Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/oH516b7yf-zcpapUR0YurCsZ2qs.roa
File: oH516b7yf-zcpapUR0YurCsZ2qs.roa (raw, json)
Hash identifier: FGzUNXbtBCfwksJNHWrMuxbROU7Azpryqy0v6CsjUkc=
Subject key identifier: A0:7E:75:E9:BE:F2:7F:EC:DC:A5:AA:54:47:46:2E:AC:2B:19:DA:AB
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01831337BCB00A5B82B305321044C6520F15
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/oH516b7yf-zcpapUR0YurCsZ2qs.roa
Signing time: Tue 06 Sep 2022 14:32:43 +0000
ROA not before: Tue 06 Sep 2022 14:32:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 30633
IP address blocks: 2a0f:1e00:987::/48 maxlen: 48
2a0f:1e81:92e8::/48 maxlen: 48
2a12:ac40::/29 maxlen: 29
2a0f:1e81:cdae::/48 maxlen: 48
2a07:f300::/29 maxlen: 29
2a0f:1e81:1293::/48 maxlen: 48
2a0c:9240::/29 maxlen: 29
2a0f:1e81:4319::/48 maxlen: 48
2a0f:1e00:456::/48 maxlen: 48
2a0f:a00::/32 maxlen: 32
2a0f:1e00:abc::/48 maxlen: 48
2a0f:1e81:a3d0::/48 maxlen: 48
2a0f:a01::/32 maxlen: 32
2a0e:5a80::/29 maxlen: 29
2a0f:1e00:123::/48 maxlen: 48
2a0f:3d80:123::/48 maxlen: 48
2a0f:1e00:def9::/48 maxlen: 48
2a0f:3d82::/32 maxlen: 32
2a12:d540::/29 maxlen: 29
2a0f:e842::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:13:37:bc:b0:0a:5b:82:b3:05:32:10:44:c6:52:0f:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Sep 6 14:32:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a07e75e9bef27fecdca5aa5447462eac2b19daab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:e2:8c:5b:4a:58:d9:01:4d:87:bf:49:de:c3:
e6:01:87:b5:bf:a1:07:69:fd:b7:fb:31:55:18:bd:
9b:ac:25:95:71:ae:2e:79:22:2b:63:3f:62:1e:8c:
32:33:3c:43:ca:76:f4:61:46:3b:5d:c0:0a:76:a5:
d2:54:6c:12:ac:e1:a5:db:82:c7:e0:f8:b1:13:ad:
35:7a:5e:52:ce:19:c0:ee:c8:3b:09:e0:fb:02:07:
b8:9b:17:af:62:14:0e:e5:b8:65:be:50:b8:81:94:
70:92:fd:56:5d:78:1f:93:1b:e7:82:74:03:80:32:
70:78:f9:f5:ba:70:52:43:d3:a1:f9:82:0c:e5:8c:
58:f9:9a:b1:e6:c1:cf:d5:50:17:31:d8:83:f8:63:
1b:12:b4:b6:77:43:c2:37:2d:fc:30:3c:3a:a3:59:
13:bd:d3:69:c0:8d:b9:af:41:5a:fd:d8:50:39:f8:
2f:43:b8:11:8d:ee:97:25:ea:94:5e:11:7d:1f:02:
24:1a:e1:f0:12:36:b9:6f:cf:c5:e5:95:45:83:99:
7d:da:0b:27:24:7e:84:49:f4:56:15:3b:a9:05:ed:
fe:f2:55:6e:9a:17:da:86:a8:85:f4:a4:eb:e9:c0:
1f:cf:82:d5:3d:dc:1a:71:86:29:78:e8:4c:ec:b9:
ed:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:7E:75:E9:BE:F2:7F:EC:DC:A5:AA:54:47:46:2E:AC:2B:19:DA:AB
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/oH516b7yf-zcpapUR0YurCsZ2qs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:f300::/29
2a0c:9240::/29
2a0e:5a80::/29
2a0f:a00::/31
2a0f:1e00:123::/48
2a0f:1e00:456::/48
2a0f:1e00:987::/48
2a0f:1e00:abc::/48
2a0f:1e00:def9::/48
2a0f:1e81:1293::/48
2a0f:1e81:4319::/48
2a0f:1e81:92e8::/48
2a0f:1e81:a3d0::/48
2a0f:1e81:cdae::/48
2a0f:3d80:123::/48
2a0f:3d82::/32
2a0f:e842::/32
2a12:ac40::/29
2a12:d540::/29
Signature Algorithm: sha256WithRSAEncryption
b4:e8:7f:3d:77:ac:ed:aa:b0:14:b5:8b:b4:5a:ce:cb:b6:dd:
32:c6:91:3b:47:73:bd:7d:5c:b6:33:6e:15:2c:db:fd:5b:4b:
cb:7b:ca:59:1e:9c:87:a7:f7:b2:06:e3:1e:96:78:81:c4:8c:
48:f4:81:bc:88:84:d7:55:44:ec:3c:ce:53:8c:fc:83:2f:01:
c9:98:50:ab:a0:7a:53:83:73:b0:45:e5:0d:64:c0:de:15:5f:
90:2b:58:ab:b2:4e:6d:e4:0c:a2:fd:6d:58:13:6f:86:72:71:
8b:e0:30:93:81:e9:c6:b1:10:02:60:43:a4:bf:8a:64:57:42:
fc:2c:37:b4:4b:80:fa:9c:53:0b:08:85:69:de:df:90:f0:6e:
c8:d5:5d:08:d5:30:b2:1c:30:fe:45:be:18:f4:64:94:f7:bc:
c1:5d:f9:ea:9b:bc:ed:47:cf:11:e0:e2:13:91:cf:0c:76:fa:
b8:de:5b:8b:d6:fa:8b:3e:0e:09:5a:24:99:42:06:09:f4:f2:
7a:72:22:e2:8c:3f:a3:5b:56:10:96:52:61:86:7f:ee:f3:74:
d7:64:1a:35:86:bb:ab:da:78:fa:34:ba:8b:70:ee:46:ea:7b:
98:a5:2a:dd:ce:4b:62:ad:d4:d6:f9:b9:99:90:0c:1a:ba:dc:
29:3f:d5:fd
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgISAYMTN7ywCluCswUyEETGUg8VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjIwOTA2MTQzMjQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDdlNzVlOWJlZjI3ZmVjZGNhNWFhNTQ0NzQ2MmVhYzJiMTlkYWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz+KMW0pY2QFNh79J3sPmAYe1v6EH
af23+zFVGL2brCWVca4ueSIrYz9iHowyMzxDynb0YUY7XcAKdqXSVGwSrOGl24LH
4PixE601el5SzhnA7sg7CeD7Age4mxevYhQO5bhlvlC4gZRwkv1WXXgfkxvngnQD
gDJwePn1unBSQ9Oh+YIM5YxY+Zqx5sHP1VAXMdiD+GMbErS2d0PCNy38MDw6o1kT
vdNpwI25r0Fa/dhQOfgvQ7gRje6XJeqUXhF9HwIkGuHwEja5b8/F5ZVFg5l92gsn
JH6ESfRWFTupBe3+8lVumhfahqiF9KTr6cAfz4LVPdwacYYpeOhM7LnthwIDAQAB
o4ICozCCAp8wHQYDVR0OBBYEFKB+dem+8n/s3KWqVEdGLqwrGdqrMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvb0g1MTZiN3lmLXpjcGFwVVIwWXVyQ3NaMnFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG4BggrBgEFBQcBBwEB/wSBqDCBpTCBogQCAAIwgZsDBQMq
B/MAAwUDKgySQAMFAyoOWoADBQEqDwoAAwcAKg8eAAEjAwcAKg8eAARWAwcAKg8e
AAmHAwcAKg8eAAq8AwcAKg8eAN75AwcAKg8egRKTAwcAKg8egUMZAwcAKg8egZLo
AwcAKg8egaPQAwcAKg8egc2uAwcAKg89gAEjAwUAKg89ggMFACoP6EIDBQMqEqxA
AwUDKhLVQDANBgkqhkiG9w0BAQsFAAOCAQEAtOh/PXes7aqwFLWLtFrOy7bdMsaR
O0dzvX1ctjNuFSzb/VtLy3vKWR6ch6f3sgbjHpZ4gcSMSPSBvIiE11VE7DzOU4z8
gy8ByZhQq6B6U4NzsEXlDWTA3hVfkCtYq7JObeQMov1tWBNvhnJxi+Awk4HpxrEQ
AmBDpL+KZFdC/Cw3tEuA+pxTCwiFad7fkPBuyNVdCNUwshww/kW+GPRklPe8wV35
6pu87UfPEeDiE5HPDHb6uN5bi9b6iz4OCVokmUIGCfTyenIi4ow/o1tWEJZSYYZ/
7vN012QaNYa7q9p4+jS6i3DuRup7mKUq3c5LYq3U1vm5mZAMGrrcKT/V/Q==
-----END CERTIFICATE-----
Generated at Fri May 9 02:48:45 2025 by rpki-client