Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/kq9cJp1PEyXzTrYCsEh38k8u22s.roa
File: kq9cJp1PEyXzTrYCsEh38k8u22s.roa (raw, json)
Hash identifier: jrbqoWbqY28VTNZ+nO85GtCHeuIZ2aXewkOTeKW3i7s=
Subject key identifier: 92:AF:5C:26:9D:4F:13:25:F3:4E:B6:02:B0:48:77:F2:4F:2E:DB:6B
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018B0F97FC7B6B5ADE97A52D7E23B665E71B
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/kq9cJp1PEyXzTrYCsEh38k8u22s.roa
Signing time: Sun 08 Oct 2023 14:01:40 +0000
ROA not before: Sun 08 Oct 2023 14:01:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 63023
IP address blocks: 2a13:f40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:0f:97:fc:7b:6b:5a:de:97:a5:2d:7e:23:b6:65:e7:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Oct 8 14:01:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=92af5c269d4f1325f34eb602b04877f24f2edb6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:72:ce:df:45:f6:2b:8e:58:bb:c7:3f:04:ea:
e8:c3:3c:75:9a:17:e7:17:26:4c:27:dc:46:db:6c:
33:85:44:a6:96:6d:a9:db:fb:16:1f:1c:51:51:3f:
c0:9a:96:08:3d:fe:da:33:2e:89:87:42:15:b5:ce:
ce:cb:29:f5:c9:ec:dc:c9:6a:2f:06:8b:cf:9e:e5:
42:c7:c0:d8:b8:cc:91:5c:cf:f2:a3:74:5b:33:41:
17:47:d0:aa:29:07:f5:ec:60:c0:ee:4a:0a:1c:96:
d2:00:d8:9c:4e:04:02:25:c0:be:d1:ff:38:f3:93:
d7:37:c9:b2:07:bd:e1:25:13:cd:8f:d0:b5:c8:d0:
77:a4:99:b4:8d:d4:78:43:6a:c9:16:2a:4c:73:0a:
c3:a9:34:d0:43:8d:fa:85:de:2c:a8:3f:fe:db:f5:
65:5d:d9:5d:65:d0:64:c8:e2:b4:b9:6e:84:69:6e:
42:6f:6b:ce:15:03:03:ec:33:9a:29:7e:f8:03:1a:
ff:83:9d:af:a0:63:77:25:a9:6a:ab:39:15:55:6f:
2e:91:1e:a5:3c:28:e3:6e:ff:b7:45:ba:a7:de:57:
cf:d8:f2:73:57:05:a5:e3:95:7d:6d:63:5f:f2:31:
88:c6:c4:a9:82:b9:e6:54:e4:6f:94:74:c3:57:d7:
af:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:AF:5C:26:9D:4F:13:25:F3:4E:B6:02:B0:48:77:F2:4F:2E:DB:6B
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/kq9cJp1PEyXzTrYCsEh38k8u22s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:f40::/29
Signature Algorithm: sha256WithRSAEncryption
58:46:46:91:b8:e2:e6:48:9c:03:ae:66:8d:06:6a:cd:7e:3c:
43:f7:08:b1:6d:09:d4:a7:f5:f3:8d:18:0e:5f:50:0d:b7:52:
45:83:93:5f:35:45:38:7a:85:5c:a2:0f:af:46:2e:84:51:58:
70:1b:63:69:87:79:db:f3:12:2e:df:56:a8:8c:bf:1b:0c:9f:
90:1d:60:a4:19:60:bb:3d:43:d9:33:bc:41:d2:1d:3f:37:e8:
a7:f6:dd:a4:56:bb:8c:ce:bf:75:aa:c0:90:fa:d5:46:7a:d8:
c2:8f:0e:5a:a9:bd:f0:0e:e8:f6:1a:19:0f:6c:67:d4:a3:f8:
d8:2e:e1:74:fc:11:15:32:41:00:08:b6:5a:57:92:57:39:f4:
6d:89:e3:69:89:7b:65:1e:2f:53:c5:72:97:f1:37:e3:58:0b:
b4:f6:04:58:58:6d:ef:43:19:1b:b3:e8:ba:0f:7e:b3:30:47:
ce:cc:cf:3f:0f:83:89:b3:2e:be:2e:65:c6:8b:a9:c5:7e:39:
7f:f3:6a:0a:e6:5f:56:5d:5c:0c:61:5e:3a:a0:5a:04:91:6a:
5a:90:b1:83:3e:a6:e2:05:77:33:41:97:0d:23:ff:19:45:f6:
e1:85:04:27:83:59:30:74:a4:50:65:a9:60:e3:f9:f2:9a:4d:
47:4f:cd:26
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYsPl/x7a1rel6UtfiO2ZecbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMxMDA4MTQwMTQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmFmNWMyNjlkNGYxMzI1ZjM0ZWI2MDJiMDQ4NzdmMjRmMmVkYjZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApXLO30X2K45Yu8c/BOrowzx1mhfn
FyZMJ9xG22wzhUSmlm2p2/sWHxxRUT/AmpYIPf7aMy6Jh0IVtc7Oyyn1yezcyWov
BovPnuVCx8DYuMyRXM/yo3RbM0EXR9CqKQf17GDA7koKHJbSANicTgQCJcC+0f84
85PXN8myB73hJRPNj9C1yNB3pJm0jdR4Q2rJFipMcwrDqTTQQ436hd4sqD/+2/Vl
XdldZdBkyOK0uW6EaW5Cb2vOFQMD7DOaKX74Axr/g52voGN3JalqqzkVVW8ukR6l
PCjjbv+3Rbqn3lfP2PJzVwWl45V9bWNf8jGIxsSpgrnmVORvlHTDV9evNwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFJKvXCadTxMl8062ArBId/JPLttrMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEva3E5Y0pwMVBFeVh6VHJZQ3NFaDM4azh1MjJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhMPQDAN
BgkqhkiG9w0BAQsFAAOCAQEAWEZGkbji5kicA65mjQZqzX48Q/cIsW0J1Kf1840Y
Dl9QDbdSRYOTXzVFOHqFXKIPr0YuhFFYcBtjaYd52/MSLt9WqIy/GwyfkB1gpBlg
uz1D2TO8QdIdPzfop/bdpFa7jM6/darAkPrVRnrYwo8OWqm98A7o9hoZD2xn1KP4
2C7hdPwRFTJBAAi2WleSVzn0bYnjaYl7ZR4vU8Vyl/E341gLtPYEWFht70MZG7Po
ug9+szBHzszPPw+DibMuvi5lxoupxX45f/NqCuZfVl1cDGFeOqBaBJFqWpCxgz6m
4gV3M0GXDSP/GUX24YUEJ4NZMHSkUGWpYOP58ppNR0/NJg==
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:05:06 2025 by rpki-client