Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/l6tGkjnMnOiL9lhhkJp_VU_l-jg.roa
File: l6tGkjnMnOiL9lhhkJp_VU_l-jg.roa (raw, json)
Hash identifier: XRjH0S7Wmsdwx+FhHfmkhMrbtcmdeARykrNYbzVk5cU=
Subject key identifier: 97:AB:46:92:39:CC:9C:E8:8B:F6:58:61:90:9A:7F:55:4F:E5:FA:38
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018A3ADF5AF4F2BD143ACC55215BFE98F271
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/l6tGkjnMnOiL9lhhkJp_VU_l-jg.roa
Signing time: Mon 28 Aug 2023 06:40:30 +0000
ROA not before: Mon 28 Aug 2023 06:40:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198231
IP address blocks: 2a13:2d43::/32 maxlen: 32
2a13:d700::/29 maxlen: 29
2a13:2d41::/32 maxlen: 32
2a13:2d45::/32 maxlen: 32
2a13:2d47::/32 maxlen: 32
2a13:2d44::/32 maxlen: 32
2a13:2d42::/32 maxlen: 32
2a13:2dc0::/29 maxlen: 29
2a13:2d40::/32 maxlen: 32
2a13:2d46::/32 maxlen: 32
2a13:c700::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:3a:df:5a:f4:f2:bd:14:3a:cc:55:21:5b:fe:98:f2:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Aug 28 06:40:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=97ab469239cc9ce88bf65861909a7f554fe5fa38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:e7:fd:b4:4e:56:7d:25:4c:f6:8b:6f:1c:91:
09:6c:89:29:68:da:d9:0c:b9:84:29:6e:7b:16:92:
b7:93:30:b3:6f:8d:e2:35:22:1a:c8:7b:49:5a:5a:
cb:63:73:f1:c1:25:44:90:09:77:94:7d:54:f5:72:
05:66:10:c8:5f:86:9d:d6:da:ad:7e:2a:23:32:f3:
7a:72:a0:9e:0d:5e:61:37:0b:fc:7b:f2:09:cd:01:
fe:5e:03:ac:53:df:91:bc:be:cf:f4:7f:2e:03:96:
2e:db:e1:e3:a4:a3:bb:08:3b:e6:dc:25:1b:70:70:
6c:74:2b:14:7f:65:fe:b4:c9:28:d0:2d:ac:da:08:
7c:13:bc:4c:65:1d:33:73:97:a6:60:fc:90:51:f8:
f9:85:c9:dd:5d:a0:79:88:d1:bd:5b:55:b2:4c:0e:
1d:ce:ae:a6:e6:d5:a5:7f:48:24:c6:58:66:b9:bb:
b6:e2:fd:b5:c5:e6:a1:a8:9d:b2:31:81:f7:62:55:
9c:95:60:37:22:b6:31:a6:d9:fb:1f:12:37:b6:41:
ea:c8:95:06:b2:5c:31:1c:bc:b4:ad:7a:37:ef:63:
0f:c2:d5:0d:e4:45:7c:f5:8a:b9:20:47:dd:bb:44:
39:1a:39:85:0f:2a:57:91:0d:23:c3:fc:b3:c5:56:
c7:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:AB:46:92:39:CC:9C:E8:8B:F6:58:61:90:9A:7F:55:4F:E5:FA:38
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/l6tGkjnMnOiL9lhhkJp_VU_l-jg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:2d40::/29
2a13:2dc0::/29
2a13:c700::/29
2a13:d700::/29
Signature Algorithm: sha256WithRSAEncryption
95:c3:53:77:ae:33:c1:7c:61:79:26:38:4b:2b:7c:40:c4:1c:
b8:cf:7b:2f:1e:5a:43:32:db:db:53:25:15:63:21:6f:26:f4:
b4:db:6b:8e:0b:8e:7b:bd:87:46:8f:5a:6f:6f:84:f8:bb:8d:
d1:90:7e:fe:e5:e5:e0:26:25:a2:62:dd:60:1b:ec:7a:83:0c:
b1:f5:f6:d9:d9:f7:6f:30:9a:8d:f1:84:08:fd:ef:0f:8c:82:
d2:ca:e3:d8:75:dc:4b:1d:5e:00:51:8e:41:47:ae:cb:8a:e4:
a3:ae:b4:90:bb:03:1a:aa:99:97:5d:5e:2d:71:42:8e:8d:fd:
de:e5:60:16:87:18:e1:e7:a9:db:6c:07:a7:80:5a:25:cf:7c:
78:2b:11:cb:20:d6:ec:a9:e6:a8:3c:d3:eb:74:e8:f9:30:74:
0b:23:bc:8a:e5:b4:d2:da:db:3a:d6:f5:6b:64:65:77:01:a5:
43:86:00:bf:51:f3:55:c8:a5:de:3d:55:b3:28:32:5a:bb:09:
73:2d:58:1e:ce:7e:c6:47:6a:81:9c:a2:94:99:58:e0:7d:1d:
0f:1f:53:b6:19:e7:a0:f1:e1:0a:3d:13:24:1f:4b:e7:99:78:
54:49:17:3a:3d:63:a6:e8:40:81:03:6a:91:43:88:97:5e:94:
23:93:d4:20
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYo631r08r0UOsxVIVv+mPJxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMwODI4MDY0MDMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2FiNDY5MjM5Y2M5Y2U4OGJmNjU4NjE5MDlhN2Y1NTRmZTVmYTM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmOf9tE5WfSVM9otvHJEJbIkpaNrZ
DLmEKW57FpK3kzCzb43iNSIayHtJWlrLY3PxwSVEkAl3lH1U9XIFZhDIX4ad1tqt
fiojMvN6cqCeDV5hNwv8e/IJzQH+XgOsU9+RvL7P9H8uA5Yu2+HjpKO7CDvm3CUb
cHBsdCsUf2X+tMko0C2s2gh8E7xMZR0zc5emYPyQUfj5hcndXaB5iNG9W1WyTA4d
zq6m5tWlf0gkxlhmubu24v21xeahqJ2yMYH3YlWclWA3IrYxptn7HxI3tkHqyJUG
slwxHLy0rXo372MPwtUN5EV89Yq5IEfdu0Q5GjmFDypXkQ0jw/yzxVbHbQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFJerRpI5zJzoi/ZYYZCaf1VP5fo4MB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvbDZ0R2tqbk1uT2lMOWxoaGtKcF9WVV9sLWpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUDKhMtQAMF
AyoTLcADBQMqE8cAAwUDKhPXADANBgkqhkiG9w0BAQsFAAOCAQEAlcNTd64zwXxh
eSY4Syt8QMQcuM97Lx5aQzLb21MlFWMhbyb0tNtrjguOe72HRo9ab2+E+LuN0ZB+
/uXl4CYlomLdYBvseoMMsfX22dn3bzCajfGECP3vD4yC0srj2HXcSx1eAFGOQUeu
y4rko660kLsDGqqZl11eLXFCjo393uVgFocY4eep22wHp4BaJc98eCsRyyDW7Knm
qDzT63To+TB0CyO8iuW00trbOtb1a2RldwGlQ4YAv1HzVcil3j1VsygyWrsJcy1Y
Hs5+xkdqgZyilJlY4H0dDx9TthnnoPHhCj0TJB9L55l4VEkXOj1jpuhAgQNqkUOI
l16UI5PUIA==
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:01:26 2025 by rpki-client