Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/TXIyarsXGc2CT2J4Q0armg_bgxw.roa
File: TXIyarsXGc2CT2J4Q0armg_bgxw.roa (raw, json)
Hash identifier: L+pTZnbqveTP85ix1a4yXFEsdPq1ZBk5hwHSy9+5IPE=
Subject key identifier: 4D:72:32:6A:BB:17:19:CD:82:4F:62:78:43:46:AB:9A:0F:DB:83:1C
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018C7BFC5F82934BE46017710E667D4C34D7
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/TXIyarsXGc2CT2J4Q0armg_bgxw.roa
Signing time: Mon 18 Dec 2023 08:13:06 +0000
ROA not before: Mon 18 Dec 2023 08:13:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216246
IP address blocks: 2a0f:4f80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:7b:fc:5f:82:93:4b:e4:60:17:71:0e:66:7d:4c:34:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Dec 18 08:13:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4d72326abb1719cd824f62784346ab9a0fdb831c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:a2:ea:df:83:2d:e5:f4:30:63:69:59:ca:93:
f9:c9:0d:37:bf:cc:0b:25:a4:88:7f:c4:fe:a8:40:
cc:f1:3b:d1:0e:87:70:1a:6a:8e:9c:a9:61:c5:d6:
29:71:bd:0d:2a:d4:07:38:72:a2:8c:6f:76:97:df:
4a:ca:c6:af:6e:fb:0f:d7:71:c3:ae:93:a1:0f:a2:
9a:77:32:15:ad:d4:e0:88:f3:2d:a7:29:98:24:1f:
f3:b6:dd:f5:72:6b:90:9b:33:f5:93:98:b8:f9:c4:
aa:36:7b:f4:8c:c0:cf:b0:cc:01:b2:53:58:ee:78:
41:80:57:c6:b1:e1:24:d8:ad:7f:0e:4c:a7:dd:d5:
b5:d9:c1:40:0d:d4:28:8e:a9:3d:63:b6:2c:08:4a:
9a:be:b8:db:e2:0c:ba:23:c0:d6:66:82:e1:86:6f:
5e:2f:0d:dc:38:da:1a:78:d5:72:f2:8c:9a:59:18:
e1:de:54:27:74:70:c6:cb:93:27:f0:be:55:64:2e:
e3:37:3f:9c:38:00:5c:07:62:3f:cf:21:c2:1e:d8:
34:af:16:25:ee:0c:71:95:ed:f2:e8:68:0b:d7:a6:
35:58:2c:95:9a:4b:be:90:0e:fe:0f:ad:26:96:0a:
3f:4c:ab:b3:aa:80:96:96:1b:ce:e4:49:ed:ad:d2:
8f:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:72:32:6A:BB:17:19:CD:82:4F:62:78:43:46:AB:9A:0F:DB:83:1C
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/TXIyarsXGc2CT2J4Q0armg_bgxw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:4f80::/29
Signature Algorithm: sha256WithRSAEncryption
99:95:79:64:b6:32:1b:fb:4c:59:08:c3:77:5f:ef:67:c5:3d:
4a:51:43:08:5d:a6:8a:bd:5c:b7:95:59:dc:6a:26:28:06:dc:
a7:e6:ae:96:9f:91:9c:4f:5b:60:db:cf:b5:6b:48:89:95:97:
01:7b:b7:ef:f7:06:26:1a:aa:bd:bb:bc:11:92:90:d3:7d:2d:
9b:13:4a:79:12:9c:50:dc:6b:ca:d8:54:4b:26:d3:f6:13:a0:
f9:17:20:0e:47:95:06:8e:e4:5e:c8:e4:a2:ed:e1:ae:bc:d1:
8a:1c:86:90:2b:98:00:c0:73:ee:4b:c8:d1:7c:c1:0a:e2:d1:
41:7b:be:60:be:c4:29:6e:32:c8:2c:52:9e:9b:dc:a2:b7:72:
fc:d5:80:6e:e3:85:21:bd:ea:d9:96:d2:5f:09:32:ce:36:3e:
7c:32:0a:0f:9e:e8:61:40:dd:ad:ed:d4:84:16:e7:bd:37:b0:
c9:d5:72:fa:16:86:1b:c6:6a:a0:68:43:b0:0c:21:d0:09:af:
4d:03:ef:f4:ef:2f:79:b2:1a:01:25:f9:dd:d8:d3:c5:54:13:
c7:3d:11:26:38:61:50:f3:5d:42:58:fd:0e:ab:c9:94:18:ef:
b5:81:c2:e7:5c:9f:8d:b3:99:5b:4d:fe:79:40:f4:22:53:3d:
29:9c:c0:62
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYx7/F+Ck0vkYBdxDmZ9TDTXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMxMjE4MDgxMzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDcyMzI2YWJiMTcxOWNkODI0ZjYyNzg0MzQ2YWI5YTBmZGI4MzFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmKLq34Mt5fQwY2lZypP5yQ03v8wL
JaSIf8T+qEDM8TvRDodwGmqOnKlhxdYpcb0NKtQHOHKijG92l99KysavbvsP13HD
rpOhD6KadzIVrdTgiPMtpymYJB/ztt31cmuQmzP1k5i4+cSqNnv0jMDPsMwBslNY
7nhBgFfGseEk2K1/Dkyn3dW12cFADdQojqk9Y7YsCEqavrjb4gy6I8DWZoLhhm9e
Lw3cONoaeNVy8oyaWRjh3lQndHDGy5Mn8L5VZC7jNz+cOABcB2I/zyHCHtg0rxYl
7gxxle3y6GgL16Y1WCyVmku+kA7+D60mlgo/TKuzqoCWlhvO5EntrdKPPQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFE1yMmq7FxnNgk9ieENGq5oP24McMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvVFhJeWFyc1hHYzJDVDJKNFEwYXJtZ19iZ3h3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg9PgDAN
BgkqhkiG9w0BAQsFAAOCAQEAmZV5ZLYyG/tMWQjDd1/vZ8U9SlFDCF2mir1ct5VZ
3GomKAbcp+aulp+RnE9bYNvPtWtIiZWXAXu37/cGJhqqvbu8EZKQ030tmxNKeRKc
UNxrythUSybT9hOg+RcgDkeVBo7kXsjkou3hrrzRihyGkCuYAMBz7kvI0XzBCuLR
QXu+YL7EKW4yyCxSnpvcordy/NWAbuOFIb3q2ZbSXwkyzjY+fDIKD57oYUDdre3U
hBbnvTewydVy+haGG8ZqoGhDsAwh0AmvTQPv9O8vebIaASX53djTxVQTxz0RJjhh
UPNdQlj9DqvJlBjvtYHC51yfjbOZW03+eUD0IlM9KZzAYg==
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:21:12 2025 by rpki-client