Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/gBeWOEZdWhgzJW7hPqKu0D_7eQ4.roa
File: gBeWOEZdWhgzJW7hPqKu0D_7eQ4.roa (raw, json)
Hash identifier: ENdwb0+jC4RNEmkN8mD16BqyeAI3tzNkbb8CqpTNUAo=
Subject key identifier: 80:17:96:38:46:5D:5A:18:33:25:6E:E1:3E:A2:AE:D0:3F:FB:79:0E
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01856DCAE92F4C09E3785EDCEBFC9836E777
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/gBeWOEZdWhgzJW7hPqKu0D_7eQ4.roa
Signing time: Sun 01 Jan 2023 14:44:52 +0000
ROA not before: Sun 01 Jan 2023 14:44:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14576
IP address blocks: 2a0f:e940::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:ca:e9:2f:4c:09:e3:78:5e:dc:eb:fc:98:36:e7:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jan 1 14:44:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=80179638465d5a1833256ee13ea2aed03ffb790e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:eb:31:f8:59:37:f3:6c:6f:00:8c:fe:5e:f0:
60:62:bc:6f:96:f9:73:11:af:7a:42:d4:3e:19:bb:
51:5c:db:7b:0b:0a:25:df:1d:c6:e2:a1:79:41:74:
b9:37:34:b5:50:48:f8:38:dd:b6:3d:df:67:ce:ed:
54:50:8d:e2:5c:9a:b2:5d:75:8a:01:c5:4f:a3:d6:
e1:61:bf:92:45:c7:52:f7:23:1f:74:18:53:d8:33:
89:86:ec:24:99:4d:da:f1:d0:ca:4a:3d:0d:12:69:
0f:f6:fe:05:d8:87:7d:db:6b:14:53:57:b9:0a:61:
bd:f1:6a:07:28:f4:c3:a9:1d:3f:37:21:7c:fe:19:
13:e4:cf:fd:85:b9:a5:5d:3f:ae:33:8d:12:52:ea:
bd:5e:0e:00:ee:38:75:80:3e:a6:da:da:2c:87:b4:
29:cd:d8:11:c2:8f:e4:23:a7:2d:f4:63:09:76:22:
1f:ac:2a:fb:64:98:97:b6:5c:9d:c1:ba:fb:74:5d:
74:a6:10:9a:e0:7e:1a:73:99:43:11:04:25:fd:87:
ef:e9:f9:7a:76:ca:77:b8:c0:ff:68:e2:74:77:47:
d5:26:7b:bb:4a:4b:fd:44:4c:30:f5:fa:54:62:0c:
cf:83:64:1d:b8:c9:1a:ae:ba:0c:9d:42:ee:74:5d:
28:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:17:96:38:46:5D:5A:18:33:25:6E:E1:3E:A2:AE:D0:3F:FB:79:0E
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/gBeWOEZdWhgzJW7hPqKu0D_7eQ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:e940::/29
Signature Algorithm: sha256WithRSAEncryption
8a:ea:e9:a3:49:6c:bf:a5:6b:06:c7:2d:fb:3f:99:da:29:73:
28:75:2e:61:65:2a:17:ae:b5:e6:a5:46:f4:29:3e:53:0d:40:
26:41:9c:91:a3:aa:1d:a7:be:56:7e:fe:3d:9d:df:96:67:a8:
66:30:5c:b7:4f:23:f8:b8:25:57:08:54:60:a2:e0:b7:0f:87:
dd:e8:2c:ac:f8:ef:a7:cc:c4:20:8a:1d:11:4d:26:ec:10:c2:
c1:08:6c:08:85:08:b8:24:61:45:02:24:77:d6:27:01:52:67:
d9:eb:f0:bd:e9:64:55:5e:d7:c7:44:43:6a:62:b3:e8:e6:7c:
03:05:22:79:c6:e3:d3:ae:a1:c6:eb:74:8f:8f:75:f8:8c:fa:
3e:29:53:6e:2e:8a:e4:18:29:46:60:cc:c5:b1:a7:89:1e:05:
ee:35:e5:e4:fa:90:31:57:37:dd:1a:b2:f5:f7:25:2f:cd:0f:
c0:ea:29:97:fc:e1:33:2c:41:0f:9d:77:b6:f7:34:2e:e5:e1:
c9:a0:a4:d1:24:e2:16:8c:4d:9c:a8:60:34:f8:f4:eb:c5:4f:
d5:73:f1:5c:e8:69:bb:dd:d1:0e:df:88:ad:35:c3:db:82:87:
ec:ab:f4:bf:4e:c1:a8:ca:f3:57:84:81:00:f7:80:52:ce:48:
64:a0:7d:32
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVtyukvTAnjeF7c6/yYNud3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMwMTAxMTQ0NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDE3OTYzODQ2NWQ1YTE4MzMyNTZlZTEzZWEyYWVkMDNmZmI3OTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkesx+Fk382xvAIz+XvBgYrxvlvlz
Ea96QtQ+GbtRXNt7Cwol3x3G4qF5QXS5NzS1UEj4ON22Pd9nzu1UUI3iXJqyXXWK
AcVPo9bhYb+SRcdS9yMfdBhT2DOJhuwkmU3a8dDKSj0NEmkP9v4F2Id922sUU1e5
CmG98WoHKPTDqR0/NyF8/hkT5M/9hbmlXT+uM40SUuq9Xg4A7jh1gD6m2tosh7Qp
zdgRwo/kI6ct9GMJdiIfrCr7ZJiXtlydwbr7dF10phCa4H4ac5lDEQQl/Yfv6fl6
dsp3uMD/aOJ0d0fVJnu7Skv9REww9fpUYgzPg2QduMkarroMnULudF0osQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFIAXljhGXVoYMyVu4T6irtA/+3kOMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvZ0JlV09FWmRXaGd6Slc3aFBxS3UwRF83ZVE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg/pQDAN
BgkqhkiG9w0BAQsFAAOCAQEAiurpo0lsv6VrBsct+z+Z2ilzKHUuYWUqF6615qVG
9Ck+Uw1AJkGckaOqHae+Vn7+PZ3flmeoZjBct08j+LglVwhUYKLgtw+H3egsrPjv
p8zEIIodEU0m7BDCwQhsCIUIuCRhRQIkd9YnAVJn2evwvelkVV7Xx0RDamKz6OZ8
AwUiecbj066hxut0j491+Iz6PilTbi6K5BgpRmDMxbGniR4F7jXl5PqQMVc33Rqy
9fclL80PwOopl/zhMyxBD513tvc0LuXhyaCk0STiFoxNnKhgNPj068VP1XPxXOhp
u93RDt+IrTXD24KH7Kv0v07BqMrzV4SBAPeAUs5IZKB9Mg==
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:45:49 2025 by rpki-client