Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/tPGhtwrBxnLqLjEAzqnET7Nrx-k.roa
File: tPGhtwrBxnLqLjEAzqnET7Nrx-k.roa (raw, json)
Hash identifier: qWDTuPxOIF9aR+JxH2mC0JpqBVpJdCRtpuaFf4OuWjY=
Subject key identifier: B4:F1:A1:B7:0A:C1:C6:72:EA:2E:31:00:CE:A9:C4:4F:B3:6B:C7:E9
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0189D4E3B2590BA7887073325536268794A4
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/tPGhtwrBxnLqLjEAzqnET7Nrx-k.roa
Signing time: Tue 08 Aug 2023 11:23:59 +0000
ROA not before: Tue 08 Aug 2023 11:23:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57043
IP address blocks: 2a11:3500::/29 maxlen: 29
2a0e:5800::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:d4:e3:b2:59:0b:a7:88:70:73:32:55:36:26:87:94:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Aug 8 11:23:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b4f1a1b70ac1c672ea2e3100cea9c44fb36bc7e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:3e:36:44:6a:55:a0:2c:54:a6:a7:24:27:e3:
57:80:f1:27:bb:21:b6:95:90:0f:de:7b:fe:78:95:
2f:aa:d7:51:76:ae:6f:45:fc:68:0b:6d:30:19:6a:
1e:d8:ec:ab:ef:f1:67:33:88:37:5a:3c:71:59:f3:
9b:7f:bb:9d:e6:5a:4a:08:4d:31:74:db:16:16:dd:
c8:33:d2:d7:c7:ba:2c:ab:0a:e4:7d:b6:ad:5c:75:
7c:44:2f:05:b4:63:dc:c3:5c:9c:08:b1:4c:b1:ec:
bd:09:53:4d:01:16:c3:a4:78:f7:7d:5d:f5:c6:11:
cd:03:b4:27:d5:46:3b:db:65:66:ad:42:ce:03:82:
da:ab:94:e0:b8:a9:a0:83:b4:b1:b1:1d:7b:fc:fa:
92:62:f6:ba:da:09:a0:a3:50:67:0c:49:0d:21:cd:
8f:3f:eb:57:8e:80:fc:22:4c:18:f4:e0:9f:cd:a5:
b4:cb:3b:41:b5:68:a3:47:bb:cf:c8:a7:48:e8:fd:
99:cd:b0:10:95:95:6f:15:a3:da:e2:03:c5:bd:b0:
8b:a4:d3:ed:4e:71:02:86:07:56:cf:50:08:5c:ae:
09:3a:6a:ae:8b:dc:cc:16:1c:6f:c0:b7:5d:e5:c1:
a7:0c:a9:ca:a2:69:0a:35:a2:91:a4:48:45:fb:73:
b9:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:F1:A1:B7:0A:C1:C6:72:EA:2E:31:00:CE:A9:C4:4F:B3:6B:C7:E9
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/tPGhtwrBxnLqLjEAzqnET7Nrx-k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:5800::/29
2a11:3500::/29
Signature Algorithm: sha256WithRSAEncryption
27:8c:e8:83:c9:82:97:9d:70:ed:27:b7:46:cf:24:d3:9d:1f:
92:79:10:37:d0:c8:e6:63:6b:07:6e:b9:53:bc:aa:10:ba:4d:
8c:8a:22:5f:86:ef:f0:37:24:0a:a1:85:18:b9:23:37:2d:65:
52:ef:17:12:10:e8:d3:55:6f:b1:f1:26:6c:18:84:28:69:8f:
b7:9c:84:3d:a9:61:fd:18:4e:a5:39:9a:85:5a:50:a2:58:41:
84:aa:00:d2:f2:5d:a2:82:62:4e:40:d4:71:da:a7:c9:f2:d6:
4d:b2:74:c6:1b:31:1d:0f:78:49:e1:ee:9f:4f:6b:9f:74:69:
d4:67:9e:bf:76:ce:2a:1b:84:ba:58:8a:4a:ef:83:8f:07:09:
fd:07:46:2d:f5:d8:d9:41:4f:85:48:bf:18:bb:92:af:52:c0:
ae:c0:d8:52:30:7a:ea:ec:6b:43:c6:be:35:2c:61:4a:f5:3a:
73:53:48:30:79:b0:3f:e6:ed:ed:09:97:4b:43:5c:97:92:17:
87:32:ac:cc:49:9c:29:09:e9:06:ab:b7:21:e7:72:ef:b2:de:
bc:1a:05:50:47:c0:78:10:17:af:06:7b:ed:a6:e7:31:38:b5:
b1:65:d7:b6:4a:15:4e:81:67:11:d5:f0:e3:eb:6d:8f:3d:ce:
55:6e:26:58
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYnU47JZC6eIcHMyVTYmh5SkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMwODA4MTEyMzU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGYxYTFiNzBhYzFjNjcyZWEyZTMxMDBjZWE5YzQ0ZmIzNmJjN2U5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsT42RGpVoCxUpqckJ+NXgPEnuyG2
lZAP3nv+eJUvqtdRdq5vRfxoC20wGWoe2Oyr7/FnM4g3WjxxWfObf7ud5lpKCE0x
dNsWFt3IM9LXx7osqwrkfbatXHV8RC8FtGPcw1ycCLFMsey9CVNNARbDpHj3fV31
xhHNA7Qn1UY722VmrULOA4Laq5TguKmgg7SxsR17/PqSYva62gmgo1BnDEkNIc2P
P+tXjoD8IkwY9OCfzaW0yztBtWijR7vPyKdI6P2ZzbAQlZVvFaPa4gPFvbCLpNPt
TnEChgdWz1AIXK4JOmqui9zMFhxvwLdd5cGnDKnKomkKNaKRpEhF+3O5twIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFLTxobcKwcZy6i4xAM6pxE+za8fpMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvdFBHaHR3ckJ4bkxxTGpFQXpxbkVUN05yeC1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKg5YAAMF
AyoRNQAwDQYJKoZIhvcNAQELBQADggEBACeM6IPJgpedcO0nt0bPJNOdH5J5EDfQ
yOZjawduuVO8qhC6TYyKIl+G7/A3JAqhhRi5IzctZVLvFxIQ6NNVb7HxJmwYhChp
j7echD2pYf0YTqU5moVaUKJYQYSqANLyXaKCYk5A1HHap8ny1k2ydMYbMR0PeEnh
7p9Pa590adRnnr92ziobhLpYikrvg48HCf0HRi312NlBT4VIvxi7kq9SwK7A2FIw
eursa0PGvjUsYUr1OnNTSDB5sD/m7e0Jl0tDXJeSF4cyrMxJnCkJ6QartyHncu+y
3rwaBVBHwHgQF68Ge+2m5zE4tbFl17ZKFU6BZxHV8OPrbY89zlVuJlg=
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:06:46 2025 by rpki-client