Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/7c7bf6-2bdf-4c7d-9aec-1ef1cee661ca/1/qT2538LjpR7jjtomlJKHZgC49gI.roa
File: qT2538LjpR7jjtomlJKHZgC49gI.roa (raw, json)
Hash identifier: kl/9r7Pp8kBJa242Ta+m+9ac6DUcAP4zSOWWTENtiQo=
Subject key identifier: A9:3D:B9:DF:C2:E3:A5:1E:E3:8E:DA:26:94:92:87:66:00:B8:F6:02
Certificate issuer: /CN=4be1bbbe540079d2b7f270b92ceaf3b2a816e8fa
Certificate serial: 01826272BF7190BCA63FCF532EDED7CCD87D
Authority key identifier: 4B:E1:BB:BE:54:00:79:D2:B7:F2:70:B9:2C:EA:F3:B2:A8:16:E8:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S-G7vlQAedK38nC5LOrzsqgW6Po.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/7c7bf6-2bdf-4c7d-9aec-1ef1cee661ca/1/qT2538LjpR7jjtomlJKHZgC49gI.roa
Signing time: Wed 03 Aug 2022 06:44:23 +0000
ROA not before: Wed 03 Aug 2022 06:44:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204339
IP address blocks: 2a13:3307::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:62:72:bf:71:90:bc:a6:3f:cf:53:2e:de:d7:cc:d8:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4be1bbbe540079d2b7f270b92ceaf3b2a816e8fa
Validity
Not Before: Aug 3 06:44:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a93db9dfc2e3a51ee38eda269492876600b8f602
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:96:b3:66:8b:3d:4b:a1:a6:8e:3d:7f:1d:ab:
2e:98:73:ef:43:0f:e3:83:32:bf:df:8e:f6:26:c2:
e7:1a:ba:a9:96:2d:25:e6:49:4b:a6:0c:61:fa:f6:
f0:38:d9:71:80:ae:eb:d0:e8:cf:80:24:2d:41:ff:
b4:d9:e7:f3:9b:d8:f4:7d:d3:31:f4:26:6c:fd:20:
93:b9:8f:4d:55:ec:4d:02:4a:61:29:75:2b:b9:fe:
ba:cb:2a:ae:46:16:8c:49:9b:3b:63:26:5a:06:fc:
4c:8b:ab:01:f6:b1:df:be:66:ec:48:14:87:93:a4:
83:12:03:2c:d2:9a:ed:30:a2:6d:0c:ad:a2:71:e0:
8d:03:4f:53:9d:06:a1:30:33:0f:e7:df:ed:ec:be:
62:1a:8e:e8:f1:4a:1c:39:62:ee:1f:e4:0f:88:91:
94:be:87:29:fb:df:00:e9:f6:64:a9:d4:80:43:01:
c2:45:8a:cf:d4:b1:8b:86:83:cc:62:e9:c2:c6:03:
25:f3:fb:1e:6f:9d:66:88:3d:85:fb:56:06:1c:27:
66:cd:06:cf:a6:59:51:64:43:4f:8e:d0:41:9e:d8:
dc:06:76:f3:a1:74:ec:ff:88:0c:37:c4:42:bb:60:
15:6c:ce:14:17:3c:fe:c0:3a:f7:9a:22:71:a6:60:
52:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:3D:B9:DF:C2:E3:A5:1E:E3:8E:DA:26:94:92:87:66:00:B8:F6:02
X509v3 Authority Key Identifier:
keyid:4B:E1:BB:BE:54:00:79:D2:B7:F2:70:B9:2C:EA:F3:B2:A8:16:E8:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S-G7vlQAedK38nC5LOrzsqgW6Po.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/7c7bf6-2bdf-4c7d-9aec-1ef1cee661ca/1/qT2538LjpR7jjtomlJKHZgC49gI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/7c7bf6-2bdf-4c7d-9aec-1ef1cee661ca/1/S-G7vlQAedK38nC5LOrzsqgW6Po.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:3307::/32
Signature Algorithm: sha256WithRSAEncryption
76:27:9a:61:3b:c6:37:0d:27:63:e4:09:da:db:cd:7f:36:1c:
9f:99:1a:83:c1:f3:be:50:8c:7a:28:cb:16:e3:a5:79:69:0d:
f2:be:ba:8c:6d:3c:d8:b0:d7:2b:97:fa:8a:5e:bb:97:96:de:
61:14:5d:d6:04:e9:81:da:83:ce:ad:34:fa:ed:58:50:70:fe:
b9:3e:0e:2a:ad:d9:aa:1f:a2:6f:c4:9c:75:88:2d:fb:f3:d7:
8c:f0:0d:e6:75:9a:57:11:0d:e8:da:e1:65:9a:ec:fc:e1:7d:
3c:f1:43:f9:b5:8f:07:49:d0:41:b9:32:db:0b:a5:c3:73:36:
49:fc:b3:60:c9:f0:d0:eb:5b:4e:5b:97:d4:0c:c0:79:28:1f:
30:94:8d:9d:56:3b:90:90:8c:19:36:39:fa:db:24:3b:d3:29:
54:e6:1c:56:b4:b4:65:d6:a7:a4:aa:ca:51:24:22:dc:c2:1c:
a5:66:06:fb:85:6f:65:c2:3a:f1:0e:d8:c9:48:67:23:2b:9b:
ee:dc:e0:aa:4f:1c:4a:06:51:41:b9:97:f1:69:82:11:78:bf:
94:bc:83:f1:48:b2:5f:c1:31:a4:6e:0a:b3:d9:a6:5c:6c:09:
f3:42:76:94:74:e2:7e:41:92:0d:8a:9d:ea:dd:ff:2c:d4:27:
22:8a:38:49
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYJicr9xkLymP89TLt7XzNh9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiZTFiYmJlNTQwMDc5ZDJiN2YyNzBiOTJjZWFmM2IyYTgx
NmU4ZmEwHhcNMjIwODAzMDY0NDIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTNkYjlkZmMyZTNhNTFlZTM4ZWRhMjY5NDkyODc2NjAwYjhmNjAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwJazZos9S6Gmjj1/HasumHPvQw/j
gzK/3472JsLnGrqpli0l5klLpgxh+vbwONlxgK7r0OjPgCQtQf+02efzm9j0fdMx
9CZs/SCTuY9NVexNAkphKXUruf66yyquRhaMSZs7YyZaBvxMi6sB9rHfvmbsSBSH
k6SDEgMs0prtMKJtDK2iceCNA09TnQahMDMP59/t7L5iGo7o8UocOWLuH+QPiJGU
vocp+98A6fZkqdSAQwHCRYrP1LGLhoPMYunCxgMl8/seb51miD2F+1YGHCdmzQbP
pllRZENPjtBBntjcBnbzoXTs/4gMN8RCu2AVbM4UFzz+wDr3miJxpmBSkQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFKk9ud/C46Ue447aJpSSh2YAuPYCMB8GA1UdIwQY
MBaAFEvhu75UAHnSt/JwuSzq87KoFuj6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUy1HN3ZsUUFlZEszOG5DNUxPcnpzcWdXNlBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My83YzdiZjYtMmJkZi00YzdkLTlhZWMt
MWVmMWNlZTY2MWNhLzEvcVQyNTM4TGpwUjdqanRvbWxKS0haZ0M0OWdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My83YzdiZjYtMmJkZi00YzdkLTlhZWMtMWVmMWNlZTY2MWNh
LzEvUy1HN3ZsUUFlZEszOG5DNUxPcnpzcWdXNlBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhMzBzAN
BgkqhkiG9w0BAQsFAAOCAQEAdieaYTvGNw0nY+QJ2tvNfzYcn5kag8HzvlCMeijL
FuOleWkN8r66jG082LDXK5f6il67l5beYRRd1gTpgdqDzq00+u1YUHD+uT4OKq3Z
qh+ib8ScdYgt+/PXjPAN5nWaVxEN6NrhZZrs/OF9PPFD+bWPB0nQQbky2wulw3M2
SfyzYMnw0OtbTluX1AzAeSgfMJSNnVY7kJCMGTY5+tskO9MpVOYcVrS0ZdanpKrK
USQi3MIcpWYG+4VvZcI68Q7YyUhnIyub7tzgqk8cSgZRQbmX8WmCEXi/lLyD8Uiy
X8ExpG4Ks9mmXGwJ80J2lHTifkGSDYqd6t3/LNQnIoo4SQ==
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:40:45 2025 by rpki-client