Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/O7X7yL6RIo1bPOIm5mVejwvKnCg.roa
File: O7X7yL6RIo1bPOIm5mVejwvKnCg.roa (raw, json)
Hash identifier: JTQf+8ZDCLL1p47cbwbJhZ8vk55depCubpFv5CNW0Ac=
Subject key identifier: 3B:B5:FB:C8:BE:91:22:8D:5B:3C:E2:26:E6:65:5E:8F:0B:CA:9C:28
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018C10B5C8E46B1D719D2FB3C5B23A692F58
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/O7X7yL6RIo1bPOIm5mVejwvKnCg.roa
Signing time: Mon 27 Nov 2023 12:16:38 +0000
ROA not before: Mon 27 Nov 2023 12:16:38 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24940
IP address blocks: 2a0e:15c0:2::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:10:b5:c8:e4:6b:1d:71:9d:2f:b3:c5:b2:3a:69:2f:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Nov 27 12:16:38 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3bb5fbc8be91228d5b3ce226e6655e8f0bca9c28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:36:31:f2:bb:a0:5d:e3:3e:f0:d1:70:34:b3:
6b:c4:1f:fa:01:0c:cc:80:d1:d9:43:05:f0:04:2e:
a4:46:ea:cb:62:71:10:52:4e:bf:7a:ba:29:f2:83:
3d:0e:93:48:b1:f3:09:7b:98:10:7f:3c:d0:47:f6:
cb:53:02:d9:43:2b:fa:0a:18:d1:a4:6c:f7:39:8f:
a3:6d:46:55:3e:a1:79:45:16:c3:6a:30:50:68:ed:
63:38:be:fc:7c:32:b0:ec:fb:62:05:ca:14:46:3b:
7d:ae:68:52:7b:30:bb:4f:f8:19:70:b3:c4:3b:ac:
fc:85:1d:20:6c:03:f2:e5:0f:c8:f4:fc:dc:0e:18:
4c:12:b3:fa:d2:20:a9:cf:77:19:d3:33:fb:c9:62:
96:08:22:44:18:d8:87:54:47:b0:8f:7f:a6:4a:95:
3d:45:6f:b4:a0:ee:cb:55:fe:81:eb:55:b6:a3:62:
8a:30:7c:5c:85:72:f1:5b:9f:7c:2b:64:6a:d9:54:
41:19:0e:7f:57:55:e8:50:9d:0b:b4:d1:9e:f6:ac:
d3:1a:0b:8d:35:2c:01:4c:41:0d:bb:20:9d:30:6b:
9e:3f:69:e4:1c:6a:42:81:fb:5d:0b:5a:96:ae:a1:
3b:2f:93:b3:b5:91:17:34:e6:d8:25:86:27:b5:66:
de:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:B5:FB:C8:BE:91:22:8D:5B:3C:E2:26:E6:65:5E:8F:0B:CA:9C:28
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/O7X7yL6RIo1bPOIm5mVejwvKnCg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:15c0:2::/48
Signature Algorithm: sha256WithRSAEncryption
7c:da:ad:45:b8:44:8d:c6:53:ac:6f:aa:c7:a5:ea:39:46:43:
35:28:4b:c4:18:f4:56:77:09:72:ce:95:79:51:b6:fa:0c:20:
51:7c:db:66:0e:8c:7c:f2:be:65:51:0e:08:30:b5:1c:ec:e8:
47:cf:c7:ba:cc:7b:32:01:f4:08:5a:1f:04:fb:2a:db:16:25:
0a:e3:81:a9:38:1e:22:80:fd:e8:c8:f0:7f:e2:2c:4f:4a:e7:
2b:55:68:bd:f5:a4:af:8d:e4:6c:be:7e:40:82:3b:2a:28:28:
3a:55:41:99:2c:2f:a0:88:fd:65:0a:5f:2b:1e:ba:da:6c:14:
af:e4:08:4a:9d:43:44:e8:08:8b:c5:36:af:79:3c:70:85:9e:
56:02:33:b1:e8:a1:73:3d:6d:74:70:05:b6:86:7e:7e:c4:24:
ba:f2:27:96:43:29:86:9e:fe:12:e6:74:1d:25:c9:d2:7a:d4:
07:c0:b0:d5:f5:a0:f6:ad:f7:69:45:c2:ca:40:a2:e7:c7:5b:
8b:7d:9e:7b:a1:31:b3:c3:65:1a:b0:fc:7e:b2:6d:a6:c7:3f:
33:02:5e:99:33:e4:9e:95:4d:0b:d0:f9:0c:da:4e:02:c1:74:
51:d0:10:2e:b8:e1:6f:a1:95:a4:fa:08:a0:7f:0c:40:eb:17:
61:f6:38:e0
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYwQtcjkax1xnS+zxbI6aS9YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMxMTI3MTIxNjM4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmI1ZmJjOGJlOTEyMjhkNWIzY2UyMjZlNjY1NWU4ZjBiY2E5YzI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgzYx8rugXeM+8NFwNLNrxB/6AQzM
gNHZQwXwBC6kRurLYnEQUk6/erop8oM9DpNIsfMJe5gQfzzQR/bLUwLZQyv6ChjR
pGz3OY+jbUZVPqF5RRbDajBQaO1jOL78fDKw7PtiBcoURjt9rmhSezC7T/gZcLPE
O6z8hR0gbAPy5Q/I9PzcDhhMErP60iCpz3cZ0zP7yWKWCCJEGNiHVEewj3+mSpU9
RW+0oO7LVf6B61W2o2KKMHxchXLxW598K2Rq2VRBGQ5/V1XoUJ0LtNGe9qzTGguN
NSwBTEENuyCdMGueP2nkHGpCgftdC1qWrqE7L5OztZEXNObYJYYntWbe3wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDu1+8i+kSKNWzziJuZlXo8LypwoMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvTzdYN3lMNlJJbzFiUE9JbTVtVmVqd3ZLbkNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg4VwAAC
MA0GCSqGSIb3DQEBCwUAA4IBAQB82q1FuESNxlOsb6rHpeo5RkM1KEvEGPRWdwly
zpV5Ubb6DCBRfNtmDox88r5lUQ4IMLUc7OhHz8e6zHsyAfQIWh8E+yrbFiUK44Gp
OB4igP3oyPB/4ixPSucrVWi99aSvjeRsvn5AgjsqKCg6VUGZLC+giP1lCl8rHrra
bBSv5AhKnUNE6AiLxTaveTxwhZ5WAjOx6KFzPW10cAW2hn5+xCS68ieWQymGnv4S
5nQdJcnSetQHwLDV9aD2rfdpRcLKQKLnx1uLfZ57oTGzw2UasPx+sm2mxz8zAl6Z
M+SelU0L0PkM2k4CwXRR0BAuuOFvoZWk+gigfwxA6xdh9jjg
-----END CERTIFICATE-----
Generated at Thu May 8 05:04:54 2025 by rpki-client