Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/lFCtnNi-wtpNcJ5yETKSJyVX_Oo.roa
File: lFCtnNi-wtpNcJ5yETKSJyVX_Oo.roa (raw, json)
Hash identifier: 8Q7mP70yp0jUs06OCggoTlngYuejHK6PvUI2e3nST9k=
Subject key identifier: 94:50:AD:9C:D8:BE:C2:DA:4D:70:9E:72:11:32:92:27:25:57:FC:EA
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01884D244EB36C8367A728ADA4697C2C36EB
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/lFCtnNi-wtpNcJ5yETKSJyVX_Oo.roa
Signing time: Wed 24 May 2023 09:43:24 +0000
ROA not before: Wed 24 May 2023 09:43:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 396362
IP address blocks: 2a0f:e841::/32 maxlen: 32
2a0e:1a82::/32 maxlen: 32
2a0f:1e80:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:4d:24:4e:b3:6c:83:67:a7:28:ad:a4:69:7c:2c:36:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: May 24 09:43:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9450ad9cd8bec2da4d709e72113292272557fcea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:98:e7:dd:8a:2a:7d:8a:c1:b9:2d:5e:13:12:
c2:72:48:5a:fd:69:32:ff:c7:64:9d:58:dc:d1:d2:
ac:82:73:c5:9d:6c:8b:73:0a:93:bb:5e:c1:66:21:
50:31:bf:f1:05:57:21:3f:2e:03:ea:01:10:60:f2:
9a:25:e3:db:ce:fd:b8:a7:a2:bf:c0:ec:68:39:c3:
c3:3a:e2:cb:72:f0:03:ec:72:ac:b5:10:15:d2:cf:
a4:bb:9e:f7:13:11:7f:71:68:11:74:d2:39:d8:de:
13:0f:4d:a9:18:26:3c:76:0d:c5:a7:49:bf:07:1b:
d6:a0:a9:4d:1f:ff:aa:27:9a:12:5f:7d:15:90:4f:
c5:17:0b:f3:c1:60:9d:53:3d:fc:38:67:7d:f4:07:
a6:9e:16:7a:37:6b:c0:2f:9d:df:85:ba:26:f1:c5:
88:9c:66:19:83:28:2a:76:dc:dc:b6:c5:7d:8a:e8:
cd:64:77:0d:b0:51:e8:48:73:e9:5e:db:7a:72:26:
76:12:ac:ae:46:b4:b0:15:dd:4b:a9:63:76:cd:d7:
12:62:19:d4:20:0c:b7:ea:8c:15:e4:7c:50:94:ed:
00:b4:32:f5:d8:f8:6c:4a:97:fa:56:8c:b0:d2:47:
a3:8d:3b:e7:20:bb:4b:9e:01:e5:14:f5:63:5c:fc:
d2:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:50:AD:9C:D8:BE:C2:DA:4D:70:9E:72:11:32:92:27:25:57:FC:EA
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/lFCtnNi-wtpNcJ5yETKSJyVX_Oo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:1a82::/32
2a0f:1e80:1::/48
2a0f:e841::/32
Signature Algorithm: sha256WithRSAEncryption
7f:76:c7:7c:02:47:56:58:b2:d4:18:07:5b:bf:78:b4:07:28:
84:6c:62:93:8d:f9:84:e7:3e:a1:9e:cc:72:d5:3c:c8:83:5a:
b7:00:22:aa:aa:cf:62:88:d4:3f:52:df:5f:97:29:13:f9:3b:
22:85:58:ba:ad:f4:f2:7e:18:66:56:28:c6:8d:8e:66:f3:c6:
a5:34:92:ae:34:ff:73:a8:bf:ce:8c:a1:e2:91:22:70:fc:fe:
25:5d:a4:ef:21:06:00:18:7a:61:26:f4:85:ac:fa:98:6e:ef:
dc:76:e9:9b:0f:fe:6c:a9:b8:bb:a3:c4:ed:f5:43:30:af:4e:
c3:86:89:d1:81:ec:7a:04:52:9a:8e:21:88:54:9d:c2:91:6f:
f8:b1:1d:0e:15:53:97:82:64:f8:4a:ce:95:be:9f:be:04:25:
7c:75:f9:f6:8d:62:dc:e1:30:67:21:c5:b2:f2:b6:ca:c0:6d:
0e:df:37:19:69:97:53:6e:bd:2e:01:6b:3f:3d:7c:db:22:63:
2d:b8:9e:a6:7c:19:8b:3d:a0:ac:fe:dd:76:e0:9b:fa:a1:f6:
7a:65:2a:d9:08:f9:4a:60:1b:c5:a7:0b:72:b6:c4:29:04:e6:
3d:90:9c:63:08:3f:07:79:38:2f:8c:76:26:92:9f:54:dd:a1:
e4:d3:fd:ab
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYhNJE6zbINnpyitpGl8LDbrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMwNTI0MDk0MzI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDUwYWQ5Y2Q4YmVjMmRhNGQ3MDllNzIxMTMyOTIyNzI1NTdmY2VhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApJjn3YoqfYrBuS1eExLCckha/Wky
/8dknVjc0dKsgnPFnWyLcwqTu17BZiFQMb/xBVchPy4D6gEQYPKaJePbzv24p6K/
wOxoOcPDOuLLcvAD7HKstRAV0s+ku573ExF/cWgRdNI52N4TD02pGCY8dg3Fp0m/
BxvWoKlNH/+qJ5oSX30VkE/FFwvzwWCdUz38OGd99AemnhZ6N2vAL53fhbom8cWI
nGYZgygqdtzctsV9iujNZHcNsFHoSHPpXtt6ciZ2EqyuRrSwFd1LqWN2zdcSYhnU
IAy36owV5HxQlO0AtDL12PhsSpf6Voyw0kejjTvnILtLngHlFPVjXPzStQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJRQrZzYvsLaTXCechEykiclV/zqMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvbEZDdG5OaS13dHBOY0o1eUVUS1NKeVZYX09vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAdBAIAAjAXAwUAKg4aggMH
ACoPHoAAAQMFACoP6EEwDQYJKoZIhvcNAQELBQADggEBAH92x3wCR1ZYstQYB1u/
eLQHKIRsYpON+YTnPqGezHLVPMiDWrcAIqqqz2KI1D9S31+XKRP5OyKFWLqt9PJ+
GGZWKMaNjmbzxqU0kq40/3Oov86MoeKRInD8/iVdpO8hBgAYemEm9IWs+phu79x2
6ZsP/mypuLujxO31QzCvTsOGidGB7HoEUpqOIYhUncKRb/ixHQ4VU5eCZPhKzpW+
n74EJXx1+faNYtzhMGchxbLytsrAbQ7fNxlpl1NuvS4Baz89fNsiYy24nqZ8GYs9
oKz+3Xbgm/qh9nplKtkI+UpgG8WnC3K2xCkE5j2QnGMIPwd5OC+MdiaSn1TdoeTT
/as=
-----END CERTIFICATE-----
Generated at Sun May 11 05:11:00 2025 by rpki-client