Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/WXeDAAOG2cZ2OfhBoAPK6kagqdQ.roa
File: WXeDAAOG2cZ2OfhBoAPK6kagqdQ.roa (raw, json)
Hash identifier: ZTd+k1hd3xSs09sKj2n65k9T9tGh8OdQZE4rz0xwtnw=
Subject key identifier: 59:77:83:00:03:86:D9:C6:76:39:F8:41:A0:03:CA:EA:46:A0:A9:D4
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0185159521A0010CBF94A0A54C6C596FF6DE
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/WXeDAAOG2cZ2OfhBoAPK6kagqdQ.roa
Signing time: Thu 15 Dec 2022 11:39:33 +0000
ROA not before: Thu 15 Dec 2022 11:39:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29066
IP address blocks: 2a0f:4a00::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:15:95:21:a0:01:0c:bf:94:a0:a5:4c:6c:59:6f:f6:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Dec 15 11:39:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=597783000386d9c67639f841a003caea46a0a9d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:42:5b:d6:47:d6:ea:cf:a3:45:80:95:b6:a8:
79:d8:cb:1d:ab:6d:01:5c:46:ee:62:98:9c:01:86:
4d:c4:7d:0a:7d:6d:57:dd:2b:4c:ec:11:92:83:61:
72:4a:b0:1d:32:d5:35:fd:4e:f9:22:f3:ab:4f:f5:
02:d2:de:7f:6b:cc:51:ed:83:3f:ac:28:6f:f6:fa:
f8:87:b8:7d:f1:fc:0f:97:b5:da:a5:8e:79:04:01:
e1:5c:99:e1:2b:cb:be:fa:66:5b:9b:58:e8:1e:27:
ce:5f:fd:cb:f8:da:0c:f6:02:7f:55:42:d8:b7:bf:
a7:14:e8:94:96:30:7b:00:20:d5:45:bd:84:69:42:
2b:eb:7d:f4:47:1c:35:ae:df:84:6e:e7:a5:15:07:
2b:7b:82:82:c1:f6:8b:22:20:66:9c:79:cc:cd:47:
b9:be:82:17:aa:78:3e:a1:c7:5a:7b:15:8e:8c:8f:
2a:e8:6e:23:17:0f:f3:bd:47:e4:97:94:db:0f:f6:
67:75:de:db:80:ca:24:9a:16:fd:65:48:c5:84:48:
64:fa:23:0e:73:31:f7:ae:f8:49:c6:a6:70:20:d2:
15:25:8a:79:19:cb:fd:fe:31:18:12:be:6e:aa:9d:
51:60:68:02:5d:e3:bd:34:17:35:3d:7c:dc:47:37:
20:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:77:83:00:03:86:D9:C6:76:39:F8:41:A0:03:CA:EA:46:A0:A9:D4
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/WXeDAAOG2cZ2OfhBoAPK6kagqdQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:4a00::/29
Signature Algorithm: sha256WithRSAEncryption
1b:3e:1c:3e:86:7c:7c:da:7d:d1:02:8f:63:84:dd:c2:ee:59:
94:0f:83:37:82:e2:7a:b8:ce:cc:be:1b:0e:f5:b2:d1:37:e9:
d4:cf:fe:ad:01:ae:4a:65:ec:ac:bc:44:f6:0e:98:05:87:51:
b7:e6:75:22:66:13:26:71:5c:b7:80:af:46:d1:20:2b:1b:14:
54:3f:fd:e4:d7:79:9f:96:06:70:a5:5e:92:7c:72:2f:12:cb:
5c:69:ce:a4:aa:4a:e8:3f:02:59:84:3a:a4:1e:eb:6b:4d:09:
d2:78:6e:cf:ab:be:6d:a0:09:1b:6e:cd:d8:cf:91:dc:92:f9:
0a:a2:9e:80:32:62:4c:c2:00:ec:3c:6e:7f:e8:2d:ac:ed:e4:
34:47:fc:30:20:f1:5c:96:a2:c3:26:ed:91:a3:7b:39:05:ed:
b7:a0:3c:51:3c:c0:19:76:06:5b:b8:96:a6:8a:52:1e:4d:ff:
a7:98:5c:1e:ce:ac:ed:08:97:8d:21:cc:d5:58:09:80:a3:b7:
87:5a:60:f5:fa:a4:80:54:b1:8f:6d:6e:56:ea:af:07:2b:1a:
4b:98:58:33:17:8c:8a:8c:43:53:95:2e:d6:9b:17:36:5f:d7:
f6:38:06:92:43:2f:6d:34:5d:61:2a:13:37:c2:43:c0:5e:c5:
45:b9:57:0a
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYUVlSGgAQy/lKClTGxZb/beMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjIxMjE1MTEzOTMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTc3ODMwMDAzODZkOWM2NzYzOWY4NDFhMDAzY2FlYTQ2YTBhOWQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAukJb1kfW6s+jRYCVtqh52Msdq20B
XEbuYpicAYZNxH0KfW1X3StM7BGSg2FySrAdMtU1/U75IvOrT/UC0t5/a8xR7YM/
rChv9vr4h7h98fwPl7XapY55BAHhXJnhK8u++mZbm1joHifOX/3L+NoM9gJ/VULY
t7+nFOiUljB7ACDVRb2EaUIr6330Rxw1rt+EbuelFQcre4KCwfaLIiBmnHnMzUe5
voIXqng+ocdaexWOjI8q6G4jFw/zvUfkl5TbD/Zndd7bgMokmhb9ZUjFhEhk+iMO
czH3rvhJxqZwINIVJYp5Gcv9/jEYEr5uqp1RYGgCXeO9NBc1PXzcRzcgLQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFFl3gwADhtnGdjn4QaADyupGoKnUMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvV1hlREFBT0cyY1oyT2ZoQm9BUEs2a2FncWRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg9KADAN
BgkqhkiG9w0BAQsFAAOCAQEAGz4cPoZ8fNp90QKPY4Tdwu5ZlA+DN4LierjOzL4b
DvWy0Tfp1M/+rQGuSmXsrLxE9g6YBYdRt+Z1ImYTJnFct4CvRtEgKxsUVD/95Nd5
n5YGcKVeknxyLxLLXGnOpKpK6D8CWYQ6pB7ra00J0nhuz6u+baAJG27N2M+R3JL5
CqKegDJiTMIA7Dxuf+gtrO3kNEf8MCDxXJaiwybtkaN7OQXtt6A8UTzAGXYGW7iW
popSHk3/p5hcHs6s7QiXjSHM1VgJgKO3h1pg9fqkgFSxj21uVuqvBysaS5hYMxeM
ioxDU5Uu1psXNl/X9jgGkkMvbTRdYSoTN8JDwF7FRblXCg==
-----END CERTIFICATE-----
Generated at Tue Apr 22 04:09:38 2025 by rpki-client