Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/O_F_AJp1F7eMVH5gDFIlocYV6Kg.roa
File: O_F_AJp1F7eMVH5gDFIlocYV6Kg.roa (raw, json)
Hash identifier: IqIciaB6SdWSQLc4xKh0w6Q+qHzNoXoonEpO1rx9QCE=
Subject key identifier: 3B:F1:7F:00:9A:75:17:B7:8C:54:7E:60:0C:52:25:A1:C6:15:E8:A8
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0183E754BA5844C8276F90AA4B942AA918AB
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/O_F_AJp1F7eMVH5gDFIlocYV6Kg.roa
Signing time: Mon 17 Oct 2022 19:03:52 +0000
ROA not before: Mon 17 Oct 2022 19:03:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20473
IP address blocks: 2a0e:15c0:1::/48 maxlen: 48
2a12:d6c1::/32 maxlen: 32
2a12:d6c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:e7:54:ba:58:44:c8:27:6f:90:aa:4b:94:2a:a9:18:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Oct 17 19:03:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3bf17f009a7517b78c547e600c5225a1c615e8a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:57:16:0a:4d:33:cd:fb:06:1c:89:10:27:fe:
2e:17:f7:3b:e1:38:d9:82:d4:bc:7d:2f:30:76:8d:
fd:0b:5a:f3:f1:98:68:bb:2b:8a:3e:85:cd:de:cb:
43:e8:45:9e:42:e7:33:4b:5a:aa:d6:2c:9c:14:bc:
a6:5a:63:4a:ce:29:78:48:1f:d0:97:b9:db:05:46:
7a:7a:5d:f9:16:f9:de:5e:9d:af:05:77:b3:3d:73:
08:69:a7:fc:ec:cf:ad:3e:7f:3f:cd:1e:00:a2:60:
d6:1e:db:f3:54:65:51:11:c1:ec:2a:cd:97:9e:02:
95:3d:46:8f:93:76:28:3f:af:59:f9:72:1d:2c:66:
e7:20:75:22:d5:e4:7c:55:af:fd:c0:b9:a2:5c:3a:
b3:7e:99:65:e5:c0:95:7d:e7:60:71:f8:87:97:19:
9c:b3:59:15:e3:f0:fe:ba:eb:9a:48:86:11:b3:6c:
14:94:c3:0c:19:75:73:17:f3:4f:fd:be:2a:9d:4a:
d9:db:22:d9:4c:72:1e:7d:da:41:dc:c4:eb:fd:9d:
e7:73:82:92:96:cd:c6:ff:f9:7f:31:c1:0f:23:33:
5e:78:d5:5d:95:6c:af:e8:df:a5:ad:0b:5f:33:c9:
94:89:86:01:5c:60:90:91:82:33:b9:0a:c8:a5:4e:
cd:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:F1:7F:00:9A:75:17:B7:8C:54:7E:60:0C:52:25:A1:C6:15:E8:A8
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/O_F_AJp1F7eMVH5gDFIlocYV6Kg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:15c0:1::/48
2a12:d6c0::/29
Signature Algorithm: sha256WithRSAEncryption
4d:72:38:09:47:10:4b:81:d0:0e:50:6a:80:20:ac:11:db:20:
17:09:9d:aa:8f:0d:61:2d:8a:bf:c4:18:76:da:d6:87:d1:de:
5c:fa:65:73:7e:12:f3:85:51:30:d2:74:ed:56:36:76:ae:43:
da:d7:fa:b6:83:e1:92:c7:a7:e5:7e:3b:5f:87:ad:f6:5f:fb:
c2:84:a9:bc:1a:09:5a:c1:89:a7:e6:ff:20:51:eb:0c:a6:55:
50:f4:e9:37:fa:87:93:f7:62:02:35:d2:07:44:ca:5a:af:8e:
46:38:3f:85:76:22:41:fd:c3:1e:11:1a:f4:f2:95:df:7d:ff:
c8:f6:06:1b:f3:17:b7:8d:db:41:ae:95:38:76:83:e1:60:d7:
a8:52:5b:86:45:25:37:e9:6d:bb:45:c7:2a:db:09:08:fc:64:
5b:c3:38:ba:b1:59:86:75:f8:d5:d4:6a:ea:e0:b4:73:7b:7a:
be:8d:f6:1e:f2:ca:32:02:4b:35:ee:5e:8e:16:b5:36:0b:ca:
6b:2b:b4:73:5c:1f:bb:16:7c:3f:41:24:3b:40:dd:bb:20:dc:
b1:8c:bc:9f:55:8f:df:ef:43:de:63:2a:7a:a0:75:1f:dc:1d:
ce:a1:42:50:12:09:f2:7e:c8:76:45:98:da:81:60:6e:1c:c4:
98:e6:7d:4b
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAYPnVLpYRMgnb5CqS5QqqRirMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjIxMDE3MTkwMzUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmYxN2YwMDlhNzUxN2I3OGM1NDdlNjAwYzUyMjVhMWM2MTVlOGE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhFcWCk0zzfsGHIkQJ/4uF/c74TjZ
gtS8fS8wdo39C1rz8ZhouyuKPoXN3stD6EWeQuczS1qq1iycFLymWmNKzil4SB/Q
l7nbBUZ6el35FvneXp2vBXezPXMIaaf87M+tPn8/zR4AomDWHtvzVGVREcHsKs2X
ngKVPUaPk3YoP69Z+XIdLGbnIHUi1eR8Va/9wLmiXDqzfpll5cCVfedgcfiHlxmc
s1kV4/D+uuuaSIYRs2wUlMMMGXVzF/NP/b4qnUrZ2yLZTHIefdpB3MTr/Z3nc4KS
ls3G//l/McEPIzNeeNVdlWyv6N+lrQtfM8mUiYYBXGCQkYIzuQrIpU7NsQIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFDvxfwCadRe3jFR+YAxSJaHGFeioMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvT19GX0FKcDFGN2VNVkg1Z0RGSWxvY1lWNktnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQAwcAKg4VwAAB
AwUDKhLWwDANBgkqhkiG9w0BAQsFAAOCAQEATXI4CUcQS4HQDlBqgCCsEdsgFwmd
qo8NYS2Kv8QYdtrWh9HeXPplc34S84VRMNJ07VY2dq5D2tf6toPhksen5X47X4et
9l/7woSpvBoJWsGJp+b/IFHrDKZVUPTpN/qHk/diAjXSB0TKWq+ORjg/hXYiQf3D
HhEa9PKV333/yPYGG/MXt43bQa6VOHaD4WDXqFJbhkUlN+ltu0XHKtsJCPxkW8M4
urFZhnX41dRq6uC0c3t6vo32HvLKMgJLNe5ejha1NgvKayu0c1wfuxZ8P0EkO0Dd
uyDcsYy8n1WP3+9D3mMqeqB1H9wdzqFCUBIJ8n7IdkWY2oFgbhzEmOZ9Sw==
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:13:21 2025 by rpki-client