Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/pbjSGOyiH9-ZozaM4fZpURQ-Gx0.roa
File: pbjSGOyiH9-ZozaM4fZpURQ-Gx0.roa (raw, json)
Hash identifier: OETWMpkf0ulC4g7Kqz1t7cEbVrhLK5+NkyuyRwpRFbk=
Subject key identifier: A5:B8:D2:18:EC:A2:1F:DF:99:A3:36:8C:E1:F6:69:51:14:3E:1B:1D
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01827C764A64E134D57D3A19835C6EC4CBEA
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/pbjSGOyiH9-ZozaM4fZpURQ-Gx0.roa
Signing time: Mon 08 Aug 2022 07:58:23 +0000
ROA not before: Mon 08 Aug 2022 07:58:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204339
IP address blocks: 2a0f:7f00::/29 maxlen: 29
2a0f:e640::/29 maxlen: 29
2a0f:3940::/29 maxlen: 29
2a0f:8300::/29 maxlen: 29
2a0f:8100::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:7c:76:4a:64:e1:34:d5:7d:3a:19:83:5c:6e:c4:cb:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Aug 8 07:58:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a5b8d218eca21fdf99a3368ce1f66951143e1b1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:2c:1b:4a:37:63:b8:74:87:52:27:ae:c5:fa:
96:13:9f:a1:02:3a:58:a4:00:18:21:5c:86:5a:9a:
8a:69:84:12:34:71:22:44:4e:25:6a:98:12:a3:57:
d9:e6:90:59:66:f1:50:a5:44:28:32:02:91:cb:c7:
a8:b4:09:62:89:28:e9:2f:75:39:5b:84:95:a9:95:
46:b7:47:b2:40:04:77:39:f8:85:55:71:3a:91:51:
14:f4:c4:9d:b7:b8:be:97:5f:ce:03:6a:ca:c9:84:
05:83:5c:98:67:5b:d4:27:53:3f:9b:a1:9a:8e:5a:
e7:a3:e1:88:8a:49:85:6e:f0:92:6c:cb:d8:b8:96:
c4:7f:7b:05:5d:3b:65:b5:f7:91:54:5c:92:c1:17:
b8:f1:4c:be:6f:50:a1:91:d9:54:e5:97:0d:83:38:
d0:6a:e2:53:51:38:cb:82:72:12:1c:e7:b2:5a:1c:
9a:6e:81:36:5c:0a:b1:47:97:aa:3a:9f:89:75:98:
13:f4:db:cd:7e:c7:9c:f9:a1:96:0c:00:72:1c:d8:
3b:e3:18:d1:e1:ff:59:e1:3f:4b:5f:85:e3:39:a0:
fb:84:0c:22:31:78:3b:66:86:32:a4:09:e5:1b:82:
a7:82:e7:be:30:39:f1:d1:7c:be:77:75:ad:1f:6b:
57:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:B8:D2:18:EC:A2:1F:DF:99:A3:36:8C:E1:F6:69:51:14:3E:1B:1D
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/pbjSGOyiH9-ZozaM4fZpURQ-Gx0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:3940::/29
2a0f:7f00::/29
2a0f:8100::/29
2a0f:8300::/29
2a0f:e640::/29
Signature Algorithm: sha256WithRSAEncryption
8b:43:bd:8b:8e:af:be:4a:02:20:7f:56:dd:44:05:61:fe:95:
8e:6c:be:73:43:bb:0f:e0:01:14:31:ae:4e:29:15:e0:ba:0d:
c1:42:87:bc:00:8d:98:f9:2c:c7:7c:ec:b4:65:f3:20:a9:07:
2f:12:33:58:61:48:cf:ac:9e:02:eb:41:3b:c0:9a:b9:f6:dc:
79:c3:35:48:e2:69:3b:9d:fa:fa:98:18:c5:56:01:1b:32:8d:
55:72:2e:f6:e9:5a:0f:00:a1:d5:b8:62:9e:18:96:6b:1c:f7:
fe:bb:aa:55:e3:5c:13:a8:41:69:2e:38:a2:71:9a:c7:3a:bd:
f3:60:75:0f:aa:b7:a0:95:59:c2:2f:9a:3c:98:39:81:8c:67:
d2:d0:c1:13:b8:8d:f8:03:77:e8:6b:12:be:f2:62:fb:83:a7:
34:fa:1f:ae:51:16:7c:fa:36:47:a2:37:7e:dc:0c:13:90:ec:
ab:cd:ae:d3:76:28:c0:0e:00:a5:3b:c0:a3:cd:a3:f4:17:74:
e5:ed:e8:ad:bc:66:0d:14:32:2c:54:43:f1:ee:22:cd:51:6c:
d7:15:34:f0:86:c0:ba:62:56:17:f0:d0:ab:89:9c:d6:e5:cc:
9f:22:c2:77:ad:bb:d0:07:47:5c:71:87:f1:2f:71:29:79:ec:
a2:bf:81:5f
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYJ8dkpk4TTVfToZg1xuxMvqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjIwODA4MDc1ODIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWI4ZDIxOGVjYTIxZmRmOTlhMzM2OGNlMWY2Njk1MTE0M2UxYjFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhSwbSjdjuHSHUieuxfqWE5+hAjpY
pAAYIVyGWpqKaYQSNHEiRE4lapgSo1fZ5pBZZvFQpUQoMgKRy8eotAliiSjpL3U5
W4SVqZVGt0eyQAR3OfiFVXE6kVEU9MSdt7i+l1/OA2rKyYQFg1yYZ1vUJ1M/m6Ga
jlrno+GIikmFbvCSbMvYuJbEf3sFXTtltfeRVFySwRe48Uy+b1ChkdlU5ZcNgzjQ
auJTUTjLgnISHOeyWhyaboE2XAqxR5eqOp+JdZgT9NvNfsec+aGWDAByHNg74xjR
4f9Z4T9LX4XjOaD7hAwiMXg7ZoYypAnlG4Kngue+MDnx0Xy+d3WtH2tXaQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFKW40hjsoh/fmaM2jOH2aVEUPhsdMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvcGJqU0dPeWlIOS1ab3phTTRmWnBVUlEtR3gwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzApBAIAAjAjAwUDKg85QAMF
AyoPfwADBQMqD4EAAwUDKg+DAAMFAyoP5kAwDQYJKoZIhvcNAQELBQADggEBAItD
vYuOr75KAiB/Vt1EBWH+lY5svnNDuw/gARQxrk4pFeC6DcFCh7wAjZj5LMd87LRl
8yCpBy8SM1hhSM+sngLrQTvAmrn23HnDNUjiaTud+vqYGMVWARsyjVVyLvbpWg8A
odW4Yp4Ylmsc9/67qlXjXBOoQWkuOKJxmsc6vfNgdQ+qt6CVWcIvmjyYOYGMZ9LQ
wRO4jfgDd+hrEr7yYvuDpzT6H65RFnz6NkeiN37cDBOQ7KvNrtN2KMAOAKU7wKPN
o/QXdOXt6K28Zg0UMixUQ/HuIs1RbNcVNPCGwLpiVhfw0KuJnNblzJ8iwnetu9AH
R1xxh/EvcSl57KK/gV8=
-----END CERTIFICATE-----
Generated at Mon Apr 21 16:01:29 2025 by rpki-client