Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/rZEbZ-RfA-4REk11ShGAf-euz9o.roa
File: rZEbZ-RfA-4REk11ShGAf-euz9o.roa (raw, json)
Hash identifier: buzJ9qu29jHifYwHgjlRGyzupITlsTFWwJdPWBK/7Bg=
Subject key identifier: AD:91:1B:67:E4:5F:03:EE:11:12:4D:75:4A:11:80:7F:E7:AE:CF:DA
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01856DCAE601B5A747178832CF86DEFA590C
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/rZEbZ-RfA-4REk11ShGAf-euz9o.roa
Signing time: Sun 01 Jan 2023 14:44:51 +0000
ROA not before: Sun 01 Jan 2023 14:44:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1239
IP address blocks: 2a0f:3d86::/32 maxlen: 32
2a0e:2240:5::/48 maxlen: 48
2a0e:2240:3::/48 maxlen: 48
2a0f:3d85::/32 maxlen: 32
2a0f:a200::/32 maxlen: 32
2a0f:3d81::/32 maxlen: 32
2a0e:2240:4::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:ca:e6:01:b5:a7:47:17:88:32:cf:86:de:fa:59:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jan 1 14:44:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ad911b67e45f03ee11124d754a11807fe7aecfda
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:8b:e3:7a:13:e3:ef:21:0f:ef:fb:50:2a:3c:
a0:47:d5:04:82:84:a8:95:a5:73:ea:c7:3f:40:23:
38:4e:0b:3e:82:2d:b5:1a:ab:68:01:49:24:ee:b0:
f9:61:53:d4:cb:cc:a1:ce:ea:54:8c:90:34:97:cf:
ee:7f:e9:13:ce:b5:3a:e6:95:cb:e8:55:b5:ea:fd:
35:ed:09:cb:7f:17:fb:34:e8:7f:a4:38:2b:70:36:
34:fc:29:e6:60:6c:1e:8b:54:1a:fc:8f:e1:1d:e9:
0b:61:0a:9e:02:b7:b7:64:f0:54:e6:0f:3d:68:ae:
2c:94:c4:3f:9e:cf:b1:dc:0e:75:f3:61:f1:c5:1e:
39:6e:34:57:00:4c:0c:c6:f7:45:d5:86:1c:00:2f:
a9:86:33:2a:eb:26:8a:5c:bc:8e:7f:d8:c1:ba:31:
b1:f8:dd:65:96:8c:e8:21:ad:0c:a3:99:c5:1e:f0:
17:87:59:f3:ec:29:8b:15:62:f6:db:a6:48:a1:97:
54:67:47:0f:44:7d:e4:f4:d3:fc:65:fd:62:65:33:
cc:95:43:db:7f:75:70:1c:80:e1:65:0d:21:59:b8:
23:e4:19:87:d7:b6:0d:23:c2:7f:ea:ec:e2:7c:9d:
54:76:39:16:8a:f4:49:f0:9f:83:66:6a:e9:eb:99:
94:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:91:1B:67:E4:5F:03:EE:11:12:4D:75:4A:11:80:7F:E7:AE:CF:DA
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/rZEbZ-RfA-4REk11ShGAf-euz9o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:2240:3::-2a0e:2240:5:ffff:ffff:ffff:ffff:ffff
2a0f:3d81::/32
2a0f:3d85::-2a0f:3d86:ffff:ffff:ffff:ffff:ffff:ffff
2a0f:a200::/32
Signature Algorithm: sha256WithRSAEncryption
83:c4:21:eb:6b:b4:30:6a:23:4a:55:6c:62:b3:0a:a9:df:70:
2a:2e:2f:75:75:a2:2e:f9:c8:89:0a:a5:47:31:6b:b3:48:02:
f7:5e:e1:ad:75:13:85:29:15:c0:f8:b8:57:49:72:4f:84:32:
16:63:b0:d2:88:58:be:f3:c9:dc:d7:a9:3b:27:33:6a:b2:21:
60:38:b3:4e:c7:48:71:a4:90:d7:6f:90:ef:63:34:4d:27:6f:
dc:c3:8c:a4:54:68:b2:00:84:a6:7c:ef:a7:01:43:54:72:22:
2e:e5:d8:f2:5b:33:09:4c:18:dc:a7:b9:3b:e1:51:49:31:ff:
da:bc:d1:d1:57:19:a8:29:1a:06:e4:04:f5:1e:8d:64:ef:d1:
e2:ac:12:f8:c9:05:95:1f:18:a6:17:65:87:69:c5:80:66:d2:
fe:e7:a8:ad:62:c1:b7:cd:db:e7:20:5a:c1:c8:43:ef:a3:bb:
9c:dc:71:5f:ac:35:f0:e8:a0:bb:fa:f6:c7:f6:e1:60:46:8b:
8e:4f:91:f5:0f:3e:49:c3:da:c9:d1:91:45:04:e6:3a:33:31:
89:52:26:43:ed:c9:8a:ca:5c:9a:91:cc:52:86:33:a0:fc:49:
fc:e9:ec:d8:51:4c:1f:a9:d7:01:d5:a2:09:f4:68:d9:75:fc:
83:46:6f:90
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYVtyuYBtadHF4gyz4be+lkMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMwMTAxMTQ0NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDkxMWI2N2U0NWYwM2VlMTExMjRkNzU0YTExODA3ZmU3YWVjZmRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiIvjehPj7yEP7/tQKjygR9UEgoSo
laVz6sc/QCM4Tgs+gi21GqtoAUkk7rD5YVPUy8yhzupUjJA0l8/uf+kTzrU65pXL
6FW16v017QnLfxf7NOh/pDgrcDY0/CnmYGwei1Qa/I/hHekLYQqeAre3ZPBU5g89
aK4slMQ/ns+x3A5182HxxR45bjRXAEwMxvdF1YYcAC+phjMq6yaKXLyOf9jBujGx
+N1llozoIa0Mo5nFHvAXh1nz7CmLFWL226ZIoZdUZ0cPRH3k9NP8Zf1iZTPMlUPb
f3VwHIDhZQ0hWbgj5BmH17YNI8J/6uzifJ1UdjkWivRJ8J+DZmrp65mUOQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFK2RG2fkXwPuERJNdUoRgH/nrs/aMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvclpFYlotUmZBLTRSRWsxMVNoR0FmLWV1ejlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAAjAyMBIDBwAqDiJA
AAMDBwEqDiJAAAQDBQAqDz2BMA4DBQAqDz2FAwUAKg89hgMFACoPogAwDQYJKoZI
hvcNAQELBQADggEBAIPEIetrtDBqI0pVbGKzCqnfcCouL3V1oi75yIkKpUcxa7NI
Avde4a11E4UpFcD4uFdJck+EMhZjsNKIWL7zydzXqTsnM2qyIWA4s07HSHGkkNdv
kO9jNE0nb9zDjKRUaLIAhKZ876cBQ1RyIi7l2PJbMwlMGNynuTvhUUkx/9q80dFX
GagpGgbkBPUejWTv0eKsEvjJBZUfGKYXZYdpxYBm0v7nqK1iwbfN2+cgWsHIQ++j
u5zccV+sNfDooLv69sf24WBGi45PkfUPPknD2snRkUUE5jozMYlSJkPtyYrKXJqR
zFKGM6D8Sfzp7NhRTB+p1wHVogn0aNl1/INGb5A=
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:01:46 2025 by rpki-client