Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/S9xLlG7_2Z2BgpuDaMOTHp-Bsek.roa
File: S9xLlG7_2Z2BgpuDaMOTHp-Bsek.roa (raw, json)
Hash identifier: 2lTX2jfJ38zsV+jlPu0XXAQBqAv7PIF2R2Dyrit0iK4=
Subject key identifier: 4B:DC:4B:94:6E:FF:D9:9D:81:82:9B:83:68:C3:93:1E:9F:81:B1:E9
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01876A4AD6F5C63F825A2FED1FAD977C241E
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/S9xLlG7_2Z2BgpuDaMOTHp-Bsek.roa
Signing time: Mon 10 Apr 2023 08:31:42 +0000
ROA not before: Mon 10 Apr 2023 08:31:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24940
IP address blocks: 2a0f:7f03::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:6a:4a:d6:f5:c6:3f:82:5a:2f:ed:1f:ad:97:7c:24:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Apr 10 08:31:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4bdc4b946effd99d81829b8368c3931e9f81b1e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:28:f2:e3:75:f9:35:69:d5:2e:54:6a:4a:8c:
62:08:0d:12:90:37:a2:57:ad:4d:c5:2b:43:e6:21:
78:2a:a9:4f:3a:fd:5b:ea:d0:0b:86:41:9b:d9:9a:
09:88:41:db:64:17:16:f6:c2:1a:51:2f:36:02:a0:
d3:99:9c:d8:66:e7:8d:e9:de:40:f5:70:45:0c:0f:
2e:0e:1b:02:05:24:df:79:1d:9d:4e:69:cf:6e:e9:
a1:4e:c0:f0:01:57:d0:61:ca:94:65:fb:38:4b:3a:
21:ee:dd:b1:41:e0:10:3d:37:84:b4:ff:0f:93:d5:
bc:d3:49:d3:cf:c1:6a:b7:fc:4e:53:07:c3:02:ea:
b2:5b:56:d3:8d:74:66:22:de:a1:14:e9:3e:9a:fe:
49:92:85:f2:28:0d:42:72:47:57:97:6f:b1:5e:56:
41:17:4e:b8:10:4a:96:ba:19:c5:a3:0b:a2:90:4a:
a6:16:ad:37:96:3f:f3:fd:9b:4b:81:47:ea:d9:85:
61:33:b9:84:1e:0a:12:41:6a:39:6e:33:5e:f0:7a:
ff:8d:3a:d8:9e:11:0d:81:cf:d3:1a:7d:89:48:42:
a8:37:bb:81:79:a1:08:27:b4:68:ae:2e:01:af:52:
f1:7a:fa:f7:9b:a8:a4:1d:00:39:3c:63:29:73:56:
30:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:DC:4B:94:6E:FF:D9:9D:81:82:9B:83:68:C3:93:1E:9F:81:B1:E9
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/S9xLlG7_2Z2BgpuDaMOTHp-Bsek.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:7f03::/32
Signature Algorithm: sha256WithRSAEncryption
01:28:f3:1c:2d:d8:11:36:4e:5f:5a:87:f3:ab:6e:3f:0a:01:
9e:4b:75:a9:bb:95:27:40:9e:9b:64:f9:c8:ed:61:7d:9e:8f:
a5:f5:ca:90:66:d1:64:40:61:b5:f5:40:05:27:c2:9b:b8:46:
c2:37:6c:03:c4:a7:d6:33:1f:4e:4c:42:fb:dc:c2:c6:56:1e:
53:63:3e:c2:f2:8c:12:a8:07:a2:7c:ce:fd:05:38:28:9a:5d:
cd:ac:a8:d2:90:30:26:b9:81:83:84:af:31:d3:0f:21:e1:34:
b7:29:ca:6b:cd:58:90:c8:f0:7d:2d:26:89:a4:16:f3:8d:c0:
57:f1:43:06:be:46:27:0d:af:ae:97:0d:f5:5a:59:6c:5c:ac:
33:67:f2:c9:f7:b0:d3:92:07:0b:2d:ed:28:eb:f7:ad:6e:6d:
dd:ae:cf:f3:46:6a:c3:07:4d:cb:6a:0d:96:e4:6d:58:8c:49:
a2:2d:4b:f7:c2:ec:f2:0a:15:06:e8:aa:70:fb:99:fa:d3:82:
b9:78:bd:21:25:d5:d3:dc:1d:ae:33:12:8e:7a:52:dd:3c:22:
f1:b2:45:12:62:c8:db:59:92:f7:c0:ea:49:b5:75:a8:c6:38:
d5:d9:8b:f9:d1:d0:0f:0a:34:c8:e1:a8:68:6c:8f:1e:90:07:
8d:7b:dc:e2
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYdqStb1xj+CWi/tH62XfCQeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMwNDEwMDgzMTQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmRjNGI5NDZlZmZkOTlkODE4MjliODM2OGMzOTMxZTlmODFiMWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiijy43X5NWnVLlRqSoxiCA0SkDei
V61NxStD5iF4KqlPOv1b6tALhkGb2ZoJiEHbZBcW9sIaUS82AqDTmZzYZueN6d5A
9XBFDA8uDhsCBSTfeR2dTmnPbumhTsDwAVfQYcqUZfs4Szoh7t2xQeAQPTeEtP8P
k9W800nTz8Fqt/xOUwfDAuqyW1bTjXRmIt6hFOk+mv5JkoXyKA1CckdXl2+xXlZB
F064EEqWuhnFowuikEqmFq03lj/z/ZtLgUfq2YVhM7mEHgoSQWo5bjNe8Hr/jTrY
nhENgc/TGn2JSEKoN7uBeaEIJ7Rori4Br1Lxevr3m6ikHQA5PGMpc1Yw9wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFEvcS5Ru/9mdgYKbg2jDkx6fgbHpMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvUzl4TGxHN18yWjJCZ3B1RGFNT1RIcC1Cc2VrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKg9/AzAN
BgkqhkiG9w0BAQsFAAOCAQEAASjzHC3YETZOX1qH86tuPwoBnkt1qbuVJ0Cem2T5
yO1hfZ6PpfXKkGbRZEBhtfVABSfCm7hGwjdsA8Sn1jMfTkxC+9zCxlYeU2M+wvKM
EqgHonzO/QU4KJpdzayo0pAwJrmBg4SvMdMPIeE0tynKa81YkMjwfS0miaQW843A
V/FDBr5GJw2vrpcN9VpZbFysM2fyyfew05IHCy3tKOv3rW5t3a7P80ZqwwdNy2oN
luRtWIxJoi1L98Ls8goVBuiqcPuZ+tOCuXi9ISXV09wdrjMSjnpS3Twi8bJFEmLI
21mS98DqSbV1qMY41dmL+dHQDwo0yOGoaGyPHpAHjXvc4g==
-----END CERTIFICATE-----
Generated at Thu May 8 05:40:37 2025 by rpki-client