Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/zNvw2mS1cyQ6cyGkoBr4zoffMbg.roa
File: zNvw2mS1cyQ6cyGkoBr4zoffMbg.roa (raw, json)
Hash identifier: d/sBaaQfIxPPlzqnFqZf0PYiMIKKZQ3F6ygaMvtZDQM=
Subject key identifier: CC:DB:F0:DA:64:B5:73:24:3A:73:21:A4:A0:1A:F8:CE:87:DF:31:B8
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018798738AE6AFE5E2A87F49DA5BAAFF2608
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/zNvw2mS1cyQ6cyGkoBr4zoffMbg.roa
Signing time: Wed 19 Apr 2023 07:38:41 +0000
ROA not before: Wed 19 Apr 2023 07:38:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20473
IP address blocks: 2a0f:7d00:1::/48 maxlen: 48
2a12:d6c1::/32 maxlen: 32
2a0a:2d00:1::/48 maxlen: 48
2a0f:7d00:5::/48 maxlen: 48
2a0c:7884::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:98:73:8a:e6:af:e5:e2:a8:7f:49:da:5b:aa:ff:26:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Apr 19 07:38:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ccdbf0da64b573243a7321a4a01af8ce87df31b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:7e:ec:aa:e8:83:19:29:ba:54:f9:46:20:69:
94:bd:25:10:47:43:9f:e4:25:02:50:6b:28:1b:7e:
c6:b7:0b:0d:30:74:bc:2f:36:21:e4:4a:db:4c:01:
82:40:25:fa:c3:d1:0a:ee:54:09:67:a0:b6:b4:86:
af:40:0c:b6:da:4e:be:b2:09:0c:ed:fe:9e:6b:6e:
b4:a4:c9:df:f9:07:dc:ef:d1:13:48:6e:52:76:e5:
89:60:55:ec:8c:2c:b8:4e:c9:7b:3a:7d:2a:ae:4d:
12:1e:56:79:c9:d2:ec:4c:d8:1a:c1:f8:e2:b2:ab:
98:00:bd:3c:3b:11:1a:ab:15:1b:f4:29:92:b3:fd:
03:d8:72:b6:92:1b:1a:fc:23:7c:38:71:9f:28:9e:
a7:d7:a5:32:0f:18:a5:d7:ba:61:89:7f:79:81:2e:
d5:6a:0f:64:b8:9a:d3:a1:78:78:dc:b1:0c:18:26:
c5:e8:08:06:e7:01:5b:45:06:b1:9e:53:5f:ef:26:
fb:5d:0d:91:4e:84:d1:f3:35:36:39:15:00:95:e1:
c6:64:37:d3:fb:91:dc:dd:2a:01:d5:89:7e:8d:f0:
94:a8:1c:fa:50:54:84:d4:c6:2d:64:46:3f:4f:19:
f8:a1:56:aa:6f:68:f5:46:f1:3b:5d:9a:b0:df:bf:
f6:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:DB:F0:DA:64:B5:73:24:3A:73:21:A4:A0:1A:F8:CE:87:DF:31:B8
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/zNvw2mS1cyQ6cyGkoBr4zoffMbg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:2d00:1::/48
2a0c:7884::/32
2a0f:7d00:1::/48
2a0f:7d00:5::/48
2a12:d6c1::/32
Signature Algorithm: sha256WithRSAEncryption
b1:a2:16:b9:8e:d8:ec:49:9c:a4:9a:06:cb:07:e6:dd:6a:62:
0a:eb:99:b4:9d:91:e0:48:80:ad:6f:9b:7f:df:2d:15:75:e0:
1d:be:83:b3:02:af:f9:56:88:27:b0:dd:3c:ab:12:68:a6:50:
74:ba:09:54:d4:8c:17:41:cd:a9:12:ea:2c:b2:e2:db:49:d0:
a3:2a:29:1d:97:83:11:c3:6b:04:a6:7a:a9:44:d8:de:ad:51:
ca:0a:eb:65:9c:2e:f2:a5:07:76:f0:cd:cb:b7:1f:4c:14:34:
55:aa:a9:9a:bd:c3:6e:d5:3c:c6:80:db:e8:c1:2a:73:b5:b1:
39:4b:21:6d:73:69:38:cb:fc:65:5b:b6:d8:13:07:94:87:72:
48:6a:50:f2:c8:74:50:3a:c9:c5:0a:4f:73:d6:cb:06:90:19:
32:a6:5b:a4:89:85:5d:bc:5a:9a:ad:ab:ca:02:31:72:ed:b1:
f2:30:36:e1:e0:73:b1:ac:bc:11:b1:06:4b:38:c5:2e:8c:c7:
bb:b2:62:55:94:65:f4:0c:a6:99:70:a3:7e:1e:0b:37:c0:78:
69:10:2a:5b:43:45:29:1c:d1:83:3d:a7:d0:bf:b1:77:46:21:
10:a3:79:fc:cd:d4:a7:a1:39:d7:a9:4b:fc:1c:e7:59:18:e2:
a0:53:9f:65
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYeYc4rmr+XiqH9J2luq/yYIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMwNDE5MDczODQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjY2RiZjBkYTY0YjU3MzI0M2E3MzIxYTRhMDFhZjhjZTg3ZGYzMWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhH7squiDGSm6VPlGIGmUvSUQR0Of
5CUCUGsoG37GtwsNMHS8LzYh5ErbTAGCQCX6w9EK7lQJZ6C2tIavQAy22k6+sgkM
7f6ea260pMnf+Qfc79ETSG5SduWJYFXsjCy4Tsl7On0qrk0SHlZ5ydLsTNgawfji
squYAL08OxEaqxUb9CmSs/0D2HK2khsa/CN8OHGfKJ6n16UyDxil17phiX95gS7V
ag9kuJrToXh43LEMGCbF6AgG5wFbRQaxnlNf7yb7XQ2RToTR8zU2ORUAleHGZDfT
+5Hc3SoB1Yl+jfCUqBz6UFSE1MYtZEY/Txn4oVaqb2j1RvE7XZqw37/2gQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFMzb8NpktXMkOnMhpKAa+M6H3zG4MB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvek52dzJtUzFjeVE2Y3lHa29CcjR6b2ZmTWJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAvBAIAAjApAwcAKgotAAAB
AwUAKgx4hAMHACoPfQAAAQMHACoPfQAABQMFACoS1sEwDQYJKoZIhvcNAQELBQAD
ggEBALGiFrmO2OxJnKSaBssH5t1qYgrrmbSdkeBIgK1vm3/fLRV14B2+g7MCr/lW
iCew3TyrEmimUHS6CVTUjBdBzakS6iyy4ttJ0KMqKR2XgxHDawSmeqlE2N6tUcoK
62WcLvKlB3bwzcu3H0wUNFWqqZq9w27VPMaA2+jBKnO1sTlLIW1zaTjL/GVbttgT
B5SHckhqUPLIdFA6ycUKT3PWywaQGTKmW6SJhV28Wpqtq8oCMXLtsfIwNuHgc7Gs
vBGxBks4xS6Mx7uyYlWUZfQMpplwo34eCzfAeGkQKltDRSkc0YM9p9C/sXdGIRCj
efzN1KehOdepS/wc51kY4qBTn2U=
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:01:49 2025 by rpki-client