Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/bGhCCxOKpEBfCSPUnNPked3BDHI.roa
File: bGhCCxOKpEBfCSPUnNPked3BDHI.roa (raw, json)
Hash identifier: Cae/0FwHLiLfzT+EemCaZ6MS1TZKRPAnf74/ejJXK8w=
Subject key identifier: 6C:68:42:0B:13:8A:A4:40:5F:09:23:D4:9C:D3:E4:79:DD:C1:0C:72
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018940339BF3DBD28BD4BA06A3F4F37BB064
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/bGhCCxOKpEBfCSPUnNPked3BDHI.roa
Signing time: Mon 10 Jul 2023 14:27:51 +0000
ROA not before: Mon 10 Jul 2023 14:27:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 395839
IP address blocks: 2a0f:39c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:40:33:9b:f3:db:d2:8b:d4:ba:06:a3:f4:f3:7b:b0:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jul 10 14:27:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6c68420b138aa4405f0923d49cd3e479ddc10c72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:17:a8:0a:b1:ff:5f:a5:25:d1:80:b0:2f:61:
cf:3c:49:09:44:01:c1:1d:53:1e:97:92:3e:ef:05:
cb:3e:32:b1:0f:78:ad:c9:f0:af:c5:29:a3:27:b7:
4b:c3:8a:26:86:95:f3:08:91:be:b9:f9:20:86:0e:
b4:0a:67:bd:5d:99:98:cf:6b:5a:5a:4d:7b:c0:51:
d6:6e:67:18:b2:63:94:e3:70:fb:95:15:b7:92:b9:
a8:c7:76:76:27:4c:ce:dc:f0:23:23:35:90:63:c2:
56:a3:75:89:e0:81:29:a4:52:0e:39:9b:a6:fe:fc:
0b:cf:c9:13:e6:c6:9b:79:25:d8:d8:da:91:c1:37:
23:ca:e3:6a:45:fe:30:b3:7b:ca:cd:3f:e1:43:7d:
63:21:27:2b:ab:f2:7f:e0:f5:b7:55:a6:58:70:2d:
28:f8:bf:8a:fb:02:9a:c0:9f:5a:bf:93:46:82:42:
d9:30:84:50:14:03:a4:8d:c7:62:b0:dc:04:c2:d1:
e6:71:32:d2:e3:82:b5:1d:eb:39:73:12:6a:6e:4b:
76:81:20:1b:c5:51:17:17:c3:b0:c0:52:68:b5:54:
61:78:2d:b3:6d:1c:d8:05:4b:d9:f8:be:08:5d:8c:
3d:d2:20:b6:e4:19:8e:45:50:80:a4:8f:74:68:0b:
7d:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:68:42:0B:13:8A:A4:40:5F:09:23:D4:9C:D3:E4:79:DD:C1:0C:72
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/bGhCCxOKpEBfCSPUnNPked3BDHI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:39c0::/29
Signature Algorithm: sha256WithRSAEncryption
7f:f7:4a:23:ec:95:10:10:1c:53:56:3a:30:6e:0a:9f:fa:ab:
4e:2b:58:12:09:88:4c:b9:66:4f:fe:a3:53:8c:17:13:90:f7:
0b:60:ec:9f:ec:64:63:18:25:6c:96:9d:04:6e:43:3a:70:cf:
64:38:31:3e:0b:4c:c9:af:cd:8f:ca:c3:13:d3:cc:49:fb:0c:
9d:08:6f:2a:c6:c2:2e:67:a9:49:80:c7:3d:7e:b3:1d:d1:22:
d1:e6:c7:b0:5e:20:59:ae:03:23:ee:62:f1:7a:57:bd:24:87:
f5:69:31:c9:e3:f0:eb:76:af:7f:07:87:07:2f:1e:c1:b9:42:
25:6b:c6:c8:d9:dd:02:9a:4f:b9:15:ba:3d:b7:76:21:2b:71:
89:11:5c:f6:45:65:ac:0b:1d:0d:40:60:62:3f:3c:2a:c8:77:
b5:cb:6e:d7:04:9f:d6:4c:47:65:db:71:8f:06:8c:b3:b0:a5:
c6:e8:01:f0:51:1e:ed:a2:4e:52:5a:dd:31:3d:15:2d:41:2b:
91:95:22:a4:c5:61:7c:91:e0:a8:4a:dc:4a:e4:b3:bc:ff:6b:
38:92:d1:53:f8:a9:a0:a8:c2:9b:79:d5:94:c8:49:2d:fd:72:
a2:92:76:27:f5:21:71:90:4b:b8:3f:63:8e:cd:3d:48:e8:91:
fa:9f:65:b6
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYlAM5vz29KL1LoGo/Tze7BkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMwNzEwMTQyNzUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzY4NDIwYjEzOGFhNDQwNWYwOTIzZDQ5Y2QzZTQ3OWRkYzEwYzcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuReoCrH/X6Ul0YCwL2HPPEkJRAHB
HVMel5I+7wXLPjKxD3ityfCvxSmjJ7dLw4omhpXzCJG+ufkghg60Cme9XZmYz2ta
Wk17wFHWbmcYsmOU43D7lRW3krmox3Z2J0zO3PAjIzWQY8JWo3WJ4IEppFIOOZum
/vwLz8kT5sabeSXY2NqRwTcjyuNqRf4ws3vKzT/hQ31jIScrq/J/4PW3VaZYcC0o
+L+K+wKawJ9av5NGgkLZMIRQFAOkjcdisNwEwtHmcTLS44K1Hes5cxJqbkt2gSAb
xVEXF8OwwFJotVRheC2zbRzYBUvZ+L4IXYw90iC25BmORVCApI90aAt98wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFGxoQgsTiqRAXwkj1JzT5HndwQxyMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvYkdoQ0N4T0twRUJmQ1NQVW5OUGtlZDNCREhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg85wDAN
BgkqhkiG9w0BAQsFAAOCAQEAf/dKI+yVEBAcU1Y6MG4Kn/qrTitYEgmITLlmT/6j
U4wXE5D3C2Dsn+xkYxglbJadBG5DOnDPZDgxPgtMya/Nj8rDE9PMSfsMnQhvKsbC
LmepSYDHPX6zHdEi0ebHsF4gWa4DI+5i8XpXvSSH9WkxyePw63avfweHBy8ewblC
JWvGyNndAppPuRW6Pbd2IStxiRFc9kVlrAsdDUBgYj88Ksh3tctu1wSf1kxHZdtx
jwaMs7ClxugB8FEe7aJOUlrdMT0VLUErkZUipMVhfJHgqErcSuSzvP9rOJLRU/ip
oKjCm3nVlMhJLf1yopJ2J/UhcZBLuD9jjs09SOiR+p9ltg==
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:01:29 2025 by rpki-client