Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/18c7dd-241b-4b92-8ebf-77794fbfd2e4/1/CqiNV6RLu0mihrhKTZLvs94sHS8.roa
File: CqiNV6RLu0mihrhKTZLvs94sHS8.roa (raw, json)
Hash identifier: NghN/jIXn89Z4ujU2g57PYba6UF9bjSjGt4xEGMgiqk=
Subject key identifier: 0A:A8:8D:57:A4:4B:BB:49:A2:86:B8:4A:4D:92:EF:B3:DE:2C:1D:2F
Certificate issuer: /CN=4c81273dcb03c3457b79250be109e19a5e74f0fd
Certificate serial: 01892612EBCFD2D28F7187A3CABF804287CA
Authority key identifier: 4C:81:27:3D:CB:03:C3:45:7B:79:25:0B:E1:09:E1:9A:5E:74:F0:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TIEnPcsDw0V7eSUL4Qnhml508P0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/18c7dd-241b-4b92-8ebf-77794fbfd2e4/1/CqiNV6RLu0mihrhKTZLvs94sHS8.roa
Signing time: Wed 05 Jul 2023 12:42:01 +0000
ROA not before: Wed 05 Jul 2023 12:42:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 2a13:85c0::/40 maxlen: 40
2a13:85c0:100::/40 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:26:12:eb:cf:d2:d2:8f:71:87:a3:ca:bf:80:42:87:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c81273dcb03c3457b79250be109e19a5e74f0fd
Validity
Not Before: Jul 5 12:42:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0aa88d57a44bbb49a286b84a4d92efb3de2c1d2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:c2:4d:ee:9e:49:da:44:36:e4:d0:85:97:1a:
d1:6b:f5:73:6a:0e:95:a1:fe:33:da:11:fa:01:96:
93:fa:8c:81:b5:54:31:9e:34:10:0c:ad:b3:2b:e0:
5a:30:88:20:75:d5:b8:ee:4e:38:61:d4:e3:72:b2:
40:fa:95:1e:b2:30:fa:49:0f:cf:2f:e3:68:f6:d2:
9a:4b:45:ff:82:e0:d3:4c:a3:75:34:d3:00:17:40:
50:c3:1b:32:d5:18:31:69:a6:99:39:4d:73:00:30:
d5:e6:52:22:f6:bd:db:bd:56:fa:ad:66:34:8b:e4:
fc:58:68:56:4e:bb:39:b6:ee:3d:f9:f1:9f:97:fa:
d1:ec:eb:ae:43:d3:34:b3:97:1f:f8:cf:a8:f2:ba:
aa:84:ce:5a:59:8e:17:6d:22:08:fd:11:63:bf:43:
bc:ca:ac:ba:59:ef:98:72:a2:20:3c:3c:1b:e2:40:
0b:2c:d1:c4:f1:a6:32:8d:19:f5:df:80:1e:8d:ca:
1f:e9:8c:2c:68:a6:aa:03:da:62:a9:35:5f:3b:f8:
97:9d:4b:0b:2b:10:3d:2c:86:7a:7e:c5:24:89:e1:
20:5a:16:d4:63:20:fd:e4:40:e4:43:fb:70:17:25:
bb:23:fb:12:a5:19:0c:6f:9d:b4:88:e8:8e:9a:0e:
9c:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:A8:8D:57:A4:4B:BB:49:A2:86:B8:4A:4D:92:EF:B3:DE:2C:1D:2F
X509v3 Authority Key Identifier:
keyid:4C:81:27:3D:CB:03:C3:45:7B:79:25:0B:E1:09:E1:9A:5E:74:F0:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TIEnPcsDw0V7eSUL4Qnhml508P0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/18c7dd-241b-4b92-8ebf-77794fbfd2e4/1/CqiNV6RLu0mihrhKTZLvs94sHS8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/18c7dd-241b-4b92-8ebf-77794fbfd2e4/1/TIEnPcsDw0V7eSUL4Qnhml508P0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:85c0::/39
Signature Algorithm: sha256WithRSAEncryption
5a:6b:b4:84:c4:a0:76:7d:47:e7:5f:de:91:ea:cd:d6:f8:36:
ac:44:5e:49:38:94:8b:aa:af:e8:87:16:5b:a1:c0:08:0c:0f:
03:8e:c6:36:54:4c:b0:f6:0a:43:4f:8a:5f:54:58:b3:ba:d5:
b2:28:a6:66:ef:bf:76:26:24:a1:b5:d8:ca:40:4c:19:6c:81:
78:e7:67:11:bc:a7:00:1e:2c:da:f3:49:a1:03:a2:a5:c3:95:
87:9d:d0:25:56:aa:fb:b0:2e:0a:ce:4f:28:67:25:22:f7:8f:
b3:95:b0:75:06:5f:a8:5d:fb:83:e2:e6:9b:2b:b8:03:69:4e:
80:2d:c0:04:7f:0b:f2:36:04:6a:c7:1d:b6:9d:04:be:9d:db:
49:fa:2c:5b:22:8e:44:bc:b1:9f:ce:28:40:b0:d3:74:a5:34:
17:91:c0:92:46:08:ef:5d:b1:a2:7a:36:bd:e7:db:6d:d2:fa:
73:f6:16:d3:35:19:1c:16:03:bc:4d:a6:38:64:e6:96:0c:37:
ab:5d:bc:d7:68:05:02:d2:c7:f9:ab:fd:21:52:6a:72:3b:5a:
4b:aa:95:7c:09:47:6c:e9:e0:87:86:54:3a:09:de:38:ca:15:
e1:4a:fe:0b:f3:b7:3c:46:94:fc:82:85:2f:7f:aa:96:fc:49:
2f:63:49:b3
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYkmEuvP0tKPcYejyr+AQofKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjODEyNzNkY2IwM2MzNDU3Yjc5MjUwYmUxMDllMTlhNWU3
NGYwZmQwHhcNMjMwNzA1MTI0MjAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWE4OGQ1N2E0NGJiYjQ5YTI4NmI4NGE0ZDkyZWZiM2RlMmMxZDJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxsJN7p5J2kQ25NCFlxrRa/Vzag6V
of4z2hH6AZaT+oyBtVQxnjQQDK2zK+BaMIggddW47k44YdTjcrJA+pUesjD6SQ/P
L+No9tKaS0X/guDTTKN1NNMAF0BQwxsy1RgxaaaZOU1zADDV5lIi9r3bvVb6rWY0
i+T8WGhWTrs5tu49+fGfl/rR7OuuQ9M0s5cf+M+o8rqqhM5aWY4XbSII/RFjv0O8
yqy6We+YcqIgPDwb4kALLNHE8aYyjRn134Aejcof6YwsaKaqA9piqTVfO/iXnUsL
KxA9LIZ6fsUkieEgWhbUYyD95EDkQ/twFyW7I/sSpRkMb520iOiOmg6c8QIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFAqojVekS7tJooa4Sk2S77PeLB0vMB8GA1UdIwQY
MBaAFEyBJz3LA8NFe3klC+EJ4ZpedPD9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVElFblBjc0R3MFY3ZVNVTDRRbmhtbDUwOFAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy8xOGM3ZGQtMjQxYi00YjkyLThlYmYt
Nzc3OTRmYmZkMmU0LzEvQ3FpTlY2Ukx1MG1paHJoS1RaTHZzOTRzSFM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy8xOGM3ZGQtMjQxYi00YjkyLThlYmYtNzc3OTRmYmZkMmU0
LzEvVElFblBjc0R3MFY3ZVNVTDRRbmhtbDUwOFAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYBKhOFwAAw
DQYJKoZIhvcNAQELBQADggEBAFprtITEoHZ9R+df3pHqzdb4NqxEXkk4lIuqr+iH
FluhwAgMDwOOxjZUTLD2CkNPil9UWLO61bIopmbvv3YmJKG12MpATBlsgXjnZxG8
pwAeLNrzSaEDoqXDlYed0CVWqvuwLgrOTyhnJSL3j7OVsHUGX6hd+4Pi5psruANp
ToAtwAR/C/I2BGrHHbadBL6d20n6LFsijkS8sZ/OKECw03SlNBeRwJJGCO9dsaJ6
Nr3n223S+nP2FtM1GRwWA7xNpjhk5pYMN6tdvNdoBQLSx/mr/SFSanI7WkuqlXwJ
R2zp4IeGVDoJ3jjKFeFK/gvztzxGlPyChS9/qpb8SS9jSbM=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:24:16 2025 by rpki-client