Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/aTCruJ9e2UR7zYCKnSbxYrpVWNE.roa
File: aTCruJ9e2UR7zYCKnSbxYrpVWNE.roa (raw, json)
Hash identifier: o+67YAjA1x6TDkyjmnEo/n/PFsRaSQWswO8ivZ7psUs=
Subject key identifier: 69:30:AB:B8:9F:5E:D9:44:7B:CD:80:8A:9D:26:F1:62:BA:55:58:D1
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018AAD6EBD0B39B63BC90657739890FAC1BF
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/aTCruJ9e2UR7zYCKnSbxYrpVWNE.roa
Signing time: Tue 19 Sep 2023 12:33:50 +0000
ROA not before: Tue 19 Sep 2023 12:33:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57043
IP address blocks: 2a11:3500::/29 maxlen: 29
2a0e:5800::/29 maxlen: 29
2a0f:2500::/29 maxlen: 29
2a0f:dfc0::/29 maxlen: 29
2a0d:1140::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ad:6e:bd:0b:39:b6:3b:c9:06:57:73:98:90:fa:c1:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Sep 19 12:33:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6930abb89f5ed9447bcd808a9d26f162ba5558d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:ee:1f:d0:b1:dd:cd:46:f1:c8:21:ce:5f:19:
2a:3d:91:7c:14:8f:2b:20:a4:96:8c:65:47:2a:dd:
1b:48:38:61:8e:54:07:5f:4a:fe:cc:d5:a3:e5:bf:
10:b4:b7:45:44:9b:13:22:6a:45:81:88:b1:ce:9c:
13:bf:c0:9e:27:bf:da:36:8e:4b:e5:89:d1:27:82:
8e:03:ac:ec:c1:53:0f:db:4c:aa:6b:9e:c3:60:8e:
46:90:44:d6:46:0e:bc:a2:71:75:1e:cb:27:a1:3f:
29:59:be:b5:2b:ee:c6:e0:93:63:5d:52:17:10:97:
b3:01:a4:ce:51:3c:e7:b0:69:da:29:bb:ce:af:57:
bd:e4:b5:11:76:26:a6:88:1e:71:46:95:aa:4a:ed:
11:c7:1d:2f:3c:a1:29:28:27:3f:9f:4f:36:99:b5:
b9:b7:c4:a4:f2:be:a9:44:89:34:de:80:96:88:67:
6f:f4:63:98:43:98:67:b4:96:d2:78:31:59:d8:81:
03:7f:82:d1:8d:eb:12:36:27:be:be:f8:21:ea:70:
2d:4e:5d:f4:06:ef:5c:10:27:48:97:f9:6e:14:e7:
2e:36:27:da:24:bc:65:fd:b0:bc:f2:c2:bf:04:c9:
2e:d3:d4:e1:ee:6d:2a:a3:5b:4f:6a:6e:7d:53:72:
93:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:30:AB:B8:9F:5E:D9:44:7B:CD:80:8A:9D:26:F1:62:BA:55:58:D1
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/aTCruJ9e2UR7zYCKnSbxYrpVWNE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:1140::/29
2a0e:5800::/29
2a0f:2500::/29
2a0f:dfc0::/29
2a11:3500::/29
Signature Algorithm: sha256WithRSAEncryption
5a:57:85:2a:51:c7:17:de:bf:09:31:39:16:06:16:8b:0e:b6:
75:08:02:1e:f7:73:6e:d2:ec:bc:f1:14:7b:c1:b1:7f:96:68:
77:85:9d:89:57:48:61:f4:ef:b0:12:5c:1c:96:9b:04:55:3f:
8a:77:d1:c5:d8:e0:93:6c:c3:38:99:ac:80:6a:39:4a:76:00:
e2:83:53:c4:ad:e2:a4:d1:65:a3:e9:b9:43:10:eb:79:a1:9e:
9b:ad:94:98:eb:00:13:fc:32:11:63:42:bf:ee:e8:c4:ad:ec:
f0:84:2b:fa:7e:2d:ad:20:3f:55:f7:c5:2b:8d:04:c0:bf:1d:
17:02:9a:18:57:b5:4b:1d:41:67:4e:bb:ee:63:0f:24:27:94:
60:94:84:ce:93:87:20:e5:c8:64:29:a0:46:35:8b:12:ea:13:
ec:9e:76:e2:b5:89:13:9c:da:41:54:89:ce:be:84:7e:0b:d6:
1d:a6:62:db:45:a4:f7:fb:3d:95:fd:8c:72:41:43:27:34:8c:
ee:f1:75:90:68:14:e3:6c:e9:89:a9:8c:be:bd:b8:d7:7c:61:
1a:55:d4:c8:0c:40:2f:32:1f:7a:b9:0a:d7:9c:7a:fc:8f:53:
b5:ed:e0:d6:29:8d:a5:ec:35:d7:85:91:70:15:21:26:1f:44:
39:b8:28:85
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYqtbr0LObY7yQZXc5iQ+sG/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMwOTE5MTIzMzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTMwYWJiODlmNWVkOTQ0N2JjZDgwOGE5ZDI2ZjE2MmJhNTU1OGQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1u4f0LHdzUbxyCHOXxkqPZF8FI8r
IKSWjGVHKt0bSDhhjlQHX0r+zNWj5b8QtLdFRJsTImpFgYixzpwTv8CeJ7/aNo5L
5YnRJ4KOA6zswVMP20yqa57DYI5GkETWRg68onF1HssnoT8pWb61K+7G4JNjXVIX
EJezAaTOUTznsGnaKbvOr1e95LURdiamiB5xRpWqSu0Rxx0vPKEpKCc/n082mbW5
t8Sk8r6pRIk03oCWiGdv9GOYQ5hntJbSeDFZ2IEDf4LRjesSNie+vvgh6nAtTl30
Bu9cECdIl/luFOcuNifaJLxl/bC88sK/BMku09Th7m0qo1tPam59U3KTNQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFGkwq7ifXtlEe82Aip0m8WK6VVjRMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvYVRDcnVKOWUyVVI3ellDS25TYnhZcnBWV05FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzApBAIAAjAjAwUDKg0RQAMF
AyoOWAADBQMqDyUAAwUDKg/fwAMFAyoRNQAwDQYJKoZIhvcNAQELBQADggEBAFpX
hSpRxxfevwkxORYGFosOtnUIAh73c27S7LzxFHvBsX+WaHeFnYlXSGH077ASXByW
mwRVP4p30cXY4JNswziZrIBqOUp2AOKDU8St4qTRZaPpuUMQ63mhnputlJjrABP8
MhFjQr/u6MSt7PCEK/p+La0gP1X3xSuNBMC/HRcCmhhXtUsdQWdOu+5jDyQnlGCU
hM6ThyDlyGQpoEY1ixLqE+yeduK1iROc2kFUic6+hH4L1h2mYttFpPf7PZX9jHJB
Qyc0jO7xdZBoFONs6YmpjL69uNd8YRpV1MgMQC8yH3q5CtecevyPU7Xt4NYpjaXs
NdeFkXAVISYfRDm4KIU=
-----END CERTIFICATE-----
Generated at Sun May 11 22:38:45 2025 by rpki-client