Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/0915cf-c6d8-4100-90b3-9d53ac2f8e7f/1/qTQHz5cTyjubkHef6Pr_XcJTbgc.roa
File: qTQHz5cTyjubkHef6Pr_XcJTbgc.roa (raw, json)
Hash identifier: pjGE1JpBgJxDBtCcDiZakKQWQshucyaWjuAx0pxRHK8=
Subject key identifier: A9:34:07:CF:97:13:CA:3B:9B:90:77:9F:E8:FA:FF:5D:C2:53:6E:07
Certificate issuer: /CN=81c1aed74aad06b1b85c5ba6779c161f4a52b3c4
Certificate serial: 018570395BC25D3390A18E9AAD371AD868BA
Authority key identifier: 81:C1:AE:D7:4A:AD:06:B1:B8:5C:5B:A6:77:9C:16:1F:4A:52:B3:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gcGu10qtBrG4XFumd5wWH0pSs8Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/0915cf-c6d8-4100-90b3-9d53ac2f8e7f/1/qTQHz5cTyjubkHef6Pr_XcJTbgc.roa
Signing time: Mon 02 Jan 2023 02:04:45 +0000
ROA not before: Mon 02 Jan 2023 02:04:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34601
IP address blocks: 2001:678:b94::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:39:5b:c2:5d:33:90:a1:8e:9a:ad:37:1a:d8:68:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81c1aed74aad06b1b85c5ba6779c161f4a52b3c4
Validity
Not Before: Jan 2 02:04:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a93407cf9713ca3b9b90779fe8faff5dc2536e07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:2f:58:2f:ae:be:1a:83:96:1a:70:44:10:fd:
84:2b:5f:47:f5:05:a1:e4:35:59:8a:7e:c2:2b:a2:
7f:39:0b:9d:af:07:96:06:a4:ce:f7:96:b8:32:e3:
b8:94:51:87:f4:6f:11:69:5a:16:09:d9:ea:f3:48:
a2:4f:f4:93:1b:2d:b9:5f:9f:b9:b5:56:4e:be:d7:
4d:92:11:92:99:02:3e:ad:ee:bd:24:b1:47:53:f8:
96:69:e3:3a:87:1f:59:ca:68:19:ad:33:1e:cf:90:
84:c1:11:98:c8:d5:91:55:c7:ee:56:cd:75:61:1d:
99:b8:1d:8e:04:ed:77:f6:92:72:de:35:e8:b6:ec:
7a:c8:82:3d:5e:85:02:36:c1:ce:9e:b2:04:a5:89:
b5:a9:32:8b:49:2a:fa:e2:2c:d4:fe:01:7d:c9:35:
a6:39:a0:74:da:16:dc:a2:b9:c3:64:62:91:6c:81:
d1:7d:71:86:01:91:ba:c2:71:00:f5:0c:cd:2e:0f:
f9:16:0d:fd:5c:9e:d6:5b:be:f2:f7:32:4c:43:da:
28:83:62:15:9d:78:98:b0:7e:54:54:5a:04:65:9a:
ea:c2:bd:40:8d:9c:7d:1a:a2:14:d5:18:fe:4d:cf:
cb:07:2a:6c:a6:19:7b:4b:0d:36:c2:7d:a6:93:6a:
c7:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:34:07:CF:97:13:CA:3B:9B:90:77:9F:E8:FA:FF:5D:C2:53:6E:07
X509v3 Authority Key Identifier:
keyid:81:C1:AE:D7:4A:AD:06:B1:B8:5C:5B:A6:77:9C:16:1F:4A:52:B3:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gcGu10qtBrG4XFumd5wWH0pSs8Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/0915cf-c6d8-4100-90b3-9d53ac2f8e7f/1/qTQHz5cTyjubkHef6Pr_XcJTbgc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/0915cf-c6d8-4100-90b3-9d53ac2f8e7f/1/gcGu10qtBrG4XFumd5wWH0pSs8Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:b94::/48
Signature Algorithm: sha256WithRSAEncryption
00:26:4a:61:4e:41:f4:ab:d3:ba:ac:95:4e:0f:58:36:e0:81:
bb:67:93:f2:17:09:94:1c:9d:3d:d9:e5:f7:07:e8:9e:62:9a:
b2:81:8b:99:51:3c:69:65:6a:6f:60:b4:c7:ca:da:1a:e2:94:
30:9a:63:71:44:bc:fa:f6:83:a8:38:0d:7a:d9:6d:e1:45:0b:
ad:78:31:4e:74:bc:3e:ca:86:b4:1d:49:f6:18:fd:80:84:1f:
94:0d:3b:e0:6d:9a:a1:de:96:9c:7d:30:67:ee:19:ba:80:05:
8f:25:af:99:bf:16:81:e4:7f:e3:6f:ed:fe:a8:b4:f4:2e:cb:
e4:9d:bb:db:ee:ba:a9:c5:91:10:a6:cc:67:ae:62:e1:a2:5f:
b6:fd:d8:a1:53:c7:3e:d2:65:5b:74:ca:5f:d9:11:1b:75:aa:
79:30:65:1f:18:46:c6:04:52:30:e1:0e:a6:e0:6c:71:c1:68:
3b:20:e6:50:68:ef:01:4f:83:dd:b9:93:e8:da:ef:63:98:19:
40:85:a5:5f:a6:30:99:d1:83:39:ae:0d:17:5e:17:cf:17:15:
f6:a4:b7:f8:2e:af:89:e5:cb:66:9c:27:03:ce:bb:c0:96:02:
2f:4e:ca:0f:b6:3e:02:db:f7:82:57:14:15:54:1c:1e:4a:dc:
f8:e3:e2:0c
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVwOVvCXTOQoY6arTca2Gi6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxYzFhZWQ3NGFhZDA2YjFiODVjNWJhNjc3OWMxNjFmNGE1
MmIzYzQwHhcNMjMwMTAyMDIwNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTM0MDdjZjk3MTNjYTNiOWI5MDc3OWZlOGZhZmY1ZGMyNTM2ZTA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1i9YL66+GoOWGnBEEP2EK19H9QWh
5DVZin7CK6J/OQudrweWBqTO95a4MuO4lFGH9G8RaVoWCdnq80iiT/STGy25X5+5
tVZOvtdNkhGSmQI+re69JLFHU/iWaeM6hx9ZymgZrTMez5CEwRGYyNWRVcfuVs11
YR2ZuB2OBO139pJy3jXotux6yII9XoUCNsHOnrIEpYm1qTKLSSr64izU/gF9yTWm
OaB02hbcornDZGKRbIHRfXGGAZG6wnEA9QzNLg/5Fg39XJ7WW77y9zJMQ9oog2IV
nXiYsH5UVFoEZZrqwr1AjZx9GqIU1Rj+Tc/LBypsphl7Sw02wn2mk2rHaQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKk0B8+XE8o7m5B3n+j6/13CU24HMB8GA1UdIwQY
MBaAFIHBrtdKrQaxuFxbpnecFh9KUrPEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2NHdTEwcXRCckc0WEZ1bWQ1d1dIMHBTczhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS8wOTE1Y2YtYzZkOC00MTAwLTkwYjMt
OWQ1M2FjMmY4ZTdmLzEvcVRRSHo1Y1R5anVia0hlZjZQcl9YY0pUYmdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS8wOTE1Y2YtYzZkOC00MTAwLTkwYjMtOWQ1M2FjMmY4ZTdm
LzEvZ2NHdTEwcXRCckc0WEZ1bWQ1d1dIMHBTczhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAuU
MA0GCSqGSIb3DQEBCwUAA4IBAQAAJkphTkH0q9O6rJVOD1g24IG7Z5PyFwmUHJ09
2eX3B+ieYpqygYuZUTxpZWpvYLTHytoa4pQwmmNxRLz69oOoOA162W3hRQuteDFO
dLw+yoa0HUn2GP2AhB+UDTvgbZqh3pacfTBn7hm6gAWPJa+ZvxaB5H/jb+3+qLT0
Lsvknbvb7rqpxZEQpsxnrmLhol+2/dihU8c+0mVbdMpf2REbdap5MGUfGEbGBFIw
4Q6m4GxxwWg7IOZQaO8BT4PduZPo2u9jmBlAhaVfpjCZ0YM5rg0XXhfPFxX2pLf4
Lq+J5ctmnCcDzrvAlgIvTsoPtj4C2/eCVxQVVBweStz44+IM
-----END CERTIFICATE-----
Generated at Fri Apr 18 04:08:55 2025 by rpki-client