Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/ieL3BK2tXEl067Uii8jRaBVdBZA.roa
File: ieL3BK2tXEl067Uii8jRaBVdBZA.roa (raw, json)
Hash identifier: V8WdMYKQAzbTFklkOilU+wuKaK2XE2p8pm5XD+yaDwA=
Subject key identifier: 89:E2:F7:04:AD:AD:5C:49:74:EB:B5:22:8B:C8:D1:68:15:5D:05:90
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01C13882
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/ieL3BK2tXEl067Uii8jRaBVdBZA.roa
Signing time: Sat 05 Feb 2022 16:45:53 +0000
ROA not before: Sat 05 Feb 2022 16:45:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209968
IP address blocks: 2a0f:1e00::/29 maxlen: 29
2a0f:1e85::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 29440130 (0x1c13882)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Feb 5 16:45:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=89e2f704adad5c4974ebb5228bc8d168155d0590
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:dc:ae:b8:0d:e7:58:21:62:b5:37:27:6c:da:
d0:6e:74:fe:b0:ba:44:d7:bb:14:95:99:bc:62:7e:
0c:77:56:42:8e:0b:49:a2:5c:70:32:a4:71:6c:74:
a8:0e:c5:72:06:58:77:5c:1a:30:c5:12:90:0e:46:
e6:5e:f4:26:49:3f:43:df:d8:0a:da:c5:23:f2:42:
75:15:66:26:e3:06:1f:7d:01:ac:5e:f1:25:87:9a:
c6:38:68:68:68:d7:40:fa:d4:fa:ab:4a:13:31:b8:
e2:f6:1a:39:1b:5d:e7:f6:18:79:df:b3:27:82:fe:
6f:80:00:3c:bc:cb:2d:e5:30:1f:7a:60:cc:f5:52:
89:d3:ec:10:4b:84:cd:f7:81:2b:e4:51:0a:c0:75:
7a:ea:ba:0b:c3:83:86:18:2e:8b:74:f1:06:80:c7:
c6:88:4b:36:3d:67:10:04:a9:c9:2b:a4:32:b7:0d:
df:41:28:2f:90:4f:7e:9a:1d:3a:8e:02:cd:45:fb:
23:87:55:23:bc:ad:7a:02:9b:5b:de:b0:e9:22:d0:
c5:ca:a5:2c:77:af:f5:4e:47:f8:f2:4c:c4:d7:d8:
37:9d:ad:20:fd:33:a4:01:98:9e:b6:cd:19:6e:ac:
8f:98:83:4a:a8:b5:2d:9e:9c:bd:be:71:fe:b0:48:
94:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:E2:F7:04:AD:AD:5C:49:74:EB:B5:22:8B:C8:D1:68:15:5D:05:90
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/ieL3BK2tXEl067Uii8jRaBVdBZA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:1e00::/29
2a0f:1e85::/32
Signature Algorithm: sha256WithRSAEncryption
79:da:bc:06:fa:64:9c:f3:fd:2f:65:d5:17:82:dd:52:74:0c:
03:98:e4:89:bd:9d:ef:b4:41:c2:76:19:b5:fb:21:61:2f:76:
cb:ee:06:c0:45:93:b5:d8:a6:a0:c0:7b:bb:96:71:e7:9d:b4:
5d:0a:30:d8:94:09:d5:02:bc:9e:fd:45:39:00:54:4b:d1:8a:
be:1a:19:03:f9:e7:4c:37:a4:3c:e4:38:1b:90:92:ce:c4:1a:
2f:e9:16:3e:60:c8:a7:b4:9f:0f:2e:0b:29:95:ef:61:6c:5b:
2a:0f:dd:e2:a5:1f:a1:50:1e:4a:33:ab:f9:d4:fa:95:c7:7d:
fe:d7:24:54:58:2b:81:f8:01:4d:d4:f5:58:eb:5d:f2:b8:34:
9a:45:94:0f:93:dd:1d:f4:eb:2f:c9:f7:8c:d8:ac:97:c4:ae:
d1:dc:6a:a3:eb:48:bd:19:a6:b6:a9:19:71:98:cf:d9:d9:3a:
11:4f:c9:aa:16:25:d9:e5:a2:12:90:a4:f7:7d:8b:2d:76:5b:
cd:54:09:1e:b0:47:fa:81:51:e2:51:f2:d9:bc:a9:66:a0:66:
a4:9f:38:69:c4:9d:ec:85:12:37:14:f6:50:c1:09:6e:52:fe:
c6:c1:e7:2f:1d:41:79:d9:65:21:0a:af:b7:99:a4:69:0d:51:
16:fd:98:1b
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEAcE4gjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
ZDU1OWFhZmJmYzA5MzEyNDJlMWQ2MzcyOThjZjFkZDIyM2U0YzI2MB4XDTIyMDIw
NTE2NDU1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODllMmY3MDRhZGFk
NWM0OTc0ZWJiNTIyOGJjOGQxNjgxNTVkMDU5MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMncrrgN51ghYrU3J2za0G50/rC6RNe7FJWZvGJ+DHdWQo4L
SaJccDKkcWx0qA7FcgZYd1waMMUSkA5G5l70Jkk/Q9/YCtrFI/JCdRVmJuMGH30B
rF7xJYeaxjhoaGjXQPrU+qtKEzG44vYaORtd5/YYed+zJ4L+b4AAPLzLLeUwH3pg
zPVSidPsEEuEzfeBK+RRCsB1euq6C8ODhhgui3TxBoDHxohLNj1nEASpySukMrcN
30EoL5BPfpodOo4CzUX7I4dVI7ytegKbW96w6SLQxcqlLHev9U5H+PJMxNfYN52t
IP0zpAGYnrbNGW6sj5iDSqi1LZ6cvb5x/rBIlOcCAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBSJ4vcEra1cSXTrtSKLyNFoFV0FkDAfBgNVHSMEGDAWgBR9VZqvv8CTEkLh
1jcpjPHdIj5MJjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2ZWV2FyN19Ba3hKQzRkWTNLWXp4M1NJLVRDWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzAvNDlhZGM2LWJhODktNDAzZi1hZGE5LThjNTAwN2MyYTRiNi8x
L2llTDNCSzJ0WEVsMDY3VWlpOGpSYUJWZEJaQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzAv
NDlhZGM2LWJhODktNDAzZi1hZGE5LThjNTAwN2MyYTRiNi8xL2ZWV2FyN19Ba3hK
QzRkWTNLWXp4M1NJLVRDWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAIwDgMFAyoPHgADBQAqDx6FMA0GCSqGSIb3
DQEBCwUAA4IBAQB52rwG+mSc8/0vZdUXgt1SdAwDmOSJvZ3vtEHCdhm1+yFhL3bL
7gbARZO12KagwHu7lnHnnbRdCjDYlAnVArye/UU5AFRL0Yq+GhkD+edMN6Q85Dgb
kJLOxBov6RY+YMintJ8PLgsple9hbFsqD93ipR+hUB5KM6v51PqVx33+1yRUWCuB
+AFN1PVY613yuDSaRZQPk90d9OsvyfeM2KyXxK7R3Gqj60i9Gaa2qRlxmM/Z2ToR
T8mqFiXZ5aISkKT3fYstdlvNVAkesEf6gVHiUfLZvKlmoGaknzhpxJ3shRI3FPZQ
wQluUv7GwecvHUF52WUhCq+3maRpDVEW/Zgb
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:07:23 2025 by rpki-client