Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/aaoXlPc1fmmawoYKpqeZoP3EYmU.roa
File: aaoXlPc1fmmawoYKpqeZoP3EYmU.roa (raw, json)
Hash identifier: CbOj10CJJ2knAwY9D6K0EOS+0FiCid3akqQT9G/tFQA=
Subject key identifier: 69:AA:17:94:F7:35:7E:69:9A:C2:86:0A:A6:A7:99:A0:FD:C4:62:65
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018A2678B89ACAC49565C60F8985164889CD
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/aaoXlPc1fmmawoYKpqeZoP3EYmU.roa
Signing time: Thu 24 Aug 2023 07:36:00 +0000
ROA not before: Thu 24 Aug 2023 07:36:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197992
IP address blocks: 2a0f:7f00::/29 maxlen: 29
2a0f:2100::/29 maxlen: 29
2a13:2cc0::/29 maxlen: 29
2a12:d6c0::/29 maxlen: 29
2a13:2b40::/29 maxlen: 29
2a13:200::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:26:78:b8:9a:ca:c4:95:65:c6:0f:89:85:16:48:89:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Aug 24 07:36:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=69aa1794f7357e699ac2860aa6a799a0fdc46265
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:92:85:ad:6d:81:12:b6:f5:81:88:e7:e7:8d:
21:36:78:2b:2d:92:85:32:76:da:95:b0:55:c4:9a:
51:f1:83:85:1f:7e:e5:56:e7:6b:49:85:46:2f:63:
58:0d:fa:aa:b1:3b:d2:08:f9:54:71:be:9a:13:34:
a2:1a:d2:ed:1c:eb:8c:8b:74:b1:82:57:91:b1:38:
00:21:3d:b4:0b:1e:19:36:83:f7:35:f0:14:73:89:
f9:fe:0b:61:c5:3c:55:67:e5:d8:fd:c8:fa:80:83:
1a:ba:7a:7d:81:90:d0:13:e6:4a:c2:8b:1c:97:e8:
a8:b4:35:4e:23:c6:20:c9:b7:45:eb:b2:68:e0:ec:
88:35:af:24:b7:af:51:40:3a:99:a8:68:d1:2c:d3:
c3:5f:e7:ac:11:20:f7:a0:7d:c1:3a:8b:79:62:11:
f3:b2:ea:50:41:eb:f1:0a:b2:3f:d1:6d:b3:27:6c:
42:b4:90:c7:4b:d4:87:05:a7:8a:6f:bb:a9:53:e1:
e5:05:69:4a:ff:70:41:3c:77:6a:d6:1b:76:c2:62:
9f:ec:a7:38:4a:5b:f3:e8:d5:52:a3:46:5b:8c:b7:
e8:30:ba:3c:f7:8a:a2:de:51:7a:fb:ce:fa:10:ff:
79:34:54:02:8f:66:59:ef:42:bf:e8:99:1a:99:9b:
4c:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:AA:17:94:F7:35:7E:69:9A:C2:86:0A:A6:A7:99:A0:FD:C4:62:65
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/aaoXlPc1fmmawoYKpqeZoP3EYmU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:2100::/29
2a0f:7f00::/29
2a12:d6c0::/29
2a13:200::/29
2a13:2b40::/29
2a13:2cc0::/29
Signature Algorithm: sha256WithRSAEncryption
ac:c9:8d:6b:c7:d2:3e:d7:03:c4:ad:60:8c:3d:a6:57:72:24:
0d:f0:2f:e8:e9:59:d9:bd:68:55:87:b1:16:fc:69:48:6b:bf:
2d:58:ab:b4:84:e2:77:bb:dd:44:b9:f6:b3:89:5f:30:90:8c:
f4:41:e8:cc:6a:38:74:4d:f5:ac:4f:51:8d:e8:d2:09:80:8d:
b6:64:a3:00:14:e6:90:c7:94:55:0b:dc:79:68:ee:de:d3:82:
03:16:f2:3c:07:2e:b1:86:bb:7f:5b:bf:03:7f:4a:50:5c:ce:
af:8c:41:25:93:ed:1f:b9:af:70:4b:5a:b2:4f:4f:a4:0d:b4:
a0:17:19:75:94:11:27:d2:8e:85:8b:f1:92:e9:ea:c1:ec:ae:
2c:af:ed:8d:50:68:36:41:d2:a0:5f:4e:fd:b7:22:ca:99:76:
d8:cc:7c:10:7e:29:7a:95:df:77:bc:88:c3:8e:22:0b:a4:83:
7f:68:88:b3:d8:f5:64:9d:7a:93:4f:04:03:67:49:bf:9a:9f:
5d:f0:5c:89:25:dc:5c:c7:ce:c9:2c:57:ae:6c:97:9b:aa:ee:
71:ff:1c:a3:d3:fd:c8:bb:93:f2:ae:8e:7b:50:b6:24:9d:c4:
28:b5:fd:58:6e:9d:67:17:36:a5:8b:60:44:4d:6d:06:99:2a:
da:0d:2f:f1
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYomeLiaysSVZcYPiYUWSInNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMwODI0MDczNjAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWFhMTc5NGY3MzU3ZTY5OWFjMjg2MGFhNmE3OTlhMGZkYzQ2MjY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkZKFrW2BErb1gYjn540hNngrLZKF
MnbalbBVxJpR8YOFH37lVudrSYVGL2NYDfqqsTvSCPlUcb6aEzSiGtLtHOuMi3Sx
gleRsTgAIT20Cx4ZNoP3NfAUc4n5/gthxTxVZ+XY/cj6gIMaunp9gZDQE+ZKwosc
l+iotDVOI8YgybdF67Jo4OyINa8kt69RQDqZqGjRLNPDX+esESD3oH3BOot5YhHz
supQQevxCrI/0W2zJ2xCtJDHS9SHBaeKb7upU+HlBWlK/3BBPHdq1ht2wmKf7Kc4
Slvz6NVSo0ZbjLfoMLo894qi3lF6+876EP95NFQCj2ZZ70K/6JkamZtMmQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFGmqF5T3NX5pmsKGCqanmaD9xGJlMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvYWFvWGxQYzFmbW1hd29ZS3BxZVpvUDNFWW1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAAjAqAwUDKg8hAAMF
AyoPfwADBQMqEtbAAwUDKhMCAAMFAyoTK0ADBQMqEyzAMA0GCSqGSIb3DQEBCwUA
A4IBAQCsyY1rx9I+1wPErWCMPaZXciQN8C/o6VnZvWhVh7EW/GlIa78tWKu0hOJ3
u91EufaziV8wkIz0QejMajh0TfWsT1GN6NIJgI22ZKMAFOaQx5RVC9x5aO7e04ID
FvI8By6xhrt/W78Df0pQXM6vjEElk+0fua9wS1qyT0+kDbSgFxl1lBEn0o6Fi/GS
6erB7K4sr+2NUGg2QdKgX079tyLKmXbYzHwQfil6ld93vIjDjiILpIN/aIiz2PVk
nXqTTwQDZ0m/mp9d8FyJJdxcx87JLFeubJebqu5x/xyj0/3Iu5Pyro57ULYkncQo
tf1Ybp1nFzali2BETW0GmSraDS/x
-----END CERTIFICATE-----
Generated at Mon Apr 21 16:41:46 2025 by rpki-client