Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/s9qWDd42xM9pLcXV3SQczMLm64w.roa
File: s9qWDd42xM9pLcXV3SQczMLm64w.roa (raw, json)
Hash identifier: cd2TjET6NRYQew+Kn7uH7e9uJd88F7Y1/QViybLK9TE=
Subject key identifier: B3:DA:96:0D:DE:36:C4:CF:69:2D:C5:D5:DD:24:1C:CC:C2:E6:EB:8C
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01865E819A6AFC3B2454B7FCB704A45773EA
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/s9qWDd42xM9pLcXV3SQczMLm64w.roa
Signing time: Fri 17 Feb 2023 08:33:17 +0000
ROA not before: Fri 17 Feb 2023 08:33:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20473
IP address blocks: 2a0f:7d00:1::/48 maxlen: 48
2a0e:15c1::/32 maxlen: 32
2a12:d6c1::/32 maxlen: 32
2a0a:2d00:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:5e:81:9a:6a:fc:3b:24:54:b7:fc:b7:04:a4:57:73:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Feb 17 08:33:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b3da960dde36c4cf692dc5d5dd241cccc2e6eb8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:81:e0:4e:cd:8f:a6:f6:a9:38:6a:58:2d:ba:
b0:ca:51:10:ce:20:1b:c2:fa:0c:39:8f:5b:7a:4a:
a7:22:0b:bc:e8:02:6d:ae:6c:59:23:bf:e5:81:54:
47:10:42:f4:ab:d4:89:06:f0:76:8f:0d:7e:76:81:
fc:3f:b4:a5:45:fb:76:da:ab:17:30:96:ce:5b:05:
8f:b0:a2:25:a5:be:9d:1f:16:75:7b:98:59:3d:cf:
a7:a7:1c:d7:d5:b0:a3:0c:ec:3f:b3:5a:eb:49:6f:
03:97:78:ae:82:6e:f3:72:38:96:ba:c7:25:63:9d:
5e:7a:fb:5c:92:89:f0:e5:06:98:6b:e1:09:c1:8c:
59:ab:f7:6f:39:12:4d:f6:67:2e:d3:aa:78:30:07:
23:38:66:85:5f:47:29:b7:5f:a0:fd:12:41:4d:64:
2a:5d:38:98:28:f3:6d:66:62:d7:7e:86:6a:86:fd:
c0:86:bf:3f:fe:69:0f:13:9c:38:9d:31:95:2f:9d:
90:f7:d9:b7:fe:75:fc:ff:4b:64:21:5d:d5:13:e7:
cc:c9:d2:de:ff:5e:d1:73:d6:59:be:2b:9d:d0:a2:
9d:67:0c:54:2a:e5:a3:5a:37:db:72:21:d0:02:65:
e6:8b:e1:60:92:04:f4:d7:6d:0b:59:0a:0c:a4:52:
7a:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:DA:96:0D:DE:36:C4:CF:69:2D:C5:D5:DD:24:1C:CC:C2:E6:EB:8C
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/s9qWDd42xM9pLcXV3SQczMLm64w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:2d00:1::/48
2a0e:15c1::/32
2a0f:7d00:1::/48
2a12:d6c1::/32
Signature Algorithm: sha256WithRSAEncryption
3e:9d:87:32:e6:8d:14:88:a3:f5:36:14:8a:f7:cb:33:be:a8:
a7:c2:e0:89:37:b3:38:65:58:c9:24:81:7c:a6:cb:b4:0c:5d:
68:3c:c7:ce:5b:c4:ff:15:ac:5b:20:6f:5f:66:79:7a:95:b9:
f6:17:d1:b3:cb:5f:6d:c0:99:e5:eb:e9:b9:3b:f1:09:b4:21:
00:a3:8b:f2:b6:e2:79:4a:c6:ff:a8:63:37:dc:63:a2:41:d5:
dc:d1:be:39:bc:84:7a:e3:e4:af:85:d0:87:8b:85:06:55:df:
dd:37:86:35:6a:b8:67:6b:a9:3f:39:3f:41:5c:5c:bb:7f:4c:
e7:de:a9:76:48:2b:3e:ac:6c:58:68:db:ae:8d:c2:1f:4f:8a:
2a:20:05:13:fa:11:1c:f6:da:3e:19:ea:08:83:8d:18:ee:df:
9b:f8:92:9f:0c:d8:d1:13:c5:b7:96:e6:81:b0:42:bd:c7:2b:
e7:f1:2e:24:21:f0:60:f5:90:24:c0:79:c9:00:d9:3d:62:df:
66:af:b8:c2:70:84:10:fd:7d:d0:5d:fe:05:9d:d9:42:82:91:
3b:93:05:d3:eb:e6:45:b9:21:4c:dd:d2:71:4a:f5:f5:6f:86:
d7:c7:95:7b:1e:47:f0:db:a2:02:4e:92:9c:2c:d4:fa:51:3b:
5a:f0:58:03
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYZegZpq/DskVLf8twSkV3PqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMwMjE3MDgzMzE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2RhOTYwZGRlMzZjNGNmNjkyZGM1ZDVkZDI0MWNjY2MyZTZlYjhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoIHgTs2PpvapOGpYLbqwylEQziAb
wvoMOY9bekqnIgu86AJtrmxZI7/lgVRHEEL0q9SJBvB2jw1+doH8P7SlRft22qsX
MJbOWwWPsKIlpb6dHxZ1e5hZPc+npxzX1bCjDOw/s1rrSW8Dl3iugm7zcjiWuscl
Y51eevtckonw5QaYa+EJwYxZq/dvORJN9mcu06p4MAcjOGaFX0cpt1+g/RJBTWQq
XTiYKPNtZmLXfoZqhv3Ahr8//mkPE5w4nTGVL52Q99m3/nX8/0tkIV3VE+fMydLe
/17Rc9ZZviud0KKdZwxUKuWjWjfbciHQAmXmi+FgkgT0120LWQoMpFJ6IQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFLPalg3eNsTPaS3F1d0kHMzC5uuMMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvczlxV0RkNDJ4TTlwTGNYVjNTUWN6TUxtNjR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAAjAgAwcAKgotAAAB
AwUAKg4VwQMHACoPfQAAAQMFACoS1sEwDQYJKoZIhvcNAQELBQADggEBAD6dhzLm
jRSIo/U2FIr3yzO+qKfC4Ik3szhlWMkkgXymy7QMXWg8x85bxP8VrFsgb19meXqV
ufYX0bPLX23AmeXr6bk78Qm0IQCji/K24nlKxv+oYzfcY6JB1dzRvjm8hHrj5K+F
0IeLhQZV3903hjVquGdrqT85P0FcXLt/TOfeqXZIKz6sbFho266Nwh9PiiogBRP6
ERz22j4Z6giDjRju35v4kp8M2NETxbeW5oGwQr3HK+fxLiQh8GD1kCTAeckA2T1i
32avuMJwhBD9fdBd/gWd2UKCkTuTBdPr5kW5IUzd0nFK9fVvhtfHlXseR/DbogJO
kpws1PpRO1rwWAM=
-----END CERTIFICATE-----
Generated at Sun Jun 8 23:21:57 2025 by rpki-client