Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/ogZDHsqlwwrXEQrH0CbShZZwWR0.roa
File: ogZDHsqlwwrXEQrH0CbShZZwWR0.roa (raw, json)
Hash identifier: sTZEoPRnHKklpq+L8Ej3nJKQiEdx54P8RjB4HokzqAE=
Subject key identifier: A2:06:43:1E:CA:A5:C3:0A:D7:11:0A:C7:D0:26:D2:85:96:70:59:1D
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01835507629D4F4FC991A152A43B2E493B54
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/ogZDHsqlwwrXEQrH0CbShZZwWR0.roa
Signing time: Mon 19 Sep 2022 09:14:50 +0000
ROA not before: Mon 19 Sep 2022 09:14:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204339
IP address blocks: 2a0f:9e00::/29 maxlen: 29
2a0f:2300::/29 maxlen: 29
2a0f:2d80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:55:07:62:9d:4f:4f:c9:91:a1:52:a4:3b:2e:49:3b:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Sep 19 09:14:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a206431ecaa5c30ad7110ac7d026d2859670591d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:17:35:13:d8:66:aa:1f:dc:7e:e1:e3:a9:98:
be:e0:64:39:6b:c5:f9:85:b6:d6:10:64:8a:da:d8:
68:0f:08:b4:4e:15:c7:9a:93:90:ec:83:d3:d0:b3:
8a:91:8f:1f:b2:d8:ec:67:a8:27:e7:c1:1f:23:dc:
38:4a:c1:7d:da:b0:62:96:8a:e2:59:fe:bf:c7:72:
68:06:50:71:07:9d:11:e6:72:a1:e2:cf:bd:c7:9a:
a2:ee:01:7f:95:79:2d:8e:62:a0:d5:4c:ee:95:46:
91:04:98:2e:5b:82:ab:e7:f8:1c:6e:8d:1c:68:c7:
6c:27:59:de:11:fa:27:97:a7:99:ff:f4:ce:ac:5a:
d1:e3:82:c5:92:ec:83:7e:28:4f:f6:42:70:07:29:
4d:49:4e:98:a2:40:3c:63:7c:f2:80:a9:48:7a:2d:
5f:dd:82:c5:dc:2d:37:62:4d:06:53:12:2f:52:87:
0e:1c:80:90:36:ca:18:eb:36:c2:d6:37:ed:6d:c1:
b3:47:13:91:be:bc:90:96:3c:63:46:e9:a7:78:67:
9d:e0:c2:01:b7:e9:c7:64:13:2f:a7:64:5a:53:9f:
72:ff:73:e2:f6:fe:d3:de:16:47:72:8d:f4:e2:b7:
46:67:5e:e7:9e:67:08:db:0a:79:a3:17:47:94:fd:
b9:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:06:43:1E:CA:A5:C3:0A:D7:11:0A:C7:D0:26:D2:85:96:70:59:1D
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/ogZDHsqlwwrXEQrH0CbShZZwWR0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:2300::/29
2a0f:2d80::/29
2a0f:9e00::/29
Signature Algorithm: sha256WithRSAEncryption
cf:d8:44:b3:76:c0:4a:a7:65:80:a8:36:06:22:fe:94:c3:fc:
ca:85:4f:80:8b:65:ac:5f:f3:7b:93:e3:b5:a4:e5:1b:8a:be:
70:47:89:12:35:16:de:43:c1:b0:ca:ca:52:1b:69:43:00:79:
ba:cb:5e:cd:fa:a8:25:04:f8:fb:68:bf:77:05:2d:40:66:dd:
35:46:24:b4:7a:11:2a:77:9c:de:d2:fc:57:c9:24:94:b7:78:
01:97:0f:6a:dc:35:92:37:2e:8a:12:e5:61:ee:ad:c3:cd:60:
95:59:19:84:84:a9:65:90:9f:46:22:65:74:3b:ae:de:ca:84:
d2:97:d9:ec:e0:12:ea:9a:75:ec:14:56:42:a5:7e:af:02:cf:
bb:3f:ff:a4:52:01:95:09:69:4b:61:55:8b:17:6e:eb:38:93:
dc:45:b6:31:e0:f0:9f:0f:91:65:03:64:68:7e:90:88:18:49:
b9:26:95:f2:be:f3:69:00:48:cd:78:1e:c6:ee:33:b4:d5:5e:
31:16:ca:ed:95:09:1c:5c:0b:7a:08:9b:da:6f:2c:74:89:b8:
0e:f7:5b:64:93:4a:08:f2:7e:eb:27:ff:87:c4:84:f0:84:e5:
2d:45:60:59:b2:77:93:65:33:82:05:c0:53:30:c5:f1:21:8a:
2c:c9:3d:0a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYNVB2KdT0/JkaFSpDsuSTtUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjIwOTE5MDkxNDUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjA2NDMxZWNhYTVjMzBhZDcxMTBhYzdkMDI2ZDI4NTk2NzA1OTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhxc1E9hmqh/cfuHjqZi+4GQ5a8X5
hbbWEGSK2thoDwi0ThXHmpOQ7IPT0LOKkY8fstjsZ6gn58EfI9w4SsF92rBilori
Wf6/x3JoBlBxB50R5nKh4s+9x5qi7gF/lXktjmKg1UzulUaRBJguW4Kr5/gcbo0c
aMdsJ1neEfonl6eZ//TOrFrR44LFkuyDfihP9kJwBylNSU6YokA8Y3zygKlIei1f
3YLF3C03Yk0GUxIvUocOHICQNsoY6zbC1jftbcGzRxORvryQljxjRumneGed4MIB
t+nHZBMvp2RaU59y/3Pi9v7T3hZHco304rdGZ17nnmcI2wp5oxdHlP25CwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKIGQx7KpcMK1xEKx9Am0oWWcFkdMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvb2daREhzcWx3d3JYRVFySDBDYlNoWlp3V1IwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUDKg8jAAMF
AyoPLYADBQMqD54AMA0GCSqGSIb3DQEBCwUAA4IBAQDP2ESzdsBKp2WAqDYGIv6U
w/zKhU+Ai2WsX/N7k+O1pOUbir5wR4kSNRbeQ8GwyspSG2lDAHm6y17N+qglBPj7
aL93BS1AZt01RiS0ehEqd5ze0vxXySSUt3gBlw9q3DWSNy6KEuVh7q3DzWCVWRmE
hKllkJ9GImV0O67eyoTSl9ns4BLqmnXsFFZCpX6vAs+7P/+kUgGVCWlLYVWLF27r
OJPcRbYx4PCfD5FlA2RofpCIGEm5JpXyvvNpAEjNeB7G7jO01V4xFsrtlQkcXAt6
CJvabyx0ibgO91tkk0oI8n7rJ/+HxITwhOUtRWBZsneTZTOCBcBTMMXxIYosyT0K
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:11:40 2025 by rpki-client