Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/p4yznhXocnllsPxDEs9jpimJIK4.roa
File: p4yznhXocnllsPxDEs9jpimJIK4.roa (raw, json)
Hash identifier: K36XT1KbG2JzjIvPOnt21r3nUDYNWUsVKWOReKvAtdE=
Subject key identifier: A7:8C:B3:9E:15:E8:72:79:65:B0:FC:43:12:CF:63:A6:29:89:20:AE
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018AC84FA4DE051ADE91CA5C59703C1F60C2
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/p4yznhXocnllsPxDEs9jpimJIK4.roa
Signing time: Sun 24 Sep 2023 17:49:37 +0000
ROA not before: Sun 24 Sep 2023 17:49:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198231
IP address blocks: 2a13:d902::/32 maxlen: 32
2a13:2dc5::/32 maxlen: 32
2a13:2d41::/32 maxlen: 32
2a13:c906::/32 maxlen: 32
2a13:c905::/32 maxlen: 32
2a13:2d42::/32 maxlen: 32
2a13:d901::/32 maxlen: 32
2a13:2dc4::/32 maxlen: 32
2a13:c904::/32 maxlen: 32
2a13:c907::/32 maxlen: 32
2a13:2d43::/32 maxlen: 32
2a13:2dc7::/32 maxlen: 32
2a13:d900::/32 maxlen: 32
2a06:35c4::/30 maxlen: 30
2a13:d903::/32 maxlen: 32
2a13:2d40::/32 maxlen: 32
2a13:2d46::/32 maxlen: 32
2a13:2d45::/32 maxlen: 32
2a13:2dc1::/32 maxlen: 32
2a13:2dc2::/32 maxlen: 32
2a13:d906::/32 maxlen: 32
2a13:c902::/32 maxlen: 32
2a13:2d44::/32 maxlen: 32
2a13:c901::/32 maxlen: 32
2a13:d907::/32 maxlen: 32
2a13:d904::/32 maxlen: 32
2a06:35c0::/30 maxlen: 30
2a13:d700::/29 maxlen: 29
2a13:c900::/32 maxlen: 32
2a13:2d47::/32 maxlen: 32
2a13:2dc6::/32 maxlen: 32
2a13:c903::/32 maxlen: 32
2a13:d905::/32 maxlen: 32
2a13:2dc0::/32 maxlen: 32
2a13:2dc3::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:c8:4f:a4:de:05:1a:de:91:ca:5c:59:70:3c:1f:60:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Sep 24 17:49:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a78cb39e15e8727965b0fc4312cf63a6298920ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:cc:f1:95:c7:17:0e:46:5c:9d:a1:ca:cd:c2:
c6:ff:84:be:75:0e:cf:6f:dd:3c:c2:5b:61:36:0c:
64:63:99:96:79:cd:89:4e:18:a2:2e:d9:76:37:aa:
46:e9:8f:58:65:08:b7:0d:71:9a:a2:91:60:2e:0b:
70:78:19:0d:a1:e9:5b:cd:3a:8c:8c:73:1d:c5:c1:
c5:80:aa:e3:cc:1b:3e:96:60:37:82:90:96:34:d9:
44:7b:e0:23:29:19:28:c5:df:81:10:b7:a2:7b:57:
96:f8:02:cb:9d:a6:f5:45:88:d1:d5:80:c8:db:7b:
2f:72:4b:c4:9b:1f:3c:03:51:80:77:7d:2a:0c:b9:
18:90:1b:fe:d2:d0:d3:83:17:94:70:8d:e5:1e:e6:
77:84:c3:84:37:f8:b8:04:17:f8:58:73:d6:63:56:
72:a1:5c:c5:83:e1:f2:9e:ca:e9:3f:f1:91:99:68:
d1:45:18:b8:0b:87:af:f5:d2:0b:b7:45:70:cc:ea:
0c:a1:5f:01:d8:be:70:c8:e1:50:0f:37:5d:f0:76:
bd:d0:c6:bf:2d:6f:d6:12:31:c7:ed:fa:3d:bf:af:
31:58:d1:58:21:f9:c8:80:57:b5:99:32:7e:f0:98:
f0:0e:a5:bc:39:19:3c:08:c8:ad:52:4a:df:34:a5:
35:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:8C:B3:9E:15:E8:72:79:65:B0:FC:43:12:CF:63:A6:29:89:20:AE
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/p4yznhXocnllsPxDEs9jpimJIK4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:35c0::/29
2a13:2d40::/29
2a13:2dc0::/29
2a13:c900::/29
2a13:d700::/29
2a13:d900::/29
Signature Algorithm: sha256WithRSAEncryption
5d:eb:1f:eb:9c:5d:67:b1:7b:54:00:66:8b:8b:b8:ea:29:98:
63:08:32:29:09:71:85:58:83:d4:ef:55:4f:f7:5b:b8:89:36:
a9:71:d0:c8:2f:45:40:ca:be:c1:06:4d:80:fb:6f:76:a7:34:
4b:fa:4e:7d:82:10:fb:50:d4:03:99:f0:a0:b8:03:0c:2a:e0:
86:31:c0:0a:de:fe:99:36:a7:09:d9:bd:ee:38:eb:50:ab:6d:
51:9f:b5:17:f8:a4:28:43:da:c1:dd:a9:5a:2b:a7:23:16:30:
59:ff:d6:e4:4b:85:bc:12:06:39:ff:a7:10:da:62:e3:cd:5f:
88:d5:a3:49:0b:7b:50:e3:34:00:73:68:51:b3:60:a8:34:96:
25:c0:65:05:3e:b7:24:79:f0:dc:3f:14:9b:cf:dd:39:94:5a:
d6:43:86:08:ce:1d:40:57:f8:f2:44:5a:f4:0a:53:40:b6:e9:
61:75:41:f1:08:70:a8:45:a9:31:0b:f6:c1:c9:03:c5:94:88:
4f:65:14:0c:f8:8c:0d:f2:08:32:70:43:2a:0a:d0:97:83:aa:
40:0f:00:8a:f3:77:ad:60:6a:bb:e5:70:76:91:d3:eb:08:01:
73:cb:c7:fb:c6:5e:cd:0c:3b:bd:1a:de:e1:8b:4b:5f:17:79:
d4:d3:42:5c
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYrIT6TeBRrekcpcWXA8H2DCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMwOTI0MTc0OTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzhjYjM5ZTE1ZTg3Mjc5NjViMGZjNDMxMmNmNjNhNjI5ODkyMGFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn8zxlccXDkZcnaHKzcLG/4S+dQ7P
b908wlthNgxkY5mWec2JThiiLtl2N6pG6Y9YZQi3DXGaopFgLgtweBkNoelbzTqM
jHMdxcHFgKrjzBs+lmA3gpCWNNlEe+AjKRkoxd+BELeie1eW+ALLnab1RYjR1YDI
23svckvEmx88A1GAd30qDLkYkBv+0tDTgxeUcI3lHuZ3hMOEN/i4BBf4WHPWY1Zy
oVzFg+HynsrpP/GRmWjRRRi4C4ev9dILt0VwzOoMoV8B2L5wyOFQDzdd8Ha90Ma/
LW/WEjHH7fo9v68xWNFYIfnIgFe1mTJ+8JjwDqW8ORk8CMitUkrfNKU1KwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFKeMs54V6HJ5ZbD8QxLPY6YpiSCuMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvcDR5em5oWG9jbmxsc1B4REVzOWpwaW1KSUs0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAAjAqAwUDKgY1wAMF
AyoTLUADBQMqEy3AAwUDKhPJAAMFAyoT1wADBQMqE9kAMA0GCSqGSIb3DQEBCwUA
A4IBAQBd6x/rnF1nsXtUAGaLi7jqKZhjCDIpCXGFWIPU71VP91u4iTapcdDIL0VA
yr7BBk2A+292pzRL+k59ghD7UNQDmfCguAMMKuCGMcAK3v6ZNqcJ2b3uOOtQq21R
n7UX+KQoQ9rB3alaK6cjFjBZ/9bkS4W8EgY5/6cQ2mLjzV+I1aNJC3tQ4zQAc2hR
s2CoNJYlwGUFPrckefDcPxSbz905lFrWQ4YIzh1AV/jyRFr0ClNAtulhdUHxCHCo
RakxC/bByQPFlIhPZRQM+IwN8ggycEMqCtCXg6pADwCK83etYGq75XB2kdPrCAFz
y8f7xl7NDDu9Gt7hi0tfF3nU00Jc
-----END CERTIFICATE-----
Generated at Thu May 15 21:15:13 2025 by rpki-client