Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/t5jcZCsQTW7U4ZM6rSODammSdcA.roa
File: t5jcZCsQTW7U4ZM6rSODammSdcA.roa (raw, json)
Hash identifier: 87TLACw6PRdeiES+GNtFONqmes3UpI2bX4ZEwd91KSw=
Subject key identifier: B7:98:DC:64:2B:10:4D:6E:D4:E1:93:3A:AD:23:83:6A:69:92:75:C0
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01864ED6E20417BB4E74516F4FD71E41A1FF
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/t5jcZCsQTW7U4ZM6rSODammSdcA.roa
Signing time: Tue 14 Feb 2023 07:32:30 +0000
ROA not before: Tue 14 Feb 2023 07:32:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8772
IP address blocks: 2a0a:1400::/29 maxlen: 29
2a0c:9240::/29 maxlen: 29
2a0f:8300::/29 maxlen: 29
2a0f:dd40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:4e:d6:e2:04:17:bb:4e:74:51:6f:4f:d7:1e:41:a1:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Feb 14 07:32:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b798dc642b104d6ed4e1933aad23836a699275c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:44:6e:b3:00:7e:6c:3a:ed:3e:79:92:51:54:
53:a2:7e:21:2c:08:36:c2:c9:50:b0:14:f6:d6:d3:
a3:35:23:f6:3b:d2:97:16:49:84:7d:a0:29:c7:84:
02:af:d5:1c:00:ec:6a:49:57:75:ec:1f:83:b9:c3:
d4:9f:91:1e:ca:c1:2c:88:80:00:31:25:c8:9a:50:
fc:16:51:86:19:68:3f:ad:3a:c2:d8:30:48:d3:56:
7e:e5:d1:e6:79:d4:70:72:cf:67:1b:f8:19:08:ad:
29:c2:45:fb:02:0e:c5:08:aa:c1:18:dd:d7:85:d7:
e5:bb:be:5a:8f:6a:13:ec:af:6d:13:50:76:37:55:
5c:a4:ce:bc:5f:15:66:a3:5d:f3:f8:53:c1:df:61:
2f:f6:45:1b:c0:11:95:c5:79:1c:c6:8e:d8:19:dd:
0f:c2:26:1d:d4:64:c6:8a:7b:7a:67:89:99:48:0b:
3d:10:50:c5:57:bf:ea:ca:ba:b0:47:8e:1e:06:4a:
71:e1:ad:22:25:2e:a5:68:34:f8:d2:3e:91:cf:d3:
16:fc:2c:38:8f:cf:46:24:61:19:77:86:05:14:44:
29:bb:57:5b:30:9a:28:30:fc:cb:9b:66:9c:d7:0a:
e1:22:99:5c:ed:a7:5a:4a:57:2a:08:0f:3c:81:c8:
cb:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:98:DC:64:2B:10:4D:6E:D4:E1:93:3A:AD:23:83:6A:69:92:75:C0
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/t5jcZCsQTW7U4ZM6rSODammSdcA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:1400::/29
2a0c:9240::/29
2a0f:8300::/29
2a0f:dd40::/29
Signature Algorithm: sha256WithRSAEncryption
5f:91:8a:b5:2e:3c:5f:f1:c9:cf:b7:c9:c4:7c:8b:fc:30:17:
20:0a:8f:e3:69:5f:cc:6c:3b:33:92:2b:9a:0c:16:11:d7:3d:
f5:e5:8b:13:fd:d4:77:c6:44:d2:16:47:87:c7:df:8f:df:13:
11:29:f3:2e:34:17:61:67:96:e0:41:30:bc:d7:6c:10:05:e4:
f6:3f:fd:f1:ca:a7:15:dd:f0:4c:5d:1c:60:7a:3f:4a:77:72:
ac:eb:6a:63:68:8e:db:cc:36:fb:dd:fe:01:74:2b:e5:03:77:
1f:ef:58:7a:7c:70:1a:f6:7a:04:53:3f:ec:fc:b9:dd:43:1f:
1b:a0:44:46:57:2d:a1:25:cc:8d:a3:05:6c:b9:50:61:3c:fa:
a9:55:26:47:65:5e:27:e1:ec:93:49:2f:0c:bc:9b:d6:bc:89:
73:4b:cd:c7:21:fd:40:b4:9d:2d:f4:8f:0d:a8:bf:c0:c7:f6:
2e:e6:b1:b6:09:2e:d2:78:a3:2c:50:d3:22:ff:75:ed:c8:5f:
27:23:92:ef:85:0f:f4:54:cb:03:6e:a4:4f:75:9d:03:54:f6:
d5:8b:db:54:3b:24:da:81:32:2a:27:ca:cc:17:28:00:3c:2c:
58:68:95:eb:32:81:86:56:54:5a:ad:dc:d7:8f:60:b0:ba:ab:
7d:dc:d2:1b
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYZO1uIEF7tOdFFvT9ceQaH/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMwMjE0MDczMjMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzk4ZGM2NDJiMTA0ZDZlZDRlMTkzM2FhZDIzODM2YTY5OTI3NWMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq0RuswB+bDrtPnmSUVRTon4hLAg2
wslQsBT21tOjNSP2O9KXFkmEfaApx4QCr9UcAOxqSVd17B+DucPUn5EeysEsiIAA
MSXImlD8FlGGGWg/rTrC2DBI01Z+5dHmedRwcs9nG/gZCK0pwkX7Ag7FCKrBGN3X
hdflu75aj2oT7K9tE1B2N1VcpM68XxVmo13z+FPB32Ev9kUbwBGVxXkcxo7YGd0P
wiYd1GTGint6Z4mZSAs9EFDFV7/qyrqwR44eBkpx4a0iJS6laDT40j6Rz9MW/Cw4
j89GJGEZd4YFFEQpu1dbMJooMPzLm2ac1wrhIplc7adaSlcqCA88gcjL/QIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFLeY3GQrEE1u1OGTOq0jg2ppknXAMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvdDVqY1pDc1FUVzdVNFpNNnJTT0RhbW1TZGNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUDKgoUAAMF
AyoMkkADBQMqD4MAAwUDKg/dQDANBgkqhkiG9w0BAQsFAAOCAQEAX5GKtS48X/HJ
z7fJxHyL/DAXIAqP42lfzGw7M5IrmgwWEdc99eWLE/3Ud8ZE0hZHh8ffj98TESnz
LjQXYWeW4EEwvNdsEAXk9j/98cqnFd3wTF0cYHo/SndyrOtqY2iO28w2+93+AXQr
5QN3H+9YenxwGvZ6BFM/7Py53UMfG6BERlctoSXMjaMFbLlQYTz6qVUmR2VeJ+Hs
k0kvDLyb1ryJc0vNxyH9QLSdLfSPDai/wMf2Luaxtgku0nijLFDTIv917chfJyOS
74UP9FTLA26kT3WdA1T21YvbVDsk2oEyKifKzBcoADwsWGiV6zKBhlZUWq3c149g
sLqrfdzSGw==
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:00:44 2025 by rpki-client