Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/0iHmWwiwTUJ9x-uW_XnFRfGILi8.roa
File: 0iHmWwiwTUJ9x-uW_XnFRfGILi8.roa (raw, json)
Hash identifier: MOgznhXm2LJWZFkZMUrTLZjtHd7vzRDkNhvLtTq3ie0=
Subject key identifier: D2:21:E6:5B:08:B0:4D:42:7D:C7:EB:96:FD:79:C5:45:F1:88:2E:2F
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018B1932685AA84AAA398049814DE311DD1A
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/0iHmWwiwTUJ9x-uW_XnFRfGILi8.roa
Signing time: Tue 10 Oct 2023 10:46:55 +0000
ROA not before: Tue 10 Oct 2023 10:46:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20473
IP address blocks: 2a0f:7d00:1::/48 maxlen: 48
2a0a:2d00:1::/48 maxlen: 48
2a0f:7d00:5::/48 maxlen: 48
2a0c:7884::/32 maxlen: 32
2a0f:ea00::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:19:32:68:5a:a8:4a:aa:39:80:49:81:4d:e3:11:dd:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Oct 10 10:46:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d221e65b08b04d427dc7eb96fd79c545f1882e2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:bf:ca:0e:3c:9a:f4:db:64:df:d6:4e:3f:9e:
5b:66:29:31:75:09:35:01:c0:af:71:1e:16:21:d6:
fd:6c:32:e5:ed:ec:f9:ca:b4:52:7e:47:fc:27:8e:
1d:61:0a:29:7c:a5:8d:e6:51:9a:12:93:23:e3:75:
bf:a7:59:b7:89:37:f1:2b:f6:49:cd:71:60:bd:de:
c5:34:db:5d:87:d2:d1:0f:2b:ca:52:12:23:f4:4a:
36:f1:57:06:41:32:d0:c8:17:59:44:0f:cf:0b:b3:
5f:e5:5e:de:a9:ad:7c:91:a5:3a:b4:6d:0a:3f:b9:
c0:ef:2b:63:d9:7a:17:5d:7b:c2:0e:8e:63:0b:fd:
45:90:4a:04:3b:96:8b:0b:49:f5:a3:b9:b1:0c:5b:
78:89:15:76:6f:69:11:7b:dd:8e:3b:44:b0:34:93:
71:15:8a:11:a0:e7:c8:47:f1:4a:34:1d:bc:64:0d:
f8:93:53:c1:db:20:a6:a9:2e:44:59:a7:a0:77:eb:
fc:82:53:b2:13:d4:67:e6:13:2c:4d:be:46:94:27:
bb:e2:d6:2a:e9:33:32:53:c0:16:2d:08:c3:e0:2a:
f3:d6:f1:7b:94:24:6e:66:3a:ac:d6:54:d5:a2:a0:
98:81:22:aa:8d:e4:39:dc:51:06:eb:cc:b4:14:8e:
9d:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:21:E6:5B:08:B0:4D:42:7D:C7:EB:96:FD:79:C5:45:F1:88:2E:2F
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/0iHmWwiwTUJ9x-uW_XnFRfGILi8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:2d00:1::/48
2a0c:7884::/32
2a0f:7d00:1::/48
2a0f:7d00:5::/48
2a0f:ea00::/29
Signature Algorithm: sha256WithRSAEncryption
58:f6:96:80:f6:9f:60:e6:d6:65:1a:f2:72:ae:d6:29:4d:80:
da:d8:59:bd:14:08:6f:54:3d:e6:21:39:02:b9:29:14:6d:84:
98:3b:35:b2:ad:4c:2f:88:8e:58:36:ba:9d:b5:a5:08:f0:2d:
01:03:60:3e:3f:04:02:24:7b:dc:d4:ce:25:d5:95:68:b7:43:
f9:e8:13:94:1c:06:dd:d1:e2:61:a3:22:f0:b5:ad:a4:c9:d9:
5e:2f:21:78:90:2e:d7:86:5b:fd:e5:72:39:d6:dd:13:83:56:
7b:73:c9:da:eb:f6:47:d2:0d:6c:78:d3:7e:42:2e:67:97:8c:
ac:bc:23:1d:bd:e7:c8:10:64:57:4e:1c:e8:4f:24:7e:bf:4b:
8d:55:c7:63:c7:63:fc:d0:13:d8:45:cb:10:9b:65:bc:7d:4b:
4d:91:18:de:d2:16:dd:e1:3e:92:9c:10:eb:ce:ea:b3:c3:d5:
97:b5:72:b0:e5:22:f8:34:69:a4:c8:04:bb:bb:cd:9d:8f:58:
01:fb:22:20:6c:3a:e4:f2:ef:33:1c:84:84:9f:6c:60:d3:04:
cc:96:04:8c:17:9e:ff:e1:55:a3:f9:56:7e:b1:8f:c5:0b:f6:
d4:60:a3:bf:94:a4:14:a4:b1:0f:ff:00:bb:89:9f:b9:ba:e8:
17:21:8d:be
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYsZMmhaqEqqOYBJgU3jEd0aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMxMDEwMTA0NjU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjIxZTY1YjA4YjA0ZDQyN2RjN2ViOTZmZDc5YzU0NWYxODgyZTJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgL/KDjya9Ntk39ZOP55bZikxdQk1
AcCvcR4WIdb9bDLl7ez5yrRSfkf8J44dYQopfKWN5lGaEpMj43W/p1m3iTfxK/ZJ
zXFgvd7FNNtdh9LRDyvKUhIj9Eo28VcGQTLQyBdZRA/PC7Nf5V7eqa18kaU6tG0K
P7nA7ytj2XoXXXvCDo5jC/1FkEoEO5aLC0n1o7mxDFt4iRV2b2kRe92OO0SwNJNx
FYoRoOfIR/FKNB28ZA34k1PB2yCmqS5EWaegd+v8glOyE9Rn5hMsTb5GlCe74tYq
6TMyU8AWLQjD4Crz1vF7lCRuZjqs1lTVoqCYgSKqjeQ53FEG68y0FI6duQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFNIh5lsIsE1Cfcfrlv15xUXxiC4vMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvMGlIbVd3aXdUVUo5eC11V19YbkZSZkdJTGk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAvBAIAAjApAwcAKgotAAAB
AwUAKgx4hAMHACoPfQAAAQMHACoPfQAABQMFAyoP6gAwDQYJKoZIhvcNAQELBQAD
ggEBAFj2loD2n2Dm1mUa8nKu1ilNgNrYWb0UCG9UPeYhOQK5KRRthJg7NbKtTC+I
jlg2up21pQjwLQEDYD4/BAIke9zUziXVlWi3Q/noE5QcBt3R4mGjIvC1raTJ2V4v
IXiQLteGW/3lcjnW3RODVntzydrr9kfSDWx4035CLmeXjKy8Ix2958gQZFdOHOhP
JH6/S41Vx2PHY/zQE9hFyxCbZbx9S02RGN7SFt3hPpKcEOvO6rPD1Ze1crDlIvg0
aaTIBLu7zZ2PWAH7IiBsOuTy7zMchISfbGDTBMyWBIwXnv/hVaP5Vn6xj8UL9tRg
o7+UpBSksQ//ALuJn7m66Bchjb4=
-----END CERTIFICATE-----
Generated at Tue May 13 02:05:34 2025 by rpki-client