Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/ab3156-b061-49fc-b1f0-00ca3126b3fe/1/tpyEn_gqk5EgrBEwQHrAxcQme8A.roa
File: tpyEn_gqk5EgrBEwQHrAxcQme8A.roa (raw, json)
Hash identifier: gqMjw9z2nAx73C/e2m3IW9n0VzeG4jNwwiCYG0CRTIU=
Subject key identifier: B6:9C:84:9F:F8:2A:93:91:20:AC:11:30:40:7A:C0:C5:C4:26:7B:C0
Certificate issuer: /CN=2b6d7e5191f81ff0a19f102b1718ab4f9e0ea3a0
Certificate serial: 0187B8C3540BA62412391E75C7E5C4E1E01D
Authority key identifier: 2B:6D:7E:51:91:F8:1F:F0:A1:9F:10:2B:17:18:AB:4F:9E:0E:A3:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K21-UZH4H_ChnxArFxirT54Oo6A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/ab3156-b061-49fc-b1f0-00ca3126b3fe/1/tpyEn_gqk5EgrBEwQHrAxcQme8A.roa
Signing time: Tue 25 Apr 2023 14:13:41 +0000
ROA not before: Tue 25 Apr 2023 14:13:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21416
IP address blocks: 2a0e:eac0:1106::/48 maxlen: 48
2a0e:eac0:1104::/48 maxlen: 48
2a0e:eac0:1107::/48 maxlen: 48
2a0e:eac0:1112::/48 maxlen: 48
2a0e:eac0:1105::/48 maxlen: 48
2a0e:eac0:1115::/48 maxlen: 48
2a0e:eac0:1108::/48 maxlen: 48
2a0e:eac0:1113::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:b8:c3:54:0b:a6:24:12:39:1e:75:c7:e5:c4:e1:e0:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b6d7e5191f81ff0a19f102b1718ab4f9e0ea3a0
Validity
Not Before: Apr 25 14:13:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b69c849ff82a939120ac1130407ac0c5c4267bc0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:a4:49:7a:88:ca:d6:00:4f:37:4e:ea:63:ae:
25:e0:8b:ce:7b:ff:8c:4e:bd:12:9f:8f:60:c1:99:
e9:c9:2c:d0:a6:86:19:94:9f:46:1b:f5:13:8e:47:
5e:68:58:46:e1:a7:1e:88:00:07:01:6b:5c:79:01:
5d:60:f9:27:de:b9:1d:3f:81:78:7b:84:58:4d:65:
3e:6f:87:bd:37:5f:98:52:f7:5c:87:18:b2:c4:fb:
40:c8:18:1b:40:3d:bb:ef:b2:42:25:6d:53:7a:df:
bb:7a:fa:aa:2a:87:67:6e:90:7b:1c:9a:de:54:c1:
0b:0d:35:46:ba:bf:8d:76:47:1f:7c:ab:e9:c4:57:
b3:57:8f:6a:90:4a:18:ea:21:e3:50:ed:d4:a6:a6:
39:d7:f4:fa:1c:63:c7:81:84:e9:e3:5d:1c:aa:53:
78:d1:96:04:1c:f4:35:67:27:7d:ec:c2:4c:7d:a8:
c7:1b:d3:b8:0c:5c:44:6d:11:14:44:d1:d2:b4:12:
64:65:4c:fd:f8:24:56:dd:05:00:22:af:b1:04:6b:
ef:36:61:7e:1a:6d:6e:c6:a5:5c:56:a5:3c:df:2b:
54:05:ed:33:3a:03:51:38:62:47:52:42:08:f7:56:
0c:85:5c:ba:52:5b:1c:3e:33:b9:e9:7d:88:8f:fa:
0d:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:9C:84:9F:F8:2A:93:91:20:AC:11:30:40:7A:C0:C5:C4:26:7B:C0
X509v3 Authority Key Identifier:
keyid:2B:6D:7E:51:91:F8:1F:F0:A1:9F:10:2B:17:18:AB:4F:9E:0E:A3:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K21-UZH4H_ChnxArFxirT54Oo6A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/ab3156-b061-49fc-b1f0-00ca3126b3fe/1/tpyEn_gqk5EgrBEwQHrAxcQme8A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/ab3156-b061-49fc-b1f0-00ca3126b3fe/1/K21-UZH4H_ChnxArFxirT54Oo6A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:eac0:1104::-2a0e:eac0:1108:ffff:ffff:ffff:ffff:ffff
2a0e:eac0:1112::/47
2a0e:eac0:1115::/48
Signature Algorithm: sha256WithRSAEncryption
19:e2:fb:6e:e1:d2:e2:f8:66:b9:2e:ea:8d:7c:09:0e:7c:9b:
bb:bd:18:0e:8f:0f:84:aa:d8:0c:fe:d5:d5:6f:60:f2:d8:bb:
f8:9f:0d:a4:68:87:e5:72:bc:29:24:09:8d:e1:f0:7a:81:06:
c1:65:4c:99:eb:cd:e0:a4:ad:1c:6c:37:7b:92:02:f5:97:56:
4f:52:97:81:15:29:e1:f6:a3:65:d4:f3:76:93:33:14:7b:da:
e6:e6:fc:4c:dc:8a:cb:2a:e4:57:c0:5d:8e:7d:14:c5:07:69:
5f:dc:bd:a3:1c:12:9f:3b:0a:56:18:b0:5b:e3:ec:b7:a0:57:
f1:4f:6b:bc:03:1b:8a:24:9c:0d:5e:63:ea:23:00:b8:ec:e6:
5e:68:6e:44:e2:29:a6:1a:ff:58:07:0d:6c:db:f0:26:69:5c:
95:3d:bc:7a:09:bd:81:f0:86:0e:dd:92:d6:7b:01:63:e8:ce:
13:0f:d3:67:52:cc:27:2d:88:ab:ff:cc:12:55:d3:b8:2d:79:
5a:31:9b:87:d3:65:e7:04:69:c9:90:7e:2b:26:c1:e3:47:df:
38:c3:b0:88:4c:a1:8d:27:58:29:0b:54:dc:7f:cd:4f:a4:9a:
a3:4a:8a:c4:76:a0:29:2b:24:c3:ed:d0:d2:b3:ad:fc:a1:86:
05:f3:68:12
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYe4w1QLpiQSOR51x+XE4eAdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiNmQ3ZTUxOTFmODFmZjBhMTlmMTAyYjE3MThhYjRmOWUw
ZWEzYTAwHhcNMjMwNDI1MTQxMzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjljODQ5ZmY4MmE5MzkxMjBhYzExMzA0MDdhYzBjNWM0MjY3YmMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoqRJeojK1gBPN07qY64l4IvOe/+M
Tr0Sn49gwZnpySzQpoYZlJ9GG/UTjkdeaFhG4aceiAAHAWtceQFdYPkn3rkdP4F4
e4RYTWU+b4e9N1+YUvdchxiyxPtAyBgbQD2777JCJW1Tet+7evqqKodnbpB7HJre
VMELDTVGur+NdkcffKvpxFezV49qkEoY6iHjUO3UpqY51/T6HGPHgYTp410cqlN4
0ZYEHPQ1Zyd97MJMfajHG9O4DFxEbREURNHStBJkZUz9+CRW3QUAIq+xBGvvNmF+
Gm1uxqVcVqU83ytUBe0zOgNROGJHUkII91YMhVy6UlscPjO56X2Ij/oNGwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFLachJ/4KpORIKwRMEB6wMXEJnvAMB8GA1UdIwQY
MBaAFCttflGR+B/woZ8QKxcYq0+eDqOgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzIxLVVaSDRIX0NobnhBckZ4aXJUNTRPbzZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9hYjMxNTYtYjA2MS00OWZjLWIxZjAt
MDBjYTMxMjZiM2ZlLzEvdHB5RW5fZ3FrNUVnckJFd1FIckF4Y1FtZThBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC9hYjMxNTYtYjA2MS00OWZjLWIxZjAtMDBjYTMxMjZiM2Zl
LzEvSzIxLVVaSDRIX0NobnhBckZ4aXJUNTRPbzZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmMBIDBwIqDurA
EQQDBwAqDurAEQgDBwEqDurAERIDBwAqDurAERUwDQYJKoZIhvcNAQELBQADggEB
ABni+27h0uL4Zrku6o18CQ58m7u9GA6PD4Sq2Az+1dVvYPLYu/ifDaRoh+VyvCkk
CY3h8HqBBsFlTJnrzeCkrRxsN3uSAvWXVk9Sl4EVKeH2o2XU83aTMxR72ubm/Ezc
issq5FfAXY59FMUHaV/cvaMcEp87ClYYsFvj7LegV/FPa7wDG4oknA1eY+ojALjs
5l5obkTiKaYa/1gHDWzb8CZpXJU9vHoJvYHwhg7dktZ7AWPozhMP02dSzCctiKv/
zBJV07gteVoxm4fTZecEacmQfismweNH3zjDsIhMoY0nWCkLVNx/zU+kmqNKisR2
oCkrJMPt0NKzrfyhhgXzaBI=
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:22:39 2025 by rpki-client