Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/c-izhC_UZKxEyV3NA48KowV80NQ.roa
File: c-izhC_UZKxEyV3NA48KowV80NQ.roa (raw, json)
Hash identifier: y7KUHuLyzTeoZssQsPoJCOzLg6QDX4EGm9ra6u7KXR4=
Subject key identifier: 73:E8:B3:84:2F:D4:64:AC:44:C9:5D:CD:03:8F:0A:A3:05:7C:D0:D4
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018C7243F8236B95AA09A6EBCA4D87B1E7D4
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/c-izhC_UZKxEyV3NA48KowV80NQ.roa
Signing time: Sat 16 Dec 2023 10:55:06 +0000
ROA not before: Sat 16 Dec 2023 10:55:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198571
IP address blocks: 2a13:9580::/29 maxlen: 29
2a13:9080::/29 maxlen: 29
2a0c:9240::/29 maxlen: 29
2a0f:df40::/29 maxlen: 29
2a13:8200::/29 maxlen: 29
2a13:9280::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:72:43:f8:23:6b:95:aa:09:a6:eb:ca:4d:87:b1:e7:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Dec 16 10:55:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=73e8b3842fd464ac44c95dcd038f0aa3057cd0d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:2e:a4:3a:47:c7:67:cf:2b:99:89:85:97:d6:
06:eb:15:e5:50:8c:d9:b9:82:8a:91:df:52:5d:35:
40:e1:3e:31:17:c9:12:0b:c7:bf:54:91:90:86:e1:
6c:48:d5:93:de:5f:a4:e7:b6:a2:4e:f4:3e:0d:9b:
3a:21:21:88:36:e2:1d:c7:c0:ea:7e:74:1b:dc:8d:
b2:b0:a7:6d:7a:a5:94:c5:4b:57:06:61:bf:aa:fa:
8b:73:36:5c:24:a8:89:73:54:23:5b:dd:7c:d3:b2:
db:5b:b2:a9:60:37:2c:0e:f2:fa:54:a5:43:97:2d:
57:1d:26:4f:80:37:c9:12:14:de:32:c6:73:c0:87:
d2:eb:22:03:94:de:78:99:ab:0c:e2:d6:bd:5c:9b:
89:ae:9c:20:a0:82:30:9f:cc:89:1e:5d:6a:b7:92:
77:00:97:f4:3f:43:e2:58:bd:08:06:af:56:9a:80:
c9:e8:80:c5:80:42:20:3f:cc:94:66:4c:be:20:e8:
c9:48:75:12:6c:1a:32:f3:e4:44:02:22:7e:79:c9:
02:42:f9:93:d7:9f:81:f5:f2:03:e0:d0:25:da:fd:
59:71:0e:be:d5:dd:3d:05:7b:18:70:8f:b9:5b:3a:
5e:1c:60:61:9d:fd:13:4c:ba:95:c5:ef:a5:8e:af:
e0:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:E8:B3:84:2F:D4:64:AC:44:C9:5D:CD:03:8F:0A:A3:05:7C:D0:D4
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/c-izhC_UZKxEyV3NA48KowV80NQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9240::/29
2a0f:df40::/29
2a13:8200::/29
2a13:9080::/29
2a13:9280::/29
2a13:9580::/29
Signature Algorithm: sha256WithRSAEncryption
16:aa:fc:b9:ec:0c:66:a3:3d:09:b6:23:e5:a0:b5:ae:16:37:
ca:83:c2:7a:7c:6a:85:59:65:da:62:0b:65:14:37:78:a9:54:
f0:11:f4:36:a8:cb:73:15:2e:28:88:95:b6:30:43:2b:33:d4:
eb:77:02:09:d1:6d:b6:6a:03:5f:98:a9:cf:3d:c9:d9:a2:b4:
c0:21:60:ff:e5:47:cf:db:c8:52:33:98:fa:ab:a0:6a:90:06:
6d:1b:18:63:32:5f:40:80:1c:ae:4c:77:d8:15:8e:2f:62:f0:
b8:47:57:17:e1:1e:27:33:79:13:19:d9:40:bf:f0:38:b5:d8:
bb:81:b3:0a:ea:b0:f6:70:82:cd:bd:31:47:1e:af:f2:5e:63:
28:36:9a:75:82:b7:ba:92:56:aa:3f:d8:ac:99:de:ec:4b:12:
65:e4:27:ca:55:d9:e4:1f:1e:34:f9:60:ab:38:39:f8:5a:50:
bd:de:b2:14:b5:27:86:67:48:af:11:bc:50:b1:10:dc:7d:39:
25:1d:42:5a:70:53:b6:f6:e3:9f:ae:03:a6:cf:26:c9:fd:af:
65:61:5f:ca:57:a3:ce:2b:6a:9a:5d:6c:73:b8:2e:3f:67:43:
e0:eb:cf:e4:0b:34:d8:dc:0b:d1:dc:51:27:8c:d1:a2:5d:cf:
8d:6f:5d:7e
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYxyQ/gja5WqCabryk2HsefUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMxMjE2MTA1NTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3M2U4YjM4NDJmZDQ2NGFjNDRjOTVkY2QwMzhmMGFhMzA1N2NkMGQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6i6kOkfHZ88rmYmFl9YG6xXlUIzZ
uYKKkd9SXTVA4T4xF8kSC8e/VJGQhuFsSNWT3l+k57aiTvQ+DZs6ISGINuIdx8Dq
fnQb3I2ysKdteqWUxUtXBmG/qvqLczZcJKiJc1QjW91807LbW7KpYDcsDvL6VKVD
ly1XHSZPgDfJEhTeMsZzwIfS6yIDlN54masM4ta9XJuJrpwgoIIwn8yJHl1qt5J3
AJf0P0PiWL0IBq9WmoDJ6IDFgEIgP8yUZky+IOjJSHUSbBoy8+REAiJ+eckCQvmT
15+B9fID4NAl2v1ZcQ6+1d09BXsYcI+5WzpeHGBhnf0TTLqVxe+ljq/gLQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFHPos4Qv1GSsRMldzQOPCqMFfNDUMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvYy1pemhDX1VaS3hFeVYzTkE0OEtvd1Y4ME5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAAjAqAwUDKgySQAMF
AyoP30ADBQMqE4IAAwUDKhOQgAMFAyoTkoADBQMqE5WAMA0GCSqGSIb3DQEBCwUA
A4IBAQAWqvy57Axmoz0JtiPloLWuFjfKg8J6fGqFWWXaYgtlFDd4qVTwEfQ2qMtz
FS4oiJW2MEMrM9TrdwIJ0W22agNfmKnPPcnZorTAIWD/5UfP28hSM5j6q6BqkAZt
GxhjMl9AgByuTHfYFY4vYvC4R1cX4R4nM3kTGdlAv/A4tdi7gbMK6rD2cILNvTFH
Hq/yXmMoNpp1gre6klaqP9ismd7sSxJl5CfKVdnkHx40+WCrODn4WlC93rIUtSeG
Z0ivEbxQsRDcfTklHUJacFO29uOfrgOmzybJ/a9lYV/KV6POK2qaXWxzuC4/Z0Pg
68/kCzTY3AvR3FEnjNGiXc+Nb11+
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:14:50 2025 by rpki-client