2f:57:e6:1d:
b9:cf:ee:a3:d7:30:ce:c6:f4:6b:f9:34:69:af:88:
aa:09:1e:14:89:36:59:08:0f:19:dd:4c:4b:08:df:
31:ea:e3:a2:94:f3:76:f8:5b:dc:f5:8f:00:37:fe:
38:3b:cd:64:8b:c0:29:1a:73:a4:72:36:69:a8:79:
7f:a8:78:99:ef:cb:7a:87:07:cc:08:4f:af:c1:c5:
fc:4a:be:4a:e8:d5:e4:7d:40:ed:10:d5:e5:48:83:
56:f7:1d:89:1d:1d:78:f3:78:54:20:d8:0e:63:5c:
23:29:16:ef:24:b8:2a:57:38:8b:ff:39:78:a6:22:
eb:b2:ce:4e:0a:3a:d7:93:23:bd:ff:97:6e:82:5c:
0a:f5:0a:65:79:9f:d9:84:5f:2a:3b:ed:85:b5:57:
ea:0c:63:18:10:8d:10:9e:fb:47:e5:3d:23:64:3f:
d8:97:70:47:aa:48:c4:99:59:0e:a8:94:21:c3:0e:
3f:88:c7:65:cd:05:48:4c:54:98:ad:17:8f:84:0a:
c9:25:fc:40:bb:e9:a4:21:71:4a:16:ed:f5:b7:04:
94:bc:1b:8c:d5:3d:0d:f6:61:fa:20:39:a1:5e:6b:
90:b9:d5:5a:fb:1d:fa:d0:55:0f:14:00:f9:70:7b:
a1:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:DC:52:B0:EE:CC:1E:9F:76:B8:D6:F7:97:94:4A:CE:0C:F1:8F:6B
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/M9xSsO7MHp92uNb3l5RKzgzxj2s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:3940::/29
2a0f:39c0::/29
2a11:4e80::/29
Signature Algorithm: sha256WithRSAEncryption
31:54:88:9a:f7:bb:e6:23:64:df:e1:73:d0:53:57:e0:9a:21:
cc:af:de:70:83:dd:81:c5:1a:81:d3:1d:64:42:99:60:a7:3d:
f0:26:e1:2d:8f:bc:8d:89:cb:6f:70:a7:28:e0:6a:31:5e:78:
9f:57:1c:2d:68:b6:f8:80:71:21:d8:f2:99:4a:42:e2:59:13:
2c:47:27:74:57:31:c4:95:1a:73:ef:f3:2d:9f:f5:96:0a:77:
fc:7b:26:7f:9f:a3:93:7a:aa:b2:d5:4d:be:84:d9:0f:62:97:
54:d5:4e:92:2d:3e:7a:77:a9:98:9b:06:72:3f:30:eb:64:ea:
18:88:0e:a2:71:c6:36:d6:47:69:66:12:2f:ec:cb:2b:ad:a5:
be:78:97:69:46:1d:cf:56:bf:65:ed:4f:d2:42:02:14:14:5e:
29:4d:3b:73:83:12:37:91:2b:b8:be:50:02:23:1b:92:03:a1:
ed:e5:c6:67:40:35:92:f4:4b:1d:2a:3f:c2:54:71:11:f1:18:
22:ea:9a:b8:3f:13:dc:62:09:e3:83:16:29:02:fb:65:69:1d:
5a:98:20:17:5d:48:46:64:d5:6a:24:d0:b1:9c:09:6d:e1:34:
59:6a:c6:02:6a:44:5a:5c:d7:c5:03:1a:74:92:d8:6a:1a:3a:
82:2d:9c:46
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYohurnNBReQmHXjJlznK/ONMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMwODIzMDkyOTU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzM2RjNTJiMGVlY2MxZTlmNzZiOGQ2Zjc5Nzk0NGFjZTBjZjE4ZjZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvQQJePXX4VnHdy9X5h25z+6j1zDO
xvRr+TRpr4iqCR4UiTZZCA8Z3UxLCN8x6uOilPN2+Fvc9Y8AN/44O81ki8ApGnOk
cjZpqHl/qHiZ78t6hwfMCE+vwcX8Sr5K6NXkfUDtENXlSINW9x2JHR1483hUINgO
Y1wjKRbvJLgqVziL/zl4piLrss5OCjrXkyO9/5duglwK9QpleZ/ZhF8qO+2FtVfq
DGMYEI0QnvtH5T0jZD/Yl3BHqkjEmVkOqJQhww4/iMdlzQVITFSYrRePhArJJfxA
u+mkIXFKFu31twSUvBuM1T0N9mH6IDmhXmuQudVa+x360FUPFAD5cHuhywIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDPcUrDuzB6fdrjW95eUSs4M8Y9rMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvTTl4U3NPN01IcDkydU5iM2w1Ukt6Z3p4ajJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUDKg85QAMF
AyoPOcADBQMqEU6AMA0GCSqGSIb3DQEBCwUAA4IBAQAxVIia97vmI2Tf4XPQU1fg
miHMr95wg92BxRqB0x1kQplgpz3wJuEtj7yNictvcKco4GoxXnifVxwtaLb4gHEh
2PKZSkLiWRMsRyd0VzHElRpz7/Mtn/WWCnf8eyZ/n6OTeqqy1U2+hNkPYpdU1U6S
LT56d6mYmwZyPzDrZOoYiA6iccY21kdpZhIv7MsrraW+eJdpRh3PVr9l7U/SQgIU
FF4pTTtzgxI3kSu4vlACIxuSA6Ht5cZnQDWS9EsdKj/CVHER8Rgi6pq4PxPcYgnj
gxYpAvtlaR1amCAXXUhGZNVqJNCxnAlt4TRZasYCakRaXNfFAxp0kthqGjqCLZxG
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:16:10 2025 by rpki-client