Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/mQRpQdWMFZ4awYIkAUQmthRAbFA.roa
File: mQRpQdWMFZ4awYIkAUQmthRAbFA.roa (raw, json)
Hash identifier: bGphQx2ty7ARJdwcFIwg9c5q5MCeKbtdyoGgXryhNig=
Subject key identifier: 99:04:69:41:D5:8C:15:9E:1A:C1:82:24:01:44:26:B6:14:40:6C:50
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 021F8DA6
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/mQRpQdWMFZ4awYIkAUQmthRAbFA.roa
Signing time: Mon 28 Feb 2022 11:24:39 +0000
ROA not before: Mon 28 Feb 2022 11:24:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 30633
IP address blocks: 2a0f:1e81:a3d0::/48 maxlen: 48
2a0f:1e00:987::/48 maxlen: 48
2a0f:1e81:92e8::/48 maxlen: 48
2a0f:1e81:cdae::/48 maxlen: 48
2a0f:1e81:1293::/48 maxlen: 48
2a0f:1e00:123::/48 maxlen: 48
2a0f:1e00:456::/48 maxlen: 48
2a0f:1e81:4319::/48 maxlen: 48
2a0f:1e00:def9::/48 maxlen: 48
2a0f:1e00:abc::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 35622310 (0x21f8da6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Feb 28 11:24:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=99046941d58c159e1ac18224014426b614406c50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:d1:97:e6:1c:37:18:1c:d0:00:cf:53:76:86:
7a:e9:a0:cc:ff:1b:02:0a:f0:83:49:03:6e:ce:0c:
e1:9e:f3:43:58:75:91:f3:87:6f:17:89:64:30:ba:
c0:46:7c:6d:27:bd:45:ef:bf:a1:ee:f1:3e:d6:d8:
58:9d:89:76:ff:ee:ec:78:10:a2:e2:c5:de:04:82:
99:0c:54:3c:7b:09:d1:16:a5:d3:f2:fd:28:59:57:
b3:a7:06:a7:a3:b0:6c:9a:03:6d:1a:63:77:a3:68:
84:c5:07:7e:7c:9a:a9:92:12:1f:16:99:7e:0b:68:
67:c3:74:e6:a7:be:ce:10:9b:46:b4:d8:2a:e6:ce:
e8:69:89:1c:9e:19:07:e0:3c:90:01:57:3b:ea:ff:
54:ff:6a:53:b9:ad:57:0d:c7:f9:4b:93:ee:b0:03:
74:ae:eb:9b:62:19:96:43:23:73:b8:51:ea:92:9a:
48:9c:31:a8:f7:84:a7:2a:96:9a:1d:b5:80:37:53:
b7:b2:f6:84:db:07:4b:ee:0f:bc:15:51:d7:ca:f1:
fc:b7:7c:b8:cf:f2:85:55:3b:ff:03:58:be:11:88:
a1:87:52:77:9d:89:3a:56:ba:62:5b:fb:03:57:d9:
ad:a6:8f:94:3f:82:eb:4b:20:07:f0:f6:19:1d:3b:
58:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:04:69:41:D5:8C:15:9E:1A:C1:82:24:01:44:26:B6:14:40:6C:50
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/mQRpQdWMFZ4awYIkAUQmthRAbFA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:1e00:123::/48
2a0f:1e00:456::/48
2a0f:1e00:987::/48
2a0f:1e00:abc::/48
2a0f:1e00:def9::/48
2a0f:1e81:1293::/48
2a0f:1e81:4319::/48
2a0f:1e81:92e8::/48
2a0f:1e81:a3d0::/48
2a0f:1e81:cdae::/48
Signature Algorithm: sha256WithRSAEncryption
5b:41:67:ca:f2:0a:c2:a5:da:aa:c9:bf:bb:97:89:d5:cd:8f:
09:e6:19:24:da:94:b0:9e:35:a8:b7:44:b1:58:57:0f:97:33:
40:a0:d1:cf:33:8c:32:bc:c4:97:69:84:4c:f2:f5:ea:d9:15:
f5:bb:89:71:66:d5:0a:bb:8c:ff:fb:ba:1c:4d:a1:ab:b2:f8:
59:31:ff:b9:5c:43:a6:85:79:e1:df:a1:2f:8c:28:35:f0:ce:
11:a8:cd:7b:14:68:2f:0e:18:ac:32:e9:46:21:b7:0e:7b:fd:
cc:90:a4:57:04:68:eb:c5:0e:42:2f:d7:dd:0d:0f:a8:da:4c:
96:f1:9a:66:28:62:18:c2:68:f4:73:70:a2:c1:a2:eb:d1:c7:
c6:f9:02:6b:3f:80:75:a9:3e:f1:aa:ae:58:f3:e4:a2:4c:7e:
47:06:04:36:b4:b0:57:87:64:eb:e7:ac:6c:c0:a2:39:1b:42:
dc:30:72:2c:3a:85:59:06:6d:98:0a:61:e8:4e:a1:50:17:dd:
45:4d:61:00:af:0f:88:d4:bf:03:42:c7:ce:4a:af:e9:a4:7c:
b6:c4:95:20:b5:27:77:ce:58:5d:00:c2:62:d8:71:59:98:cc:
02:55:75:2b:e2:c1:64:c6:9b:fa:19:3a:b3:b3:2b:98:83:56:
50:96:72:6b
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgIEAh+NpjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
ZDU1OWFhZmJmYzA5MzEyNDJlMWQ2MzcyOThjZjFkZDIyM2U0YzI2MB4XDTIyMDIy
ODExMjQzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTkwNDY5NDFkNThj
MTU5ZTFhYzE4MjI0MDE0NDI2YjYxNDQwNmM1MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMrRl+YcNxgc0ADPU3aGeumgzP8bAgrwg0kDbs4M4Z7zQ1h1
kfOHbxeJZDC6wEZ8bSe9Re+/oe7xPtbYWJ2Jdv/u7HgQouLF3gSCmQxUPHsJ0Ral
0/L9KFlXs6cGp6OwbJoDbRpjd6NohMUHfnyaqZISHxaZfgtoZ8N05qe+zhCbRrTY
KubO6GmJHJ4ZB+A8kAFXO+r/VP9qU7mtVw3H+UuT7rADdK7rm2IZlkMjc7hR6pKa
SJwxqPeEpyqWmh21gDdTt7L2hNsHS+4PvBVR18rx/Ld8uM/yhVU7/wNYvhGIoYdS
d52JOla6Ylv7A1fZraaPlD+C60sgB/D2GR07WKUCAwEAAaOCAl0wggJZMB0GA1Ud
DgQWBBSZBGlB1YwVnhrBgiQBRCa2FEBsUDAfBgNVHSMEGDAWgBR9VZqvv8CTEkLh
1jcpjPHdIj5MJjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2ZWV2FyN19Ba3hKQzRkWTNLWXp4M1NJLVRDWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzAvNDlhZGM2LWJhODktNDAzZi1hZGE5LThjNTAwN2MyYTRiNi8x
L21RUnBRZFdNRlo0YXdZSWtBVVFtdGhSQWJGQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzAv
NDlhZGM2LWJhODktNDAzZi1hZGE5LThjNTAwN2MyYTRiNi8xL2ZWV2FyN19Ba3hK
QzRkWTNLWXp4M1NJLVRDWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBz
BggrBgEFBQcBBwEB/wRkMGIwYAQCAAIwWgMHACoPHgABIwMHACoPHgAEVgMHACoP
HgAJhwMHACoPHgAKvAMHACoPHgDe+QMHACoPHoESkwMHACoPHoFDGQMHACoPHoGS
6AMHACoPHoGj0AMHACoPHoHNrjANBgkqhkiG9w0BAQsFAAOCAQEAW0FnyvIKwqXa
qsm/u5eJ1c2PCeYZJNqUsJ41qLdEsVhXD5czQKDRzzOMMrzEl2mETPL16tkV9buJ
cWbVCruM//u6HE2hq7L4WTH/uVxDpoV54d+hL4woNfDOEajNexRoLw4YrDLpRiG3
Dnv9zJCkVwRo68UOQi/X3Q0PqNpMlvGaZihiGMJo9HNwosGi69HHxvkCaz+Adak+
8aquWPPkokx+RwYENrSwV4dk6+esbMCiORtC3DByLDqFWQZtmAph6E6hUBfdRU1h
AK8PiNS/A0LHzkqv6aR8tsSVILUnd85YXQDCYthxWZjMAlV1K+LBZMab+hk6s7Mr
mINWUJZyaw==
-----END CERTIFICATE-----
Generated at Thu May 8 09:15:38 2025 by rpki-client