Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/RNQdMu6ra_REvaEM4KYBCqFKcTc.roa
File: RNQdMu6ra_REvaEM4KYBCqFKcTc.roa (raw, json)
Hash identifier: i751aa3QKsBmqIEk+8cqOynZtWKCrfp1LAt0PeScsrA=
Subject key identifier: 44:D4:1D:32:EE:AB:6B:F4:44:BD:A1:0C:E0:A6:01:0A:A1:4A:71:37
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0182D3E4FCB1AD7A59ADB753673584032840
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/RNQdMu6ra_REvaEM4KYBCqFKcTc.roa
Signing time: Thu 25 Aug 2022 07:26:15 +0000
ROA not before: Thu 25 Aug 2022 07:26:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12608
IP address blocks: 2a0f:e540::/29 maxlen: 29
2a0f:ac00::/29 maxlen: 29
2a0f:fc00::/29 maxlen: 29
2a0f:9600::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:d3:e4:fc:b1:ad:7a:59:ad:b7:53:67:35:84:03:28:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Aug 25 07:26:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=44d41d32eeab6bf444bda10ce0a6010aa14a7137
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:b1:1b:a8:e2:73:88:4e:56:3e:9a:0a:98:dd:
47:fe:d1:7a:f5:e6:62:98:87:9e:2d:9c:39:12:8c:
d5:b6:a2:d5:b5:1d:b1:8e:92:bd:3e:64:1b:d7:3d:
e7:d7:d3:45:02:6f:bb:04:56:6f:8d:6c:96:ae:8c:
d2:72:86:11:74:f8:e8:c7:62:fe:13:f4:84:8c:89:
1b:52:84:17:95:a3:bf:d1:de:cf:cf:7c:87:09:6e:
1c:b2:98:e2:7f:f6:06:f1:f8:8f:1e:2f:90:e7:9b:
c0:d1:8a:24:ae:3e:7c:4d:85:82:3c:cd:dd:4b:4d:
e6:c8:27:7d:c9:f3:35:da:5f:79:0d:b6:46:ea:bb:
10:68:f9:f6:f2:c1:2c:89:61:6c:95:7b:1b:d0:a9:
47:b9:77:9b:71:4a:e1:7b:1f:92:f8:85:e6:82:15:
04:41:40:2c:28:56:5c:77:b2:6a:0d:c5:53:75:40:
2d:1a:b0:f9:86:c2:f6:06:da:d5:14:7c:e7:a6:69:
af:c8:6b:6d:bf:62:56:31:fc:a5:a7:c5:fc:05:5e:
4f:21:ae:42:4a:40:18:ff:ce:66:5d:9f:a3:95:ba:
15:82:f2:01:84:37:d6:e9:5d:68:e7:fd:22:f2:fb:
3b:a7:16:0d:55:0a:93:d0:69:a2:64:08:2c:48:4f:
b8:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:D4:1D:32:EE:AB:6B:F4:44:BD:A1:0C:E0:A6:01:0A:A1:4A:71:37
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/RNQdMu6ra_REvaEM4KYBCqFKcTc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:9600::/29
2a0f:ac00::/29
2a0f:e540::/29
2a0f:fc00::/29
Signature Algorithm: sha256WithRSAEncryption
b8:c2:fd:ca:2a:d2:a9:53:f9:f2:89:9e:ed:05:e5:f0:91:cb:
97:fe:a4:8c:24:5a:09:63:44:96:b4:f1:7e:ff:7b:4d:72:c8:
eb:11:c3:86:ca:c5:2b:e9:fc:a4:3b:09:c4:f9:3b:1f:96:c4:
9a:89:78:97:52:2f:06:92:db:1c:88:8f:1a:ac:a8:e3:72:09:
7c:0f:1b:71:36:53:40:58:d0:e1:ff:50:68:b6:60:bf:73:b1:
6a:11:9e:59:d1:f5:d4:00:bb:54:f7:21:15:b3:d9:25:02:ac:
6c:5a:c9:7e:8e:8b:50:2a:fd:ba:6d:d5:c1:31:19:b6:76:1b:
ec:ee:08:91:ea:ba:f9:57:55:3e:0b:18:dc:8b:8e:8b:56:a2:
03:e5:70:b2:96:93:bc:b0:51:49:43:e3:d9:d3:46:60:d9:95:
6b:f4:b5:d8:00:31:3f:71:e7:e1:43:ae:c3:90:3e:a3:64:22:
bd:fc:ad:82:30:25:55:6d:50:9d:8c:f9:b6:cb:32:4b:e6:88:
a0:7c:d0:4b:f8:82:8a:73:10:d7:fb:94:80:0d:db:1f:74:62:
66:8c:0c:ae:be:c6:0b:36:0f:c5:3c:79:c8:8f:a8:48:5c:89:
0b:b5:7c:4c:19:be:58:37:ff:4b:62:20:aa:4f:8f:26:c1:a0:
3f:50:29:a9
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYLT5PyxrXpZrbdTZzWEAyhAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjIwODI1MDcyNjE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NGQ0MWQzMmVlYWI2YmY0NDRiZGExMGNlMGE2MDEwYWExNGE3MTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAirEbqOJziE5WPpoKmN1H/tF69eZi
mIeeLZw5EozVtqLVtR2xjpK9PmQb1z3n19NFAm+7BFZvjWyWrozScoYRdPjox2L+
E/SEjIkbUoQXlaO/0d7Pz3yHCW4cspjif/YG8fiPHi+Q55vA0Yokrj58TYWCPM3d
S03myCd9yfM12l95DbZG6rsQaPn28sEsiWFslXsb0KlHuXebcUrhex+S+IXmghUE
QUAsKFZcd7JqDcVTdUAtGrD5hsL2BtrVFHznpmmvyGttv2JWMfylp8X8BV5PIa5C
SkAY/85mXZ+jlboVgvIBhDfW6V1o5/0i8vs7pxYNVQqT0GmiZAgsSE+4BwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFETUHTLuq2v0RL2hDOCmAQqhSnE3MB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvUk5RZE11NnJhX1JFdmFFTTRLWUJDcUZLY1RjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUDKg+WAAMF
AyoPrAADBQMqD+VAAwUDKg/8ADANBgkqhkiG9w0BAQsFAAOCAQEAuML9yirSqVP5
8ome7QXl8JHLl/6kjCRaCWNElrTxfv97TXLI6xHDhsrFK+n8pDsJxPk7H5bEmol4
l1IvBpLbHIiPGqyo43IJfA8bcTZTQFjQ4f9QaLZgv3OxahGeWdH11AC7VPchFbPZ
JQKsbFrJfo6LUCr9um3VwTEZtnYb7O4Ikeq6+VdVPgsY3IuOi1aiA+VwspaTvLBR
SUPj2dNGYNmVa/S12AAxP3Hn4UOuw5A+o2QivfytgjAlVW1QnYz5tssyS+aIoHzQ
S/iCinMQ1/uUgA3bH3RiZowMrr7GCzYPxTx5yI+oSFyJC7V8TBm+WDf/S2Igqk+P
JsGgP1ApqQ==
-----END CERTIFICATE-----
Generated at Tue Apr 22 23:23:13 2025 by rpki-client