Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/j20HZwZRFZ9NvQMkBdkDEFTi5-0.roa
File: j20HZwZRFZ9NvQMkBdkDEFTi5-0.roa (raw, json)
Hash identifier: bJ+zibvPOWBURbiJNxAGYLKCBRepeabd2lkqY2LUDJk=
Subject key identifier: 8F:6D:07:67:06:51:15:9F:4D:BD:03:24:05:D9:03:10:54:E2:E7:ED
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0185A06DA91F830F451CE3FBAC5BF4E1AD90
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/j20HZwZRFZ9NvQMkBdkDEFTi5-0.roa
Signing time: Wed 11 Jan 2023 10:43:39 +0000
ROA not before: Wed 11 Jan 2023 10:43:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8772
IP address blocks: 2a0f:e040::/29 maxlen: 29
2a0f:2100::/29 maxlen: 29
2a0c:9240::/29 maxlen: 29
2a0f:e6c0::/29 maxlen: 29
2a0f:8100::/29 maxlen: 29
2a0f:e7c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:a0:6d:a9:1f:83:0f:45:1c:e3:fb:ac:5b:f4:e1:ad:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jan 11 10:43:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8f6d07670651159f4dbd032405d9031054e2e7ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:cd:5d:5c:35:e1:1e:14:2c:10:f1:9f:9d:31:
b5:7b:82:67:a0:b6:c3:98:fa:50:cd:cc:87:7a:90:
a8:57:f3:be:c9:a1:c4:73:2e:5f:e5:3d:09:89:c5:
17:27:86:70:8a:a9:40:58:1a:28:5c:70:b5:76:81:
1d:54:2e:f2:f5:b1:dd:56:b0:28:85:b0:14:af:47:
d9:aa:40:97:99:14:b0:95:96:3c:da:06:e6:6f:3c:
b3:44:74:87:0c:20:bf:dd:61:43:8f:64:59:20:7f:
44:95:72:24:45:d2:a7:44:3f:56:8a:3e:c3:b9:7c:
21:75:4d:92:fd:fa:c2:26:5c:c0:a0:98:4d:66:1f:
fc:99:c2:26:0e:48:0d:c6:97:30:f2:97:a1:ad:83:
fd:8d:31:49:92:5c:56:dc:51:07:77:4e:76:13:7f:
49:17:57:2f:25:5b:5f:7c:62:75:d4:b2:f5:fd:03:
90:a0:f6:3a:19:99:77:d7:49:17:06:17:48:af:f3:
66:14:cf:b3:8a:f1:da:02:e3:88:d1:58:b7:57:47:
3a:55:35:49:01:ae:e3:3c:1d:34:7a:70:f7:db:cf:
62:75:b6:4d:dc:c6:a6:c2:ce:36:e1:a9:ac:a4:b0:
bd:63:8d:e9:ac:cb:09:68:dd:99:8a:c1:88:b1:c9:
50:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:6D:07:67:06:51:15:9F:4D:BD:03:24:05:D9:03:10:54:E2:E7:ED
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/j20HZwZRFZ9NvQMkBdkDEFTi5-0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9240::/29
2a0f:2100::/29
2a0f:8100::/29
2a0f:e040::/29
2a0f:e6c0::/29
2a0f:e7c0::/29
Signature Algorithm: sha256WithRSAEncryption
ab:c5:9c:09:25:9b:be:9b:45:8b:9a:70:ff:e1:9c:53:67:92:
55:d7:e0:0b:94:de:13:f0:af:02:9f:d2:48:5d:bb:fa:94:8d:
41:39:56:df:5b:15:ca:9e:5d:80:47:6b:71:58:26:d0:20:35:
74:bc:19:67:b0:4c:b2:70:71:da:c4:96:60:9b:b4:6a:b8:26:
f0:ac:91:8a:42:a6:8a:df:0f:2d:da:d3:87:77:c2:b2:44:d0:
34:fc:c4:6d:cd:99:66:ef:7c:59:df:8a:c2:5d:f2:ed:32:1e:
96:a1:c8:21:96:93:03:bd:a1:52:3a:d8:05:88:c4:62:b6:a5:
a8:2b:af:9b:45:f4:19:36:29:c3:7a:83:a6:fe:c2:53:82:3d:
a7:97:e7:21:23:bf:a6:f5:cd:5e:4e:28:f8:86:c9:d1:54:8a:
74:03:45:c3:b9:81:b6:f2:fa:87:05:55:b7:73:41:08:ab:1d:
d6:38:fe:77:88:59:93:19:73:10:90:ae:8f:ac:cd:4b:29:8c:
58:45:42:5c:f5:e8:3a:c9:1a:cd:2f:fd:e6:0e:c5:6b:8d:5d:
cd:8e:36:4a:47:74:5b:2b:26:35:45:75:3c:e8:3e:11:4b:e6:
e6:62:ef:a3:0e:fb:85:86:ee:f5:f8:1c:3f:83:0b:9a:9b:b0:
c1:e3:9a:5a
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYWgbakfgw9FHOP7rFv04a2QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMwMTExMTA0MzM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjZkMDc2NzA2NTExNTlmNGRiZDAzMjQwNWQ5MDMxMDU0ZTJlN2VkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiM1dXDXhHhQsEPGfnTG1e4JnoLbD
mPpQzcyHepCoV/O+yaHEcy5f5T0JicUXJ4ZwiqlAWBooXHC1doEdVC7y9bHdVrAo
hbAUr0fZqkCXmRSwlZY82gbmbzyzRHSHDCC/3WFDj2RZIH9ElXIkRdKnRD9Wij7D
uXwhdU2S/frCJlzAoJhNZh/8mcImDkgNxpcw8pehrYP9jTFJklxW3FEHd052E39J
F1cvJVtffGJ11LL1/QOQoPY6GZl310kXBhdIr/NmFM+zivHaAuOI0Vi3V0c6VTVJ
Aa7jPB00enD3289idbZN3Mamws424amspLC9Y43prMsJaN2ZisGIsclQ7QIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFI9tB2cGURWfTb0DJAXZAxBU4uftMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvajIwSFp3WlJGWjlOdlFNa0Jka0RFRlRpNS0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAAjAqAwUDKgySQAMF
AyoPIQADBQMqD4EAAwUDKg/gQAMFAyoP5sADBQMqD+fAMA0GCSqGSIb3DQEBCwUA
A4IBAQCrxZwJJZu+m0WLmnD/4ZxTZ5JV1+ALlN4T8K8Cn9JIXbv6lI1BOVbfWxXK
nl2AR2txWCbQIDV0vBlnsEyycHHaxJZgm7RquCbwrJGKQqaK3w8t2tOHd8KyRNA0
/MRtzZlm73xZ34rCXfLtMh6WocghlpMDvaFSOtgFiMRitqWoK6+bRfQZNinDeoOm
/sJTgj2nl+chI7+m9c1eTij4hsnRVIp0A0XDuYG28vqHBVW3c0EIqx3WOP53iFmT
GXMQkK6PrM1LKYxYRUJc9eg6yRrNL/3mDsVrjV3NjjZKR3RbKyY1RXU86D4RS+bm
Yu+jDvuFhu71+Bw/gwuam7DB45pa
-----END CERTIFICATE-----
Generated at Sun Jun 8 07:43:49 2025 by rpki-client