Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/qdKlNl2D_r5DnB_b4oXjiFwBlfI.roa
File: qdKlNl2D_r5DnB_b4oXjiFwBlfI.roa (raw, json)
Hash identifier: 2RBIc0eNx5WIz7C+4DqFfFCl1q3m9UYXum1boxg5mz0=
Subject key identifier: A9:D2:A5:36:5D:83:FE:BE:43:9C:1F:DB:E2:85:E3:88:5C:01:95:F2
Certificate issuer: /CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Certificate serial: 0926E9B3
Authority key identifier: 08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/qdKlNl2D_r5DnB_b4oXjiFwBlfI.roa
Signing time: Sat 01 Jan 2022 12:58:42 +0000
ROA not before: Sat 01 Jan 2022 12:58:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12768
IP address blocks: 2a02:2698::/38 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 153545139 (0x926e9b3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Validity
Not Before: Jan 1 12:58:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a9d2a5365d83febe439c1fdbe285e3885c0195f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:a6:12:e0:9e:5b:91:d8:26:e0:5b:ea:f9:af:
99:eb:18:5f:97:cd:34:a7:a9:53:20:eb:a0:c1:d7:
be:03:50:e4:6e:73:d8:65:77:8b:99:f3:8a:aa:be:
1c:16:85:b8:9e:3c:ec:74:c9:32:44:40:fb:56:c3:
4a:4d:52:ad:2f:e8:e5:58:5c:96:c0:f5:ea:59:7a:
5e:29:17:34:fe:e9:71:56:8c:d8:e8:6f:a7:50:f1:
de:34:70:0f:88:f8:ac:f4:b5:ff:f6:61:a9:cd:a3:
12:48:4a:f2:5a:9d:13:a2:dd:b2:d0:d6:54:43:3c:
2d:6a:f5:e7:d0:83:7c:b2:fd:15:ab:17:cd:96:5c:
a5:d4:9e:5d:3d:38:13:96:ea:5f:98:15:75:0e:3b:
bc:db:9b:7e:9a:c3:f1:a0:a3:42:fa:bb:d8:7b:b4:
54:fb:6d:84:e7:be:ce:82:12:41:33:fc:d1:31:af:
6e:ed:01:ad:65:9d:7d:f9:09:d1:2c:e5:89:73:b7:
bd:3b:f0:1e:99:6f:b2:48:f6:cd:41:3b:bd:8b:ee:
1f:6b:6a:04:54:bc:67:f1:f3:c3:a7:e6:b2:70:c6:
b1:f3:24:68:a6:e0:6c:25:49:ec:cf:92:7c:60:e5:
db:9c:a3:f6:f8:21:9a:3c:81:20:6f:8e:19:12:e6:
98:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:D2:A5:36:5D:83:FE:BE:43:9C:1F:DB:E2:85:E3:88:5C:01:95:F2
X509v3 Authority Key Identifier:
keyid:08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/qdKlNl2D_r5DnB_b4oXjiFwBlfI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:2698::/38
Signature Algorithm: sha256WithRSAEncryption
a3:07:b2:2c:c1:44:b8:53:95:e0:8c:2d:ed:73:47:51:fa:f4:
ac:9f:17:47:38:c0:da:88:b7:04:62:60:91:36:41:ac:02:82:
4d:b6:e0:09:c8:64:07:18:91:d0:23:8c:09:85:9d:41:03:34:
25:75:8c:e4:61:c1:31:2a:87:bf:f5:37:28:30:86:f6:69:82:
23:10:08:e9:4d:39:7a:4e:ab:2c:1e:3b:c1:a4:40:03:0e:3e:
da:90:1b:82:bd:d3:86:2a:4e:48:20:45:d0:e5:db:b5:fe:27:
79:ff:f7:25:cb:89:ec:c5:3e:50:e7:8b:49:00:5d:49:7a:34:
71:32:79:3a:ed:30:1b:8c:47:9d:f7:ad:3d:52:d8:ce:3d:68:
f9:64:8d:fe:d7:d9:84:66:14:08:a8:3d:77:80:09:c5:81:34:
71:d8:ff:b1:36:27:20:54:5a:23:be:1b:1e:54:7d:b4:a1:64:
93:0b:5b:7d:49:6b:3d:63:4a:3c:f7:11:25:17:bf:6d:4f:2c:
71:29:a2:c1:27:f9:c8:21:51:d0:64:72:37:73:2e:db:63:94:
8c:1d:18:ef:c8:7b:d6:76:7a:4e:2b:e6:92:ad:d7:1d:0d:5f:
06:56:8f:e2:fa:93:62:81:9a:3e:02:14:d5:23:ad:87:25:42:
40:fa:d5:f8
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIECSbpszANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
ODAyYjk1Y2U2MjM5ZDUyNmMzNWFlN2E4ZTJjZWI0OGFlYjgyYjVmMB4XDTIyMDEw
MTEyNTg0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTlkMmE1MzY1ZDgz
ZmViZTQzOWMxZmRiZTI4NWUzODg1YzAxOTVmMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOGmEuCeW5HYJuBb6vmvmesYX5fNNKepUyDroMHXvgNQ5G5z
2GV3i5nziqq+HBaFuJ487HTJMkRA+1bDSk1SrS/o5VhclsD16ll6XikXNP7pcVaM
2Ohvp1Dx3jRwD4j4rPS1//Zhqc2jEkhK8lqdE6LdstDWVEM8LWr159CDfLL9FasX
zZZcpdSeXT04E5bqX5gVdQ47vNubfprD8aCjQvq72Hu0VPtthOe+zoISQTP80TGv
bu0BrWWdffkJ0SzliXO3vTvwHplvskj2zUE7vYvuH2tqBFS8Z/Hzw6fmsnDGsfMk
aKbgbCVJ7M+SfGDl25yj9vghmjyBIG+OGRLmmD8CAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBSp0qU2XYP+vkOcH9viheOIXAGV8jAfBgNVHSMEGDAWgBQIArlc5iOdUmw1
rnqOLOtIrrgrXzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0NBSzVYT1lqblZKc05hNTZqaXpyU0s2NEsxOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTQvMTBlOTY1LTc0MDktNDRkOC05NTAyLWNmMGFhM2VjYWQyOC8x
L3FkS2xObDJEX3I1RG5CX2I0b1hqaUZ3QmxmSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTQv
MTBlOTY1LTc0MDktNDRkOC05NTAyLWNmMGFhM2VjYWQyOC8xL0NBSzVYT1lqblZK
c05hNTZqaXpyU0s2NEsxOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAh
BggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioCJpgAMA0GCSqGSIb3DQEBCwUA
A4IBAQCjB7IswUS4U5XgjC3tc0dR+vSsnxdHOMDaiLcEYmCRNkGsAoJNtuAJyGQH
GJHQI4wJhZ1BAzQldYzkYcExKoe/9TcoMIb2aYIjEAjpTTl6TqssHjvBpEADDj7a
kBuCvdOGKk5IIEXQ5du1/id5//cly4nsxT5Q54tJAF1JejRxMnk67TAbjEed9609
UtjOPWj5ZI3+19mEZhQIqD13gAnFgTRx2P+xNicgVFojvhseVH20oWSTC1t9SWs9
Y0o89xElF79tTyxxKaLBJ/nIIVHQZHI3cy7bY5SMHRjvyHvWdnpOK+aSrdcdDV8G
Vo/i+pNigZo+AhTVI62HJUJA+tX4
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:44:27 2025 by rpki-client