Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/8mMJ5L0GEnVHGXVcQfTa_STRlTA.roa
File: 8mMJ5L0GEnVHGXVcQfTa_STRlTA.roa (raw, json)
Hash identifier: 9oGT8mQwJEjyFICayKHQIaEstaBaErlmoaM5l92Ge/w=
Subject key identifier: F2:63:09:E4:BD:06:12:75:47:19:75:5C:41:F4:DA:FD:24:D1:95:30
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01867D53F89FE17C41DC5372D7923FAC79B3
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/8mMJ5L0GEnVHGXVcQfTa_STRlTA.roa
Signing time: Thu 23 Feb 2023 08:11:40 +0000
ROA not before: Thu 23 Feb 2023 08:11:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 10753
IP address blocks: 2a07:7880::/29 maxlen: 29
2a0f:7d00:3::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:7d:53:f8:9f:e1:7c:41:dc:53:72:d7:92:3f:ac:79:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Feb 23 08:11:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f26309e4bd0612754719755c41f4dafd24d19530
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:ad:95:69:30:0c:28:a0:69:39:a7:f4:b4:d0:
57:f7:82:f5:63:97:ef:80:06:32:a6:39:88:89:36:
f9:a5:8f:cd:02:f5:5a:18:88:c1:50:57:29:f7:9b:
5b:77:1d:34:15:08:f7:a1:bb:60:5c:d2:fa:ab:16:
4f:10:11:0c:a2:d9:cc:27:28:fe:d1:cb:50:f2:75:
13:0b:35:c1:f0:2b:b0:d9:b6:c1:2e:a5:8f:76:1b:
3e:54:1f:bb:94:5e:e6:ba:59:bb:63:a6:75:0e:5e:
42:c7:bc:76:a8:ee:69:76:b5:0e:94:0e:0e:02:2e:
06:07:d6:0e:7d:ea:8b:2c:13:d0:cb:be:15:bf:d8:
c5:75:37:ed:1b:3f:5d:36:2d:d7:a3:98:7c:fe:95:
b3:bf:22:a6:fc:19:fe:12:67:50:e8:a0:77:78:52:
55:9d:10:f3:8b:38:cf:3f:52:c9:66:e0:2d:e1:b9:
36:ce:e2:27:7b:33:be:fb:2a:90:97:25:6d:52:f1:
3e:53:96:b2:47:7d:ef:c1:f8:1a:80:86:9d:63:76:
24:c1:56:49:65:f9:42:fd:c2:c4:c7:6b:36:e1:23:
d4:65:68:a9:96:4b:ba:aa:f7:0d:2c:ea:da:fe:f8:
9f:b0:3a:85:0e:a5:11:14:12:58:e1:29:f7:7b:92:
bc:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:63:09:E4:BD:06:12:75:47:19:75:5C:41:F4:DA:FD:24:D1:95:30
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/8mMJ5L0GEnVHGXVcQfTa_STRlTA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:7880::/29
2a0f:7d00:3::/48
Signature Algorithm: sha256WithRSAEncryption
2f:aa:7d:1e:16:65:1d:b4:62:6d:89:ed:fb:2e:5d:3b:56:ef:
ba:c0:43:7e:c2:06:f0:20:fb:fc:68:d6:d9:35:7c:91:bf:ef:
f2:55:e1:45:c4:29:c7:85:93:0b:31:c1:30:3b:59:2c:c5:f4:
a2:00:9a:ad:41:0a:c3:1a:c5:d7:ba:c3:27:54:47:f2:51:8c:
75:bd:7a:4a:84:1e:61:77:99:1e:bc:ba:49:03:79:c4:db:30:
b9:3b:9d:22:01:32:a0:5a:a2:3c:6f:d0:bd:dd:29:be:c3:86:
a0:6f:18:27:94:f1:36:6e:fa:77:44:c0:74:5a:2f:c2:c1:00:
64:a2:3a:dd:58:fd:9a:d0:02:29:a1:5c:5c:15:8b:20:af:0b:
d2:e5:5c:d3:4d:53:5e:5c:44:bd:3c:94:b4:6b:ab:25:f6:fe:
e2:57:71:c5:60:ee:6a:4d:fd:9a:36:ea:6d:19:91:9c:6e:7e:
37:9c:62:76:f2:e7:52:8a:96:60:77:02:40:48:e2:51:dc:34:
9c:bb:17:96:13:08:29:81:97:43:44:36:f4:58:3d:0f:5f:42:
3f:21:aa:f5:0a:41:2e:e8:bc:2c:a9:06:25:1d:c1:f8:64:92:
ee:49:b1:aa:39:4d:9e:a7:b8:62:4c:e6:f2:63:33:eb:bf:87:
bf:b9:6f:bc
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAYZ9U/if4XxB3FNy15I/rHmzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMwMjIzMDgxMTQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjYzMDllNGJkMDYxMjc1NDcxOTc1NWM0MWY0ZGFmZDI0ZDE5NTMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAia2VaTAMKKBpOaf0tNBX94L1Y5fv
gAYypjmIiTb5pY/NAvVaGIjBUFcp95tbdx00FQj3obtgXNL6qxZPEBEMotnMJyj+
0ctQ8nUTCzXB8Cuw2bbBLqWPdhs+VB+7lF7mulm7Y6Z1Dl5Cx7x2qO5pdrUOlA4O
Ai4GB9YOfeqLLBPQy74Vv9jFdTftGz9dNi3Xo5h8/pWzvyKm/Bn+EmdQ6KB3eFJV
nRDzizjPP1LJZuAt4bk2zuInezO++yqQlyVtUvE+U5ayR33vwfgagIadY3YkwVZJ
ZflC/cLEx2s24SPUZWiplku6qvcNLOra/vifsDqFDqURFBJY4Sn3e5K8vwIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFPJjCeS9BhJ1Rxl1XEH02v0k0ZUwMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvOG1NSjVMMEdFblZIR1hWY1FmVGFfU1RSbFRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQAwUDKgd4gAMH
ACoPfQAAAzANBgkqhkiG9w0BAQsFAAOCAQEAL6p9HhZlHbRibYnt+y5dO1bvusBD
fsIG8CD7/GjW2TV8kb/v8lXhRcQpx4WTCzHBMDtZLMX0ogCarUEKwxrF17rDJ1RH
8lGMdb16SoQeYXeZHry6SQN5xNswuTudIgEyoFqiPG/Qvd0pvsOGoG8YJ5TxNm76
d0TAdFovwsEAZKI63Vj9mtACKaFcXBWLIK8L0uVc001TXlxEvTyUtGurJfb+4ldx
xWDuak39mjbqbRmRnG5+N5xidvLnUoqWYHcCQEjiUdw0nLsXlhMIKYGXQ0Q29Fg9
D19CPyGq9QpBLui8LKkGJR3B+GSS7kmxqjlNnqe4Ykzm8mMz67+Hv7lvvA==
-----END CERTIFICATE-----
Generated at Sun May 11 13:23:23 2025 by rpki-client