Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/BbWooVyH8WHwk0uPxJIhPrcIYKg.roa
File: BbWooVyH8WHwk0uPxJIhPrcIYKg.roa (raw, json)
Hash identifier: 9QnE0rnijBQduGUp9oAl8fI+QV2H9sfGFAo4CLMboh8=
Subject key identifier: 05:B5:A8:A1:5C:87:F1:61:F0:93:4B:8F:C4:92:21:3E:B7:08:60:A8
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01856DCAF72B39EC3878880C3BD35096F9CC
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/BbWooVyH8WHwk0uPxJIhPrcIYKg.roa
Signing time: Sun 01 Jan 2023 14:44:56 +0000
ROA not before: Sun 01 Jan 2023 14:44:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205544
IP address blocks: 2a0f:e440::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:ca:f7:2b:39:ec:38:78:88:0c:3b:d3:50:96:f9:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jan 1 14:44:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=05b5a8a15c87f161f0934b8fc492213eb70860a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:42:43:84:7a:ed:a7:be:c4:d0:a5:29:a6:8d:
8a:3e:b5:8f:64:63:a8:f8:d8:64:4f:d2:f8:49:b3:
fc:11:7f:6a:2e:4a:ec:34:d5:1b:a3:c8:b2:6a:e4:
c0:d4:ac:55:bb:40:ef:ce:4d:dd:ec:61:e5:1a:6d:
d2:73:3f:61:7e:a8:18:66:5e:1d:1d:2c:9c:a2:e6:
3a:7f:9b:79:2e:ad:5c:8d:1a:0f:ae:51:a4:28:fe:
d5:0d:b4:6c:0f:ec:92:75:7b:18:08:4d:75:bc:fc:
34:1b:5d:cb:d7:a9:c2:cf:26:c4:ad:90:f6:ad:32:
e1:ff:62:cf:13:38:90:bd:21:5c:34:6e:a2:88:24:
40:40:4b:ab:41:d4:e7:e5:37:e3:e9:ae:46:78:23:
32:7e:30:d0:c3:7c:1b:4b:c4:0e:9b:2b:76:37:5e:
11:3d:f2:ce:6b:06:4b:60:38:52:4e:f0:f0:cc:1f:
fa:c9:f6:2a:6a:95:2d:3c:b8:08:5b:64:16:f3:59:
d1:0a:1b:f2:e4:b0:19:6c:94:48:ac:67:18:bb:38:
33:85:c5:dd:26:78:27:c9:3b:d6:43:07:c7:9a:2e:
2a:84:d5:79:1f:57:6c:e5:a5:ed:aa:b4:7d:6f:d2:
7d:00:6c:20:12:fb:5d:59:66:86:d4:ba:32:4e:d5:
c1:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:B5:A8:A1:5C:87:F1:61:F0:93:4B:8F:C4:92:21:3E:B7:08:60:A8
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/BbWooVyH8WHwk0uPxJIhPrcIYKg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:e440::/29
Signature Algorithm: sha256WithRSAEncryption
7d:9a:5c:0e:5c:91:f3:98:40:bf:90:f8:27:1b:87:9a:19:6c:
ae:b9:7c:5c:93:04:9d:e3:dc:84:1b:ea:bb:f6:ca:39:e1:6b:
1f:40:59:aa:4c:f9:a6:92:77:e3:b4:e5:19:b0:05:33:3e:a6:
77:62:a3:3e:4e:b2:3b:55:d5:23:07:66:50:c1:3e:27:db:fd:
50:bd:e5:5c:8d:70:09:69:8b:f0:47:9b:6f:de:cb:c6:fd:d7:
82:3b:9c:8a:cc:13:ff:43:08:05:48:a7:84:1d:76:c6:c6:3d:
51:8c:9f:7c:7b:7b:d9:68:19:dc:55:b8:d0:37:8f:fe:84:48:
c5:84:e2:dd:eb:68:1d:ee:08:c7:a9:05:15:d7:3c:f3:a8:5c:
1f:79:cb:0f:79:69:8f:a8:c8:fb:c8:7d:d1:78:aa:53:36:8d:
34:b2:28:32:6b:e9:28:85:1f:14:95:cc:7e:a0:03:7d:bb:17:
c5:13:3c:6c:44:fa:58:ba:eb:d6:18:52:a1:6b:ee:24:f4:3a:
65:2f:89:c6:17:0c:e3:04:31:bd:b9:3f:0c:16:a8:cd:10:fd:
68:cf:c4:48:ea:d4:de:db:9c:3e:28:cd:1e:84:f0:59:4d:ea:
46:b7:6f:77:1b:72:df:ac:d4:91:10:d1:a2:2a:49:b6:4d:97:
e4:ce:c5:be
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVtyvcrOew4eIgMO9NQlvnMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMwMTAxMTQ0NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWI1YThhMTVjODdmMTYxZjA5MzRiOGZjNDkyMjEzZWI3MDg2MGE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApEJDhHrtp77E0KUppo2KPrWPZGOo
+NhkT9L4SbP8EX9qLkrsNNUbo8iyauTA1KxVu0Dvzk3d7GHlGm3Scz9hfqgYZl4d
HSycouY6f5t5Lq1cjRoPrlGkKP7VDbRsD+ySdXsYCE11vPw0G13L16nCzybErZD2
rTLh/2LPEziQvSFcNG6iiCRAQEurQdTn5Tfj6a5GeCMyfjDQw3wbS8QOmyt2N14R
PfLOawZLYDhSTvDwzB/6yfYqapUtPLgIW2QW81nRChvy5LAZbJRIrGcYuzgzhcXd
JngnyTvWQwfHmi4qhNV5H1ds5aXtqrR9b9J9AGwgEvtdWWaG1LoyTtXBSwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFAW1qKFch/Fh8JNLj8SSIT63CGCoMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvQmJXb29WeUg4V0h3azB1UHhKSWhQcmNJWUtnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg/kQDAN
BgkqhkiG9w0BAQsFAAOCAQEAfZpcDlyR85hAv5D4JxuHmhlsrrl8XJMEnePchBvq
u/bKOeFrH0BZqkz5ppJ347TlGbAFMz6md2KjPk6yO1XVIwdmUME+J9v9UL3lXI1w
CWmL8Eebb97Lxv3XgjuciswT/0MIBUinhB12xsY9UYyffHt72WgZ3FW40DeP/oRI
xYTi3etoHe4Ix6kFFdc886hcH3nLD3lpj6jI+8h90XiqUzaNNLIoMmvpKIUfFJXM
fqADfbsXxRM8bET6WLrr1hhSoWvuJPQ6ZS+JxhcM4wQxvbk/DBaozRD9aM/ESOrU
3tucPijNHoTwWU3qRrdvdxty36zUkRDRoipJtk2X5M7Fvg==
-----END CERTIFICATE-----
Generated at Thu May 8 08:40:13 2025 by rpki-client