Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/oiaG1pNfIcCgVKvR34Spcw7YMQU.roa
File: oiaG1pNfIcCgVKvR34Spcw7YMQU.roa (raw, json)
Hash identifier: a4FFF/7iT9yy8Y67zzYp65F9F6eQuea3gnR5GXgff5I=
Subject key identifier: A2:26:86:D6:93:5F:21:C0:A0:54:AB:D1:DF:84:A9:73:0E:D8:31:05
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0185E60211CD129821546C9E402F55731ECD
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/oiaG1pNfIcCgVKvR34Spcw7YMQU.roa
Signing time: Tue 24 Jan 2023 22:59:33 +0000
ROA not before: Tue 24 Jan 2023 22:59:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59432
IP address blocks: 2a0e:15c0:4::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e6:02:11:cd:12:98:21:54:6c:9e:40:2f:55:73:1e:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jan 24 22:59:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a22686d6935f21c0a054abd1df84a9730ed83105
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:a2:6a:03:4b:04:c6:bd:bd:e6:8b:dc:59:5f:
06:8c:c7:d7:ab:2b:f8:bc:5f:14:2e:bb:0f:34:69:
ca:3b:9c:b6:88:8d:da:70:a5:68:3b:38:f5:70:7d:
31:7f:1d:08:53:b6:08:db:52:8e:18:10:79:48:f2:
13:b1:98:51:af:f5:89:c8:3a:d0:a3:24:ef:24:2d:
bd:4d:87:6a:bd:36:55:02:83:67:bf:25:1d:06:e0:
ae:c3:e9:61:cc:41:15:7e:58:2b:55:e8:8a:76:8a:
19:c0:f8:29:8b:36:fe:87:27:81:a7:2e:f0:b5:e6:
79:36:0c:9d:66:3e:55:a1:3a:75:70:43:b4:78:92:
66:d0:a4:d3:1b:b1:20:d7:14:22:32:86:77:70:80:
a7:b5:44:20:13:20:18:8c:08:52:fe:de:a4:f9:3b:
48:7b:30:4d:25:aa:67:5a:35:2e:67:14:47:6c:f8:
01:7c:2a:ba:32:b8:a7:bd:54:68:31:77:72:28:9f:
78:b4:d0:68:0d:99:5b:93:0e:07:e0:62:f5:59:4e:
27:8d:53:d5:0b:e9:98:e2:e7:ce:22:00:46:9d:b9:
8b:2a:7f:8a:af:74:3d:8f:98:d4:2a:95:96:14:93:
a0:49:8c:53:0c:0d:4e:9a:13:4a:a2:63:28:9c:2e:
54:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:26:86:D6:93:5F:21:C0:A0:54:AB:D1:DF:84:A9:73:0E:D8:31:05
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/oiaG1pNfIcCgVKvR34Spcw7YMQU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:15c0:4::/48
Signature Algorithm: sha256WithRSAEncryption
60:30:7b:2c:e6:0c:fc:65:b7:4a:c9:b5:1b:ac:20:a8:d4:aa:
cc:01:61:10:e7:0a:4e:d9:e2:bb:db:e7:51:23:b2:90:b3:08:
22:1e:21:2a:01:55:10:22:4f:be:c3:e3:35:41:ed:f1:8c:35:
5d:cc:e5:60:4c:4a:78:e7:83:e5:26:d4:63:21:f5:d3:bd:8a:
73:a8:a0:ab:da:89:34:af:ac:ff:98:05:dd:a6:18:ed:62:b7:
d0:35:58:8d:27:3d:ca:c9:02:c3:b0:a3:d6:ba:5d:bd:02:78:
02:f1:24:08:8e:8f:2a:8c:bb:ac:b8:60:dd:92:c5:0f:95:90:
59:a9:f4:e0:bf:9b:9b:94:a7:4f:27:c4:3b:ee:91:13:f6:18:
f9:e7:53:bb:0f:8c:a5:6d:a4:c4:d3:c3:51:c0:95:0a:52:54:
6d:d1:50:b2:de:91:65:58:ec:47:d0:8c:31:74:97:7f:9f:07:
6e:51:e7:f6:88:82:81:4c:d1:79:cc:a3:b8:c7:8e:10:99:97:
fb:18:2d:1b:c7:1e:60:57:7d:b5:84:4c:d4:55:bd:ce:5d:47:
ad:8a:62:29:d7:95:bd:c1:50:cc:23:87:04:c8:9e:6d:7b:fe:
a1:a0:6f:4d:9a:b1:29:2e:0d:2c:cd:50:c8:86:9c:da:a9:fa:
58:1a:bf:e5
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYXmAhHNEpghVGyeQC9Vcx7NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMwMTI0MjI1OTMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjI2ODZkNjkzNWYyMWMwYTA1NGFiZDFkZjg0YTk3MzBlZDgzMTA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp6JqA0sExr295ovcWV8GjMfXqyv4
vF8ULrsPNGnKO5y2iI3acKVoOzj1cH0xfx0IU7YI21KOGBB5SPITsZhRr/WJyDrQ
oyTvJC29TYdqvTZVAoNnvyUdBuCuw+lhzEEVflgrVeiKdooZwPgpizb+hyeBpy7w
teZ5NgydZj5VoTp1cEO0eJJm0KTTG7Eg1xQiMoZ3cICntUQgEyAYjAhS/t6k+TtI
ezBNJapnWjUuZxRHbPgBfCq6MrinvVRoMXdyKJ94tNBoDZlbkw4H4GL1WU4njVPV
C+mY4ufOIgBGnbmLKn+Kr3Q9j5jUKpWWFJOgSYxTDA1OmhNKomMonC5U3wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKImhtaTXyHAoFSr0d+EqXMO2DEFMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvb2lhRzFwTmZJY0NnVkt2UjM0U3BjdzdZTVFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg4VwAAE
MA0GCSqGSIb3DQEBCwUAA4IBAQBgMHss5gz8ZbdKybUbrCCo1KrMAWEQ5wpO2eK7
2+dRI7KQswgiHiEqAVUQIk++w+M1Qe3xjDVdzOVgTEp454PlJtRjIfXTvYpzqKCr
2ok0r6z/mAXdphjtYrfQNViNJz3KyQLDsKPWul29AngC8SQIjo8qjLusuGDdksUP
lZBZqfTgv5ublKdPJ8Q77pET9hj551O7D4ylbaTE08NRwJUKUlRt0VCy3pFlWOxH
0IwxdJd/nwduUef2iIKBTNF5zKO4x44QmZf7GC0bxx5gV321hEzUVb3OXUetimIp
15W9wVDMI4cEyJ5te/6hoG9NmrEpLg0szVDIhpzaqfpYGr/l
-----END CERTIFICATE-----
Generated at Tue Apr 22 21:20:44 2025 by rpki-client