Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/bW-KiVrli-QHyrxHFqpTqcw82iM.roa
File: bW-KiVrli-QHyrxHFqpTqcw82iM.roa (raw, json)
Hash identifier: +20U2trxWURNkOQveGCbJ0ngjNajF1oxXl7IF4NHQYA=
Subject key identifier: 6D:6F:8A:89:5A:E5:8B:E4:07:CA:BC:47:16:AA:53:A9:CC:3C:DA:23
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0184F5D83E9D189F0F8D8B0C98F2F63B2AA0
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/bW-KiVrli-QHyrxHFqpTqcw82iM.roa
Signing time: Fri 09 Dec 2022 07:45:00 +0000
ROA not before: Fri 09 Dec 2022 07:45:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 28753
IP address blocks: 2a0f:2500::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:f5:d8:3e:9d:18:9f:0f:8d:8b:0c:98:f2:f6:3b:2a:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Dec 9 07:45:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6d6f8a895ae58be407cabc4716aa53a9cc3cda23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:22:03:16:e7:0c:0b:05:f4:26:91:47:f7:ec:
f9:c5:2d:dc:ae:06:0d:e5:72:15:54:ca:04:91:08:
5b:14:a3:4a:78:5b:d8:14:13:50:35:47:05:11:e5:
aa:f9:58:73:02:45:c1:6e:4a:90:45:42:de:c5:28:
ea:89:e3:43:5f:df:8a:0e:be:4b:06:26:de:0e:05:
b1:01:db:25:a4:41:30:12:34:37:8e:b7:04:40:ff:
23:c7:cf:74:9b:57:33:ac:b1:98:f6:19:d4:06:98:
d5:50:cf:f1:ce:1c:52:73:68:99:e0:fe:0b:cc:54:
8d:97:66:f5:08:be:cd:1f:45:f6:95:30:33:f9:a8:
ed:9f:5b:5e:02:de:8a:3a:98:35:28:0b:4f:dd:63:
da:d3:d1:8f:fc:3d:e3:9d:c0:ce:e5:29:ad:75:f3:
07:49:55:68:ab:63:8a:32:54:7b:60:e7:01:0b:7c:
f1:c7:fd:cb:9b:52:07:39:59:f7:80:2e:b2:10:a7:
e7:7d:97:27:ad:09:06:73:e5:e6:93:03:5b:a2:f2:
9a:73:24:5b:40:b8:2e:29:73:f7:7f:1d:4a:fd:48:
d9:b8:a0:14:9e:34:2a:10:38:0b:0e:55:97:a7:9b:
dc:fc:3e:8d:48:34:fd:2a:29:3f:32:98:4f:2a:7c:
93:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:6F:8A:89:5A:E5:8B:E4:07:CA:BC:47:16:AA:53:A9:CC:3C:DA:23
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/bW-KiVrli-QHyrxHFqpTqcw82iM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:2500::/29
Signature Algorithm: sha256WithRSAEncryption
a5:c2:bc:de:90:05:51:7d:86:73:de:fe:01:9c:93:d4:a1:74:
16:04:ae:0b:be:d0:84:02:98:56:00:02:64:9a:5a:8e:29:06:
7a:04:f3:fd:35:02:aa:21:92:9b:58:c1:9b:65:3f:29:6c:95:
1c:7e:7f:4d:e1:61:63:07:01:e1:2e:b3:ca:21:1f:8e:e2:34:
37:f4:a6:44:fb:8c:92:7c:08:4a:4e:54:57:18:0e:3d:80:bb:
42:e3:df:d0:21:cf:4f:52:b1:d2:a6:47:82:43:b0:48:7b:e5:
56:73:78:e4:2a:d9:ca:6e:7a:b4:9e:aa:0b:11:89:9c:52:1e:
f8:38:ee:64:f5:2c:c0:cc:c6:c9:8b:b2:12:e0:a3:57:bb:46:
1a:41:09:00:de:e3:90:f7:7c:ec:9a:b2:bf:09:66:5b:73:ed:
0a:7d:14:61:9a:47:8b:1f:22:9b:96:af:be:7c:6b:8f:02:ba:
56:30:e3:78:2a:40:b6:ab:bf:c5:3c:c4:54:d6:03:42:a9:79:
bf:34:58:c2:48:89:50:d3:5f:60:f4:87:0c:cb:48:ce:da:f6:
4d:4a:f1:e7:e5:1e:66:86:a1:87:28:19:7e:52:5c:23:f3:67:
67:94:bb:c2:b7:bb:82:76:7e:c0:e5:16:b6:57:a8:59:f0:2f:
36:86:22:1b
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYT12D6dGJ8PjYsMmPL2OyqgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjIxMjA5MDc0NTAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDZmOGE4OTVhZTU4YmU0MDdjYWJjNDcxNmFhNTNhOWNjM2NkYTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoSIDFucMCwX0JpFH9+z5xS3crgYN
5XIVVMoEkQhbFKNKeFvYFBNQNUcFEeWq+VhzAkXBbkqQRULexSjqieNDX9+KDr5L
BibeDgWxAdslpEEwEjQ3jrcEQP8jx890m1czrLGY9hnUBpjVUM/xzhxSc2iZ4P4L
zFSNl2b1CL7NH0X2lTAz+ajtn1teAt6KOpg1KAtP3WPa09GP/D3jncDO5SmtdfMH
SVVoq2OKMlR7YOcBC3zxx/3Lm1IHOVn3gC6yEKfnfZcnrQkGc+XmkwNbovKacyRb
QLguKXP3fx1K/UjZuKAUnjQqEDgLDlWXp5vc/D6NSDT9Kik/MphPKnyTvQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFG1viola5YvkB8q8RxaqU6nMPNojMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvYlctS2lWcmxpLVFIeXJ4SEZxcFRxY3c4MmlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg8lADAN
BgkqhkiG9w0BAQsFAAOCAQEApcK83pAFUX2Gc97+AZyT1KF0FgSuC77QhAKYVgAC
ZJpajikGegTz/TUCqiGSm1jBm2U/KWyVHH5/TeFhYwcB4S6zyiEfjuI0N/SmRPuM
knwISk5UVxgOPYC7QuPf0CHPT1Kx0qZHgkOwSHvlVnN45CrZym56tJ6qCxGJnFIe
+DjuZPUswMzGyYuyEuCjV7tGGkEJAN7jkPd87JqyvwlmW3PtCn0UYZpHix8im5av
vnxrjwK6VjDjeCpAtqu/xTzEVNYDQql5vzRYwkiJUNNfYPSHDMtIztr2TUrx5+Ue
ZoahhygZflJcI/NnZ5S7wre7gnZ+wOUWtleoWfAvNoYiGw==
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:24:04 2025 by rpki-client