Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/_2n6ErEJ53-d5rqnG0BR9oZeGz0.roa
File: _2n6ErEJ53-d5rqnG0BR9oZeGz0.roa (raw, json)
Hash identifier: eYa3JJ21tvCGUG5lM6KZiUoo7NlAldPfh7EPOhLMJKM=
Subject key identifier: FF:69:FA:12:B1:09:E7:7F:9D:E6:BA:A7:1B:40:51:F6:86:5E:1B:3D
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0188AE510EF2A044937423A1E853E32EE903
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/_2n6ErEJ53-d5rqnG0BR9oZeGz0.roa
Signing time: Mon 12 Jun 2023 06:35:27 +0000
ROA not before: Mon 12 Jun 2023 06:35:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200021
IP address blocks: 2a0f:2100::/29 maxlen: 29
2a0e:5a80::/29 maxlen: 29
2a0f:e9c0::/29 maxlen: 29
2a0f:e00::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:ae:51:0e:f2:a0:44:93:74:23:a1:e8:53:e3:2e:e9:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jun 12 06:35:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ff69fa12b109e77f9de6baa71b4051f6865e1b3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:f3:fa:f8:49:de:c9:e7:90:87:bb:24:f4:74:
08:48:98:bd:d1:60:a7:a4:ef:61:5a:3b:54:b4:a5:
14:b3:8d:1f:98:00:99:9a:e4:3e:47:44:de:d7:c9:
c3:b1:56:00:17:36:8b:5c:7c:36:a1:e8:7d:d4:32:
59:19:1b:0d:ba:d6:bc:4c:01:c2:08:dd:62:43:fd:
80:55:c2:99:ac:41:7f:46:4f:9f:c4:1c:6b:d2:e9:
93:89:68:a1:93:2b:b9:ce:4c:5d:e5:f1:10:f5:12:
3f:8b:4e:e7:41:3c:24:ac:9b:18:6f:3a:31:2e:50:
bb:42:94:28:d3:99:c8:d4:90:86:03:ca:44:1d:84:
fe:ea:de:49:c6:66:22:0f:e0:61:c6:e2:75:d6:48:
e5:35:6f:07:a9:db:91:19:dd:ed:e9:fe:91:65:76:
c9:b3:63:16:63:c2:05:0f:e5:6b:51:18:81:24:9e:
80:07:90:31:62:8c:23:31:9b:35:05:7e:54:72:3b:
71:4c:c4:3a:9a:43:eb:fa:37:85:fe:b7:17:94:d3:
a1:49:ac:f3:37:29:a0:eb:f3:5f:e0:36:28:02:c8:
66:a0:1a:79:2e:d0:8f:28:5b:31:32:7a:f5:76:3b:
64:2b:be:13:82:cb:c2:89:4c:7b:6e:f8:04:8b:8a:
de:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:69:FA:12:B1:09:E7:7F:9D:E6:BA:A7:1B:40:51:F6:86:5E:1B:3D
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/_2n6ErEJ53-d5rqnG0BR9oZeGz0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:5a80::/29
2a0f:e00::/29
2a0f:2100::/29
2a0f:e9c0::/29
Signature Algorithm: sha256WithRSAEncryption
49:ba:62:31:53:dd:1d:de:b3:fa:d7:cd:92:96:77:dc:66:7f:
39:8c:10:59:d1:c5:ff:cc:1a:9c:35:53:49:c1:14:84:83:4e:
64:65:38:0f:7c:77:59:f2:5e:e6:24:dc:36:e2:3a:50:72:7b:
92:ec:44:f2:6a:86:89:48:73:47:cf:f1:18:2b:eb:2f:4c:42:
03:6c:80:5f:a4:bb:75:be:3b:90:fb:4d:24:61:e9:cd:db:9e:
79:b3:2e:44:21:aa:72:9a:94:09:d6:a6:97:3d:5a:f2:51:e2:
e1:ff:2c:86:cf:73:a0:8a:40:f9:ee:bf:31:f6:9b:59:59:86:
41:52:bf:a9:bb:e2:be:73:b5:da:14:5f:2d:5f:c0:75:a6:5d:
98:4c:85:9b:f2:dd:e6:d7:26:7c:dd:09:f0:f1:2f:f7:05:3f:
e1:17:a6:20:4b:a7:ec:36:3a:ce:5d:b0:dd:f0:95:56:3b:ae:
68:29:72:26:49:a8:dc:30:17:d2:40:8c:10:25:d0:57:94:36:
9a:aa:6b:6b:c0:a2:02:06:ea:48:06:5b:92:4e:f3:46:7c:86:
74:9d:22:a9:58:ab:09:1d:88:a5:0c:1b:22:1e:07:7f:4a:8e:
a3:38:55:48:5e:41:ff:dc:c1:1b:bb:88:24:31:94:52:f9:a7:
d8:e8:85:4e
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYiuUQ7yoESTdCOh6FPjLukDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMwNjEyMDYzNTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjY5ZmExMmIxMDllNzdmOWRlNmJhYTcxYjQwNTFmNjg2NWUxYjNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7PP6+EneyeeQh7sk9HQISJi90WCn
pO9hWjtUtKUUs40fmACZmuQ+R0Te18nDsVYAFzaLXHw2oeh91DJZGRsNuta8TAHC
CN1iQ/2AVcKZrEF/Rk+fxBxr0umTiWihkyu5zkxd5fEQ9RI/i07nQTwkrJsYbzox
LlC7QpQo05nI1JCGA8pEHYT+6t5JxmYiD+BhxuJ11kjlNW8HqduRGd3t6f6RZXbJ
s2MWY8IFD+VrURiBJJ6AB5AxYowjMZs1BX5UcjtxTMQ6mkPr+jeF/rcXlNOhSazz
Nymg6/Nf4DYoAshmoBp5LtCPKFsxMnr1djtkK74TgsvCiUx7bvgEi4rexwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFP9p+hKxCed/nea6pxtAUfaGXhs9MB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvXzJuNkVyRUo1My1kNXJxbkcwQlI5b1plR3owLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUDKg5agAMF
AyoPDgADBQMqDyEAAwUDKg/pwDANBgkqhkiG9w0BAQsFAAOCAQEASbpiMVPdHd6z
+tfNkpZ33GZ/OYwQWdHF/8wanDVTScEUhINOZGU4D3x3WfJe5iTcNuI6UHJ7kuxE
8mqGiUhzR8/xGCvrL0xCA2yAX6S7db47kPtNJGHpzdueebMuRCGqcpqUCdamlz1a
8lHi4f8shs9zoIpA+e6/MfabWVmGQVK/qbvivnO12hRfLV/AdaZdmEyFm/Ld5tcm
fN0J8PEv9wU/4RemIEun7DY6zl2w3fCVVjuuaClyJkmo3DAX0kCMECXQV5Q2mqpr
a8CiAgbqSAZbkk7zRnyGdJ0iqVirCR2IpQwbIh4Hf0qOozhVSF5B/9zBG7uIJDGU
Uvmn2OiFTg==
-----END CERTIFICATE-----
Generated at Tue Apr 22 02:22:11 2025 by rpki-client