Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/8R5-hJDZImXKrSI91JE0vY9ioVg.roa
File: 8R5-hJDZImXKrSI91JE0vY9ioVg.roa (raw, json)
Hash identifier: FM54/oHZIc6ocTeK9o934/MDqrcqVZJFfG/KkLn5YSI=
Subject key identifier: F1:1E:7E:84:90:D9:22:65:CA:AD:22:3D:D4:91:34:BD:8F:62:A1:58
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018443D6A0C42444AE91171DF8F8BC68F0A9
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/8R5-hJDZImXKrSI91JE0vY9ioVg.roa
Signing time: Fri 04 Nov 2022 18:10:50 +0000
ROA not before: Fri 04 Nov 2022 18:10:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 400177
IP address blocks: 2a13:540::/29 maxlen: 29
2a0a:7d00::/29 maxlen: 29
2a13:5c80::/29 maxlen: 29
2a07:8a40::/29 maxlen: 29
2a0c:d380::/29 maxlen: 29
2a13:3080::/29 maxlen: 29
2a13:3380::/29 maxlen: 29
2a0f:d200::/29 maxlen: 29
2a13:5b80::/29 maxlen: 29
2a13:7d80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:43:d6:a0:c4:24:44:ae:91:17:1d:f8:f8:bc:68:f0:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Nov 4 18:10:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f11e7e8490d92265caad223dd49134bd8f62a158
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:a0:d7:c3:59:08:e1:08:9d:7e:dc:02:e9:39:
38:c9:8b:74:33:eb:19:66:30:da:ad:fd:43:0c:5f:
2f:8b:f2:df:c4:0d:07:4d:de:cc:90:54:b0:b0:79:
62:93:93:d0:7f:29:9d:95:65:39:21:87:82:00:ac:
bc:03:0b:47:0f:cd:00:5c:f1:10:c9:cf:11:9c:dc:
66:b0:16:b2:04:35:5c:99:f4:06:95:2b:97:aa:26:
59:fd:b8:60:83:ea:c4:a1:0e:94:5a:ed:dc:94:82:
3c:b1:17:ad:3e:1f:90:36:39:69:7d:c2:fd:ac:77:
cf:3f:52:0c:4f:fc:59:b9:e4:00:73:53:43:75:7a:
ce:ab:61:e6:93:35:58:d3:60:eb:f2:ab:12:17:ed:
33:65:c0:09:88:c8:01:ae:f2:f4:6e:fd:85:65:6a:
a4:a3:3c:14:8a:21:67:8a:cd:58:a2:5f:69:18:57:
46:f3:fa:ac:56:93:84:a2:39:72:f2:57:4f:e1:44:
6a:1c:3b:95:5a:3e:62:f1:a8:c9:0d:0b:14:7b:e9:
82:db:fb:64:59:d7:d7:ee:4f:3d:93:f9:b6:a6:70:
8c:6d:fd:82:38:cc:e1:94:f4:d6:14:92:b7:d3:f9:
c2:34:7c:b7:65:5b:d3:33:d1:73:0f:87:12:96:4f:
79:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:1E:7E:84:90:D9:22:65:CA:AD:22:3D:D4:91:34:BD:8F:62:A1:58
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/8R5-hJDZImXKrSI91JE0vY9ioVg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:8a40::/29
2a0a:7d00::/29
2a0c:d380::/29
2a0f:d200::/29
2a13:540::/29
2a13:3080::/29
2a13:3380::/29
2a13:5b80::/29
2a13:5c80::/29
2a13:7d80::/29
Signature Algorithm: sha256WithRSAEncryption
65:15:ae:c2:04:c1:e2:a7:e9:66:75:fd:c6:47:31:cf:89:54:
be:7d:6b:42:46:cd:9e:bb:6a:ad:ac:b6:6b:e2:d7:40:d3:a1:
e8:27:58:13:6b:e8:23:bf:4b:fc:0d:49:b0:cc:c5:c6:04:77:
8c:d8:8c:0c:24:f3:be:9a:90:9e:50:b7:95:55:89:41:3c:b1:
9a:3a:66:6d:0e:2a:f7:96:d5:78:db:46:70:e9:a6:8f:9d:6f:
9e:d1:09:9f:f0:96:b6:e5:98:e6:1c:85:30:6a:00:8e:6b:07:
8e:fc:d3:88:d7:67:d4:a0:0c:72:f3:bb:83:66:73:01:dd:56:
3d:a7:63:3f:3c:a2:24:5b:30:b9:17:0e:10:d6:57:ca:29:a2:
bb:21:43:e7:e2:98:d3:75:07:47:25:cc:9c:b8:88:55:d4:cb:
52:c1:0d:dc:4a:22:32:4b:24:53:6d:94:c9:22:67:60:bb:9e:
e8:8a:78:6b:8d:d5:ff:e1:a4:6e:9e:fb:11:ce:ae:7e:37:16:
59:29:c2:13:05:72:0f:53:16:f7:80:d0:68:62:8d:16:41:a7:
06:b5:c4:82:e2:28:f7:a4:9f:80:2f:ef:b1:dc:17:9e:b9:c2:
64:47:94:45:c5:f0:fa:33:1e:05:7c:25:d6:3a:2d:94:cb:8c:
61:ce:51:8b
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAYRD1qDEJESukRcd+Pi8aPCpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjIxMTA0MTgxMDUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTFlN2U4NDkwZDkyMjY1Y2FhZDIyM2RkNDkxMzRiZDhmNjJhMTU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj6DXw1kI4QidftwC6Tk4yYt0M+sZ
ZjDarf1DDF8vi/LfxA0HTd7MkFSwsHlik5PQfymdlWU5IYeCAKy8AwtHD80AXPEQ
yc8RnNxmsBayBDVcmfQGlSuXqiZZ/bhgg+rEoQ6UWu3clII8sRetPh+QNjlpfcL9
rHfPP1IMT/xZueQAc1NDdXrOq2HmkzVY02Dr8qsSF+0zZcAJiMgBrvL0bv2FZWqk
ozwUiiFnis1Yol9pGFdG8/qsVpOEojly8ldP4URqHDuVWj5i8ajJDQsUe+mC2/tk
WdfX7k89k/m2pnCMbf2COMzhlPTWFJK30/nCNHy3ZVvTM9FzD4cSlk95iQIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFPEefoSQ2SJlyq0iPdSRNL2PYqFYMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvOFI1LWhKRFpJbVhLclNJOTFKRTB2WTlpb1ZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjBMBAIAAjBGAwUDKgeKQAMF
AyoKfQADBQMqDNOAAwUDKg/SAAMFAyoTBUADBQMqEzCAAwUDKhMzgAMFAyoTW4AD
BQMqE1yAAwUDKhN9gDANBgkqhkiG9w0BAQsFAAOCAQEAZRWuwgTB4qfpZnX9xkcx
z4lUvn1rQkbNnrtqray2a+LXQNOh6CdYE2voI79L/A1JsMzFxgR3jNiMDCTzvpqQ
nlC3lVWJQTyxmjpmbQ4q95bVeNtGcOmmj51vntEJn/CWtuWY5hyFMGoAjmsHjvzT
iNdn1KAMcvO7g2ZzAd1WPadjPzyiJFswuRcOENZXyimiuyFD5+KY03UHRyXMnLiI
VdTLUsEN3EoiMkskU22UySJnYLue6Ip4a43V/+Gkbp77Ec6ufjcWWSnCEwVyD1MW
94DQaGKNFkGnBrXEguIo96SfgC/vsdwXnrnCZEeURcXw+jMeBXwl1jotlMuMYc5R
iw==
-----END CERTIFICATE-----
Generated at Sun May 11 17:03:53 2025 by rpki-client