Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/we00uoJkofszbNkjE2KHO_2gGwM.roa
File: we00uoJkofszbNkjE2KHO_2gGwM.roa (raw, json)
Hash identifier: Jm6QhLhoxBrAs/m8QR2R5DI8XVb8szi0k59HsgI0Y68=
Subject key identifier: C1:ED:34:BA:82:64:A1:FB:33:6C:D9:23:13:62:87:3B:FD:A0:1B:03
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018C7C5D6B22E7EB71CD65D3BBB6D27C63D5
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/we00uoJkofszbNkjE2KHO_2gGwM.roa
Signing time: Mon 18 Dec 2023 09:59:06 +0000
ROA not before: Mon 18 Dec 2023 09:59:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197992
IP address blocks: 2a0e:9b00::/29 maxlen: 29
2a0f:1380::/29 maxlen: 29
2a06:dfc0::/29 maxlen: 29
2a06:b5c0::/29 maxlen: 29
2a0f:ec00::/29 maxlen: 29
2a0f:8300::/29 maxlen: 29
2a0f:1580::/29 maxlen: 29
2a0f:3f80::/29 maxlen: 29
2a0a:2340::/29 maxlen: 29
2a0f:dac0::/29 maxlen: 29
2a0f:ee00::/29 maxlen: 29
2a0e:5a80::/29 maxlen: 29
2a0f:e140::/29 maxlen: 29
2a13:d300::/29 maxlen: 29
2a07:95c0::/29 maxlen: 29
2a13:200::/29 maxlen: 29
2a12:d540::/29 maxlen: 29
2a06:3bc0::/29 maxlen: 29
2a06:bf40::/29 maxlen: 29
2a0a:1400::/29 maxlen: 29
2a06:a5c0::/29 maxlen: 29
2a0f:bc00::/29 maxlen: 29
2a05:b300::/29 maxlen: 29
2a0f:da40::/29 maxlen: 29
2a13:7d80::/29 maxlen: 29
2a0f:7f00::/29 maxlen: 29
2a0c:4880::/29 maxlen: 29
2a13:9380::/29 maxlen: 29
2a0f:e0c0::/29 maxlen: 29
2a06:a600::/29 maxlen: 29
2a0f:e640::/29 maxlen: 29
2a07:a300::/29 maxlen: 29
2a0f:9600::/29 maxlen: 29
2a0f:8100::/29 maxlen: 29
2a0f:dd40::/29 maxlen: 29
2a0f:2300::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:7c:5d:6b:22:e7:eb:71:cd:65:d3:bb:b6:d2:7c:63:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Dec 18 09:59:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c1ed34ba8264a1fb336cd9231362873bfda01b03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:5c:5b:1a:e5:89:22:3c:ea:b9:54:4a:45:ad:
86:bc:cc:c4:74:ad:13:0c:40:42:34:be:dd:86:08:
1b:16:49:eb:4a:bb:b5:c9:63:76:1c:9e:2f:bb:35:
e3:b0:ac:3d:a3:cb:9c:66:5c:64:a4:40:66:c3:2a:
5d:bf:ad:c9:27:92:cd:42:e6:8a:0d:5c:1a:dd:90:
83:39:bc:cc:2b:4a:43:09:ec:d4:d2:26:bd:03:e9:
ac:cf:7c:af:ca:3a:9a:d4:7c:44:37:87:09:b1:89:
61:10:21:10:9a:0d:55:19:2f:b7:e3:e5:6c:a1:4b:
62:53:fe:df:82:a3:5c:2c:5d:23:ff:10:28:80:18:
a1:13:3c:3f:51:34:84:eb:a3:e1:c6:18:1a:0e:66:
51:2d:f0:e0:29:1a:4a:2f:7f:98:b0:8f:8f:e4:67:
ae:c0:e3:43:66:f1:ee:5c:f4:86:e3:69:07:b0:e4:
c6:97:98:19:ea:4c:46:33:4b:a6:c7:76:ed:83:27:
96:22:65:4d:bb:9c:b0:27:8d:6b:91:76:f1:d1:40:
f5:0f:cf:8b:4a:58:b4:54:1c:e9:a3:ad:c8:dc:8f:
52:94:89:e8:f0:cb:8c:2d:77:83:e8:15:ee:8b:c1:
16:d6:f3:d6:3d:7b:7c:36:53:da:3c:40:75:8a:d3:
8f:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:ED:34:BA:82:64:A1:FB:33:6C:D9:23:13:62:87:3B:FD:A0:1B:03
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/we00uoJkofszbNkjE2KHO_2gGwM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:b300::/29
2a06:3bc0::/29
2a06:a5c0::/29
2a06:a600::/29
2a06:b5c0::/29
2a06:bf40::/29
2a06:dfc0::/29
2a07:95c0::/29
2a07:a300::/29
2a0a:1400::/29
2a0a:2340::/29
2a0c:4880::/29
2a0e:5a80::/29
2a0e:9b00::/29
2a0f:1380::/29
2a0f:1580::/29
2a0f:2300::/29
2a0f:3f80::/29
2a0f:7f00::/29
2a0f:8100::/29
2a0f:8300::/29
2a0f:9600::/29
2a0f:bc00::/29
2a0f:da40::/29
2a0f:dac0::/29
2a0f:dd40::/29
2a0f:e0c0::/29
2a0f:e140::/29
2a0f:e640::/29
2a0f:ec00::/29
2a0f:ee00::/29
2a12:d540::/29
2a13:200::/29
2a13:7d80::/29
2a13:9380::/29
2a13:d300::/29
Signature Algorithm: sha256WithRSAEncryption
b8:32:17:ed:ce:10:41:a5:8a:6b:6b:d1:dd:52:c0:05:8a:7a:
54:13:5d:86:a3:dd:8c:92:99:3b:bb:a2:1a:9a:3c:e9:e4:7a:
7b:be:25:44:ea:30:6a:5a:86:7f:e9:b2:b1:5d:ab:f7:81:28:
8c:20:85:a1:d5:15:f8:cb:fb:d0:45:ef:64:dd:e2:c6:37:c5:
18:77:cc:c0:8c:8a:a5:15:53:77:77:0b:21:3e:a8:55:94:83:
ef:2c:c3:63:62:a0:f6:db:16:f1:c0:bc:8e:d4:f2:d3:01:2b:
de:54:7d:44:29:73:9b:cd:72:10:80:25:e8:7e:42:18:42:e5:
42:e3:8c:06:85:d5:d5:f2:5f:12:dc:1c:da:fe:56:12:dc:48:
61:c0:6e:45:b6:5e:8e:46:16:2c:d1:8d:bb:7c:2d:c6:2a:25:
8a:7b:81:bf:cc:7a:8b:ee:85:f9:0f:cd:87:26:3b:19:ac:5c:
e7:7e:35:b2:9a:44:2a:56:e3:20:ed:8f:86:06:f8:84:cf:88:
18:6e:1c:9c:07:c7:20:73:c6:38:33:e1:0d:fe:a9:e5:59:f9:
16:38:30:a9:a2:36:1b:d3:1d:56:b3:fc:98:94:02:9a:ad:5e:
94:57:a8:8c:b0:4e:63:b2:8b:94:3a:56:e5:9f:cb:6c:6c:64:
e2:fa:57:7a
-----BEGIN CERTIFICATE-----
MIIF/DCCBOSgAwIBAgISAYx8XWsi5+txzWXTu7bSfGPVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMxMjE4MDk1OTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMWVkMzRiYTgyNjRhMWZiMzM2Y2Q5MjMxMzYyODczYmZkYTAxYjAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAolxbGuWJIjzquVRKRa2GvMzEdK0T
DEBCNL7dhggbFknrSru1yWN2HJ4vuzXjsKw9o8ucZlxkpEBmwypdv63JJ5LNQuaK
DVwa3ZCDObzMK0pDCezU0ia9A+msz3yvyjqa1HxEN4cJsYlhECEQmg1VGS+34+Vs
oUtiU/7fgqNcLF0j/xAogBihEzw/UTSE66PhxhgaDmZRLfDgKRpKL3+YsI+P5Geu
wONDZvHuXPSG42kHsOTGl5gZ6kxGM0umx3btgyeWImVNu5ywJ41rkXbx0UD1D8+L
Sli0VBzpo63I3I9SlIno8MuMLXeD6BXui8EW1vPWPXt8NlPaPEB1itOPvwIDAQAB
o4IDCDCCAwQwHQYDVR0OBBYEFMHtNLqCZKH7M2zZIxNihzv9oBsDMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvd2UwMHVvSmtvZnN6Yk5rakUyS0hPXzJnR3dNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBHAYIKwYBBQUHAQcBAf8EggELMIIBBzCCAQMEAgACMIH8
AwUDKgWzAAMFAyoGO8ADBQMqBqXAAwUDKgamAAMFAyoGtcADBQMqBr9AAwUDKgbf
wAMFAyoHlcADBQMqB6MAAwUDKgoUAAMFAyoKI0ADBQMqDEiAAwUDKg5agAMFAyoO
mwADBQMqDxOAAwUDKg8VgAMFAyoPIwADBQMqDz+AAwUDKg9/AAMFAyoPgQADBQMq
D4MAAwUDKg+WAAMFAyoPvAADBQMqD9pAAwUDKg/awAMFAyoP3UADBQMqD+DAAwUD
Kg/hQAMFAyoP5kADBQMqD+wAAwUDKg/uAAMFAyoS1UADBQMqEwIAAwUDKhN9gAMF
AyoTk4ADBQMqE9MAMA0GCSqGSIb3DQEBCwUAA4IBAQC4MhftzhBBpYpra9HdUsAF
inpUE12Go92Mkpk7u6Iamjzp5Hp7viVE6jBqWoZ/6bKxXav3gSiMIIWh1RX4y/vQ
Re9k3eLGN8UYd8zAjIqlFVN3dwshPqhVlIPvLMNjYqD22xbxwLyO1PLTASveVH1E
KXObzXIQgCXofkIYQuVC44wGhdXV8l8S3Bza/lYS3EhhwG5Ftl6ORhYs0Y27fC3G
KiWKe4G/zHqL7oX5D82HJjsZrFznfjWymkQqVuMg7Y+GBviEz4gYbhycB8cgc8Y4
M+EN/qnlWfkWODCpojYb0x1Ws/yYlAKarV6UV6iMsE5jsouUOlbln8tsbGTi+ld6
-----END CERTIFICATE-----
Generated at Mon Apr 21 16:15:38 2025 by rpki-client