Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/XnJoeFNYWhTXqgnhoXtrhboQKPA.roa
File: XnJoeFNYWhTXqgnhoXtrhboQKPA.roa (raw, json)
Hash identifier: j21o0uPczfTSy6yKvtJheGYs07g1YpOLYU1MsOTgPWU=
Subject key identifier: 5E:72:68:78:53:58:5A:14:D7:AA:09:E1:A1:7B:6B:85:BA:10:28:F0
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01BF14FB
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/XnJoeFNYWhTXqgnhoXtrhboQKPA.roa
Signing time: Sat 05 Feb 2022 11:59:18 +0000
ROA not before: Sat 05 Feb 2022 11:59:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62240
IP address blocks: 2a0f:e6c2::/32 maxlen: 32
2a0f:2100:171::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 29299963 (0x1bf14fb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Feb 5 11:59:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5e72687853585a14d7aa09e1a17b6b85ba1028f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:ee:d5:1a:33:41:66:b4:3e:14:e9:15:da:1b:
f8:6a:ec:dd:bf:2b:2e:3d:86:87:18:5a:0e:30:4e:
39:a0:02:4d:5f:32:36:19:5d:a3:dc:57:38:92:de:
4c:93:7f:6c:9c:54:6b:ad:e2:67:71:bf:8d:47:44:
bd:d2:c6:f4:10:bc:e3:4f:a0:b4:a2:b2:ed:e2:1f:
8e:aa:f3:bc:05:05:79:fd:3f:cc:08:91:2a:ab:ba:
dd:06:e8:e4:9e:bb:a7:e7:a4:e3:92:70:a0:47:39:
dd:35:10:76:3b:69:5b:5b:2b:86:5e:41:73:fb:10:
4f:76:4e:67:23:51:8c:42:ff:f3:d8:2f:26:51:54:
7a:26:11:00:2e:31:1d:84:e6:59:81:72:65:54:69:
98:8c:56:84:26:23:32:f3:82:a5:15:c4:c0:03:14:
5d:83:da:14:98:2a:b8:34:cc:52:fd:55:45:17:1c:
37:f1:7d:a1:0e:68:35:a8:3d:85:8b:41:14:4f:9f:
30:3e:29:a2:85:64:36:3b:c9:3f:8f:a6:4a:e5:3b:
8f:62:82:6f:f6:08:98:8c:eb:1b:ad:d8:ff:b8:f4:
8e:89:8c:98:b7:66:f6:4e:03:02:ef:11:2c:04:7c:
72:8d:49:1b:2e:bb:1c:df:b8:60:f8:cf:66:c2:79:
c6:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:72:68:78:53:58:5A:14:D7:AA:09:E1:A1:7B:6B:85:BA:10:28:F0
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/XnJoeFNYWhTXqgnhoXtrhboQKPA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:2100:171::/48
2a0f:e6c2::/32
Signature Algorithm: sha256WithRSAEncryption
55:ec:13:b7:7b:23:1d:18:09:5c:92:41:b1:2f:f3:ea:f3:b5:
10:94:84:61:29:f4:aa:76:d0:52:c0:d3:41:b9:70:c8:1a:fd:
82:2a:4b:4f:a8:38:03:49:d0:d3:77:d1:36:44:e1:03:5e:a8:
d7:4e:da:f9:cc:80:82:13:49:e9:6b:66:b2:ad:35:f9:83:2b:
6b:c0:21:2f:26:58:0f:38:bd:83:5d:e2:86:10:be:3a:73:bf:
63:3b:66:9a:0c:2f:de:ac:70:0c:ec:7e:88:c9:24:a8:9f:04:
2c:06:38:b5:92:9d:2f:4e:63:35:0e:c0:19:a0:5c:0c:63:18:
25:cb:a5:bf:36:14:15:94:ee:2c:a1:e9:83:3e:97:1e:b4:88:
26:15:ee:76:64:33:73:21:06:38:4d:4d:29:81:22:e6:0c:4f:
58:52:8c:07:68:87:a6:3d:e4:04:aa:36:8e:41:78:d2:66:36:
e0:17:8d:c7:28:bf:29:73:ec:71:72:b4:fc:44:9a:1f:cc:75:
a6:c1:e3:36:a5:be:4c:21:bb:c2:40:61:11:42:97:7f:40:8b:
ab:73:e2:c5:cf:46:d3:5a:04:88:84:f5:cd:79:d4:ef:10:fd:
6a:98:1f:73:87:82:e4:d8:79:61:f2:b0:42:e4:b0:1d:cc:e5:
96:4a:74:a0
-----BEGIN CERTIFICATE-----
MIIE+TCCA+GgAwIBAgIEAb8U+zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
ZDU1OWFhZmJmYzA5MzEyNDJlMWQ2MzcyOThjZjFkZDIyM2U0YzI2MB4XDTIyMDIw
NTExNTkxOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWU3MjY4Nzg1MzU4
NWExNGQ3YWEwOWUxYTE3YjZiODViYTEwMjhmMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJXu1RozQWa0PhTpFdob+Grs3b8rLj2GhxhaDjBOOaACTV8y
Nhldo9xXOJLeTJN/bJxUa63iZ3G/jUdEvdLG9BC840+gtKKy7eIfjqrzvAUFef0/
zAiRKqu63Qbo5J67p+ek45JwoEc53TUQdjtpW1srhl5Bc/sQT3ZOZyNRjEL/89gv
JlFUeiYRAC4xHYTmWYFyZVRpmIxWhCYjMvOCpRXEwAMUXYPaFJgquDTMUv1VRRcc
N/F9oQ5oNag9hYtBFE+fMD4pooVkNjvJP4+mSuU7j2KCb/YImIzrG63Y/7j0jomM
mLdm9k4DAu8RLAR8co1JGy67HN+4YPjPZsJ5xs8CAwEAAaOCAhMwggIPMB0GA1Ud
DgQWBBRecmh4U1haFNeqCeGhe2uFuhAo8DAfBgNVHSMEGDAWgBR9VZqvv8CTEkLh
1jcpjPHdIj5MJjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2ZWV2FyN19Ba3hKQzRkWTNLWXp4M1NJLVRDWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzAvNDlhZGM2LWJhODktNDAzZi1hZGE5LThjNTAwN2MyYTRiNi8x
L1huSm9lRk5ZV2hUWHFnbmhvWHRyaGJvUUtQQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzAv
NDlhZGM2LWJhODktNDAzZi1hZGE5LThjNTAwN2MyYTRiNi8xL2ZWV2FyN19Ba3hK
QzRkWTNLWXp4M1NJLVRDWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAp
BggrBgEFBQcBBwEB/wQaMBgwFgQCAAIwEAMHACoPIQABcQMFACoP5sIwDQYJKoZI
hvcNAQELBQADggEBAFXsE7d7Ix0YCVySQbEv8+rztRCUhGEp9Kp20FLA00G5cMga
/YIqS0+oOANJ0NN30TZE4QNeqNdO2vnMgIITSelrZrKtNfmDK2vAIS8mWA84vYNd
4oYQvjpzv2M7ZpoML96scAzsfojJJKifBCwGOLWSnS9OYzUOwBmgXAxjGCXLpb82
FBWU7iyh6YM+lx60iCYV7nZkM3MhBjhNTSmBIuYMT1hSjAdoh6Y95ASqNo5BeNJm
NuAXjccovylz7HFytPxEmh/MdabB4zalvkwhu8JAYRFCl39Ai6tz4sXPRtNaBIiE
9c151O8Q/WqYH3OHguTYeWHysELksB3M5ZZKdKA=
-----END CERTIFICATE-----
Generated at Sun May 11 22:16:02 2025 by rpki-client