Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/nWD5O8475sjyNbRuS-P2-LCc2BM.roa
File: nWD5O8475sjyNbRuS-P2-LCc2BM.roa (raw, json)
Hash identifier: O2TXTareiQLDl5XzcP/2y9DFILz/Rdn3q/JPssfniOE=
Subject key identifier: 9D:60:F9:3B:CE:3B:E6:C8:F2:35:B4:6E:4B:E3:F6:F8:B0:9C:D8:13
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018CA0EE9076E8FFC96FDC555845C8346A1C
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/nWD5O8475sjyNbRuS-P2-LCc2BM.roa
Signing time: Mon 25 Dec 2023 12:23:58 +0000
ROA not before: Mon 25 Dec 2023 12:23:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197992
IP address blocks: 2a0e:9b00::/29 maxlen: 29
2a0f:1380::/29 maxlen: 29
2a06:dfc0::/29 maxlen: 29
2a0f:ec00::/29 maxlen: 29
2a0f:8300::/29 maxlen: 29
2a0f:1580::/29 maxlen: 29
2a0f:3f80::/29 maxlen: 29
2a0f:dac0::/29 maxlen: 29
2a0f:ee00::/29 maxlen: 29
2a0e:5a80::/29 maxlen: 29
2a0f:e140::/29 maxlen: 29
2a13:200::/29 maxlen: 29
2a12:d540::/29 maxlen: 29
2a06:3bc0::/29 maxlen: 29
2a0a:1400::/29 maxlen: 29
2a06:a5c0::/29 maxlen: 29
2a0f:bc00::/29 maxlen: 29
2a05:b300::/29 maxlen: 29
2a0f:da40::/29 maxlen: 29
2a13:7d80::/29 maxlen: 29
2a0f:7f00::/29 maxlen: 29
2a0c:4880::/29 maxlen: 29
2a13:9380::/29 maxlen: 29
2a0f:e0c0::/29 maxlen: 29
2a06:a600::/29 maxlen: 29
2a0f:e640::/29 maxlen: 29
2a0f:9600::/29 maxlen: 29
2a0f:8100::/29 maxlen: 29
2a0f:dd40::/29 maxlen: 29
2a0f:2300::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:a0:ee:90:76:e8:ff:c9:6f:dc:55:58:45:c8:34:6a:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Dec 25 12:23:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9d60f93bce3be6c8f235b46e4be3f6f8b09cd813
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:99:a3:3e:6b:1e:8e:15:49:be:fa:10:82:28:
35:2b:d8:de:fe:19:2a:f3:0f:60:4e:c5:f6:d6:89:
73:da:1b:ff:28:d2:cf:53:49:3c:92:9b:97:c0:f0:
4e:75:b1:05:83:6a:bf:55:46:ae:12:c3:cc:0c:a4:
1d:c3:f8:b6:12:e1:0f:cc:34:07:f8:f8:60:1a:5f:
62:00:98:58:9a:b1:e2:80:2b:3f:a0:42:8c:5b:0b:
c8:02:31:cb:ce:0f:12:65:a1:e4:27:55:86:65:72:
e3:1f:f8:e5:ca:af:ba:4b:1e:0a:c3:3e:ac:67:93:
0b:3c:7b:e1:e7:80:45:3e:b4:22:10:fc:87:0d:3a:
8c:07:f9:3e:ba:d5:05:af:89:7c:8c:d7:a3:d4:84:
89:10:3a:fd:4f:02:6a:b3:8d:83:27:ed:5f:a1:ec:
90:5c:d2:06:73:11:fc:c7:95:83:c0:47:02:ae:64:
4c:a0:64:b8:15:c0:d7:80:46:2e:da:21:f7:29:81:
67:5a:f6:1b:14:62:fd:2a:05:e4:9c:4d:a4:be:fe:
ec:3c:67:37:4b:4c:32:ad:a4:04:b6:6e:01:7f:99:
56:5f:85:87:2a:9a:ab:9c:96:bd:20:ce:61:f9:be:
80:06:15:6b:de:37:08:9b:bb:b9:e9:89:55:94:0e:
9a:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:60:F9:3B:CE:3B:E6:C8:F2:35:B4:6E:4B:E3:F6:F8:B0:9C:D8:13
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/nWD5O8475sjyNbRuS-P2-LCc2BM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:b300::/29
2a06:3bc0::/29
2a06:a5c0::/29
2a06:a600::/29
2a06:dfc0::/29
2a0a:1400::/29
2a0c:4880::/29
2a0e:5a80::/29
2a0e:9b00::/29
2a0f:1380::/29
2a0f:1580::/29
2a0f:2300::/29
2a0f:3f80::/29
2a0f:7f00::/29
2a0f:8100::/29
2a0f:8300::/29
2a0f:9600::/29
2a0f:bc00::/29
2a0f:da40::/29
2a0f:dac0::/29
2a0f:dd40::/29
2a0f:e0c0::/29
2a0f:e140::/29
2a0f:e640::/29
2a0f:ec00::/29
2a0f:ee00::/29
2a12:d540::/29
2a13:200::/29
2a13:7d80::/29
2a13:9380::/29
Signature Algorithm: sha256WithRSAEncryption
44:f1:1e:e7:5f:bc:4c:2b:fb:15:44:ba:c1:8f:90:de:2d:4b:
22:93:bd:7c:f3:35:05:b2:38:24:1e:11:e7:b6:4e:59:1d:fb:
35:c3:41:e0:a1:44:f6:9c:a1:7f:db:50:99:7c:c1:78:4d:ae:
df:9c:01:c6:47:8c:0c:68:bd:ef:f3:ed:b4:c3:76:ce:17:fa:
0b:3b:76:d2:15:b0:3d:e8:ac:cf:0f:0b:32:a5:97:c9:57:69:
aa:f2:88:23:05:a1:3a:29:a2:cf:aa:93:11:50:30:81:b9:f7:
51:59:c2:1e:e8:f6:8c:9a:9f:a5:db:e2:7e:ed:46:06:22:1b:
b6:41:dd:32:19:86:a5:ca:30:8b:85:a2:cb:41:d1:3c:82:90:
aa:f5:3f:c6:8f:a7:ef:fe:ba:4d:72:37:82:a6:bf:cf:aa:1b:
be:64:78:dd:9d:1b:72:09:0f:92:b9:8e:97:03:af:65:61:bf:
18:67:ff:84:a7:ef:4b:c3:c8:f3:42:3b:82:86:3f:9a:6c:3a:
1d:75:1d:56:7b:2a:7e:74:c9:16:21:20:17:23:d5:5e:cf:f9:
9e:ea:44:bf:1e:c4:2c:a9:d1:9a:05:ac:14:ae:91:3c:d3:72:
0f:f8:53:20:ab:d4:6f:e9:ad:e2:72:c9:89:1a:62:0f:8b:e3:
0f:7d:86:76
-----BEGIN CERTIFICATE-----
MIIFzjCCBLagAwIBAgISAYyg7pB26P/Jb9xVWEXINGocMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMxMjI1MTIyMzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDYwZjkzYmNlM2JlNmM4ZjIzNWI0NmU0YmUzZjZmOGIwOWNkODEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhJmjPmsejhVJvvoQgig1K9je/hkq
8w9gTsX21olz2hv/KNLPU0k8kpuXwPBOdbEFg2q/VUauEsPMDKQdw/i2EuEPzDQH
+PhgGl9iAJhYmrHigCs/oEKMWwvIAjHLzg8SZaHkJ1WGZXLjH/jlyq+6Sx4Kwz6s
Z5MLPHvh54BFPrQiEPyHDTqMB/k+utUFr4l8jNej1ISJEDr9TwJqs42DJ+1foeyQ
XNIGcxH8x5WDwEcCrmRMoGS4FcDXgEYu2iH3KYFnWvYbFGL9KgXknE2kvv7sPGc3
S0wyraQEtm4Bf5lWX4WHKpqrnJa9IM5h+b6ABhVr3jcIm7u56YlVlA6a2QIDAQAB
o4IC2jCCAtYwHQYDVR0OBBYEFJ1g+TvOO+bI8jW0bkvj9viwnNgTMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvbldENU84NDc1c2p5TmJSdVMtUDItTENjMkJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHvBggrBgEFBQcBBwEB/wSB3zCB3DCB2QQCAAIwgdIDBQMq
BbMAAwUDKgY7wAMFAyoGpcADBQMqBqYAAwUDKgbfwAMFAyoKFAADBQMqDEiAAwUD
Kg5agAMFAyoOmwADBQMqDxOAAwUDKg8VgAMFAyoPIwADBQMqDz+AAwUDKg9/AAMF
AyoPgQADBQMqD4MAAwUDKg+WAAMFAyoPvAADBQMqD9pAAwUDKg/awAMFAyoP3UAD
BQMqD+DAAwUDKg/hQAMFAyoP5kADBQMqD+wAAwUDKg/uAAMFAyoS1UADBQMqEwIA
AwUDKhN9gAMFAyoTk4AwDQYJKoZIhvcNAQELBQADggEBAETxHudfvEwr+xVEusGP
kN4tSyKTvXzzNQWyOCQeEee2Tlkd+zXDQeChRPacoX/bUJl8wXhNrt+cAcZHjAxo
ve/z7bTDds4X+gs7dtIVsD3orM8PCzKll8lXaaryiCMFoTopos+qkxFQMIG591FZ
wh7o9oyan6Xb4n7tRgYiG7ZB3TIZhqXKMIuFostB0TyCkKr1P8aPp+/+uk1yN4Km
v8+qG75keN2dG3IJD5K5jpcDr2Vhvxhn/4Sn70vDyPNCO4KGP5psOh11HVZ7Kn50
yRYhIBcj1V7P+Z7qRL8exCyp0ZoFrBSukTzTcg/4UyCr1G/preJyyYkaYg+L4w99
hnY=
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:01:42 2025 by rpki-client