Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/z1J778RjShCSS-deQ2Y9JVBITLQ.roa
File: z1J778RjShCSS-deQ2Y9JVBITLQ.roa (raw, json)
Hash identifier: 0iKYy6e3hxmH09AF0ZRdS71ME+suJrn7uAsjsFW4Q7w=
Subject key identifier: CF:52:7B:EF:C4:63:4A:10:92:4B:E7:5E:43:66:3D:25:50:48:4C:B4
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0185E579A883EFD778E9287F6E9FBDE0D581
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/z1J778RjShCSS-deQ2Y9JVBITLQ.roa
Signing time: Tue 24 Jan 2023 20:30:33 +0000
ROA not before: Tue 24 Jan 2023 20:30:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8772
IP address blocks: 2a0a:1400::/29 maxlen: 29
2a0f:e040::/29 maxlen: 29
2a0f:2100::/29 maxlen: 29
2a0c:9240::/29 maxlen: 29
2a0f:e6c0::/29 maxlen: 29
2a0f:8300::/29 maxlen: 29
2a0f:8100::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e5:79:a8:83:ef:d7:78:e9:28:7f:6e:9f:bd:e0:d5:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jan 24 20:30:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cf527befc4634a10924be75e43663d2550484cb4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:92:66:04:7d:30:7f:81:48:54:55:82:b1:76:
61:64:87:64:23:4c:fb:7b:05:38:aa:56:91:a6:bc:
e1:f7:f9:d3:4c:c7:1a:6e:01:df:53:12:bd:c1:48:
f5:0d:bb:8d:5d:4e:dc:65:8a:af:57:82:de:3e:67:
00:d4:73:5f:e2:1d:9e:db:c7:11:f3:dc:3b:c8:83:
9e:73:d5:e7:d4:fb:a6:85:a5:66:ad:50:6f:54:d8:
aa:ec:5f:0f:d5:d1:c5:cd:70:49:f6:15:8b:65:ff:
ec:ce:68:be:82:8e:e2:5e:b6:73:d1:9b:1c:5d:f0:
97:a5:33:1c:5c:75:80:55:42:6f:67:3e:87:78:cb:
17:0d:c7:aa:5b:02:a5:de:a4:37:30:aa:09:d8:09:
2c:31:6c:ae:20:07:82:5d:6e:9d:96:eb:71:88:a3:
09:85:8b:c4:ba:7f:a9:76:3c:17:45:c6:75:8c:2c:
1d:bb:13:80:6e:c1:c1:f6:5f:9d:5b:92:5d:ea:c9:
0b:99:32:88:ae:fd:35:cf:01:3e:84:bc:0d:6f:a7:
ae:7c:57:59:e3:8d:7a:2f:a8:2b:72:84:8c:9d:62:
b6:de:c3:30:9e:2e:9d:2f:ab:7d:20:b6:d2:1d:8f:
96:27:6c:6c:3a:a1:b0:1b:d6:b1:63:25:ce:17:85:
55:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:52:7B:EF:C4:63:4A:10:92:4B:E7:5E:43:66:3D:25:50:48:4C:B4
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/z1J778RjShCSS-deQ2Y9JVBITLQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:1400::/29
2a0c:9240::/29
2a0f:2100::/29
2a0f:8100::/29
2a0f:8300::/29
2a0f:e040::/29
2a0f:e6c0::/29
Signature Algorithm: sha256WithRSAEncryption
71:0d:7b:08:46:5a:b3:ce:33:5b:4b:57:c2:92:f8:f1:a6:2d:
2e:1d:44:27:ac:4c:af:10:0e:39:8e:5c:68:e7:ee:79:a3:8d:
6b:83:a4:16:52:77:15:4c:4c:e7:af:f0:98:cd:9f:7c:ae:b6:
41:aa:b5:3f:50:ad:e2:7a:e1:4f:3c:e8:50:99:d5:23:ee:f3:
52:90:0b:da:67:d0:91:08:e8:1f:8f:9f:52:ce:9d:16:a6:52:
0e:36:80:62:0b:0d:85:21:7c:a6:9a:47:79:4c:a3:e3:97:af:
93:86:20:85:be:f1:fb:7e:dd:b3:dd:61:a6:b7:34:d6:78:d6:
10:76:4b:71:a5:e7:cf:79:9e:cb:a5:c5:0a:3d:64:03:bc:72:
2e:7c:61:e0:e9:90:70:50:7c:8a:4a:90:99:31:0c:83:14:8c:
4e:16:7b:37:bf:c5:1e:32:12:33:96:35:b6:e5:fc:a5:51:09:
a2:e5:a3:0f:99:f9:f0:f5:50:da:5b:3e:6a:55:7a:7c:b1:cd:
cd:5b:3a:eb:00:e6:e9:ba:27:79:db:88:e9:45:a3:dd:ac:e5:
98:df:6c:9e:ac:fb:93:b2:9a:98:ef:e5:f2:27:67:63:89:e0:
18:cc:4a:22:3b:43:0a:98:d6:82:8a:a9:14:36:66:ca:71:e3:
bf:38:c4:2e
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAYXleaiD79d46Sh/bp+94NWBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMwMTI0MjAzMDMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjUyN2JlZmM0NjM0YTEwOTI0YmU3NWU0MzY2M2QyNTUwNDg0Y2I0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgZJmBH0wf4FIVFWCsXZhZIdkI0z7
ewU4qlaRprzh9/nTTMcabgHfUxK9wUj1DbuNXU7cZYqvV4LePmcA1HNf4h2e28cR
89w7yIOec9Xn1PumhaVmrVBvVNiq7F8P1dHFzXBJ9hWLZf/szmi+go7iXrZz0Zsc
XfCXpTMcXHWAVUJvZz6HeMsXDceqWwKl3qQ3MKoJ2AksMWyuIAeCXW6dlutxiKMJ
hYvEun+pdjwXRcZ1jCwduxOAbsHB9l+dW5Jd6skLmTKIrv01zwE+hLwNb6eufFdZ
4416L6grcoSMnWK23sMwni6dL6t9ILbSHY+WJ2xsOqGwG9axYyXOF4VVEwIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFM9Se+/EY0oQkkvnXkNmPSVQSEy0MB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvejFKNzc4UmpTaENTUy1kZVEyWTlKVkJJVExRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTA3BAIAAjAxAwUDKgoUAAMF
AyoMkkADBQMqDyEAAwUDKg+BAAMFAyoPgwADBQMqD+BAAwUDKg/mwDANBgkqhkiG
9w0BAQsFAAOCAQEAcQ17CEZas84zW0tXwpL48aYtLh1EJ6xMrxAOOY5caOfueaON
a4OkFlJ3FUxM56/wmM2ffK62Qaq1P1Ct4nrhTzzoUJnVI+7zUpAL2mfQkQjoH4+f
Us6dFqZSDjaAYgsNhSF8pppHeUyj45evk4Yghb7x+37ds91hprc01njWEHZLcaXn
z3mey6XFCj1kA7xyLnxh4OmQcFB8ikqQmTEMgxSMThZ7N7/FHjISM5Y1tuX8pVEJ
ouWjD5n58PVQ2ls+alV6fLHNzVs66wDm6boneduI6UWj3azlmN9snqz7k7KamO/l
8idnY4ngGMxKIjtDCpjWgoqpFDZmynHjvzjELg==
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:01:10 2025 by rpki-client