Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/RqO4xOcwyaD6J4C97hDBtPd0b6E.roa
File: RqO4xOcwyaD6J4C97hDBtPd0b6E.roa (raw, json)
Hash identifier: /vt+9ZUUX8rWiSJxk/EapQk3koJL0FROLj7fF5q21mQ=
Subject key identifier: 46:A3:B8:C4:E7:30:C9:A0:FA:27:80:BD:EE:10:C1:B4:F7:74:6F:A1
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018611F045335CAABD38BC8BD921D3C07D1C
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/RqO4xOcwyaD6J4C97hDBtPd0b6E.roa
Signing time: Thu 02 Feb 2023 11:43:24 +0000
ROA not before: Thu 02 Feb 2023 11:43:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8772
IP address blocks: 2a0a:1400::/29 maxlen: 29
2a0f:e040::/29 maxlen: 29
2a0f:2100::/29 maxlen: 29
2a0c:9240::/29 maxlen: 29
2a0f:8300::/29 maxlen: 29
2a0f:8100::/29 maxlen: 29
2a0f:dd40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:11:f0:45:33:5c:aa:bd:38:bc:8b:d9:21:d3:c0:7d:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Feb 2 11:43:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=46a3b8c4e730c9a0fa2780bdee10c1b4f7746fa1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:42:76:62:b8:53:16:d9:dd:df:c2:19:f1:11:
b9:f4:06:fc:20:87:cd:85:f5:5b:09:2d:cb:cb:a0:
52:58:7f:22:07:ac:8e:f2:5b:85:17:b2:b4:84:ba:
d7:e5:fa:3a:16:9d:c5:97:72:1c:e3:33:cf:1c:64:
39:ba:c7:14:f3:79:73:d1:fa:d0:e2:37:42:88:84:
28:a4:fc:cd:a7:cb:69:21:1f:d5:af:e9:14:57:df:
45:61:ec:6d:3a:a8:52:37:33:84:bb:3b:1d:b5:e5:
4a:9d:3a:76:06:21:ed:3c:52:e0:b3:37:23:26:e4:
a7:5a:0e:f5:ea:4b:9b:1a:1b:d0:e4:ba:52:ea:4f:
09:4f:49:ea:ab:d8:63:a4:38:39:a0:5d:37:23:c6:
58:7f:7e:eb:e2:ad:96:a7:0a:90:36:aa:0d:a5:24:
6d:e0:bb:5e:74:82:32:57:75:ac:82:e1:3a:b8:6e:
01:ce:26:67:87:76:18:0b:17:28:cb:f1:6f:eb:f3:
99:2e:7b:52:98:8c:1f:de:eb:cb:98:44:9b:25:26:
75:4d:d7:d7:d5:2e:66:56:70:e4:bf:9f:df:94:56:
29:eb:76:1c:9a:ff:eb:4e:dc:44:33:6c:f6:2b:52:
0c:31:37:b0:f9:ea:6c:9e:32:46:2b:dc:ee:d0:f3:
ca:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:A3:B8:C4:E7:30:C9:A0:FA:27:80:BD:EE:10:C1:B4:F7:74:6F:A1
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/RqO4xOcwyaD6J4C97hDBtPd0b6E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:1400::/29
2a0c:9240::/29
2a0f:2100::/29
2a0f:8100::/29
2a0f:8300::/29
2a0f:dd40::/29
2a0f:e040::/29
Signature Algorithm: sha256WithRSAEncryption
3e:2f:2f:80:b3:16:19:1e:f9:9f:5a:21:14:00:47:d6:a1:60:
71:0e:52:38:65:02:5e:4b:8c:6b:f7:c6:ea:c5:5b:29:8a:aa:
b3:82:e4:30:36:65:f0:62:4c:b1:5d:77:af:39:21:91:b4:b6:
89:dd:ad:5e:fd:66:88:6f:21:b6:23:58:ad:33:9f:f4:7c:b6:
74:bf:51:df:0f:64:11:bd:d8:35:4f:c1:d5:43:ca:1e:81:3e:
2d:b9:96:b1:bd:95:9f:5b:be:c4:f4:be:f0:6f:5d:a4:5a:f6:
9a:b4:ff:cb:c9:ae:8c:d7:98:f4:5f:b0:e1:e1:8c:a1:0e:b4:
cf:06:44:a6:69:f3:40:ff:f9:0f:0d:51:67:98:81:e7:d3:d4:
05:0e:66:4c:39:51:45:21:a1:b9:cb:9e:78:2e:6f:b9:e0:41:
24:cb:ac:11:16:e0:02:c9:f4:e3:27:8e:2a:93:73:5a:82:5d:
5f:f6:35:44:57:7e:e1:24:02:fc:c9:65:ed:85:f1:c8:70:88:
ef:88:04:2d:96:25:68:a6:29:d2:d6:ec:09:71:11:84:1b:c4:
90:0d:5c:7f:e7:d7:df:5c:75:76:b9:be:99:ca:f7:54:1f:ce:
ab:e9:45:13:ed:be:ef:3e:26:50:64:70:91:62:45:ea:d6:a0:
30:22:4b:01
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAYYR8EUzXKq9OLyL2SHTwH0cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMwMjAyMTE0MzI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NmEzYjhjNGU3MzBjOWEwZmEyNzgwYmRlZTEwYzFiNGY3NzQ2ZmExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwkJ2YrhTFtnd38IZ8RG59Ab8IIfN
hfVbCS3Ly6BSWH8iB6yO8luFF7K0hLrX5fo6Fp3Fl3Ic4zPPHGQ5uscU83lz0frQ
4jdCiIQopPzNp8tpIR/Vr+kUV99FYextOqhSNzOEuzsdteVKnTp2BiHtPFLgszcj
JuSnWg716kubGhvQ5LpS6k8JT0nqq9hjpDg5oF03I8ZYf37r4q2WpwqQNqoNpSRt
4LtedIIyV3WsguE6uG4BziZnh3YYCxcoy/Fv6/OZLntSmIwf3uvLmESbJSZ1TdfX
1S5mVnDkv5/flFYp63Ycmv/rTtxEM2z2K1IMMTew+epsnjJGK9zu0PPKiwIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFEajuMTnMMmg+ieAve4QwbT3dG+hMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvUnFPNHhPY3d5YUQ2SjRDOTdoREJ0UGQwYjZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTA3BAIAAjAxAwUDKgoUAAMF
AyoMkkADBQMqDyEAAwUDKg+BAAMFAyoPgwADBQMqD91AAwUDKg/gQDANBgkqhkiG
9w0BAQsFAAOCAQEAPi8vgLMWGR75n1ohFABH1qFgcQ5SOGUCXkuMa/fG6sVbKYqq
s4LkMDZl8GJMsV13rzkhkbS2id2tXv1miG8htiNYrTOf9Hy2dL9R3w9kEb3YNU/B
1UPKHoE+LbmWsb2Vn1u+xPS+8G9dpFr2mrT/y8mujNeY9F+w4eGMoQ60zwZEpmnz
QP/5Dw1RZ5iB59PUBQ5mTDlRRSGhucueeC5vueBBJMusERbgAsn04yeOKpNzWoJd
X/Y1RFd+4SQC/Mll7YXxyHCI74gELZYlaKYp0tbsCXERhBvEkA1cf+fX31x1drm+
mcr3VB/Oq+lFE+2+7z4mUGRwkWJF6tagMCJLAQ==
-----END CERTIFICATE-----
Generated at Tue Apr 22 23:24:04 2025 by rpki-client