Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/IjkFi6NbYj-y_3FN7gf-wim1how.roa
File: IjkFi6NbYj-y_3FN7gf-wim1how.roa (raw, json)
Hash identifier: vdpbWSi5TOk1qZKNWl29n0/nqXu50wnHPIXn/hLBoF0=
Subject key identifier: 22:39:05:8B:A3:5B:62:3F:B2:FF:71:4D:EE:07:FE:C2:29:B5:86:8C
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0186EC603A48B6014B558176E5620BB62BC3
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/IjkFi6NbYj-y_3FN7gf-wim1how.roa
Signing time: Thu 16 Mar 2023 21:42:54 +0000
ROA not before: Thu 16 Mar 2023 21:42:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 10753
IP address blocks: 2a07:7880::/29 maxlen: 29
2a0f:7d00:3::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:ec:60:3a:48:b6:01:4b:55:81:76:e5:62:0b:b6:2b:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Mar 16 21:42:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2239058ba35b623fb2ff714dee07fec229b5868c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:22:52:0a:4c:54:18:9e:be:e2:f7:8f:76:00:
48:57:61:ed:cc:10:be:fe:64:98:dd:5d:f3:a8:e4:
58:d4:9f:da:9b:d7:f0:16:bb:22:4c:4f:c2:dc:a9:
ba:ed:9b:a6:23:df:5d:ca:b8:89:ce:bc:db:e5:a8:
2e:16:00:ae:4a:4f:17:d7:ed:e2:35:87:6e:35:f6:
c3:55:91:20:3f:84:0b:c1:89:67:12:9b:11:e5:a1:
d9:38:2c:d4:a8:04:a8:b5:be:3b:97:d2:a3:a4:5d:
26:05:e7:2e:53:de:30:7b:54:54:4a:e7:59:d1:5d:
1e:4c:1b:d7:76:86:e4:50:2b:a0:a2:a9:7b:fa:9c:
e0:4b:fd:35:e4:11:48:9f:d3:8c:f3:10:3c:ea:d9:
ab:bb:b2:55:6e:38:c4:2b:21:ce:bd:63:21:2a:f1:
72:5e:46:ce:95:06:fa:2f:0c:20:eb:0c:ec:a7:d9:
fe:9b:88:5e:d4:c6:44:e6:f3:b1:7e:e5:ab:9c:5c:
79:11:aa:16:47:f3:9a:a1:2e:8c:95:2b:1e:8f:fc:
13:c6:61:91:e4:36:7b:64:a6:45:75:4c:47:a0:29:
7a:3f:28:50:23:eb:59:e2:f3:6d:c6:30:7e:b8:03:
b9:8e:5e:1f:67:19:57:3b:25:26:d7:8f:7d:95:13:
43:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:39:05:8B:A3:5B:62:3F:B2:FF:71:4D:EE:07:FE:C2:29:B5:86:8C
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/IjkFi6NbYj-y_3FN7gf-wim1how.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:7880::/29
2a0f:7d00:3::/48
Signature Algorithm: sha256WithRSAEncryption
27:75:25:ef:9e:cb:be:20:f4:f9:95:fb:59:98:cf:23:7b:c4:
56:91:06:52:f6:75:b7:27:de:ff:59:32:81:11:50:b4:26:2d:
8f:d6:39:40:36:31:21:8a:d7:eb:fd:85:84:2b:b7:12:3d:1a:
e8:95:2c:f5:56:32:16:d9:82:02:14:bd:9c:9b:35:d0:94:fc:
bd:e7:8b:1e:b9:d6:2a:a9:b7:c5:7c:7b:11:67:df:61:6c:29:
c3:a3:ac:7a:3f:a3:74:ac:ee:42:51:0e:6b:06:f1:23:a6:ae:
96:97:54:38:54:5b:ae:43:b7:68:08:67:90:6a:c2:74:ed:01:
a0:ad:d6:de:52:77:02:78:13:60:d0:df:2e:69:0b:2e:79:20:
ba:51:3a:66:3c:70:9e:ef:a1:1b:ea:01:5b:ff:c9:56:e8:a8:
ef:a4:f1:23:ed:04:3c:d2:2d:96:39:86:2b:49:f0:83:e8:d8:
54:d4:fd:e9:45:23:97:15:b1:1b:76:26:ee:c4:21:a1:61:04:
4d:d5:72:2f:b3:64:d9:65:ee:84:5f:90:23:68:1f:a7:b5:cd:
31:5f:02:d0:80:20:a7:02:e2:85:88:de:d9:2d:dc:4d:fb:04:
76:b3:b6:86:91:f7:6d:20:dc:94:e4:69:af:6c:95:ae:5b:97:
1b:cc:5f:60
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAYbsYDpItgFLVYF25WILtivDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMwMzE2MjE0MjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjM5MDU4YmEzNWI2MjNmYjJmZjcxNGRlZTA3ZmVjMjI5YjU4NjhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAriJSCkxUGJ6+4vePdgBIV2HtzBC+
/mSY3V3zqORY1J/am9fwFrsiTE/C3Km67ZumI99dyriJzrzb5aguFgCuSk8X1+3i
NYduNfbDVZEgP4QLwYlnEpsR5aHZOCzUqASotb47l9KjpF0mBecuU94we1RUSudZ
0V0eTBvXdobkUCugoql7+pzgS/015BFIn9OM8xA86tmru7JVbjjEKyHOvWMhKvFy
XkbOlQb6Lwwg6wzsp9n+m4he1MZE5vOxfuWrnFx5EaoWR/OaoS6MlSsej/wTxmGR
5DZ7ZKZFdUxHoCl6PyhQI+tZ4vNtxjB+uAO5jl4fZxlXOyUm1499lRNDGQIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFCI5BYujW2I/sv9xTe4H/sIptYaMMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvSWprRmk2TmJZai15XzNGTjdnZi13aW0xaG93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQAwUDKgd4gAMH
ACoPfQAAAzANBgkqhkiG9w0BAQsFAAOCAQEAJ3Ul757LviD0+ZX7WZjPI3vEVpEG
UvZ1tyfe/1kygRFQtCYtj9Y5QDYxIYrX6/2FhCu3Ej0a6JUs9VYyFtmCAhS9nJs1
0JT8veeLHrnWKqm3xXx7EWffYWwpw6Osej+jdKzuQlEOawbxI6aulpdUOFRbrkO3
aAhnkGrCdO0BoK3W3lJ3AngTYNDfLmkLLnkgulE6Zjxwnu+hG+oBW//JVuio76Tx
I+0EPNItljmGK0nwg+jYVNT96UUjlxWxG3Ym7sQhoWEETdVyL7Nk2WXuhF+QI2gf
p7XNMV8C0IAgpwLihYje2S3cTfsEdrO2hpH3bSDclORpr2yVrluXG8xfYA==
-----END CERTIFICATE-----
Generated at Sun May 11 09:14:38 2025 by rpki-client