Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/qAj7841rxPgnUxNBZKzdZ6ZrkTY.roa
File: qAj7841rxPgnUxNBZKzdZ6ZrkTY.roa (raw, json)
Hash identifier: meGQO7FXgjlQlw63AoCdRH/CchAOLuyK6n/B6eAf+xY=
Subject key identifier: A8:08:FB:F3:8D:6B:C4:F8:27:53:13:41:64:AC:DD:67:A6:6B:91:36
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018B469BF0480F8285557718230DA2C58DF4
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/qAj7841rxPgnUxNBZKzdZ6ZrkTY.roa
Signing time: Thu 19 Oct 2023 06:25:06 +0000
ROA not before: Thu 19 Oct 2023 06:25:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197992
IP address blocks: 2a0f:7f00::/29 maxlen: 29
2a0f:2100::/29 maxlen: 29
2a13:2cc0::/29 maxlen: 29
2a12:d6c0::/29 maxlen: 29
2a13:2b40::/29 maxlen: 29
2a13:200::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:46:9b:f0:48:0f:82:85:55:77:18:23:0d:a2:c5:8d:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Oct 19 06:25:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a808fbf38d6bc4f82753134164acdd67a66b9136
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:57:91:b8:3b:f6:b3:ee:48:7a:61:7f:78:22:
d0:28:5c:db:ef:fd:33:7c:38:76:77:39:4f:b0:d2:
83:83:51:18:13:ac:a8:8e:0b:0c:fa:4c:e3:55:b1:
3d:02:ca:ca:61:e6:e2:7a:95:c9:bc:81:a9:87:6c:
8f:fe:a8:0b:58:6c:9c:df:10:17:cd:99:73:20:6a:
9a:42:da:56:af:ad:f2:44:57:87:0b:25:05:99:32:
50:0e:d9:7a:f0:93:33:fb:14:d1:2c:6e:f5:58:57:
d8:64:fe:46:2c:db:c3:ef:47:da:f4:df:11:a7:62:
14:f9:75:1e:69:14:e2:9f:8f:cc:8d:3f:40:64:49:
3d:af:5b:a0:14:54:cf:98:35:ab:17:44:40:f0:78:
8d:bd:8f:67:c9:b7:15:55:dc:68:8c:dd:93:83:bb:
88:e5:80:3e:bd:8d:88:39:3a:77:d6:0e:b3:67:8e:
61:74:1e:8a:14:6b:63:36:6b:46:dc:53:f6:f9:ad:
92:c8:e6:9c:47:1c:70:0b:fb:60:a4:cc:e8:a7:a9:
4d:8d:fd:9c:60:91:e6:91:7b:f0:0a:f5:d2:66:47:
c2:9c:8f:39:e2:df:7c:32:d8:55:1e:5f:40:f3:aa:
a3:62:19:90:4a:00:5c:8d:a3:41:09:06:6c:53:03:
fb:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:08:FB:F3:8D:6B:C4:F8:27:53:13:41:64:AC:DD:67:A6:6B:91:36
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/qAj7841rxPgnUxNBZKzdZ6ZrkTY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:2100::/29
2a0f:7f00::/29
2a12:d6c0::/29
2a13:200::/29
2a13:2b40::/29
2a13:2cc0::/29
Signature Algorithm: sha256WithRSAEncryption
b9:e1:d5:5b:e7:d6:f6:3d:fc:73:ba:fb:eb:a2:1b:7b:51:df:
04:15:cc:28:d2:fd:2a:00:69:45:fa:9b:05:80:da:49:2c:c5:
15:12:28:23:bd:e2:46:d0:98:a8:6d:f0:1a:53:ae:e7:d0:fe:
ac:70:17:31:eb:96:9d:1b:73:1e:20:3a:b6:be:93:fb:dd:16:
20:2a:31:ac:37:e6:2d:ac:5d:7d:cf:f0:89:c6:e2:75:25:48:
90:ff:29:29:6b:66:94:7c:96:5e:20:00:ec:a2:6f:12:c5:18:
ae:48:e9:53:b2:05:98:b5:20:3b:9b:85:6a:2b:34:5c:a6:c8:
17:e8:26:69:ed:ea:44:80:c2:db:0f:9a:45:6d:cc:6a:9f:8d:
ec:57:88:23:7c:fb:22:40:ac:15:c8:f1:86:02:5d:64:9f:e4:
19:aa:4b:a6:ec:b6:8f:2c:b4:ad:b7:bd:01:7b:2d:6f:00:61:
b0:c2:ca:35:17:b0:6d:5e:fc:0c:1e:ea:8c:0e:71:b9:06:69:
31:9a:1a:c0:e8:36:3b:eb:43:70:e6:7e:7b:76:66:26:93:5d:
be:2f:e2:05:d6:03:3e:c7:5e:56:4e:07:da:8f:ca:2b:d1:28:
98:88:5b:ad:6a:98:e7:5a:54:3d:2f:00:a8:7c:fc:1f:10:69:
71:e1:a9:8a
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYtGm/BID4KFVXcYIw2ixY30MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMxMDE5MDYyNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODA4ZmJmMzhkNmJjNGY4Mjc1MzEzNDE2NGFjZGQ2N2E2NmI5MTM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsFeRuDv2s+5IemF/eCLQKFzb7/0z
fDh2dzlPsNKDg1EYE6yojgsM+kzjVbE9AsrKYebiepXJvIGph2yP/qgLWGyc3xAX
zZlzIGqaQtpWr63yRFeHCyUFmTJQDtl68JMz+xTRLG71WFfYZP5GLNvD70fa9N8R
p2IU+XUeaRTin4/MjT9AZEk9r1ugFFTPmDWrF0RA8HiNvY9nybcVVdxojN2Tg7uI
5YA+vY2IOTp31g6zZ45hdB6KFGtjNmtG3FP2+a2SyOacRxxwC/tgpMzop6lNjf2c
YJHmkXvwCvXSZkfCnI854t98MthVHl9A86qjYhmQSgBcjaNBCQZsUwP7FQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFKgI+/ONa8T4J1MTQWSs3Wema5E2MB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvcUFqNzg0MXJ4UGduVXhOQlpLemRaNlpya1RZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAAjAqAwUDKg8hAAMF
AyoPfwADBQMqEtbAAwUDKhMCAAMFAyoTK0ADBQMqEyzAMA0GCSqGSIb3DQEBCwUA
A4IBAQC54dVb59b2Pfxzuvvroht7Ud8EFcwo0v0qAGlF+psFgNpJLMUVEigjveJG
0JiobfAaU67n0P6scBcx65adG3MeIDq2vpP73RYgKjGsN+YtrF19z/CJxuJ1JUiQ
/ykpa2aUfJZeIADsom8SxRiuSOlTsgWYtSA7m4VqKzRcpsgX6CZp7epEgMLbD5pF
bcxqn43sV4gjfPsiQKwVyPGGAl1kn+QZqkum7LaPLLStt70Bey1vAGGwwso1F7Bt
XvwMHuqMDnG5BmkxmhrA6DY760Nw5n57dmYmk12+L+IF1gM+x15WTgfaj8or0SiY
iFutapjnWlQ9LwCofPwfEGlx4amK
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:00:08 2025 by rpki-client