Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/TKfLScCi0IGiqGbjfLpppz0u-Dc.roa
File: TKfLScCi0IGiqGbjfLpppz0u-Dc.roa (raw, json)
Hash identifier: HMJnwxI/IopKsr+FqjGfoH/Z8TtDXmNy0825OM89guE=
Subject key identifier: 4C:A7:CB:49:C0:A2:D0:81:A2:A8:66:E3:7C:BA:69:A7:3D:2E:F8:37
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018C79CA3DFF6C53999B7519DF6CA7C5E03C
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/TKfLScCi0IGiqGbjfLpppz0u-Dc.roa
Signing time: Sun 17 Dec 2023 21:59:06 +0000
ROA not before: Sun 17 Dec 2023 21:59:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198571
IP address blocks: 2a13:9080::/29 maxlen: 29
2a0c:9240::/29 maxlen: 29
2a0f:df40::/29 maxlen: 29
2a13:8200::/29 maxlen: 29
2a13:9280::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:79:ca:3d:ff:6c:53:99:9b:75:19:df:6c:a7:c5:e0:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Dec 17 21:59:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4ca7cb49c0a2d081a2a866e37cba69a73d2ef837
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:80:ba:93:02:13:e7:5a:06:1a:59:0f:0d:ef:
07:25:ca:9e:a8:dc:8d:da:63:09:98:f4:50:b4:39:
5b:39:ab:31:fd:9c:40:6b:a7:a0:e1:01:2f:f1:be:
ab:38:76:89:ac:de:78:8d:7f:63:89:c2:bf:63:00:
e4:94:33:98:74:9a:e6:83:d1:b3:9e:76:1d:b5:f8:
4b:66:be:7b:95:bc:3f:17:de:5d:70:5d:7a:21:40:
bc:e5:c5:fb:a1:fd:cd:9c:56:f6:d0:74:c7:cd:8d:
bd:d6:f1:db:00:d1:2b:06:f4:bf:d2:63:70:b0:02:
5e:db:bc:38:b7:e1:09:81:80:2f:f0:e4:20:e1:1c:
e2:bc:28:6a:a1:f9:00:87:1a:99:64:14:91:cb:37:
23:a7:49:af:22:05:9f:83:99:58:43:0d:8f:3d:5c:
f4:35:54:18:86:34:79:42:74:63:c6:9a:cc:66:a5:
de:91:cd:87:14:89:39:30:dd:29:94:0d:1c:a2:b7:
a1:39:65:ce:2e:4e:e8:b6:09:cc:1b:4b:9f:ad:40:
2d:61:a5:71:c2:4d:bc:8a:a3:f1:f6:53:9d:fa:8f:
c3:e6:15:4e:07:59:c2:af:08:94:96:2a:66:84:56:
f6:fa:ec:73:7a:5d:f3:6a:6b:76:91:3a:fc:d9:8e:
8f:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:A7:CB:49:C0:A2:D0:81:A2:A8:66:E3:7C:BA:69:A7:3D:2E:F8:37
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/TKfLScCi0IGiqGbjfLpppz0u-Dc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9240::/29
2a0f:df40::/29
2a13:8200::/29
2a13:9080::/29
2a13:9280::/29
Signature Algorithm: sha256WithRSAEncryption
89:95:0b:8d:7b:27:c0:02:2e:82:f7:02:7a:e5:dd:95:c1:2b:
ea:b6:8e:5d:9a:ee:79:5e:f9:96:09:12:a7:80:af:d2:c6:ae:
f0:f0:0f:ec:85:d5:7c:16:0f:e2:b6:54:e2:ef:5e:8c:1b:f9:
e0:de:d8:a4:82:ec:23:46:99:fd:32:a1:1f:b5:2c:80:93:5c:
e2:27:2a:5f:2e:9b:40:9d:9b:71:ab:6a:e0:07:d8:90:5a:a4:
58:98:c0:9f:b7:38:1d:a9:c3:a4:02:ad:84:0a:85:b1:25:c7:
96:ce:b6:e2:54:b7:71:e1:4b:ed:af:cb:67:00:75:5b:b1:ab:
a3:eb:4b:09:a2:94:14:22:8c:e4:8c:a8:b2:70:e8:00:df:a0:
66:0d:88:61:fc:49:54:0b:b5:9a:cf:a0:8f:fc:05:06:6b:c7:
e9:b1:73:f8:86:0b:4b:37:e4:17:de:cd:d1:56:6f:ce:ee:bd:
dd:f0:24:7a:7c:2c:b6:b9:b1:ea:1f:27:00:5b:57:8b:4c:0d:
22:3a:8e:7c:10:71:4b:08:e6:30:0b:c4:fb:20:ce:19:6f:df:
3e:07:da:0d:c1:28:3c:0d:0f:0e:b0:74:a0:b3:0d:f6:7b:25:
ba:96:69:37:a4:ca:89:c2:6e:72:d0:9c:93:0b:65:b2:c7:23:
9f:7b:bf:c6
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYx5yj3/bFOZm3UZ32ynxeA8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMxMjE3MjE1OTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2E3Y2I0OWMwYTJkMDgxYTJhODY2ZTM3Y2JhNjlhNzNkMmVmODM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7oC6kwIT51oGGlkPDe8HJcqeqNyN
2mMJmPRQtDlbOasx/ZxAa6eg4QEv8b6rOHaJrN54jX9jicK/YwDklDOYdJrmg9Gz
nnYdtfhLZr57lbw/F95dcF16IUC85cX7of3NnFb20HTHzY291vHbANErBvS/0mNw
sAJe27w4t+EJgYAv8OQg4RzivChqofkAhxqZZBSRyzcjp0mvIgWfg5lYQw2PPVz0
NVQYhjR5QnRjxprMZqXekc2HFIk5MN0plA0corehOWXOLk7otgnMG0ufrUAtYaVx
wk28iqPx9lOd+o/D5hVOB1nCrwiUlipmhFb2+uxzel3zamt2kTr82Y6PrQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFEyny0nAotCBoqhm43y6aac9Lvg3MB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvVEtmTFNjQ2kwSUdpcUdiamZMcHBwejB1LURjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzApBAIAAjAjAwUDKgySQAMF
AyoP30ADBQMqE4IAAwUDKhOQgAMFAyoTkoAwDQYJKoZIhvcNAQELBQADggEBAImV
C417J8ACLoL3Anrl3ZXBK+q2jl2a7nle+ZYJEqeAr9LGrvDwD+yF1XwWD+K2VOLv
Xowb+eDe2KSC7CNGmf0yoR+1LICTXOInKl8um0Cdm3GrauAH2JBapFiYwJ+3OB2p
w6QCrYQKhbElx5bOtuJUt3HhS+2vy2cAdVuxq6PrSwmilBQijOSMqLJw6ADfoGYN
iGH8SVQLtZrPoI/8BQZrx+mxc/iGC0s35BfezdFWb87uvd3wJHp8LLa5seofJwBb
V4tMDSI6jnwQcUsI5jALxPsgzhlv3z4H2g3BKDwNDw6wdKCzDfZ7JbqWaTekyonC
bnLQnJMLZbLHI597v8Y=
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:13:06 2025 by rpki-client