Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/uSJgMu8KugxWdlcgroIbHiX0jH4.roa
File: uSJgMu8KugxWdlcgroIbHiX0jH4.roa (raw, json)
Hash identifier: Gwvv9VzPSu1uN/S1juXENs1wp3MndhiFdXEmeAVo8aM=
Subject key identifier: B9:22:60:32:EF:0A:BA:0C:56:76:57:20:AE:82:1B:1E:25:F4:8C:7E
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018443E28AAD8B00E84E0FF1761921B285D3
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/uSJgMu8KugxWdlcgroIbHiX0jH4.roa
Signing time: Fri 04 Nov 2022 18:23:50 +0000
ROA not before: Fri 04 Nov 2022 18:23:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 400522
IP address blocks: 2a13:7b00::/29 maxlen: 29
2a13:7900::/29 maxlen: 29
2a13:4f00::/29 maxlen: 29
2a0f:6d80::/29 maxlen: 29
2a13:7400::/29 maxlen: 29
2a0f:e0c0::/29 maxlen: 29
2a0f:e140::/29 maxlen: 29
2a13:600::/29 maxlen: 29
2a0f:ec00::/29 maxlen: 29
2a0f:df40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:43:e2:8a:ad:8b:00:e8:4e:0f:f1:76:19:21:b2:85:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Nov 4 18:23:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b9226032ef0aba0c56765720ae821b1e25f48c7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:3a:1f:f7:b7:d1:46:49:54:62:5d:8d:6c:85:
7a:37:81:2a:23:81:6b:20:ac:5e:04:23:90:b0:a0:
65:12:bf:98:27:63:ec:60:17:18:11:9a:dc:8b:d7:
09:e6:f3:36:d2:26:8f:46:3e:bc:ea:1f:33:57:5e:
c8:92:8c:0a:7d:52:31:fc:ce:43:71:04:cd:b8:bd:
09:13:a1:4d:e0:64:c9:49:9c:2f:d1:1b:0f:19:63:
0e:92:a5:3a:cc:58:d2:e3:9c:41:ba:38:6a:97:b3:
3a:1b:62:66:da:c7:0c:34:01:ab:f9:cc:09:9d:33:
09:73:2f:9a:15:ef:55:dd:dc:06:9d:d7:d0:b7:20:
11:fe:b3:0e:4f:7d:7a:d7:b4:5b:75:1b:b9:b1:cf:
3d:d0:d3:2e:c7:d2:6c:e3:41:da:05:f7:36:c0:db:
ed:bb:14:e7:6d:43:63:83:16:99:50:38:80:92:9a:
41:12:08:a1:c7:e1:3b:46:db:92:58:94:b4:f6:3b:
27:30:98:7e:d3:fa:20:e1:f7:70:87:68:d5:93:84:
7b:36:91:57:a4:05:36:0a:3f:92:b4:06:cc:61:29:
f6:8f:65:9c:3b:f3:62:fc:cd:50:a2:70:c9:b5:06:
3f:b8:fd:20:d8:74:f2:13:76:56:aa:c8:60:c3:01:
27:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:22:60:32:EF:0A:BA:0C:56:76:57:20:AE:82:1B:1E:25:F4:8C:7E
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/uSJgMu8KugxWdlcgroIbHiX0jH4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:6d80::/29
2a0f:df40::/29
2a0f:e0c0::/29
2a0f:e140::/29
2a0f:ec00::/29
2a13:600::/29
2a13:4f00::/29
2a13:7400::/29
2a13:7900::/29
2a13:7b00::/29
Signature Algorithm: sha256WithRSAEncryption
8d:b9:d6:bf:9a:16:4d:18:51:da:18:24:33:87:dd:3d:3f:e1:
8b:72:8a:04:c1:52:d6:89:53:b0:e6:73:fe:92:d9:1d:32:a9:
d3:1b:b6:dc:f8:7a:2c:8b:45:11:25:40:1c:b9:19:d1:8a:4b:
51:1e:0d:f6:c4:9a:72:bf:59:2a:ca:5b:76:02:a0:84:bc:a5:
0c:d6:10:81:c1:92:26:38:eb:e8:b6:81:2f:db:0d:55:3a:2d:
37:52:58:9b:4c:38:fb:a1:8e:87:cf:ab:de:fd:85:bf:79:87:
80:ca:72:c0:a3:20:19:dc:f2:78:03:54:48:78:c8:21:3c:e0:
b5:89:34:ff:a9:e1:ed:c8:6e:ed:0b:be:ad:d0:34:72:2b:fc:
aa:cf:8b:1c:cf:71:c0:dc:58:2b:85:77:8e:6e:16:9f:7c:89:
34:d2:8e:bb:ec:0b:87:90:8d:8a:60:9a:df:e2:3c:d7:3a:0f:
ef:4b:35:26:df:88:83:2f:0d:33:b7:da:1e:d9:b9:6d:8a:bd:
47:74:82:bb:97:90:19:3e:20:2e:a2:79:5a:7e:32:7a:8b:11:
1a:92:db:fc:f6:ba:29:6d:c0:8f:4c:1b:81:7a:7c:c7:34:8c:
cd:cb:54:11:b8:20:62:19:4f:79:80:a0:f6:da:cf:e7:49:78:
f2:4b:c3:9b
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAYRD4oqtiwDoTg/xdhkhsoXTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjIxMTA0MTgyMzUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTIyNjAzMmVmMGFiYTBjNTY3NjU3MjBhZTgyMWIxZTI1ZjQ4YzdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwzof97fRRklUYl2NbIV6N4EqI4Fr
IKxeBCOQsKBlEr+YJ2PsYBcYEZrci9cJ5vM20iaPRj686h8zV17IkowKfVIx/M5D
cQTNuL0JE6FN4GTJSZwv0RsPGWMOkqU6zFjS45xBujhql7M6G2Jm2scMNAGr+cwJ
nTMJcy+aFe9V3dwGndfQtyAR/rMOT31617RbdRu5sc890NMux9Js40HaBfc2wNvt
uxTnbUNjgxaZUDiAkppBEgihx+E7RtuSWJS09jsnMJh+0/og4fdwh2jVk4R7NpFX
pAU2Cj+StAbMYSn2j2WcO/Ni/M1QonDJtQY/uP0g2HTyE3ZWqshgwwEnowIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFLkiYDLvCroMVnZXIK6CGx4l9Ix+MB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvdVNKZ011OEt1Z3hXZGxjZ3JvSWJIaVgwakg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjBMBAIAAjBGAwUDKg9tgAMF
AyoP30ADBQMqD+DAAwUDKg/hQAMFAyoP7AADBQMqEwYAAwUDKhNPAAMFAyoTdAAD
BQMqE3kAAwUDKhN7ADANBgkqhkiG9w0BAQsFAAOCAQEAjbnWv5oWTRhR2hgkM4fd
PT/hi3KKBMFS1olTsOZz/pLZHTKp0xu23Ph6LItFESVAHLkZ0YpLUR4N9sSacr9Z
KspbdgKghLylDNYQgcGSJjjr6LaBL9sNVTotN1JYm0w4+6GOh8+r3v2Fv3mHgMpy
wKMgGdzyeANUSHjIITzgtYk0/6nh7chu7Qu+rdA0civ8qs+LHM9xwNxYK4V3jm4W
n3yJNNKOu+wLh5CNimCa3+I81zoP70s1Jt+Igy8NM7faHtm5bYq9R3SCu5eQGT4g
LqJ5Wn4yeosRGpLb/Pa6KW3Aj0wbgXp8xzSMzctUEbggYhlPeYCg9trP50l48kvD
mw==
-----END CERTIFICATE-----
Generated at Wed Apr 23 04:01:24 2025 by rpki-client