Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/icjoH5ueY2nxVoAQkDKF9kqepLY.roa
File: icjoH5ueY2nxVoAQkDKF9kqepLY.roa (raw, json)
Hash identifier: QAJG+CkEbd1xT75qah+SYPPzk/ko0r29rWQ2kcJKk2Y=
Subject key identifier: 89:C8:E8:1F:9B:9E:63:69:F1:56:80:10:90:32:85:F6:4A:9E:A4:B6
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018C9082766CDAC7ED543B897CD4FB98916B
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/icjoH5ueY2nxVoAQkDKF9kqepLY.roa
Signing time: Fri 22 Dec 2023 07:51:58 +0000
ROA not before: Fri 22 Dec 2023 07:51:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197992
IP address blocks: 2a0e:9b00::/29 maxlen: 29
2a0f:1380::/29 maxlen: 29
2a06:dfc0::/29 maxlen: 29
2a0f:ec00::/29 maxlen: 29
2a0f:8300::/29 maxlen: 29
2a0f:1580::/29 maxlen: 29
2a0f:3f80::/29 maxlen: 29
2a0f:dac0::/29 maxlen: 29
2a0f:ee00::/29 maxlen: 29
2a0e:5a80::/29 maxlen: 29
2a0f:e140::/29 maxlen: 29
2a13:d300::/29 maxlen: 29
2a13:200::/29 maxlen: 29
2a12:d540::/29 maxlen: 29
2a06:3bc0::/29 maxlen: 29
2a0a:1400::/29 maxlen: 29
2a06:a5c0::/29 maxlen: 29
2a0f:bc00::/29 maxlen: 29
2a05:b300::/29 maxlen: 29
2a0f:da40::/29 maxlen: 29
2a13:7d80::/29 maxlen: 29
2a0f:7f00::/29 maxlen: 29
2a0c:4880::/29 maxlen: 29
2a13:9380::/29 maxlen: 29
2a0f:e0c0::/29 maxlen: 29
2a06:a600::/29 maxlen: 29
2a0f:e640::/29 maxlen: 29
2a0f:9600::/29 maxlen: 29
2a0f:8100::/29 maxlen: 29
2a0f:dd40::/29 maxlen: 29
2a0f:2300::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:90:82:76:6c:da:c7:ed:54:3b:89:7c:d4:fb:98:91:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Dec 22 07:51:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=89c8e81f9b9e6369f1568010903285f64a9ea4b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:12:e9:ee:3f:3d:80:b2:a2:37:58:aa:51:bc:
0b:8c:59:28:39:6e:4d:13:07:6e:ab:87:13:4e:9f:
79:75:c0:1f:d8:3b:4f:db:13:61:ac:c8:40:41:bd:
80:e6:66:35:97:06:d9:eb:fb:b5:7c:2b:12:53:db:
cd:39:d1:8e:66:a1:ac:1c:12:a3:81:33:ea:0e:67:
15:bd:9e:63:ce:f9:68:8b:06:e9:af:76:04:d6:e2:
ff:b4:19:5f:30:cc:2d:8c:aa:46:10:c6:3c:ec:e0:
00:c0:92:77:6a:e3:82:ea:52:44:cb:39:5a:9f:5c:
11:f9:cc:3a:b0:87:60:a9:82:16:2e:5b:80:fa:4c:
95:ad:a4:41:c9:cf:51:53:d7:f2:e4:28:49:73:87:
70:09:c1:f1:48:ae:8c:6a:7d:f9:f6:7f:97:c4:10:
c8:42:1d:f5:f9:b3:23:c9:33:4e:4f:40:54:34:7f:
59:95:50:84:95:a4:a5:bb:47:3c:c1:43:2f:86:14:
c5:6c:c2:d2:2d:c8:ea:d9:3f:c5:69:49:4a:e3:e6:
28:e2:c5:e8:31:33:3f:56:e4:8f:dc:0c:5e:ed:df:
0a:bd:70:0e:6d:6a:dc:82:e3:99:f3:da:19:09:41:
c5:6e:50:fb:a4:20:be:e7:d3:32:a4:30:f3:ce:54:
21:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:C8:E8:1F:9B:9E:63:69:F1:56:80:10:90:32:85:F6:4A:9E:A4:B6
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/icjoH5ueY2nxVoAQkDKF9kqepLY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:b300::/29
2a06:3bc0::/29
2a06:a5c0::/29
2a06:a600::/29
2a06:dfc0::/29
2a0a:1400::/29
2a0c:4880::/29
2a0e:5a80::/29
2a0e:9b00::/29
2a0f:1380::/29
2a0f:1580::/29
2a0f:2300::/29
2a0f:3f80::/29
2a0f:7f00::/29
2a0f:8100::/29
2a0f:8300::/29
2a0f:9600::/29
2a0f:bc00::/29
2a0f:da40::/29
2a0f:dac0::/29
2a0f:dd40::/29
2a0f:e0c0::/29
2a0f:e140::/29
2a0f:e640::/29
2a0f:ec00::/29
2a0f:ee00::/29
2a12:d540::/29
2a13:200::/29
2a13:7d80::/29
2a13:9380::/29
2a13:d300::/29
Signature Algorithm: sha256WithRSAEncryption
50:6b:86:5d:d1:30:17:ae:3b:9a:0f:05:8a:83:86:aa:92:82:
91:23:59:00:8f:ff:38:a0:2b:e6:e2:62:35:ab:7a:af:09:1d:
b6:d8:1c:65:c4:d7:38:e9:2a:7b:3b:8b:53:c3:ba:04:dc:67:
b4:bd:06:46:53:37:ed:a7:91:7d:3b:fd:64:0a:6f:48:9d:ee:
fe:b1:4e:f2:bb:ae:8f:b8:8c:ef:ee:85:ed:6b:c7:0d:7a:8b:
e4:77:a6:40:1c:2b:ad:cb:aa:51:c7:c0:01:22:cc:ff:16:97:
f5:26:4e:da:29:5c:6e:54:fb:f9:d1:f6:35:75:9a:d4:c7:af:
0d:ea:22:65:60:37:b9:da:70:43:d8:d3:89:ec:c8:27:33:d2:
db:c1:e7:0c:17:9b:ef:fd:69:0f:a3:66:d5:14:48:a4:1d:5f:
6d:18:b8:88:be:6b:52:51:5f:61:7c:16:4f:e0:38:bc:6d:d8:
ee:fb:93:a7:6a:61:71:63:61:3b:7a:33:11:5b:e9:ab:0d:ad:
7e:f9:55:97:07:93:9b:0c:8c:77:58:b4:2e:54:1e:87:6d:74:
30:65:14:bb:29:51:d7:0a:f2:b6:3c:cc:72:ef:41:5f:0d:73:
6a:74:2b:85:b0:74:0b:e8:15:c3:46:bf:ed:90:8d:ec:ad:58:
a3:6f:ab:be
-----BEGIN CERTIFICATE-----
MIIF1TCCBL2gAwIBAgISAYyQgnZs2sftVDuJfNT7mJFrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMxMjIyMDc1MTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWM4ZTgxZjliOWU2MzY5ZjE1NjgwMTA5MDMyODVmNjRhOWVhNGI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzRLp7j89gLKiN1iqUbwLjFkoOW5N
Ewduq4cTTp95dcAf2DtP2xNhrMhAQb2A5mY1lwbZ6/u1fCsSU9vNOdGOZqGsHBKj
gTPqDmcVvZ5jzvloiwbpr3YE1uL/tBlfMMwtjKpGEMY87OAAwJJ3auOC6lJEyzla
n1wR+cw6sIdgqYIWLluA+kyVraRByc9RU9fy5ChJc4dwCcHxSK6Man359n+XxBDI
Qh31+bMjyTNOT0BUNH9ZlVCElaSlu0c8wUMvhhTFbMLSLcjq2T/FaUlK4+Yo4sXo
MTM/VuSP3Axe7d8KvXAObWrcguOZ89oZCUHFblD7pCC+59MypDDzzlQhpwIDAQAB
o4IC4TCCAt0wHQYDVR0OBBYEFInI6B+bnmNp8VaAEJAyhfZKnqS2MB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvaWNqb0g1dWVZMm54Vm9BUWtES0Y5a3FlcExZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH2BggrBgEFBQcBBwEB/wSB5jCB4zCB4AQCAAIwgdkDBQMq
BbMAAwUDKgY7wAMFAyoGpcADBQMqBqYAAwUDKgbfwAMFAyoKFAADBQMqDEiAAwUD
Kg5agAMFAyoOmwADBQMqDxOAAwUDKg8VgAMFAyoPIwADBQMqDz+AAwUDKg9/AAMF
AyoPgQADBQMqD4MAAwUDKg+WAAMFAyoPvAADBQMqD9pAAwUDKg/awAMFAyoP3UAD
BQMqD+DAAwUDKg/hQAMFAyoP5kADBQMqD+wAAwUDKg/uAAMFAyoS1UADBQMqEwIA
AwUDKhN9gAMFAyoTk4ADBQMqE9MAMA0GCSqGSIb3DQEBCwUAA4IBAQBQa4Zd0TAX
rjuaDwWKg4aqkoKRI1kAj/84oCvm4mI1q3qvCR222BxlxNc46Sp7O4tTw7oE3Ge0
vQZGUzftp5F9O/1kCm9Ine7+sU7yu66PuIzv7oXta8cNeovkd6ZAHCuty6pRx8AB
Isz/Fpf1Jk7aKVxuVPv50fY1dZrUx68N6iJlYDe52nBD2NOJ7MgnM9LbwecMF5vv
/WkPo2bVFEikHV9tGLiIvmtSUV9hfBZP4Di8bdju+5OnamFxY2E7ejMRW+mrDa1+
+VWXB5ObDIx3WLQuVB6HbXQwZRS7KVHXCvK2PMxy70FfDXNqdCuFsHQL6BXDRr/t
kI3srVijb6u+
-----END CERTIFICATE-----
Generated at Sun May 11 03:50:59 2025 by rpki-client