Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/ILxtgHIVrNJcq3N4PVTvrCSjEcc.roa
File: ILxtgHIVrNJcq3N4PVTvrCSjEcc.roa (raw, json)
Hash identifier: EDez3RdqVW65aCSh07tmIiQCbY+EsV0BPgZMM3PiWUM=
Subject key identifier: 20:BC:6D:80:72:15:AC:D2:5C:AB:73:78:3D:54:EF:AC:24:A3:11:C7
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01827C781EFF9C0C29129DF18061A87A8EAE
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/ILxtgHIVrNJcq3N4PVTvrCSjEcc.roa
Signing time: Mon 08 Aug 2022 08:00:23 +0000
ROA not before: Mon 08 Aug 2022 08:00:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203629
IP address blocks: 2a0e:9b00::/29 maxlen: 29
2a0f:1380::/29 maxlen: 29
2a0f:1480::/29 maxlen: 29
2a0f:1580::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:7c:78:1e:ff:9c:0c:29:12:9d:f1:80:61:a8:7a:8e:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Aug 8 08:00:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=20bc6d807215acd25cab73783d54efac24a311c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:f9:8e:bb:16:35:66:f1:ee:e9:70:22:be:84:
5a:f2:ed:88:d2:4a:29:db:1f:fc:81:37:d4:e3:f4:
89:a4:80:3c:2f:f1:81:a4:c3:91:ce:c1:97:99:72:
76:2c:b0:22:16:c5:74:7f:f4:da:01:8d:e0:1b:3a:
b6:19:41:94:13:e6:60:ec:e8:2b:78:6e:d0:bf:e7:
c8:3d:0f:10:c4:1e:f3:a2:41:3e:f1:b5:ea:b2:94:
32:4b:81:f9:43:2a:f3:0a:85:98:f6:5d:32:04:ad:
6e:57:e5:cf:d9:5d:ae:0f:73:83:14:d7:95:c1:4d:
86:ab:3b:2e:68:52:f6:50:c2:bf:ae:73:5b:82:0d:
c1:c9:bd:3f:65:93:72:f3:12:1e:fe:33:f5:42:d1:
45:a9:77:bb:42:bc:72:0a:98:28:65:b2:ac:16:f1:
35:1e:52:e6:92:db:6c:e1:8b:a8:ba:db:0e:a5:1d:
4a:9b:27:8f:a1:ee:60:ba:da:77:60:d8:15:ee:25:
d3:33:3f:f4:2e:08:64:50:ec:65:a5:9e:a0:87:04:
f3:0c:0c:b9:30:ef:b6:f5:0d:71:1d:02:1c:ba:c8:
5a:58:31:b4:28:30:85:ac:95:86:14:a6:58:30:b4:
8c:6b:41:0d:b1:f2:67:68:e9:db:8b:26:0b:e2:16:
9b:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:BC:6D:80:72:15:AC:D2:5C:AB:73:78:3D:54:EF:AC:24:A3:11:C7
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/ILxtgHIVrNJcq3N4PVTvrCSjEcc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:9b00::/29
2a0f:1380::/29
2a0f:1480::/29
2a0f:1580::/29
Signature Algorithm: sha256WithRSAEncryption
97:11:2e:f5:ee:ed:a5:d4:72:d9:53:16:41:da:25:03:7c:65:
eb:75:25:af:96:37:cc:50:2b:8c:b9:6d:09:43:3f:cc:86:e3:
f7:b3:79:4a:bc:49:3c:21:37:e5:b5:a1:7d:5f:5e:96:5b:f3:
8e:88:06:1c:99:d8:f6:be:5b:e7:bb:28:66:ea:8a:b6:44:ef:
64:2b:ab:d2:e8:ca:f8:b5:97:6c:f9:89:79:3c:60:9d:21:d0:
21:5c:80:f6:74:9d:f2:34:93:bb:02:2a:76:e8:c4:95:66:b1:
26:cc:ea:5c:b4:3e:15:ca:6a:b0:dd:4b:1d:93:e0:8e:c8:b6:
4b:30:2f:53:37:d1:c3:58:e2:18:b0:53:9e:8e:e0:11:45:1c:
2b:b5:25:27:1c:f5:8e:16:1a:9c:60:70:85:2a:0a:a3:b7:84:
72:7b:e4:58:74:81:30:30:cf:1e:fc:e2:78:6c:d6:c6:5d:78:
73:cd:cd:17:7b:97:6c:32:47:a9:2e:96:b5:da:18:92:c0:94:
92:ad:fd:ce:dc:e4:1d:3a:b0:cc:5b:30:ae:27:85:15:23:cd:
2c:81:f5:38:e0:e7:4c:2b:9d:8a:22:c5:f9:b7:26:f3:1a:ff:
e9:d0:47:28:9f:74:ec:76:55:ac:bd:98:5b:97:bd:c3:d1:19:
c0:5c:03:73
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYJ8eB7/nAwpEp3xgGGoeo6uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjIwODA4MDgwMDIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMGJjNmQ4MDcyMTVhY2QyNWNhYjczNzgzZDU0ZWZhYzI0YTMxMWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAufmOuxY1ZvHu6XAivoRa8u2I0kop
2x/8gTfU4/SJpIA8L/GBpMORzsGXmXJ2LLAiFsV0f/TaAY3gGzq2GUGUE+Zg7Ogr
eG7Qv+fIPQ8QxB7zokE+8bXqspQyS4H5QyrzCoWY9l0yBK1uV+XP2V2uD3ODFNeV
wU2GqzsuaFL2UMK/rnNbgg3Byb0/ZZNy8xIe/jP1QtFFqXe7QrxyCpgoZbKsFvE1
HlLmktts4YuoutsOpR1KmyePoe5gutp3YNgV7iXTMz/0LghkUOxlpZ6ghwTzDAy5
MO+29Q1xHQIcushaWDG0KDCFrJWGFKZYMLSMa0ENsfJnaOnbiyYL4habgQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFCC8bYByFazSXKtzeD1U76wkoxHHMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvSUx4dGdISVZyTkpjcTNONFBWVHZyQ1NqRWNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUDKg6bAAMF
AyoPE4ADBQMqDxSAAwUDKg8VgDANBgkqhkiG9w0BAQsFAAOCAQEAlxEu9e7tpdRy
2VMWQdolA3xl63Ulr5Y3zFArjLltCUM/zIbj97N5SrxJPCE35bWhfV9ellvzjogG
HJnY9r5b57soZuqKtkTvZCur0ujK+LWXbPmJeTxgnSHQIVyA9nSd8jSTuwIqdujE
lWaxJszqXLQ+FcpqsN1LHZPgjsi2SzAvUzfRw1jiGLBTno7gEUUcK7UlJxz1jhYa
nGBwhSoKo7eEcnvkWHSBMDDPHvzieGzWxl14c83NF3uXbDJHqS6WtdoYksCUkq39
ztzkHTqwzFswrieFFSPNLIH1OODnTCudiiLF+bcm8xr/6dBHKJ907HZVrL2YW5e9
w9EZwFwDcw==
-----END CERTIFICATE-----
Generated at Thu May 8 04:00:33 2025 by rpki-client