Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/d83777-5ba8-4f1e-851c-92819de8a036/1/qeEghHSuk31H9MBqDDE80UfCS14.roa
File: qeEghHSuk31H9MBqDDE80UfCS14.roa (raw, json)
Hash identifier: 68TZbvHrqln1cmzvyLMOtz77LvqwISQB48Qe0c9ID7o=
Subject key identifier: A9:E1:20:84:74:AE:93:7D:47:F4:C0:6A:0C:31:3C:D1:47:C2:4B:5E
Certificate issuer: /CN=ed77e6b925b3b7a7abb92885d55d733dc5fa62d2
Certificate serial: 0185821838DE922F0E204FEE51C8BFAEBA9B
Authority key identifier: ED:77:E6:B9:25:B3:B7:A7:AB:B9:28:85:D5:5D:73:3D:C5:FA:62:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7XfmuSWzt6eruSiF1V1zPcX6YtI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/d83777-5ba8-4f1e-851c-92819de8a036/1/qeEghHSuk31H9MBqDDE80UfCS14.roa
Signing time: Thu 05 Jan 2023 13:21:43 +0000
ROA not before: Thu 05 Jan 2023 13:21:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208563
IP address blocks: 2a0d:1a40:7800::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:82:18:38:de:92:2f:0e:20:4f:ee:51:c8:bf:ae:ba:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ed77e6b925b3b7a7abb92885d55d733dc5fa62d2
Validity
Not Before: Jan 5 13:21:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a9e1208474ae937d47f4c06a0c313cd147c24b5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:e5:83:33:b5:08:a8:b0:44:05:5e:43:8d:09:
6f:65:6c:b4:ea:40:65:3b:25:29:bb:93:99:5c:43:
45:68:f3:9d:d2:b1:fb:2c:df:96:bc:9c:31:85:1f:
b1:9c:5f:76:b2:63:60:67:99:98:13:05:ac:a0:47:
93:47:d1:4b:6b:fd:db:0f:15:20:2f:c1:f2:9b:9c:
36:78:7d:d2:69:88:fc:5c:e9:3d:cd:16:4e:bb:cc:
ad:05:42:31:a7:70:c8:5a:2c:90:76:5c:1d:68:70:
d1:b0:bf:88:ff:8c:5e:7c:0a:d3:ec:3f:a9:08:45:
26:21:44:90:d9:ae:67:9b:52:8f:10:00:96:d5:f2:
18:dc:66:8c:0e:8f:71:54:3c:38:bc:b1:89:34:44:
df:92:30:87:81:05:dd:d3:05:b4:9c:be:9a:f5:10:
33:2f:a0:be:26:f3:d0:1a:9c:dd:43:bf:28:01:4b:
b7:71:71:9b:82:e5:b5:ae:bd:0c:96:1b:37:d6:18:
aa:2b:24:da:c9:b9:1e:2f:cd:b4:8b:40:bd:26:00:
21:13:74:f0:70:4f:bf:de:f4:ac:66:c2:d5:58:23:
5f:18:d9:95:e6:e2:1e:e0:ed:91:6e:00:43:34:6e:
92:38:16:08:2c:5e:fc:ce:29:8c:14:56:6d:56:ee:
3d:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:E1:20:84:74:AE:93:7D:47:F4:C0:6A:0C:31:3C:D1:47:C2:4B:5E
X509v3 Authority Key Identifier:
keyid:ED:77:E6:B9:25:B3:B7:A7:AB:B9:28:85:D5:5D:73:3D:C5:FA:62:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7XfmuSWzt6eruSiF1V1zPcX6YtI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/d83777-5ba8-4f1e-851c-92819de8a036/1/qeEghHSuk31H9MBqDDE80UfCS14.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/d83777-5ba8-4f1e-851c-92819de8a036/1/7XfmuSWzt6eruSiF1V1zPcX6YtI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:1a40:7800::/40
Signature Algorithm: sha256WithRSAEncryption
84:6f:47:b1:c3:cb:de:7f:7b:c8:28:42:28:cd:5d:7f:b9:1d:
57:36:49:66:82:7e:d3:34:2a:20:28:a5:19:69:83:2d:81:bd:
20:68:5b:d7:f3:a6:58:ea:32:d1:bf:ac:3d:8c:16:a4:3d:e0:
49:d3:53:09:e2:31:be:15:30:ea:19:8e:f9:29:fe:47:fb:47:
48:94:d9:49:c3:e0:25:b4:45:1b:a8:da:fb:63:9a:d7:2a:55:
2b:81:f7:44:64:69:ae:79:95:23:4c:40:32:a7:20:66:48:81:
9f:3a:bb:d0:29:4d:2c:2f:e3:e7:7d:1a:50:4c:61:90:88:5d:
74:03:4b:0b:1b:3c:e9:ac:e9:7b:3a:1c:6f:ae:d6:16:0d:b2:
e5:96:99:88:7c:42:54:51:a7:1a:70:44:14:2c:72:fe:78:90:
49:58:58:35:26:ea:c1:2b:f2:15:c0:03:c0:f0:a4:af:2d:cd:
79:82:30:31:d2:3b:32:e3:f3:bf:93:6c:c6:bd:38:82:2b:08:
69:d3:55:86:0b:9e:5e:47:57:a4:13:a7:c3:c0:67:37:95:34:
70:a1:f3:87:d9:25:f5:86:e0:63:df:69:66:06:f7:ed:1a:73:
02:c4:84:46:7f:3d:66:4f:8d:aa:3a:e6:93:4f:1e:aa:91:98:
e6:20:0a:7a
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYWCGDjeki8OIE/uUci/rrqbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkNzdlNmI5MjViM2I3YTdhYmI5Mjg4NWQ1NWQ3MzNkYzVm
YTYyZDIwHhcNMjMwMTA1MTMyMTQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWUxMjA4NDc0YWU5MzdkNDdmNGMwNmEwYzMxM2NkMTQ3YzI0YjVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArOWDM7UIqLBEBV5DjQlvZWy06kBl
OyUpu5OZXENFaPOd0rH7LN+WvJwxhR+xnF92smNgZ5mYEwWsoEeTR9FLa/3bDxUg
L8Hym5w2eH3SaYj8XOk9zRZOu8ytBUIxp3DIWiyQdlwdaHDRsL+I/4xefArT7D+p
CEUmIUSQ2a5nm1KPEACW1fIY3GaMDo9xVDw4vLGJNETfkjCHgQXd0wW0nL6a9RAz
L6C+JvPQGpzdQ78oAUu3cXGbguW1rr0Mlhs31hiqKyTaybkeL820i0C9JgAhE3Tw
cE+/3vSsZsLVWCNfGNmV5uIe4O2RbgBDNG6SOBYILF78zimMFFZtVu49hwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFKnhIIR0rpN9R/TAagwxPNFHwkteMB8GA1UdIwQY
MBaAFO135rkls7enq7kohdVdcz3F+mLSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1hmbXVTV3p0NmVydVNpRjFWMXpQY1g2WXRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9kODM3NzctNWJhOC00ZjFlLTg1MWMt
OTI4MTlkZThhMDM2LzEvcWVFZ2hIU3VrMzFIOU1CcURERTgwVWZDUzE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9kODM3NzctNWJhOC00ZjFlLTg1MWMtOTI4MTlkZThhMDM2
LzEvN1hmbXVTV3p0NmVydVNpRjFWMXpQY1g2WXRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKg0aQHgw
DQYJKoZIhvcNAQELBQADggEBAIRvR7HDy95/e8goQijNXX+5HVc2SWaCftM0KiAo
pRlpgy2BvSBoW9fzpljqMtG/rD2MFqQ94EnTUwniMb4VMOoZjvkp/kf7R0iU2UnD
4CW0RRuo2vtjmtcqVSuB90Rkaa55lSNMQDKnIGZIgZ86u9ApTSwv4+d9GlBMYZCI
XXQDSwsbPOms6Xs6HG+u1hYNsuWWmYh8QlRRpxpwRBQscv54kElYWDUm6sEr8hXA
A8DwpK8tzXmCMDHSOzLj87+TbMa9OIIrCGnTVYYLnl5HV6QTp8PAZzeVNHCh84fZ
JfWG4GPfaWYG9+0acwLEhEZ/PWZPjao65pNPHqqRmOYgCno=
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:54:25 2025 by rpki-client