Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/O-vPCTLfvJSQdqXNDKiZidq7K60.roa
File: O-vPCTLfvJSQdqXNDKiZidq7K60.roa (raw, json)
Hash identifier: 2oaW89kPZ9h/39zagUMOA0KXk1ALCp6IF/pETKXlGCA=
Subject key identifier: 3B:EB:CF:09:32:DF:BC:94:90:76:A5:CD:0C:A8:99:89:DA:BB:2B:AD
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018CB601C5C07C994561F9A0C235959ACE4E
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/O-vPCTLfvJSQdqXNDKiZidq7K60.roa
Signing time: Fri 29 Dec 2023 14:36:58 +0000
ROA not before: Fri 29 Dec 2023 14:36:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20566
IP address blocks: 2a0f:b400::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:b6:01:c5:c0:7c:99:45:61:f9:a0:c2:35:95:9a:ce:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Dec 29 14:36:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3bebcf0932dfbc949076a5cd0ca89989dabb2bad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:e8:1d:98:f7:7b:bc:8c:9d:c4:cb:8e:b0:e5:
2e:95:8b:8d:f6:82:42:3a:bf:0f:53:2d:ff:c7:ba:
72:32:d9:2c:42:7a:19:24:08:e9:d5:23:3f:70:92:
4c:2e:7d:87:1b:e7:8a:68:2a:0f:51:a6:4c:db:f2:
59:48:9f:e8:3a:8b:59:77:83:d9:4e:2b:30:c5:9f:
6d:0b:38:07:b8:54:3d:f4:48:b7:86:1f:09:85:dc:
f0:b6:19:3e:88:60:25:99:65:f0:a9:49:99:31:7d:
74:dd:5e:5b:56:07:24:47:08:5d:31:06:9e:02:14:
76:63:be:3a:80:a1:db:92:c2:c1:39:36:4a:e6:df:
b6:14:91:8f:00:1e:7f:e7:c8:51:c1:cd:b8:6c:bb:
04:cd:c5:5d:9b:1a:7f:1b:b4:cc:b2:2f:76:00:3b:
4d:23:ee:38:95:e6:77:dc:49:2f:ae:3c:69:a1:6a:
da:b2:ed:ac:27:73:c3:44:4b:d7:77:9d:33:0e:ae:
fd:dc:7d:58:42:33:32:b6:f1:f3:df:f8:8a:39:55:
47:f2:cf:fe:d6:1e:e2:9a:20:4e:fc:83:95:9e:e3:
21:fa:d9:de:e9:de:9f:6c:93:c3:dc:03:bd:74:59:
e6:87:28:e1:89:d2:bb:f7:57:da:a6:8e:63:48:0e:
31:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:EB:CF:09:32:DF:BC:94:90:76:A5:CD:0C:A8:99:89:DA:BB:2B:AD
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/O-vPCTLfvJSQdqXNDKiZidq7K60.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b400::/29
Signature Algorithm: sha256WithRSAEncryption
cd:e3:e8:f0:fd:63:c9:d9:52:4c:8f:cc:e7:3f:39:97:04:d0:
27:58:c1:52:78:e9:35:e5:c5:e5:3a:1d:96:84:77:36:5d:1f:
9b:b0:1d:cf:42:cd:ca:2c:cb:33:39:d1:fc:5a:7e:ef:c7:16:
01:de:2f:9e:4c:87:c9:53:4b:d3:d8:0d:50:d7:9c:eb:c3:0b:
b7:b5:78:43:1a:9b:5b:d2:4b:0c:9b:49:37:01:2a:fd:9f:56:
56:fc:20:b2:90:57:1f:1a:23:b4:44:e0:17:5c:8c:c4:02:d7:
03:77:23:7d:48:f9:1f:1d:db:67:17:0d:9a:c9:31:6e:b5:fb:
e7:1e:5c:e7:b6:c2:85:53:1e:09:5b:3a:a6:10:f0:97:f3:63:
96:c8:e8:81:eb:09:03:97:4c:43:eb:35:b6:38:c6:77:62:6b:
38:b0:f2:89:8d:00:63:a3:89:7d:1c:d4:d3:c7:69:95:67:3d:
92:50:89:99:ad:1b:ad:3b:d3:b4:bd:7e:c1:68:7a:8a:55:ca:
11:46:fd:6c:5b:98:18:df:e7:ce:36:37:3a:44:ce:e1:fc:5d:
c3:16:30:9f:9a:4a:d4:f1:d3:b7:ce:5f:f6:8b:63:0f:e8:26:
d6:43:fd:ad:fd:1c:11:02:eb:25:7d:04:91:78:72:91:72:5f:
80:46:66:ac
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYy2AcXAfJlFYfmgwjWVms5OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMxMjI5MTQzNjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmViY2YwOTMyZGZiYzk0OTA3NmE1Y2QwY2E4OTk4OWRhYmIyYmFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgegdmPd7vIydxMuOsOUulYuN9oJC
Or8PUy3/x7pyMtksQnoZJAjp1SM/cJJMLn2HG+eKaCoPUaZM2/JZSJ/oOotZd4PZ
TiswxZ9tCzgHuFQ99Ei3hh8Jhdzwthk+iGAlmWXwqUmZMX103V5bVgckRwhdMQae
AhR2Y746gKHbksLBOTZK5t+2FJGPAB5/58hRwc24bLsEzcVdmxp/G7TMsi92ADtN
I+44leZ33EkvrjxpoWrasu2sJ3PDREvXd50zDq793H1YQjMytvHz3/iKOVVH8s/+
1h7imiBO/IOVnuMh+tne6d6fbJPD3AO9dFnmhyjhidK791fapo5jSA4xIwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFDvrzwky37yUkHalzQyomYnauyutMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvTy12UENUTGZ2SlNRZHFYTkRLaVppZHE3SzYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg+0ADAN
BgkqhkiG9w0BAQsFAAOCAQEAzePo8P1jydlSTI/M5z85lwTQJ1jBUnjpNeXF5Tod
loR3Nl0fm7Adz0LNyizLMznR/Fp+78cWAd4vnkyHyVNL09gNUNec68MLt7V4Qxqb
W9JLDJtJNwEq/Z9WVvwgspBXHxojtETgF1yMxALXA3cjfUj5Hx3bZxcNmskxbrX7
5x5c57bChVMeCVs6phDwl/NjlsjogesJA5dMQ+s1tjjGd2JrOLDyiY0AY6OJfRzU
08dplWc9klCJma0brTvTtL1+wWh6ilXKEUb9bFuYGN/nzjY3OkTO4fxdwxYwn5pK
1PHTt85f9otjD+gm1kP9rf0cEQLrJX0EkXhykXJfgEZmrA==
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:05:05 2025 by rpki-client