Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/m4mPjWAaAZkB0LymxsUQNdehW-w.roa
File: m4mPjWAaAZkB0LymxsUQNdehW-w.roa (raw, json)
Hash identifier: CCeCcRKeFCclwbaUSR/rBvcY1wu+pX0gKyzL7xMsvcc=
Subject key identifier: 9B:89:8F:8D:60:1A:01:99:01:D0:BC:A6:C6:C5:10:35:D7:A1:5B:EC
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0186B5D4B383F8BC5DC481D1AA0EFD28F718
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/m4mPjWAaAZkB0LymxsUQNdehW-w.roa
Signing time: Mon 06 Mar 2023 07:31:00 +0000
ROA not before: Mon 06 Mar 2023 07:31:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8772
IP address blocks: 2a12:d6c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:b5:d4:b3:83:f8:bc:5d:c4:81:d1:aa:0e:fd:28:f7:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Mar 6 07:31:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9b898f8d601a019901d0bca6c6c51035d7a15bec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:43:19:a7:dd:b4:01:c2:f9:3f:d9:bf:ae:42:
2b:99:0a:90:b8:39:f2:50:9d:aa:6e:d5:bf:0e:3d:
a7:a2:b7:63:e7:16:3f:55:9f:61:88:10:a2:8f:e8:
59:37:7b:ab:be:c8:fc:3b:82:aa:31:b8:6b:2f:a2:
f6:5b:4f:26:e6:bc:d4:71:13:4f:6d:1b:eb:42:d0:
2f:dd:14:5d:88:d6:2e:30:f9:8b:5f:11:e4:90:c5:
25:31:b2:5e:03:61:29:b0:83:bc:e0:2b:3e:04:43:
cc:84:bd:59:69:81:b6:90:7a:e2:43:4f:1d:48:fb:
35:70:7e:b3:97:68:72:c1:e1:ff:01:5d:24:36:f1:
de:9c:12:bb:42:10:24:b1:e2:47:56:92:40:1a:0e:
a3:fe:28:b7:1b:a5:ef:be:e5:02:d4:4c:9d:bd:80:
6f:56:73:47:46:7c:7f:92:10:df:4b:e6:94:61:db:
cd:e5:16:47:cd:95:87:fa:d0:54:ad:82:3b:d6:f8:
cc:fc:ea:82:26:6c:cf:dd:b7:7c:d5:32:69:67:8e:
34:67:8e:4c:7f:3f:bf:21:50:4a:58:7e:9a:b1:09:
8e:ef:c4:a2:1f:cd:5f:4a:e3:fb:2f:f7:b5:10:f6:
d2:8f:ea:63:45:31:83:99:5a:0c:d9:39:f1:16:bd:
8e:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:89:8F:8D:60:1A:01:99:01:D0:BC:A6:C6:C5:10:35:D7:A1:5B:EC
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/m4mPjWAaAZkB0LymxsUQNdehW-w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:d6c0::/29
Signature Algorithm: sha256WithRSAEncryption
29:af:90:77:21:b7:37:1b:77:d1:d6:57:db:31:42:48:9f:25:
89:0d:d0:00:a9:df:58:d4:da:bc:b8:a9:51:46:f2:5e:b3:d7:
89:37:31:4c:97:19:10:37:21:04:7d:ff:c5:c4:89:89:1e:0c:
d4:65:48:81:10:36:85:2a:88:5d:83:1b:59:61:84:0e:5f:0c:
61:3f:d0:44:3d:79:ec:e7:4a:d5:26:0c:e4:62:86:f8:52:d2:
91:d8:ca:a2:42:46:4b:d2:b2:c8:3f:15:55:ed:b9:c8:8d:a7:
97:66:dd:db:a6:4c:09:09:20:f7:29:47:5d:2f:a8:ab:24:74:
b8:c4:ee:bb:ba:22:66:1b:a9:1d:89:ae:86:03:79:8f:d1:03:
96:62:b3:3d:33:45:a4:d0:b9:c3:b9:a9:ef:da:cb:bf:16:a6:
1a:20:3c:6a:26:84:bf:fa:e1:07:d9:52:58:47:c6:4c:d0:2e:
30:8b:af:38:12:c3:5a:db:78:e4:5d:0d:a8:f7:1d:89:b5:5e:
85:2c:cf:c0:0e:1e:0e:0e:07:46:fe:07:8b:33:d0:45:72:a7:
78:c4:53:b7:ec:c1:46:c2:00:71:54:a1:07:4f:71:68:0a:fc:
6f:cf:c9:16:83:1a:5d:55:1c:5a:45:76:1b:1d:6c:2d:52:e9:
62:ec:25:a2
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYa11LOD+LxdxIHRqg79KPcYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMwMzA2MDczMTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Yjg5OGY4ZDYwMWEwMTk5MDFkMGJjYTZjNmM1MTAzNWQ3YTE1YmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw0MZp920AcL5P9m/rkIrmQqQuDny
UJ2qbtW/Dj2nordj5xY/VZ9hiBCij+hZN3urvsj8O4KqMbhrL6L2W08m5rzUcRNP
bRvrQtAv3RRdiNYuMPmLXxHkkMUlMbJeA2EpsIO84Cs+BEPMhL1ZaYG2kHriQ08d
SPs1cH6zl2hyweH/AV0kNvHenBK7QhAkseJHVpJAGg6j/ii3G6XvvuUC1EydvYBv
VnNHRnx/khDfS+aUYdvN5RZHzZWH+tBUrYI71vjM/OqCJmzP3bd81TJpZ440Z45M
fz+/IVBKWH6asQmO78SiH81fSuP7L/e1EPbSj+pjRTGDmVoM2TnxFr2OoQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFJuJj41gGgGZAdC8psbFEDXXoVvsMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvbTRtUGpXQWFBWmtCMEx5bXhzVVFOZGVoVy13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhLWwDAN
BgkqhkiG9w0BAQsFAAOCAQEAKa+QdyG3Nxt30dZX2zFCSJ8liQ3QAKnfWNTavLip
UUbyXrPXiTcxTJcZEDchBH3/xcSJiR4M1GVIgRA2hSqIXYMbWWGEDl8MYT/QRD15
7OdK1SYM5GKG+FLSkdjKokJGS9KyyD8VVe25yI2nl2bd26ZMCQkg9ylHXS+oqyR0
uMTuu7oiZhupHYmuhgN5j9EDlmKzPTNFpNC5w7mp79rLvxamGiA8aiaEv/rhB9lS
WEfGTNAuMIuvOBLDWtt45F0NqPcdibVehSzPwA4eDg4HRv4HizPQRXKneMRTt+zB
RsIAcVShB09xaAr8b8/JFoMaXVUcWkV2Gx1sLVLpYuwlog==
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:04:51 2025 by rpki-client