Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/uTo12DNH5c2zeKM3E3k3FJtbmZQ.roa
File: uTo12DNH5c2zeKM3E3k3FJtbmZQ.roa (raw, json)
Hash identifier: OX9hRK4xBSvMFN2pKIeiPed+xv38gK05h2ZrFi9gMuw=
Subject key identifier: B9:3A:35:D8:33:47:E5:CD:B3:78:A3:37:13:79:37:14:9B:5B:99:94
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0182A7CA1600F4470F2B9D2646597A827743
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/uTo12DNH5c2zeKM3E3k3FJtbmZQ.roa
Signing time: Tue 16 Aug 2022 17:53:35 +0000
ROA not before: Tue 16 Aug 2022 17:53:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 396362
IP address blocks: 2a0f:e841::/32 maxlen: 32
2a0f:e843::/32 maxlen: 32
2a0f:a00::/32 maxlen: 32
2a0f:1e80:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:a7:ca:16:00:f4:47:0f:2b:9d:26:46:59:7a:82:77:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Aug 16 17:53:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b93a35d83347e5cdb378a337137937149b5b9994
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:e1:84:dc:16:94:31:d0:22:93:44:5a:a9:d4:
e3:3b:af:c3:93:94:8d:5f:0e:ba:c9:17:b8:92:f6:
c2:98:4b:70:16:2b:82:52:ba:aa:30:ed:ce:df:74:
76:06:16:78:6f:1b:f9:1a:0d:90:2b:70:35:97:3e:
7a:15:3e:5b:75:dc:11:e1:f8:11:23:de:2d:3d:da:
7c:8b:72:ab:df:9e:f8:ca:71:62:02:48:74:f4:ba:
e4:1f:63:85:51:11:c0:14:93:56:e8:32:d2:fd:5a:
3d:64:54:d6:75:58:f2:b5:57:60:6b:20:94:75:2c:
10:3b:36:00:e6:24:5e:b3:39:a3:dc:01:fc:f3:2d:
b3:49:12:49:6d:c9:e7:b4:86:d8:c6:0d:3c:6e:6d:
41:b7:e7:25:48:35:8a:0e:dd:01:8e:12:08:51:1d:
c1:84:01:f1:b5:aa:f5:5b:b7:1c:c7:35:ba:4a:43:
d5:37:02:b5:8e:29:e8:1b:79:5f:e0:52:14:76:3a:
96:9a:e6:ba:9e:33:5d:3b:d2:3e:ce:5f:2c:0f:b2:
2e:a9:57:9b:74:0f:74:bc:5b:e3:54:ca:6a:7c:ab:
8a:5f:16:ab:73:57:f1:6b:f4:79:28:17:65:51:b2:
b8:a4:b7:0b:84:b6:fc:44:fd:ef:25:04:ff:0f:00:
62:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:3A:35:D8:33:47:E5:CD:B3:78:A3:37:13:79:37:14:9B:5B:99:94
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/uTo12DNH5c2zeKM3E3k3FJtbmZQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:a00::/32
2a0f:1e80:1::/48
2a0f:e841::/32
2a0f:e843::/32
Signature Algorithm: sha256WithRSAEncryption
1a:2f:83:bf:54:ae:71:64:93:fb:2e:4a:2a:f1:90:70:ad:4b:
7d:6d:83:62:37:c9:4e:16:b8:08:dd:3f:38:9b:83:2b:8d:7a:
b1:0e:98:d1:70:3e:07:fd:b3:58:a2:28:ad:2a:28:52:7b:db:
d1:d7:b9:63:87:9b:9a:e1:d3:a4:db:db:27:69:39:d2:02:43:
f5:62:6e:99:ae:cf:d1:b9:7d:69:c7:67:f5:88:0b:db:8c:f5:
5b:3d:e5:c2:96:d9:5e:e2:04:c7:17:5c:a9:8e:6a:de:4e:2a:
80:d1:fb:60:55:1a:1b:09:49:8b:26:7e:0d:e1:6a:95:c2:4d:
13:af:dc:02:78:90:0e:4b:fc:25:f8:4c:f0:93:54:57:1a:d0:
60:b8:e3:82:af:fe:94:0f:a2:de:55:36:d9:69:54:99:0e:e9:
cf:6d:27:97:b6:21:e8:37:a2:9a:8a:0b:f0:8a:6b:cf:34:dd:
84:a4:54:fa:9f:82:50:f5:d7:58:ca:6c:79:5f:3e:ac:ee:cf:
1c:65:13:17:f7:00:56:ec:6c:64:c8:07:46:0f:b7:5c:c4:7e:
a3:4e:19:42:3b:4c:a0:a7:c5:63:d9:80:c4:80:6d:eb:9f:3f:
13:f1:6b:97:62:f1:59:ab:67:b8:65:0a:ed:56:46:51:70:14:
ac:cd:61:5a
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYKnyhYA9EcPK50mRll6gndDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjIwODE2MTc1MzM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTNhMzVkODMzNDdlNWNkYjM3OGEzMzcxMzc5MzcxNDliNWI5OTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2OGE3BaUMdAik0RaqdTjO6/Dk5SN
Xw66yRe4kvbCmEtwFiuCUrqqMO3O33R2BhZ4bxv5Gg2QK3A1lz56FT5bddwR4fgR
I94tPdp8i3Kr3574ynFiAkh09LrkH2OFURHAFJNW6DLS/Vo9ZFTWdVjytVdgayCU
dSwQOzYA5iReszmj3AH88y2zSRJJbcnntIbYxg08bm1Bt+clSDWKDt0BjhIIUR3B
hAHxtar1W7ccxzW6SkPVNwK1jinoG3lf4FIUdjqWmua6njNdO9I+zl8sD7IuqVeb
dA90vFvjVMpqfKuKXxarc1fxa/R5KBdlUbK4pLcLhLb8RP3vJQT/DwBinwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFLk6NdgzR+XNs3ijNxN5NxSbW5mUMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvdVRvMTJETkg1YzJ6ZUtNM0UzazNGSnRibVpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAAjAeAwUAKg8KAAMH
ACoPHoAAAQMFACoP6EEDBQAqD+hDMA0GCSqGSIb3DQEBCwUAA4IBAQAaL4O/VK5x
ZJP7Lkoq8ZBwrUt9bYNiN8lOFrgI3T84m4MrjXqxDpjRcD4H/bNYoiitKihSe9vR
17ljh5ua4dOk29snaTnSAkP1Ym6Zrs/RuX1px2f1iAvbjPVbPeXCltle4gTHF1yp
jmreTiqA0ftgVRobCUmLJn4N4WqVwk0Tr9wCeJAOS/wl+Ezwk1RXGtBguOOCr/6U
D6LeVTbZaVSZDunPbSeXtiHoN6KaigvwimvPNN2EpFT6n4JQ9ddYymx5Xz6s7s8c
ZRMX9wBW7GxkyAdGD7dcxH6jThlCO0ygp8Vj2YDEgG3rnz8T8WuXYvFZq2e4ZQrt
VkZRcBSszWFa
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:00:13 2025 by rpki-client