Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/u-gs5wDt5UrCjbsIa4IADfoqiJM.roa
File: u-gs5wDt5UrCjbsIa4IADfoqiJM.roa (raw, json)
Hash identifier: aAJNKITif5+D7ASgZEJv5O9jHHf3M6hLpK6frhwrvmM=
Subject key identifier: BB:E8:2C:E7:00:ED:E5:4A:C2:8D:BB:08:6B:82:00:0D:FA:2A:88:93
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018CBAC53FFD334CCF52B49DD6F21CA75703
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/u-gs5wDt5UrCjbsIa4IADfoqiJM.roa
Signing time: Sat 30 Dec 2023 12:48:58 +0000
ROA not before: Sat 30 Dec 2023 12:48:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205266
IP address blocks: 2a0f:b400::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ba:c5:3f:fd:33:4c:cf:52:b4:9d:d6:f2:1c:a7:57:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Dec 30 12:48:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bbe82ce700ede54ac28dbb086b82000dfa2a8893
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:c9:5a:61:4d:98:43:20:8e:b4:2e:e9:e7:ed:
4d:5d:0e:cf:63:95:b2:81:5e:94:7a:98:8c:9f:d4:
99:93:c7:33:41:26:40:01:b1:6e:2f:83:63:d5:26:
ae:3f:b0:18:cd:a5:a7:26:01:97:ae:cb:46:a8:fd:
dd:9b:91:93:44:19:4c:b0:31:b6:75:68:90:8b:e9:
c0:74:61:73:85:4e:82:77:9c:88:94:c2:89:06:f0:
f8:68:81:40:d0:f1:cc:3c:91:c2:36:9b:1b:07:39:
ec:70:f2:8d:db:51:58:b6:7b:32:c1:c6:95:24:a4:
f3:ec:34:2f:82:bc:10:97:0d:61:c8:69:8f:b6:68:
4c:69:34:3a:f7:a5:3b:0d:d6:12:1d:78:2d:80:e5:
be:b8:40:15:6f:49:f5:ef:b2:fb:29:08:d6:ad:fe:
3c:bc:4a:78:8a:0d:7f:d6:ee:a6:2e:a6:dc:a4:7e:
ff:2c:e5:00:50:e0:12:69:c5:99:94:a7:c1:6c:99:
f8:00:ec:0f:37:07:25:35:22:40:d8:cf:3a:dc:ea:
45:c0:ab:f6:c2:48:8b:6b:94:a5:92:be:33:15:72:
58:62:c8:6e:9e:44:cc:1c:f5:e4:a8:ac:b8:14:54:
c8:32:6b:76:72:04:e0:19:04:ff:e7:e2:ac:dc:83:
34:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:E8:2C:E7:00:ED:E5:4A:C2:8D:BB:08:6B:82:00:0D:FA:2A:88:93
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/u-gs5wDt5UrCjbsIa4IADfoqiJM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b400::/29
Signature Algorithm: sha256WithRSAEncryption
c3:90:e4:7a:da:59:55:63:d6:62:de:65:53:98:2d:fe:3c:b2:
c2:87:30:f0:a1:05:eb:57:8a:5d:da:a6:4f:31:8b:78:03:e3:
c8:f3:1b:ad:9d:8a:b1:4c:d0:f3:80:34:c1:55:89:30:87:89:
bf:32:9c:76:e4:b9:04:d4:a0:6a:1c:da:fa:15:1c:a4:df:eb:
98:96:74:24:09:30:b8:5f:30:54:d3:01:e0:b8:1f:c1:a2:27:
54:df:f6:15:60:32:33:00:55:2f:c5:8f:86:92:d1:d6:09:08:
6f:c8:fb:16:93:9a:eb:1a:b7:1f:ae:c2:ed:2c:18:e2:6e:73:
5d:01:0b:e6:5c:12:ff:00:00:e4:14:33:b8:d2:82:83:2f:d0:
a8:39:58:af:f6:4e:43:18:83:b1:ab:3d:74:1d:00:df:fd:00:
f4:57:88:a9:12:06:c8:ee:14:5d:68:06:f2:5d:3b:97:e8:c4:
06:bc:b2:35:85:31:0d:86:d2:73:77:f1:0b:d4:6a:fb:c1:74:
9b:a0:e8:9c:bb:b9:a4:62:02:c3:2e:60:06:95:87:03:d9:06:
3c:07:53:9e:76:fd:31:a5:0f:f7:32:2a:1f:b6:63:42:60:e1:
c0:b4:1b:c1:09:85:c0:bc:07:cd:15:f3:54:d8:74:d5:97:d9:
07:5e:ef:cb
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYy6xT/9M0zPUrSd1vIcp1cDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMxMjMwMTI0ODU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmU4MmNlNzAwZWRlNTRhYzI4ZGJiMDg2YjgyMDAwZGZhMmE4ODkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA68laYU2YQyCOtC7p5+1NXQ7PY5Wy
gV6UepiMn9SZk8czQSZAAbFuL4Nj1SauP7AYzaWnJgGXrstGqP3dm5GTRBlMsDG2
dWiQi+nAdGFzhU6Cd5yIlMKJBvD4aIFA0PHMPJHCNpsbBznscPKN21FYtnsywcaV
JKTz7DQvgrwQlw1hyGmPtmhMaTQ696U7DdYSHXgtgOW+uEAVb0n177L7KQjWrf48
vEp4ig1/1u6mLqbcpH7/LOUAUOASacWZlKfBbJn4AOwPNwclNSJA2M863OpFwKv2
wkiLa5Slkr4zFXJYYshunkTMHPXkqKy4FFTIMmt2cgTgGQT/5+Ks3IM0mwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFLvoLOcA7eVKwo27CGuCAA36KoiTMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvdS1nczV3RHQ1VXJDamJzSWE0SUFEZm9xaUpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg+0ADAN
BgkqhkiG9w0BAQsFAAOCAQEAw5DketpZVWPWYt5lU5gt/jyywocw8KEF61eKXdqm
TzGLeAPjyPMbrZ2KsUzQ84A0wVWJMIeJvzKcduS5BNSgahza+hUcpN/rmJZ0JAkw
uF8wVNMB4LgfwaInVN/2FWAyMwBVL8WPhpLR1gkIb8j7FpOa6xq3H67C7SwY4m5z
XQEL5lwS/wAA5BQzuNKCgy/QqDlYr/ZOQxiDsas9dB0A3/0A9FeIqRIGyO4UXWgG
8l07l+jEBryyNYUxDYbSc3fxC9Rq+8F0m6DonLu5pGICwy5gBpWHA9kGPAdTnnb9
MaUP9zIqH7ZjQmDhwLQbwQmFwLwHzRXzVNh01ZfZB17vyw==
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:00:34 2025 by rpki-client