Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Q46IUO0TjnG5aFBXMTDbpwZ6j8Y.roa
File: Q46IUO0TjnG5aFBXMTDbpwZ6j8Y.roa (raw, json)
Hash identifier: wUoAk6ml0Ydx4abhHsfSCGJsmRDAP0p1MFDDj8BxMX8=
Subject key identifier: 43:8E:88:50:ED:13:8E:71:B9:68:50:57:31:30:DB:A7:06:7A:8F:C6
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01852AB9045693EADC2A15A23ED23AFE2855
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Q46IUO0TjnG5aFBXMTDbpwZ6j8Y.roa
Signing time: Mon 19 Dec 2022 14:10:46 +0000
ROA not before: Mon 19 Dec 2022 14:10:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 63023
IP address blocks: 2a0e:5800::/29 maxlen: 29
2a13:4900::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:2a:b9:04:56:93:ea:dc:2a:15:a2:3e:d2:3a:fe:28:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Dec 19 14:10:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=438e8850ed138e71b96850573130dba7067a8fc6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:3b:a2:49:27:f3:71:bb:7e:ae:7b:af:7c:99:
c9:dd:f8:6f:b6:56:f9:d2:25:54:05:a7:77:72:a4:
9b:e9:00:aa:94:8c:30:ab:7e:5c:f2:6a:68:d4:df:
c7:c8:09:26:65:f6:9b:c6:9e:08:ed:e4:2b:d2:cb:
2e:d4:c6:60:79:fb:02:f8:40:3f:5f:5c:51:72:84:
84:22:7b:f1:63:95:cd:63:31:64:4d:4b:b1:5e:b9:
f1:15:a0:b2:dc:6d:a7:9b:85:03:2d:97:9a:f4:63:
da:23:0a:8f:e7:1a:de:9b:8c:bb:c9:51:1b:b2:dc:
ae:02:bd:f6:de:b2:a4:46:45:46:26:f3:5f:45:31:
68:da:a2:7f:64:6d:cd:cb:18:a7:08:fe:33:0c:21:
58:5e:3d:81:35:b6:e9:83:19:9b:34:f7:e9:8b:0a:
23:04:a6:f4:96:6d:d9:56:11:78:af:7d:30:eb:76:
c7:a2:c8:03:81:43:b1:89:3f:23:e4:97:2d:ed:58:
bd:6c:e6:bf:1c:fa:53:b9:66:4b:c2:5e:59:eb:e2:
f0:a7:9f:87:6e:51:9f:a4:27:a6:2f:f0:c5:26:4e:
94:0b:a6:ab:ac:00:08:89:00:6c:5c:c4:a9:8b:89:
55:3d:f8:39:99:fc:8d:4e:5c:18:10:69:19:d3:ea:
12:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:8E:88:50:ED:13:8E:71:B9:68:50:57:31:30:DB:A7:06:7A:8F:C6
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Q46IUO0TjnG5aFBXMTDbpwZ6j8Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:5800::/29
2a13:4900::/29
Signature Algorithm: sha256WithRSAEncryption
54:39:78:35:a6:0e:54:62:5d:5a:0e:9d:7e:17:a9:9a:43:bd:
ea:f7:4f:30:f9:d5:ce:7c:8d:86:86:6d:ad:f2:df:22:22:d3:
e3:74:24:64:cb:8d:fc:f1:a9:96:6f:55:da:a5:a2:91:e8:a1:
a9:ab:d2:b2:fc:02:de:97:7e:68:60:6e:ac:3b:a7:06:a4:40:
3a:3a:4e:60:ed:2f:7b:10:55:88:b6:37:f7:6b:33:2a:2d:9f:
77:ff:10:22:90:ab:e7:84:8d:2e:67:26:e1:72:b4:dc:7c:c0:
bf:7c:51:1b:62:f0:17:35:ff:79:13:ac:72:95:67:1d:79:6b:
8e:2f:e9:37:18:d0:cf:62:fd:36:90:da:fa:3e:ad:d0:f7:99:
4e:d1:e1:a7:94:cf:e4:c5:e9:07:1a:a0:d5:6f:ea:a1:63:8f:
c4:57:7d:21:ae:c1:ba:4c:bf:6b:27:74:fc:fa:48:b4:ea:d3:
fa:d6:e6:9e:5d:e2:8f:26:bc:59:0e:03:e8:52:22:9d:83:05:
b0:ce:14:4b:13:5b:ed:36:c3:6d:f7:01:87:b2:8a:48:23:bf:
c8:98:e1:42:a5:c7:92:66:6e:9e:71:d4:c1:4b:f7:80:23:45:
0c:74:56:9c:ba:3d:27:e8:f8:fd:e1:67:81:a5:78:20:91:dc:
b2:c9:22:a3
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYUquQRWk+rcKhWiPtI6/ihVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjIxMjE5MTQxMDQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzhlODg1MGVkMTM4ZTcxYjk2ODUwNTczMTMwZGJhNzA2N2E4ZmM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyDuiSSfzcbt+rnuvfJnJ3fhvtlb5
0iVUBad3cqSb6QCqlIwwq35c8mpo1N/HyAkmZfabxp4I7eQr0ssu1MZgefsC+EA/
X1xRcoSEInvxY5XNYzFkTUuxXrnxFaCy3G2nm4UDLZea9GPaIwqP5xrem4y7yVEb
styuAr323rKkRkVGJvNfRTFo2qJ/ZG3NyxinCP4zDCFYXj2BNbbpgxmbNPfpiwoj
BKb0lm3ZVhF4r30w63bHosgDgUOxiT8j5Jct7Vi9bOa/HPpTuWZLwl5Z6+Lwp5+H
blGfpCemL/DFJk6UC6arrAAIiQBsXMSpi4lVPfg5mfyNTlwYEGkZ0+oSAwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFEOOiFDtE45xuWhQVzEw26cGeo/GMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvUTQ2SVVPMFRqbkc1YUZCWE1URGJwd1o2ajhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKg5YAAMF
AyoTSQAwDQYJKoZIhvcNAQELBQADggEBAFQ5eDWmDlRiXVoOnX4XqZpDver3TzD5
1c58jYaGba3y3yIi0+N0JGTLjfzxqZZvVdqlopHooamr0rL8At6Xfmhgbqw7pwak
QDo6TmDtL3sQVYi2N/drMyotn3f/ECKQq+eEjS5nJuFytNx8wL98URti8Bc1/3kT
rHKVZx15a44v6TcY0M9i/TaQ2vo+rdD3mU7R4aeUz+TF6QcaoNVv6qFjj8RXfSGu
wbpMv2sndPz6SLTq0/rW5p5d4o8mvFkOA+hSIp2DBbDOFEsTW+02w233AYeyikgj
v8iY4UKlx5Jmbp5x1MFL94AjRQx0Vpy6PSfo+P3hZ4GleCCR3LLJIqM=
-----END CERTIFICATE-----
Generated at Sun May 11 01:19:22 2025 by rpki-client