Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/OQr26x8ysR7LO8qd93pGnPmi1hk.roa
File: OQr26x8ysR7LO8qd93pGnPmi1hk.roa (raw, json)
Hash identifier: Tihom9hbR2H4+93oUgZXUxxOSTvMv1EsXhmFpaeesDU=
Subject key identifier: 39:0A:F6:EB:1F:32:B1:1E:CB:3B:CA:9D:F7:7A:46:9C:F9:A2:D6:19
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018515082679C0B46659F0F1F2B0A767DE1C
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/OQr26x8ysR7LO8qd93pGnPmi1hk.roa
Signing time: Thu 15 Dec 2022 09:05:33 +0000
ROA not before: Thu 15 Dec 2022 09:05:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 396362
IP address blocks: 2a0f:e841::/32 maxlen: 32
2a0c:4880::/29 maxlen: 29
2a0f:e843::/32 maxlen: 32
2a13:1940::/29 maxlen: 29
2a0e:1a82::/32 maxlen: 32
2a0f:1e80:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:15:08:26:79:c0:b4:66:59:f0:f1:f2:b0:a7:67:de:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Dec 15 09:05:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=390af6eb1f32b11ecb3bca9df77a469cf9a2d619
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:90:55:70:81:b0:a1:48:f2:bc:9f:a3:cc:46:
3a:67:ee:b9:0f:05:fe:aa:64:ed:0c:80:6d:8f:73:
16:be:0c:4a:d4:2a:93:be:0f:6a:60:71:00:22:38:
ce:03:8a:e0:9a:6c:50:0b:36:18:1f:e8:d7:3d:5b:
88:47:63:f1:53:ca:23:44:7a:8d:05:c3:ef:2c:87:
8a:7a:27:d2:2d:85:1d:23:1d:6e:bd:ee:8c:1a:c7:
57:51:21:27:c6:b4:80:20:a7:7a:cb:bc:60:b7:ea:
96:9e:cf:ff:6c:84:8d:8b:12:6a:b2:e2:68:84:2e:
7f:d2:f5:8e:47:8e:e3:de:13:d0:19:be:30:09:e7:
5a:0b:91:a9:35:5c:c7:33:35:9f:2b:82:b2:05:08:
17:f9:da:1c:af:63:af:ab:56:1a:6a:85:0a:a8:c5:
9d:b4:7d:90:28:7d:03:40:03:7f:56:b5:e4:32:91:
ea:dd:32:bb:5b:64:8c:21:4d:40:ee:39:1f:6a:f5:
5a:43:38:8a:98:86:02:2a:08:59:68:e9:36:c9:c7:
13:3a:7e:77:24:2a:c8:a9:db:a3:18:18:86:6d:a4:
47:33:d6:a1:0a:00:7c:a9:c6:10:7d:35:f2:c4:94:
90:f7:a7:61:31:09:aa:c9:cf:b3:69:c5:df:39:6a:
08:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:0A:F6:EB:1F:32:B1:1E:CB:3B:CA:9D:F7:7A:46:9C:F9:A2:D6:19
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/OQr26x8ysR7LO8qd93pGnPmi1hk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:4880::/29
2a0e:1a82::/32
2a0f:1e80:1::/48
2a0f:e841::/32
2a0f:e843::/32
2a13:1940::/29
Signature Algorithm: sha256WithRSAEncryption
43:05:da:d9:0c:6c:7d:2f:0d:b1:0f:c2:21:81:0d:60:32:5c:
4d:61:63:e1:fd:fd:45:27:07:17:27:f5:f4:44:0f:90:b5:66:
d9:a2:e8:32:49:f2:f4:4c:9c:79:fa:ac:a4:11:72:df:cd:82:
eb:db:60:49:ba:52:37:bd:bf:67:45:1e:76:2a:43:04:2f:06:
92:b0:25:9d:ab:50:3d:b5:16:6f:03:9d:a4:e5:6e:f0:8d:49:
4e:3a:42:2e:b6:c1:97:88:b1:99:42:5e:77:a1:b4:45:2c:d0:
aa:fb:7d:00:5f:9a:b1:47:0a:86:aa:2a:72:2b:e7:4e:79:36:
af:74:f7:6c:59:51:83:88:c4:f2:4e:b9:bc:2c:1e:a2:1c:f7:
df:9d:10:19:9d:0c:6a:2b:74:a5:59:01:ea:bb:51:e0:4b:94:
44:08:b0:aa:70:8b:ba:11:f5:ab:68:18:33:7d:da:0a:9b:3c:
ce:6d:78:af:98:54:57:f7:a0:67:d6:7a:1b:be:63:e1:32:65:
22:a9:e4:6f:dc:9b:04:f6:64:84:93:fb:ee:c1:cf:97:c0:bb:
f8:10:46:32:08:91:e8:13:09:73:9d:8c:95:dd:ee:d4:b3:ea:
35:a3:3f:a7:cd:59:dd:9e:17:1c:7b:9f:a3:2f:c5:fb:51:9f:
d4:b2:83:9d
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYUVCCZ5wLRmWfDx8rCnZ94cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjIxMjE1MDkwNTMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTBhZjZlYjFmMzJiMTFlY2IzYmNhOWRmNzdhNDY5Y2Y5YTJkNjE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmJBVcIGwoUjyvJ+jzEY6Z+65DwX+
qmTtDIBtj3MWvgxK1CqTvg9qYHEAIjjOA4rgmmxQCzYYH+jXPVuIR2PxU8ojRHqN
BcPvLIeKeifSLYUdIx1uve6MGsdXUSEnxrSAIKd6y7xgt+qWns//bISNixJqsuJo
hC5/0vWOR47j3hPQGb4wCedaC5GpNVzHMzWfK4KyBQgX+docr2Ovq1YaaoUKqMWd
tH2QKH0DQAN/VrXkMpHq3TK7W2SMIU1A7jkfavVaQziKmIYCKghZaOk2yccTOn53
JCrIqdujGBiGbaRHM9ahCgB8qcYQfTXyxJSQ96dhMQmqyc+zacXfOWoInQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFDkK9usfMrEeyzvKnfd6Rpz5otYZMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvT1FyMjZ4OHlzUjdMTzhxZDkzcEduUG1pMWhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAAjAsAwUDKgxIgAMF
ACoOGoIDBwAqDx6AAAEDBQAqD+hBAwUAKg/oQwMFAyoTGUAwDQYJKoZIhvcNAQEL
BQADggEBAEMF2tkMbH0vDbEPwiGBDWAyXE1hY+H9/UUnBxcn9fRED5C1Ztmi6DJJ
8vRMnHn6rKQRct/NguvbYEm6Uje9v2dFHnYqQwQvBpKwJZ2rUD21Fm8DnaTlbvCN
SU46Qi62wZeIsZlCXnehtEUs0Kr7fQBfmrFHCoaqKnIr5055Nq9092xZUYOIxPJO
ubwsHqIc99+dEBmdDGordKVZAeq7UeBLlEQIsKpwi7oR9atoGDN92gqbPM5teK+Y
VFf3oGfWehu+Y+EyZSKp5G/cmwT2ZIST++7Bz5fAu/gQRjIIkegTCXOdjJXd7tSz
6jWjP6fNWd2eFxx7n6MvxftRn9Syg50=
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:06:44 2025 by rpki-client