Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/s7C5BODftT2B4_FsKzKBSeGy0yc.roa
File: s7C5BODftT2B4_FsKzKBSeGy0yc.roa (raw, json)
Hash identifier: jgrk7NKyuKFRPlsfmMuar1wF18Aabz7dJfr9oZ6QJec=
Subject key identifier: B3:B0:B9:04:E0:DF:B5:3D:81:E3:F1:6C:2B:32:81:49:E1:B2:D3:27
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018BB827CA8C0E386447AE54D288CFC271D4
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/s7C5BODftT2B4_FsKzKBSeGy0yc.roa
Signing time: Fri 10 Nov 2023 07:34:57 +0000
ROA not before: Fri 10 Nov 2023 07:34:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205544
IP address blocks: 2a0f:e6c6:1::/48 maxlen: 48
2a13:e107:7::/48 maxlen: 48
2a13:e101:1::/48 maxlen: 48
2a0f:e1c0:1::/48 maxlen: 48
2a12:ecc0:1::/48 maxlen: 48
2a13:3380:1::/48 maxlen: 48
2a0f:e6c7:1::/48 maxlen: 48
2a0f:e6c5:1::/48 maxlen: 48
2a13:e100:1::/48 maxlen: 48
2a0f:e440::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:b8:27:ca:8c:0e:38:64:47:ae:54:d2:88:cf:c2:71:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Nov 10 07:34:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b3b0b904e0dfb53d81e3f16c2b328149e1b2d327
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:44:9e:3c:12:cb:b0:6c:fe:c9:bb:1c:7d:1d:
1f:44:df:4e:af:a9:63:5e:38:18:64:ce:8d:fe:3d:
25:9d:55:22:1e:a9:51:65:96:88:63:55:7b:dc:ee:
65:f6:dd:08:bc:f7:84:48:bc:41:87:62:0e:a9:d0:
f8:53:06:82:f6:06:4e:65:44:1b:0f:e7:d3:b7:55:
95:8a:4e:b4:5c:1d:68:36:f7:c5:63:54:d3:55:ea:
33:d9:82:eb:a2:cb:7b:6e:4a:ef:85:55:08:d2:7c:
de:3e:2b:16:c1:37:73:f1:75:fa:5c:4a:d2:1d:87:
43:fc:d7:e1:c0:97:a3:31:95:86:ac:c0:a7:82:af:
98:d0:51:67:4c:bd:a5:cb:a0:63:82:4e:50:bb:29:
76:ab:db:3d:20:27:01:7d:97:d7:d8:a3:25:a6:35:
3b:4f:dc:25:e4:40:29:00:13:30:b3:d9:dc:ea:2e:
bd:78:27:65:71:77:2a:d3:4f:c1:ce:e8:ec:bd:b4:
f5:96:ce:7c:8b:20:50:e2:5c:63:8b:ea:ee:16:09:
d0:11:56:f9:d7:bd:67:66:da:b6:38:49:b3:b6:e3:
45:3b:a5:81:b2:f9:23:26:71:33:23:59:1c:e2:99:
8d:a4:dc:2a:1d:aa:21:d2:cb:20:57:61:35:17:30:
e4:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:B0:B9:04:E0:DF:B5:3D:81:E3:F1:6C:2B:32:81:49:E1:B2:D3:27
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/s7C5BODftT2B4_FsKzKBSeGy0yc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:e1c0:1::/48
2a0f:e440::/29
2a0f:e6c5:1::/48
2a0f:e6c6:1::/48
2a0f:e6c7:1::/48
2a12:ecc0:1::/48
2a13:3380:1::/48
2a13:e100:1::/48
2a13:e101:1::/48
2a13:e107:7::/48
Signature Algorithm: sha256WithRSAEncryption
9d:bf:ae:3d:fb:d8:20:11:f3:f6:26:f7:68:34:e6:65:35:51:
5b:69:20:c6:62:19:65:ec:48:ae:51:31:37:91:12:71:97:db:
e9:17:ff:c3:1f:7e:66:78:26:40:67:7e:2a:17:9b:33:47:7e:
a9:9b:67:ab:2f:00:29:a4:80:47:85:2f:68:e0:9c:02:fc:76:
cf:2a:96:19:d3:db:8d:43:6b:e5:6f:b0:f9:e1:5e:3a:6a:c0:
a8:2f:a3:68:75:2c:31:ff:16:b9:85:69:25:2a:11:e5:ff:30:
10:2e:62:51:53:61:e4:5a:02:cf:2d:2b:5c:ef:5b:7a:03:f1:
43:1a:c7:be:66:61:01:f0:e8:c9:3b:b2:f8:b3:eb:a2:d6:ad:
34:4d:96:e5:db:86:77:c3:75:a7:54:31:a8:6f:d9:27:d4:4b:
8d:4d:ef:80:d9:e3:4a:50:34:46:ee:6e:da:ea:e1:30:8d:26:
2e:e5:6b:28:10:ff:81:6f:e4:1e:c2:78:58:89:ca:86:a6:a2:
cc:b3:96:40:b4:b6:e9:55:56:5c:fd:5a:de:67:0b:57:d0:4c:
bc:3f:24:b0:e7:da:c3:ff:cb:86:de:39:cb:eb:6f:82:5e:51:
b5:f2:3d:8c:c9:dc:0e:1a:1f:c6:66:f2:5e:79:90:b6:e1:69:
dc:a2:2e:07
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAYu4J8qMDjhkR65U0ojPwnHUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMxMTEwMDczNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2IwYjkwNGUwZGZiNTNkODFlM2YxNmMyYjMyODE0OWUxYjJkMzI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqUSePBLLsGz+ybscfR0fRN9Or6lj
XjgYZM6N/j0lnVUiHqlRZZaIY1V73O5l9t0IvPeESLxBh2IOqdD4UwaC9gZOZUQb
D+fTt1WVik60XB1oNvfFY1TTVeoz2YLrost7bkrvhVUI0nzePisWwTdz8XX6XErS
HYdD/NfhwJejMZWGrMCngq+Y0FFnTL2ly6Bjgk5Quyl2q9s9ICcBfZfX2KMlpjU7
T9wl5EApABMws9nc6i69eCdlcXcq00/BzujsvbT1ls58iyBQ4lxji+ruFgnQEVb5
171nZtq2OEmztuNFO6WBsvkjJnEzI1kc4pmNpNwqHaoh0ssgV2E1FzDkywIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFLOwuQTg37U9gePxbCsygUnhstMnMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvczdDNUJPRGZ0VDJCNF9Gc0t6S0JTZUd5MHljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBeBAIAAjBYAwcAKg/hwAAB
AwUDKg/kQAMHACoP5sUAAQMHACoP5sYAAQMHACoP5scAAQMHACoS7MAAAQMHACoT
M4AAAQMHACoT4QAAAQMHACoT4QEAAQMHACoT4QcABzANBgkqhkiG9w0BAQsFAAOC
AQEAnb+uPfvYIBHz9ib3aDTmZTVRW2kgxmIZZexIrlExN5EScZfb6Rf/wx9+Zngm
QGd+KhebM0d+qZtnqy8AKaSAR4UvaOCcAvx2zyqWGdPbjUNr5W+w+eFeOmrAqC+j
aHUsMf8WuYVpJSoR5f8wEC5iUVNh5FoCzy0rXO9begPxQxrHvmZhAfDoyTuy+LPr
otatNE2W5duGd8N1p1QxqG/ZJ9RLjU3vgNnjSlA0Ru5u2urhMI0mLuVrKBD/gW/k
HsJ4WInKhqaizLOWQLS26VVWXP1a3mcLV9BMvD8ksOfaw//Lht45y+tvgl5RtfI9
jMncDhofxmbyXnmQtuFp3KIuBw==
-----END CERTIFICATE-----
Generated at Sat May 10 21:14:11 2025 by rpki-client