Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/yv6i1oLCZEFQ2m2ABf7jVQK_kpA.roa
File: yv6i1oLCZEFQ2m2ABf7jVQK_kpA.roa (raw, json)
Hash identifier: W8oAmlumSvbjnhv537yzOjpyBEd9cb7v4oGji3vhFGc=
Subject key identifier: CA:FE:A2:D6:82:C2:64:41:50:DA:6D:80:05:FE:E3:55:02:BF:92:90
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0187B7743FA9C170BAD3110EC7711A93D5ED
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/yv6i1oLCZEFQ2m2ABf7jVQK_kpA.roa
Signing time: Tue 25 Apr 2023 08:07:41 +0000
ROA not before: Tue 25 Apr 2023 08:07:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57043
IP address blocks: 2a11:3500::/29 maxlen: 29
2a0f:e940::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:b7:74:3f:a9:c1:70:ba:d3:11:0e:c7:71:1a:93:d5:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Apr 25 08:07:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cafea2d682c2644150da6d8005fee35502bf9290
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:64:7c:2a:32:8e:09:62:bc:de:02:b1:5a:97:
21:c4:f8:aa:11:39:cd:f8:20:35:f1:8d:5d:f4:04:
3d:9e:32:81:3a:3c:29:7a:1b:d6:25:d2:d3:eb:f3:
d2:1f:6a:a3:40:63:d1:a6:7a:9b:10:bd:5b:91:43:
e9:ce:3f:cb:f5:85:c7:25:7d:f4:5c:19:db:10:42:
b8:e9:aa:32:06:ed:73:aa:f4:00:f7:6c:e2:fa:6e:
68:f3:23:8c:36:47:37:b6:76:4c:aa:b2:1a:e8:ae:
e9:d8:82:74:3c:ef:05:69:49:cb:63:9f:45:e5:a2:
3a:33:71:fa:ab:c6:46:88:b7:1c:0b:7c:ea:fc:c1:
62:30:8f:2f:73:3b:29:b9:ba:36:e0:ba:de:00:37:
9b:42:b4:d3:e1:6a:9c:3e:da:22:6f:66:14:b5:4e:
08:df:fa:19:b8:73:a6:c9:a0:67:c8:85:1b:07:70:
53:3a:86:18:29:a1:4a:2b:d2:54:a4:f6:88:79:0b:
49:86:30:2a:25:04:be:a5:bb:df:c5:05:9e:eb:ea:
fd:ab:eb:46:05:99:69:1e:81:f5:75:8d:c6:da:3e:
c6:17:10:ef:e2:16:36:26:8b:68:12:da:49:dc:8d:
51:91:5d:43:f6:2a:ae:f0:74:a3:bc:6c:c9:46:e7:
8f:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:FE:A2:D6:82:C2:64:41:50:DA:6D:80:05:FE:E3:55:02:BF:92:90
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/yv6i1oLCZEFQ2m2ABf7jVQK_kpA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:e940::/29
2a11:3500::/29
Signature Algorithm: sha256WithRSAEncryption
60:73:23:3e:13:41:29:9e:36:98:74:9a:d8:35:2c:c5:f0:45:
99:e2:bc:85:81:b3:27:bf:ca:1d:7b:c6:8f:d7:0e:b0:69:af:
70:ca:b5:98:5a:7b:c1:97:cc:b0:8f:e0:a5:b8:0d:d6:08:d4:
6a:4e:d5:5f:37:88:fb:bc:6b:a1:8a:72:a5:8f:b3:fd:5a:9a:
5e:f8:5e:59:ea:b2:e7:de:e6:6c:a1:16:fb:01:14:8e:f1:06:
19:22:78:81:aa:54:94:18:9d:2f:66:d6:b6:dc:fc:92:c2:f4:
36:a9:9d:0a:ab:81:ac:b1:c8:6f:1f:de:8b:7b:45:04:7b:ab:
83:6b:3c:8e:e2:47:6a:67:ce:ba:c2:42:b7:ad:29:95:80:b5:
e4:44:eb:80:1c:40:0b:61:f0:43:30:5e:e7:fb:ec:8a:2f:1d:
91:7c:64:5d:fb:0b:6d:b4:38:11:49:dc:f9:8b:cf:ec:d5:c9:
f4:41:64:d5:c1:90:27:9f:9c:77:2e:89:c1:5e:a6:79:23:2f:
a8:2e:46:81:14:2a:a1:30:11:16:21:90:73:f7:37:33:a6:24:
f3:25:30:46:f5:9c:8b:5d:41:0a:16:dd:d1:18:f8:e4:76:f7:
31:8a:c1:4f:4e:1d:eb:da:9e:94:08:d9:8f:c1:fc:5e:52:16:
b5:3b:32:e5
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYe3dD+pwXC60xEOx3Eak9XtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMwNDI1MDgwNzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWZlYTJkNjgyYzI2NDQxNTBkYTZkODAwNWZlZTM1NTAyYmY5MjkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAomR8KjKOCWK83gKxWpchxPiqETnN
+CA18Y1d9AQ9njKBOjwpehvWJdLT6/PSH2qjQGPRpnqbEL1bkUPpzj/L9YXHJX30
XBnbEEK46aoyBu1zqvQA92zi+m5o8yOMNkc3tnZMqrIa6K7p2IJ0PO8FaUnLY59F
5aI6M3H6q8ZGiLccC3zq/MFiMI8vczspubo24LreADebQrTT4WqcPtoib2YUtU4I
3/oZuHOmyaBnyIUbB3BTOoYYKaFKK9JUpPaIeQtJhjAqJQS+pbvfxQWe6+r9q+tG
BZlpHoH1dY3G2j7GFxDv4hY2JotoEtpJ3I1RkV1D9iqu8HSjvGzJRuePqwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFMr+otaCwmRBUNptgAX+41UCv5KQMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEveXY2aTFvTENaRUZRMm0yQUJmN2pWUUtfa3BBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKg/pQAMF
AyoRNQAwDQYJKoZIhvcNAQELBQADggEBAGBzIz4TQSmeNph0mtg1LMXwRZnivIWB
sye/yh17xo/XDrBpr3DKtZhae8GXzLCP4KW4DdYI1GpO1V83iPu8a6GKcqWPs/1a
ml74Xlnqsufe5myhFvsBFI7xBhkieIGqVJQYnS9m1rbc/JLC9DapnQqrgayxyG8f
3ot7RQR7q4NrPI7iR2pnzrrCQretKZWAteRE64AcQAth8EMwXuf77IovHZF8ZF37
C220OBFJ3PmLz+zVyfRBZNXBkCefnHcuicFepnkjL6guRoEUKqEwERYhkHP3NzOm
JPMlMEb1nItdQQoW3dEY+OR29zGKwU9OHevanpQI2Y/B/F5SFrU7MuU=
-----END CERTIFICATE-----
Generated at Mon Apr 21 22:22:06 2025 by rpki-client