Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/t2KlQutyZvHj5zFIKu78xyfL5U4.roa
File: t2KlQutyZvHj5zFIKu78xyfL5U4.roa (raw, json)
Hash identifier: W1oHIGG7b85AwIxf1P44Y9V0Bjuzmmbe+Sbf2b7axGU=
Subject key identifier: B7:62:A5:42:EB:72:66:F1:E3:E7:31:48:2A:EE:FC:C7:27:CB:E5:4E
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018576FF4FF5197B4987448A22E7D48B9C52
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/t2KlQutyZvHj5zFIKu78xyfL5U4.roa
Signing time: Tue 03 Jan 2023 09:38:41 +0000
ROA not before: Tue 03 Jan 2023 09:38:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8772
IP address blocks: 2a0f:e040::/29 maxlen: 29
2a0c:9240::/29 maxlen: 29
2a0f:e6c0::/29 maxlen: 29
2a0f:e7c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:76:ff:4f:f5:19:7b:49:87:44:8a:22:e7:d4:8b:9c:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jan 3 09:38:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b762a542eb7266f1e3e731482aeefcc727cbe54e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:16:f9:6f:40:f4:a1:e8:70:fe:bd:f3:86:ee:
dc:90:fb:06:b5:d0:aa:6d:8b:2c:22:80:5f:98:60:
b0:32:0e:6a:19:29:28:e8:6c:8a:c3:b0:68:d9:54:
b7:8e:21:67:97:44:fa:85:a5:54:eb:80:ec:81:03:
2f:2a:ef:da:55:cf:8d:e6:5d:e7:e9:87:06:77:ed:
bd:be:44:07:b1:44:5e:59:ed:bb:30:62:ca:06:e9:
a5:2c:bb:64:d7:7e:70:e3:92:b9:d4:25:66:53:54:
79:b0:11:74:dd:a7:e2:ea:7b:64:e9:16:0b:7e:d1:
d1:df:6a:02:ec:eb:e2:aa:c1:af:21:2d:27:a4:dd:
4b:e2:cc:34:57:f6:0d:e9:ef:03:91:06:01:57:02:
0c:67:4d:6d:81:c3:e8:74:52:39:f7:d5:a9:33:67:
8c:f7:d2:c4:df:25:d1:71:e3:85:81:53:e0:00:bb:
ef:81:db:ed:b8:0d:ce:ae:1f:1e:97:9d:16:6b:7d:
f9:e2:43:00:77:4d:3f:23:c9:90:c9:77:9a:d9:d4:
51:80:88:7a:d1:3b:83:44:2f:c8:a8:6a:2b:8b:9b:
6e:2c:e0:50:53:6c:9d:c6:9d:b0:d2:0c:3a:a1:d4:
fb:cc:27:cf:9e:c9:66:67:10:86:c3:82:1d:ae:20:
31:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:62:A5:42:EB:72:66:F1:E3:E7:31:48:2A:EE:FC:C7:27:CB:E5:4E
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/t2KlQutyZvHj5zFIKu78xyfL5U4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9240::/29
2a0f:e040::/29
2a0f:e6c0::/29
2a0f:e7c0::/29
Signature Algorithm: sha256WithRSAEncryption
2f:d0:25:c1:0e:7a:91:d4:d4:73:fe:c8:65:bd:14:1a:c1:9c:
3c:42:21:e4:53:dc:1e:bd:7a:cc:c1:9e:1c:62:43:45:c3:1f:
ae:e4:e1:80:1f:7e:bf:c8:ba:92:e5:2f:53:df:3e:ea:07:ca:
37:b8:5c:ee:f3:0c:b2:b0:b9:24:ec:76:92:5d:d2:07:dc:6a:
bc:57:8f:83:ec:c3:7f:ca:e3:84:19:59:7e:f3:57:27:14:89:
56:81:12:f7:8d:c1:27:d6:c3:36:db:6d:e7:5a:61:ca:24:bf:
5f:13:c3:ab:13:f0:c0:d9:7f:76:0f:ac:98:8b:79:03:67:53:
51:a9:9b:34:b0:f9:26:34:d0:f8:d5:99:0a:c1:dd:38:ba:14:
b7:09:5e:c5:26:2e:7e:63:68:73:2a:d4:fb:6f:48:87:6a:42:
c6:65:db:8f:16:b9:12:c0:f2:e8:55:60:fc:de:d6:e8:e0:75:
f6:aa:f8:7e:7b:42:9e:06:89:a8:57:e1:2a:98:6e:65:c9:fe:
5f:56:64:b3:e0:46:74:a5:2e:a7:b0:21:9e:93:ab:1b:61:35:
57:1e:61:fc:d7:85:e7:c5:c7:5a:ac:62:d8:e8:8b:e2:a5:bc:
b6:2e:44:cc:9c:8e:9c:0e:63:ab:20:c6:28:5b:22:8c:4b:08:
df:9e:7d:6c
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYV2/0/1GXtJh0SKIufUi5xSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMwMTAzMDkzODQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzYyYTU0MmViNzI2NmYxZTNlNzMxNDgyYWVlZmNjNzI3Y2JlNTRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlhb5b0D0oehw/r3zhu7ckPsGtdCq
bYssIoBfmGCwMg5qGSko6GyKw7Bo2VS3jiFnl0T6haVU64DsgQMvKu/aVc+N5l3n
6YcGd+29vkQHsUReWe27MGLKBumlLLtk135w45K51CVmU1R5sBF03afi6ntk6RYL
ftHR32oC7OviqsGvIS0npN1L4sw0V/YN6e8DkQYBVwIMZ01tgcPodFI599WpM2eM
99LE3yXRceOFgVPgALvvgdvtuA3Orh8el50Wa3354kMAd00/I8mQyXea2dRRgIh6
0TuDRC/IqGori5tuLOBQU2ydxp2w0gw6odT7zCfPnslmZxCGw4IdriAxHQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFLdipULrcmbx4+cxSCru/Mcny+VOMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvdDJLbFF1dHladkhqNXpGSUt1Nzh4eWZMNVU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUDKgySQAMF
AyoP4EADBQMqD+bAAwUDKg/nwDANBgkqhkiG9w0BAQsFAAOCAQEAL9AlwQ56kdTU
c/7IZb0UGsGcPEIh5FPcHr16zMGeHGJDRcMfruThgB9+v8i6kuUvU98+6gfKN7hc
7vMMsrC5JOx2kl3SB9xqvFePg+zDf8rjhBlZfvNXJxSJVoES943BJ9bDNttt51ph
yiS/XxPDqxPwwNl/dg+smIt5A2dTUambNLD5JjTQ+NWZCsHdOLoUtwlexSYufmNo
cyrU+29Ih2pCxmXbjxa5EsDy6FVg/N7W6OB19qr4fntCngaJqFfhKphuZcn+X1Zk
s+BGdKUup7AhnpOrG2E1Vx5h/NeF58XHWqxi2OiL4qW8ti5EzJyOnA5jqyDGKFsi
jEsI3559bA==
-----END CERTIFICATE-----
Generated at Tue Apr 22 21:00:36 2025 by rpki-client