Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/u-5Ic7HJNil8GW-tr4AQJcJxPG4.roa
File: u-5Ic7HJNil8GW-tr4AQJcJxPG4.roa (raw, json)
Hash identifier: gTjWKZ4Zo6k9JReto8ckfn0T+FMhVc2rFznAUNrB7hw=
Subject key identifier: BB:EE:48:73:B1:C9:36:29:7C:19:6F:AD:AF:80:10:25:C2:71:3C:6E
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018A691524F47157ED6BF153F68030EAE26E
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/u-5Ic7HJNil8GW-tr4AQJcJxPG4.roa
Signing time: Wed 06 Sep 2023 06:01:47 +0000
ROA not before: Wed 06 Sep 2023 06:01:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57043
IP address blocks: 2a11:3500::/29 maxlen: 29
2a0e:5800::/29 maxlen: 29
2a0f:dfc0::/29 maxlen: 29
2a0d:1140::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:69:15:24:f4:71:57:ed:6b:f1:53:f6:80:30:ea:e2:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Sep 6 06:01:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bbee4873b1c936297c196fadaf801025c2713c6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:ea:cc:09:be:34:e8:6f:74:e2:4a:72:01:f1:
d3:a1:f7:47:a5:ad:86:b6:b6:79:54:4a:ba:e7:91:
b3:31:c1:50:4a:15:b3:12:c7:68:5b:13:66:92:81:
54:1f:8e:1a:16:a6:81:39:67:5f:0b:6a:88:0f:35:
4d:0b:cb:87:ef:d6:51:e8:28:47:69:76:a2:6e:e8:
02:25:8f:fd:99:7a:b0:44:bd:29:20:a9:da:7b:4c:
83:20:1d:02:40:62:0c:f1:5e:20:d0:e4:87:06:72:
76:11:ce:7e:99:c1:ce:9d:0e:58:55:92:92:5d:23:
6a:fd:b7:fb:e6:7b:29:8c:e5:60:c9:a5:17:85:6c:
f8:47:72:43:4f:02:99:65:1a:b9:98:96:ed:17:01:
4d:46:75:c9:e1:f7:8e:26:4b:b5:e6:99:4c:d6:68:
c6:f2:c3:da:ee:38:16:2f:2c:dd:d9:a8:22:a9:1a:
26:0b:b1:29:39:6e:f3:c8:19:6f:a7:92:d9:ca:68:
ae:13:5f:27:79:5a:d4:02:31:6f:bc:22:62:bb:b5:
b5:ed:6f:11:d3:13:03:47:11:3c:be:16:eb:c9:10:
b0:47:87:aa:f9:64:49:d0:f9:ff:c2:e0:62:e7:e5:
87:d6:49:d7:4c:e5:e1:05:8d:40:94:6f:18:7d:5c:
b2:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:EE:48:73:B1:C9:36:29:7C:19:6F:AD:AF:80:10:25:C2:71:3C:6E
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/u-5Ic7HJNil8GW-tr4AQJcJxPG4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:1140::/29
2a0e:5800::/29
2a0f:dfc0::/29
2a11:3500::/29
Signature Algorithm: sha256WithRSAEncryption
35:81:3d:a9:41:b4:ac:50:69:35:f1:e1:b3:76:d7:7b:ca:33:
52:23:d9:74:59:ca:6f:81:ab:e9:2e:f3:24:66:76:cf:4b:03:
7c:1a:74:fb:3a:3d:b8:58:1c:03:25:e8:72:9d:e3:ee:9d:6a:
35:4f:2a:81:90:85:cc:f9:aa:a0:a3:ec:51:24:44:8f:7b:66:
d4:43:59:bf:63:fd:c7:54:5f:e6:96:36:c0:2a:5f:6f:ca:a0:
0b:cc:49:5f:25:2a:71:ee:ae:7f:d5:61:ab:54:2b:3d:37:5d:
3d:a9:d8:c2:a1:91:81:57:90:c4:3a:70:57:9a:dc:92:ad:4e:
93:26:6e:e8:81:9b:bf:60:d7:77:63:0b:f5:0c:1c:08:4c:ac:
f5:93:68:c7:e5:43:1e:51:cd:34:35:60:39:71:8e:a2:28:88:
df:6b:8d:57:a1:d5:43:88:8d:b6:90:60:db:25:70:ce:86:34:
bc:ff:9b:5e:2b:19:b4:55:2d:5a:5c:b7:fb:03:71:4c:ae:9a:
a9:e6:40:85:20:b3:2d:3f:40:bc:8f:59:16:5f:62:88:34:cc:
c6:87:b5:98:97:71:b2:78:13:e1:15:ea:34:0b:02:8d:89:91:
3b:e3:8d:e3:0d:e6:40:0a:fe:9e:d7:db:38:27:5a:04:ac:44:
5d:55:e8:1d
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYppFST0cVfta/FT9oAw6uJuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMwOTA2MDYwMTQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmVlNDg3M2IxYzkzNjI5N2MxOTZmYWRhZjgwMTAyNWMyNzEzYzZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmOrMCb406G904kpyAfHTofdHpa2G
trZ5VEq655GzMcFQShWzEsdoWxNmkoFUH44aFqaBOWdfC2qIDzVNC8uH79ZR6ChH
aXaibugCJY/9mXqwRL0pIKnae0yDIB0CQGIM8V4g0OSHBnJ2Ec5+mcHOnQ5YVZKS
XSNq/bf75nspjOVgyaUXhWz4R3JDTwKZZRq5mJbtFwFNRnXJ4feOJku15plM1mjG
8sPa7jgWLyzd2agiqRomC7EpOW7zyBlvp5LZymiuE18neVrUAjFvvCJiu7W17W8R
0xMDRxE8vhbryRCwR4eq+WRJ0Pn/wuBi5+WH1knXTOXhBY1AlG8YfVyyIwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFLvuSHOxyTYpfBlvra+AECXCcTxuMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvdS01SWM3SEpOaWw4R1ctdHI0QVFKY0p4UEc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUDKg0RQAMF
AyoOWAADBQMqD9/AAwUDKhE1ADANBgkqhkiG9w0BAQsFAAOCAQEANYE9qUG0rFBp
NfHhs3bXe8ozUiPZdFnKb4Gr6S7zJGZ2z0sDfBp0+zo9uFgcAyXocp3j7p1qNU8q
gZCFzPmqoKPsUSREj3tm1ENZv2P9x1Rf5pY2wCpfb8qgC8xJXyUqce6uf9Vhq1Qr
PTddPanYwqGRgVeQxDpwV5rckq1OkyZu6IGbv2DXd2ML9QwcCEys9ZNox+VDHlHN
NDVgOXGOoiiI32uNV6HVQ4iNtpBg2yVwzoY0vP+bXisZtFUtWly3+wNxTK6aqeZA
hSCzLT9AvI9ZFl9iiDTMxoe1mJdxsngT4RXqNAsCjYmRO+ON4w3mQAr+ntfbOCda
BKxEXVXoHQ==
-----END CERTIFICATE-----
Generated at Tue Apr 22 02:26:41 2025 by rpki-client