Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/ZDKLhDH41UTDAZnB9nnLlVF-XP4.roa
File: ZDKLhDH41UTDAZnB9nnLlVF-XP4.roa (raw, json)
Hash identifier: 6/EQuJmU118VkLhsx0YWJ7VtpfbKRlL3De1IeWKC9C8=
Subject key identifier: 64:32:8B:84:31:F8:D5:44:C3:01:99:C1:F6:79:CB:95:51:7E:5C:FE
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01854DAA8FFE5A1047388EE5D347957A5F7F
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/ZDKLhDH41UTDAZnB9nnLlVF-XP4.roa
Signing time: Mon 26 Dec 2022 09:01:41 +0000
ROA not before: Mon 26 Dec 2022 09:01:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20473
IP address blocks: 2a0f:7d00:1::/48 maxlen: 48
2a0e:15c1::/32 maxlen: 32
2a12:d6c1::/32 maxlen: 32
2a12:d6c0::/29 maxlen: 29
2a0a:2d00:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:4d:aa:8f:fe:5a:10:47:38:8e:e5:d3:47:95:7a:5f:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Dec 26 09:01:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=64328b8431f8d544c30199c1f679cb95517e5cfe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:d4:0a:1c:f0:31:52:e3:2f:6a:67:ef:78:cb:
31:61:a9:09:e5:5f:3d:47:03:cb:fa:39:b5:1f:9b:
13:9a:3d:bd:f1:e3:cd:31:b1:7b:ea:32:17:14:fb:
11:da:f7:e2:84:fc:c1:25:05:f9:81:86:41:93:e0:
f9:f6:6b:67:41:e5:c7:3c:61:dc:a2:fc:d5:b6:6b:
e6:a4:77:77:f8:a3:09:d7:e6:3b:52:f5:d3:06:e9:
4c:85:cb:17:d2:7d:77:7c:7d:0d:88:04:35:67:92:
ef:3a:80:bd:25:e3:ce:c1:5d:c9:9d:5d:28:bd:d3:
71:40:4d:07:f5:b5:99:72:86:9e:32:45:fc:5e:26:
c9:ef:dd:cd:73:da:6a:15:ea:99:7a:35:e9:72:c0:
b9:c1:b7:87:f5:00:d3:38:81:ff:18:84:55:3c:3d:
7e:53:44:44:55:8c:6e:5b:2f:e2:7a:48:0e:03:47:
6b:10:e5:42:42:66:e0:be:ca:cc:de:c0:29:0e:e6:
0e:b9:7a:e0:6c:5d:24:09:3c:78:51:dd:9a:88:a3:
b3:a5:be:95:e1:5c:f2:99:e0:7c:75:51:fc:17:cb:
86:a6:46:b6:d1:95:92:15:6d:d5:a1:69:ff:40:3b:
b4:60:bc:7d:23:5e:cf:8e:e2:20:fb:cd:09:d9:c1:
7d:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:32:8B:84:31:F8:D5:44:C3:01:99:C1:F6:79:CB:95:51:7E:5C:FE
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/ZDKLhDH41UTDAZnB9nnLlVF-XP4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:2d00:1::/48
2a0e:15c1::/32
2a0f:7d00:1::/48
2a12:d6c0::/29
Signature Algorithm: sha256WithRSAEncryption
6d:4b:c5:57:e9:3e:c5:13:91:a1:d3:fb:e2:31:43:46:74:f5:
93:d8:04:2d:93:ac:5e:27:e5:20:06:97:04:5c:d6:88:0f:4e:
18:04:0f:62:ff:df:39:e8:d8:81:09:e3:88:ca:5c:dd:58:56:
b6:de:fb:60:32:e8:31:d7:43:03:48:30:f8:84:f2:3f:a4:c5:
a1:ca:7b:39:fc:fe:4b:62:0e:cb:1c:5a:84:55:5b:ca:90:f2:
77:54:d7:77:4d:8e:c4:22:6a:c1:46:df:94:db:77:07:6c:50:
ee:ec:ad:e9:ef:ba:9a:1f:8d:0f:9c:95:44:d1:1e:ef:1d:3d:
98:a2:27:f4:0d:06:3c:bd:04:cf:19:02:2d:89:25:6a:d0:c3:
42:30:54:6c:68:ff:27:c1:70:25:0a:59:80:11:85:1c:44:61:
c5:3a:ff:be:e1:fc:a8:f7:fe:87:d7:c1:9b:0f:b3:72:ba:0b:
2a:cd:2c:ed:11:8a:1f:ff:7d:f4:d2:0d:df:cb:fc:79:fd:bc:
25:90:84:73:f2:b4:10:15:41:35:5d:0e:ba:47:3d:ca:fc:07:
01:4f:b3:b7:70:bc:9e:84:cd:14:6b:82:6c:58:47:6c:1c:56:
73:50:6f:96:4c:05:dc:d6:c2:0c:ce:1c:05:42:ce:6d:ff:1c:
ff:ba:09:c2
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYVNqo/+WhBHOI7l00eVel9/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjIxMjI2MDkwMTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDMyOGI4NDMxZjhkNTQ0YzMwMTk5YzFmNjc5Y2I5NTUxN2U1Y2ZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAktQKHPAxUuMvamfveMsxYakJ5V89
RwPL+jm1H5sTmj298ePNMbF76jIXFPsR2vfihPzBJQX5gYZBk+D59mtnQeXHPGHc
ovzVtmvmpHd3+KMJ1+Y7UvXTBulMhcsX0n13fH0NiAQ1Z5LvOoC9JePOwV3JnV0o
vdNxQE0H9bWZcoaeMkX8XibJ793Nc9pqFeqZejXpcsC5wbeH9QDTOIH/GIRVPD1+
U0REVYxuWy/iekgOA0drEOVCQmbgvsrM3sApDuYOuXrgbF0kCTx4Ud2aiKOzpb6V
4VzymeB8dVH8F8uGpka20ZWSFW3VoWn/QDu0YLx9I17PjuIg+80J2cF9aQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFGQyi4Qx+NVEwwGZwfZ5y5VRflz+MB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvWkRLTGhESDQxVVREQVpuQjlubkxsVkYtWFA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAAjAgAwcAKgotAAAB
AwUAKg4VwQMHACoPfQAAAQMFAyoS1sAwDQYJKoZIhvcNAQELBQADggEBAG1LxVfp
PsUTkaHT++IxQ0Z09ZPYBC2TrF4n5SAGlwRc1ogPThgED2L/3zno2IEJ44jKXN1Y
Vrbe+2Ay6DHXQwNIMPiE8j+kxaHKezn8/ktiDsscWoRVW8qQ8ndU13dNjsQiasFG
35TbdwdsUO7srenvupofjQ+clUTRHu8dPZiiJ/QNBjy9BM8ZAi2JJWrQw0IwVGxo
/yfBcCUKWYARhRxEYcU6/77h/Kj3/ofXwZsPs3K6CyrNLO0Rih//ffTSDd/L/Hn9
vCWQhHPytBAVQTVdDrpHPcr8BwFPs7dwvJ6EzRRrgmxYR2wcVnNQb5ZMBdzWwgzO
HAVCzm3/HP+6CcI=
-----END CERTIFICATE-----
Generated at Thu May 8 10:35:47 2025 by rpki-client