Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/tbpSiAVOA78XUaGHotWRmRp6RHA.roa
File: tbpSiAVOA78XUaGHotWRmRp6RHA.roa (raw, json)
Hash identifier: OjJYWDh+nVVCAtXcE3MsVyNum8Vmz33QaDmNxoegcHM=
Subject key identifier: B5:BA:52:88:05:4E:03:BF:17:51:A1:87:A2:D5:91:99:1A:7A:44:70
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0187279CC059C6DCACF5AD5BBBCFF4670522
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/tbpSiAVOA78XUaGHotWRmRp6RHA.roa
Signing time: Tue 28 Mar 2023 09:46:36 +0000
ROA not before: Tue 28 Mar 2023 09:46:36 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212238
IP address blocks: 2a13:2cc0::/29 maxlen: 29
2a13:2b40::/29 maxlen: 29
2a0d:1140::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:27:9c:c0:59:c6:dc:ac:f5:ad:5b:bb:cf:f4:67:05:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Mar 28 09:46:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b5ba5288054e03bf1751a187a2d591991a7a4470
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:28:2c:ed:00:13:a2:55:af:1e:85:92:d7:b5:
71:d0:9e:8e:b0:d1:5a:b1:cf:e8:57:5c:68:db:40:
9a:5a:c9:07:12:cd:a8:4f:ab:c5:4f:39:42:cd:da:
38:a7:a9:34:4a:9b:09:45:73:ef:7f:26:d9:2f:17:
fe:12:5d:06:9f:8d:75:6b:63:df:e8:8b:87:b0:b9:
d2:00:1b:30:84:72:f5:49:ae:88:96:ff:53:aa:92:
82:f4:66:c6:0d:e1:10:45:07:ad:77:e2:1e:bd:eb:
7d:c9:30:ce:a0:cd:5e:af:28:c0:c2:f4:88:22:d2:
3f:07:94:50:ea:de:dd:04:f2:2f:11:5a:f3:b7:73:
f3:38:de:44:fd:4f:17:2a:42:71:57:fc:b5:27:d7:
7f:fb:e6:4a:3a:76:36:39:eb:9f:6b:15:e0:d7:83:
e6:34:fb:95:f4:fd:d0:ab:16:68:28:59:b2:c2:f5:
be:b0:69:07:af:0a:ff:a1:e0:f9:57:55:de:0f:47:
b2:e6:6c:38:c0:a9:29:f3:30:63:96:26:84:59:96:
0e:ac:81:e7:d9:1c:d7:07:d4:63:cc:d1:25:a5:d5:
af:5e:33:68:a4:7c:fb:69:15:e4:d5:f3:67:4f:16:
fe:aa:89:6d:7b:ff:5a:65:c2:a4:af:85:cd:48:6a:
e7:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:BA:52:88:05:4E:03:BF:17:51:A1:87:A2:D5:91:99:1A:7A:44:70
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/tbpSiAVOA78XUaGHotWRmRp6RHA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:1140::/29
2a13:2b40::/29
2a13:2cc0::/29
Signature Algorithm: sha256WithRSAEncryption
3b:8e:62:b4:fd:cb:66:10:91:09:9c:66:7e:ca:b7:3d:a0:58:
fd:91:78:83:42:1a:f9:7b:55:1c:2b:44:e9:7d:ca:d6:37:d3:
6f:19:67:f7:ff:f3:6c:56:9d:75:d8:72:15:f6:4f:5c:fa:8f:
94:bb:70:a4:06:e0:6f:65:8a:c0:f5:ae:dd:31:e7:d0:ec:12:
ff:4f:e0:4a:03:e4:76:a2:16:35:9e:1b:3c:bf:2e:81:4a:e1:
a4:59:83:8e:d8:b2:e1:0d:59:d0:c0:38:58:9c:df:8b:bc:40:
9b:3a:65:04:20:63:c6:d7:55:1c:68:4f:0b:d1:35:d8:9b:e8:
71:4b:2d:b4:3e:75:25:e6:16:a5:4d:40:c2:b8:08:41:c2:d3:
77:09:27:e7:e5:fc:4e:4a:3b:38:f1:3d:25:19:01:c1:6e:9f:
a9:b8:cd:6c:0f:6b:69:e1:8f:73:b2:c2:b3:9c:28:23:0b:e5:
cb:e0:de:b9:66:72:5d:28:cf:f7:4e:93:06:ad:ef:b2:e0:9b:
90:88:a9:e4:d7:ce:c4:3c:cd:77:9f:3c:aa:d6:57:f0:f0:86:
6d:9d:79:12:9f:56:d9:29:90:2e:03:67:f9:ea:24:13:11:1f:
29:fd:2e:f2:b1:26:05:ec:83:28:bb:d3:5e:81:4a:df:26:64:
de:f2:60:bc
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYcnnMBZxtys9a1bu8/0ZwUiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMwMzI4MDk0NjM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWJhNTI4ODA1NGUwM2JmMTc1MWExODdhMmQ1OTE5OTFhN2E0NDcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApCgs7QATolWvHoWS17Vx0J6OsNFa
sc/oV1xo20CaWskHEs2oT6vFTzlCzdo4p6k0SpsJRXPvfybZLxf+El0Gn411a2Pf
6IuHsLnSABswhHL1Sa6Ilv9TqpKC9GbGDeEQRQetd+Ievet9yTDOoM1eryjAwvSI
ItI/B5RQ6t7dBPIvEVrzt3PzON5E/U8XKkJxV/y1J9d/++ZKOnY2OeufaxXg14Pm
NPuV9P3QqxZoKFmywvW+sGkHrwr/oeD5V1XeD0ey5mw4wKkp8zBjliaEWZYOrIHn
2RzXB9RjzNElpdWvXjNopHz7aRXk1fNnTxb+qolte/9aZcKkr4XNSGrnlQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLW6UogFTgO/F1Ghh6LVkZkaekRwMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvdGJwU2lBVk9BNzhYVWFHSG90V1JtUnA2UkhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUDKg0RQAMF
AyoTK0ADBQMqEyzAMA0GCSqGSIb3DQEBCwUAA4IBAQA7jmK0/ctmEJEJnGZ+yrc9
oFj9kXiDQhr5e1UcK0TpfcrWN9NvGWf3//NsVp112HIV9k9c+o+Uu3CkBuBvZYrA
9a7dMefQ7BL/T+BKA+R2ohY1nhs8vy6BSuGkWYOO2LLhDVnQwDhYnN+LvECbOmUE
IGPG11UcaE8L0TXYm+hxSy20PnUl5halTUDCuAhBwtN3CSfn5fxOSjs48T0lGQHB
bp+puM1sD2tp4Y9zssKznCgjC+XL4N65ZnJdKM/3TpMGre+y4JuQiKnk187EPM13
nzyq1lfw8IZtnXkSn1bZKZAuA2f56iQTER8p/S7ysSYF7IMou9NegUrfJmTe8mC8
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:01:22 2025 by rpki-client