Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/LyhYFSkzGBZjrIcX4MIkUU7R_vo.roa
File: LyhYFSkzGBZjrIcX4MIkUU7R_vo.roa (raw, json)
Hash identifier: 100+A6IMBriqupYaGEcI7oLlsqUXWK2zFDPrIwbeMCM=
Subject key identifier: 2F:28:58:15:29:33:18:16:63:AC:87:17:E0:C2:24:51:4E:D1:FE:FA
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018857AAB39242F55E1CD3E67A545022DDA8
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/LyhYFSkzGBZjrIcX4MIkUU7R_vo.roa
Signing time: Fri 26 May 2023 10:46:24 +0000
ROA not before: Fri 26 May 2023 10:46:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205544
IP address blocks: 2a0f:e1c0:1::/48 maxlen: 48
2a0f:e440::/29 maxlen: 29
2a0f:e6c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:57:aa:b3:92:42:f5:5e:1c:d3:e6:7a:54:50:22:dd:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: May 26 10:46:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2f2858152933181663ac8717e0c224514ed1fefa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:f9:68:5d:c3:af:15:7d:19:6e:11:0f:59:7d:
8d:27:6f:2c:a7:7e:2d:ae:69:21:64:67:e5:6e:64:
57:82:76:30:b4:71:fc:1e:ec:f2:75:5b:d3:aa:32:
f7:b7:d3:69:8f:94:04:06:49:0b:d7:0b:a9:35:cf:
63:49:58:a2:48:5e:03:04:52:42:ba:a6:46:fd:c7:
1f:29:98:f0:02:32:ed:73:b2:7b:d5:91:d9:8b:35:
e5:50:50:d3:67:f7:a9:03:10:6d:7b:bc:aa:14:9b:
81:bf:4a:32:3d:a3:9b:60:9e:8b:74:92:68:a9:3a:
b8:9a:d0:9d:4e:18:ab:5c:e1:5e:2a:34:ad:82:d6:
0c:a0:53:8e:ea:3b:b3:c2:7a:08:37:86:65:e5:6f:
04:4a:5b:08:e7:1a:59:a1:72:7a:bb:0f:b7:22:2b:
f1:b8:68:90:a8:5c:ef:98:35:13:dc:ba:20:ab:4c:
30:e1:ed:26:6b:fb:b1:5c:67:11:b8:05:f1:e8:fb:
41:2c:56:d6:9d:23:88:d8:29:ff:be:36:cc:ee:3c:
5e:7a:c7:62:e3:18:b0:e2:7b:69:fc:f8:a9:ee:b4:
17:78:7f:38:30:6e:d4:55:6b:d0:61:54:4e:65:29:
7d:fc:66:f1:ac:0b:48:f2:f9:97:e1:b6:f9:c4:cd:
55:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:28:58:15:29:33:18:16:63:AC:87:17:E0:C2:24:51:4E:D1:FE:FA
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/LyhYFSkzGBZjrIcX4MIkUU7R_vo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:e1c0:1::/48
2a0f:e440::/29
2a0f:e6c0::/32
Signature Algorithm: sha256WithRSAEncryption
6a:2b:a7:7e:a1:a5:e3:b2:e7:b8:d0:91:95:02:45:6d:b5:38:
c7:69:a8:7f:55:f8:48:49:b7:dc:c3:53:c4:22:4b:90:dc:e6:
5a:7d:ba:c8:c5:c5:c0:3a:30:e6:33:8c:83:21:e7:6e:53:ee:
d7:8d:3b:9c:64:c0:28:fb:eb:f4:0b:b5:24:ac:47:14:df:74:
10:ed:6c:2e:a9:3e:3a:c2:b7:e5:94:9d:0e:3b:11:36:cf:13:
26:d8:c7:c5:46:88:c2:92:81:c4:40:19:08:79:9a:f1:e9:43:
4b:da:09:33:10:ad:1e:12:1d:bc:16:9c:57:f4:ba:95:db:78:
57:6f:1d:c9:4f:43:2e:25:36:c6:08:4e:0b:79:61:f5:0d:15:
a2:39:3b:d9:bb:79:14:f4:65:b3:d9:13:bc:0b:7a:a9:e9:17:
ec:d5:a2:a4:6b:42:13:4d:be:e7:89:04:3f:06:d9:95:96:e4:
82:a5:e1:06:9f:de:c8:71:67:ce:57:b4:99:ba:7a:ed:4e:b8:
a0:e0:f5:7d:70:a9:0a:ef:13:d7:6b:97:48:e4:88:52:2c:25:
3e:62:5c:b8:fe:fd:ac:1d:df:44:fe:69:f4:b6:e7:7b:f7:4a:
9b:cc:d1:46:fb:fb:ce:b1:62:e5:7c:8d:3e:55:81:5f:bd:5f:
22:1b:e8:a1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYhXqrOSQvVeHNPmelRQIt2oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMwNTI2MTA0NjI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjI4NTgxNTI5MzMxODE2NjNhYzg3MTdlMGMyMjQ1MTRlZDFmZWZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnfloXcOvFX0ZbhEPWX2NJ28sp34t
rmkhZGflbmRXgnYwtHH8HuzydVvTqjL3t9Npj5QEBkkL1wupNc9jSViiSF4DBFJC
uqZG/ccfKZjwAjLtc7J71ZHZizXlUFDTZ/epAxBte7yqFJuBv0oyPaObYJ6LdJJo
qTq4mtCdThirXOFeKjStgtYMoFOO6juzwnoIN4Zl5W8ESlsI5xpZoXJ6uw+3Iivx
uGiQqFzvmDUT3Logq0ww4e0ma/uxXGcRuAXx6PtBLFbWnSOI2Cn/vjbM7jxeesdi
4xiw4ntp/Pip7rQXeH84MG7UVWvQYVROZSl9/GbxrAtI8vmX4bb5xM1V7QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFC8oWBUpMxgWY6yHF+DCJFFO0f76MB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvTHloWUZTa3pHQlpqckljWDRNSWtVVTdSX3ZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAdBAIAAjAXAwcAKg/hwAAB
AwUDKg/kQAMFACoP5sAwDQYJKoZIhvcNAQELBQADggEBAGorp36hpeOy57jQkZUC
RW21OMdpqH9V+EhJt9zDU8QiS5Dc5lp9usjFxcA6MOYzjIMh525T7teNO5xkwCj7
6/QLtSSsRxTfdBDtbC6pPjrCt+WUnQ47ETbPEybYx8VGiMKSgcRAGQh5mvHpQ0va
CTMQrR4SHbwWnFf0upXbeFdvHclPQy4lNsYITgt5YfUNFaI5O9m7eRT0ZbPZE7wL
eqnpF+zVoqRrQhNNvueJBD8G2ZWW5IKl4Qaf3shxZ85XtJm6eu1OuKDg9X1wqQrv
E9drl0jkiFIsJT5iXLj+/awd30T+afS253v3SpvM0Ub7+86xYuV8jT5VgV+9XyIb
6KE=
-----END CERTIFICATE-----
Generated at Sun May 11 15:44:40 2025 by rpki-client