Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/060e1e-328a-4818-bfd1-4fa3481a47e1/1/QauQ1--n63xRZ2DtZQvfmCg8GGU.roa
File: QauQ1--n63xRZ2DtZQvfmCg8GGU.roa (raw, json)
Hash identifier: UnKcC61iAAT0dYarNcd5RKJh+r2vUyMhEv8xYwqnfhk=
Subject key identifier: 41:AB:90:D7:EF:A7:EB:7C:51:67:60:ED:65:0B:DF:98:28:3C:18:65
Certificate issuer: /CN=6eaf16dcc550cf81ecf0f81952179a048130877a
Certificate serial: 0185E32FC7C983F9AB28B8DEBBD4FF7461C9
Authority key identifier: 6E:AF:16:DC:C5:50:CF:81:EC:F0:F8:19:52:17:9A:04:81:30:87:7A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bq8W3MVQz4Hs8PgZUheaBIEwh3o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/060e1e-328a-4818-bfd1-4fa3481a47e1/1/QauQ1--n63xRZ2DtZQvfmCg8GGU.roa
Signing time: Tue 24 Jan 2023 09:50:37 +0000
ROA not before: Tue 24 Jan 2023 09:50:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197942
IP address blocks: 2001:678:ae4::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e3:2f:c7:c9:83:f9:ab:28:b8:de:bb:d4:ff:74:61:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6eaf16dcc550cf81ecf0f81952179a048130877a
Validity
Not Before: Jan 24 09:50:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=41ab90d7efa7eb7c516760ed650bdf98283c1865
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:2a:dd:28:54:f7:91:47:98:14:bd:9f:e3:2c:
5b:d3:74:53:3f:1d:d5:b7:0f:da:05:5b:76:d2:5c:
3a:ca:ba:1c:e4:7a:f8:22:49:05:dd:0d:bb:46:5d:
a9:11:6a:22:62:d8:1d:84:3c:ec:4a:3a:55:73:55:
66:86:53:06:ef:4c:c0:87:59:83:77:6e:f3:1b:01:
91:eb:a2:39:42:35:18:86:d5:4f:1c:0a:0b:88:11:
17:bd:44:40:f1:29:2e:67:50:cf:d3:c9:24:2c:a1:
b1:41:26:e7:d0:b3:6a:06:9c:0a:99:4f:17:24:ac:
80:78:4b:cd:71:8d:0b:de:64:57:27:6c:08:b6:94:
94:cc:b6:66:cb:a3:83:5a:2a:fe:95:91:4c:8d:71:
94:8e:46:46:83:2b:d9:32:73:17:78:5e:50:e1:f7:
40:4a:df:40:6d:cc:52:75:43:0d:7b:c0:ac:26:19:
eb:1d:34:5b:a5:c1:03:6b:bf:2d:cf:c5:7e:fa:94:
8e:b5:e3:a4:88:54:c1:1c:ca:47:a0:ec:51:71:3b:
43:fe:87:34:b3:4d:6c:3b:f5:68:42:9d:75:29:8f:
1c:24:1c:e5:c6:ec:a8:ec:59:18:58:f4:b2:19:d6:
ff:86:42:0c:64:fa:6d:68:da:d4:05:4d:91:23:69:
30:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:AB:90:D7:EF:A7:EB:7C:51:67:60:ED:65:0B:DF:98:28:3C:18:65
X509v3 Authority Key Identifier:
keyid:6E:AF:16:DC:C5:50:CF:81:EC:F0:F8:19:52:17:9A:04:81:30:87:7A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bq8W3MVQz4Hs8PgZUheaBIEwh3o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/060e1e-328a-4818-bfd1-4fa3481a47e1/1/QauQ1--n63xRZ2DtZQvfmCg8GGU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/060e1e-328a-4818-bfd1-4fa3481a47e1/1/bq8W3MVQz4Hs8PgZUheaBIEwh3o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:ae4::/48
Signature Algorithm: sha256WithRSAEncryption
9f:e9:94:64:ba:fe:60:8b:52:df:85:e2:47:7f:1b:61:f5:e9:
86:6d:a8:d1:6b:34:83:b9:11:c9:2f:12:96:b3:2d:a5:3e:c7:
55:33:03:a9:99:9f:36:17:00:d0:85:b6:fe:aa:86:30:04:cf:
7e:9c:b8:a2:88:d7:10:63:86:59:10:10:4d:36:21:ba:46:6d:
32:35:b8:d0:ad:c2:fd:b9:4e:d5:28:e1:1e:b8:7b:82:ea:a2:
3a:66:d9:58:c7:24:75:30:e7:ef:e1:1e:76:12:8c:56:52:f2:
9c:22:3c:7b:ad:8a:93:61:b9:89:21:ee:70:f9:b8:5a:86:9a:
73:a3:2c:06:32:72:64:82:69:a3:36:8a:44:ae:63:a3:87:3f:
3a:40:28:d3:02:75:f4:10:9c:c3:1f:6b:7f:41:74:cf:db:16:
2e:dc:ba:1b:9b:25:2e:e9:16:29:52:43:93:1f:0d:63:b5:bc:
0a:a8:99:98:b1:1d:6c:e7:3e:2f:ec:f6:86:e0:ce:34:02:8a:
02:b3:95:01:eb:90:11:62:f6:cb:75:0d:e1:b0:98:63:41:a9:
56:47:30:bc:39:78:22:a9:c7:08:6d:7f:a5:31:3e:9f:4c:eb:
42:32:c2:87:6d:43:ed:c8:89:37:68:be:42:f9:f9:a5:31:23:
b7:cf:04:56
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYXjL8fJg/mrKLjeu9T/dGHJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlYWYxNmRjYzU1MGNmODFlY2YwZjgxOTUyMTc5YTA0ODEz
MDg3N2EwHhcNMjMwMTI0MDk1MDM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWFiOTBkN2VmYTdlYjdjNTE2NzYwZWQ2NTBiZGY5ODI4M2MxODY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoyrdKFT3kUeYFL2f4yxb03RTPx3V
tw/aBVt20lw6yroc5Hr4IkkF3Q27Rl2pEWoiYtgdhDzsSjpVc1VmhlMG70zAh1mD
d27zGwGR66I5QjUYhtVPHAoLiBEXvURA8SkuZ1DP08kkLKGxQSbn0LNqBpwKmU8X
JKyAeEvNcY0L3mRXJ2wItpSUzLZmy6ODWir+lZFMjXGUjkZGgyvZMnMXeF5Q4fdA
St9AbcxSdUMNe8CsJhnrHTRbpcEDa78tz8V++pSOteOkiFTBHMpHoOxRcTtD/oc0
s01sO/VoQp11KY8cJBzlxuyo7FkYWPSyGdb/hkIMZPptaNrUBU2RI2kwzQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEGrkNfvp+t8UWdg7WUL35goPBhlMB8GA1UdIwQY
MBaAFG6vFtzFUM+B7PD4GVIXmgSBMId6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYnE4VzNNVlF6NEhzOFBnWlVoZWFCSUV3aDNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS8wNjBlMWUtMzI4YS00ODE4LWJmZDEt
NGZhMzQ4MWE0N2UxLzEvUWF1UTEtLW42M3hSWjJEdFpRdmZtQ2c4R0dVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS8wNjBlMWUtMzI4YS00ODE4LWJmZDEtNGZhMzQ4MWE0N2Ux
LzEvYnE4VzNNVlF6NEhzOFBnWlVoZWFCSUV3aDNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeArk
MA0GCSqGSIb3DQEBCwUAA4IBAQCf6ZRkuv5gi1LfheJHfxth9emGbajRazSDuRHJ
LxKWsy2lPsdVMwOpmZ82FwDQhbb+qoYwBM9+nLiiiNcQY4ZZEBBNNiG6Rm0yNbjQ
rcL9uU7VKOEeuHuC6qI6ZtlYxyR1MOfv4R52EoxWUvKcIjx7rYqTYbmJIe5w+bha
hppzoywGMnJkgmmjNopErmOjhz86QCjTAnX0EJzDH2t/QXTP2xYu3LobmyUu6RYp
UkOTHw1jtbwKqJmYsR1s5z4v7PaG4M40AooCs5UB65ARYvbLdQ3hsJhjQalWRzC8
OXgiqccIbX+lMT6fTOtCMsKHbUPtyIk3aL5C+fmlMSO3zwRW
-----END CERTIFICATE-----
Generated at Mon Apr 21 07:53:03 2025 by rpki-client