Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/qO9QeH3iDbTymatPczZEcXWG0UQ.roa
File: qO9QeH3iDbTymatPczZEcXWG0UQ.roa (raw, json)
Hash identifier: D9fzW14RamZej8E6+6HUwOFYBiXtlLiw52FAm6SvFDg=
Subject key identifier: A8:EF:50:78:7D:E2:0D:B4:F2:99:AB:4F:73:36:44:71:75:86:D1:44
Certificate issuer: /CN=798f7b1fd802b3dc6abd7a5cda786a6311e1d63d
Certificate serial: 018427F9C4CDB97BC357C8E5485FB89C7F42
Authority key identifier: 79:8F:7B:1F:D8:02:B3:DC:6A:BD:7A:5C:DA:78:6A:63:11:E1:D6:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eY97H9gCs9xqvXpc2nhqYxHh1j0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/qO9QeH3iDbTymatPczZEcXWG0UQ.roa
Signing time: Sun 30 Oct 2022 08:19:50 +0000
ROA not before: Sun 30 Oct 2022 08:19:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 138517
IP address blocks: 2a12:3fc2:dd00::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:27:f9:c4:cd:b9:7b:c3:57:c8:e5:48:5f:b8:9c:7f:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=798f7b1fd802b3dc6abd7a5cda786a6311e1d63d
Validity
Not Before: Oct 30 08:19:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a8ef50787de20db4f299ab4f733644717586d144
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:52:88:c2:cc:d8:22:8a:57:24:09:dd:a2:31:
d9:3d:0f:7e:e1:bb:10:0f:35:e3:43:e6:8e:8a:b9:
20:f9:c0:b5:21:e7:84:cd:66:92:53:4a:0c:ee:14:
22:0c:7b:6e:05:34:44:26:93:e9:3a:54:cc:42:d5:
61:ae:c1:f4:80:c1:97:73:f5:db:ec:04:96:a0:e1:
3a:af:3a:43:ef:ea:d5:1e:a8:ea:f8:16:ce:2f:1d:
1f:df:39:8b:28:ef:5a:0a:c0:9a:d7:88:7a:0b:4a:
25:a4:91:ea:38:4e:2e:31:fe:c5:76:46:89:c1:09:
2d:ad:a9:48:e9:25:11:dc:af:13:0d:39:14:b1:43:
51:f7:33:16:08:55:1c:76:21:58:95:96:ad:b4:e8:
d6:4c:dc:b6:71:4b:7a:12:f6:c3:ee:c2:fa:ad:62:
86:30:ae:09:8d:16:33:bd:55:f2:02:93:f9:e4:31:
e0:da:89:72:bf:12:b5:a3:77:e0:46:45:c9:de:9f:
bc:48:a0:e1:cb:55:a8:85:43:91:a5:a3:8c:c9:53:
72:00:84:4f:63:40:32:a9:8b:0c:a8:14:b8:19:3a:
3c:bf:87:f9:f4:6d:fb:63:8d:25:a1:36:f9:dd:17:
62:06:5e:4b:3b:88:fc:92:08:47:0b:e1:de:b8:92:
03:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:EF:50:78:7D:E2:0D:B4:F2:99:AB:4F:73:36:44:71:75:86:D1:44
X509v3 Authority Key Identifier:
keyid:79:8F:7B:1F:D8:02:B3:DC:6A:BD:7A:5C:DA:78:6A:63:11:E1:D6:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eY97H9gCs9xqvXpc2nhqYxHh1j0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/qO9QeH3iDbTymatPczZEcXWG0UQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/eY97H9gCs9xqvXpc2nhqYxHh1j0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:3fc2:dd00::/40
Signature Algorithm: sha256WithRSAEncryption
7b:b1:f0:d7:44:0c:62:15:a4:10:57:c4:cf:47:09:33:90:df:
c7:83:a5:ff:6f:50:dc:7b:ea:fb:78:a2:3e:42:71:25:89:8a:
4a:54:7f:9b:e6:f2:1b:f6:74:94:22:36:66:7d:ff:d0:a1:78:
b7:ac:29:0d:9e:85:37:bb:81:db:4e:20:b6:0b:8e:be:99:40:
09:c6:67:c8:22:bb:84:c4:8c:9a:74:4b:d0:22:50:65:e1:07:
e6:2a:79:a0:f5:dc:7e:bc:72:e7:21:0c:58:69:ab:3d:74:8d:
ae:95:81:45:da:fd:90:7a:37:2d:a7:a7:43:d8:15:29:86:05:
9b:e2:77:58:cb:04:81:c1:3d:f7:43:a6:91:ee:55:76:85:b8:
c2:06:4a:5f:37:ee:ed:4d:ed:5f:93:8b:f9:7d:5a:55:95:87:
56:df:01:83:7f:be:d3:eb:ed:57:48:12:76:f8:5e:4b:bf:22:
c6:5e:85:b0:53:34:83:9b:31:7e:64:18:06:ef:5c:59:45:20:
3b:10:5f:8d:85:e4:e1:fe:40:f4:25:1e:7a:85:d1:98:f8:56:
df:1a:16:1a:06:81:d7:41:b2:2d:50:bc:0d:73:4f:c9:b7:c6:
7a:57:33:4e:2c:06:73:3f:d4:b3:d9:0a:15:f4:3f:6a:f2:9e:
08:5a:8d:f8
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYQn+cTNuXvDV8jlSF+4nH9CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5OGY3YjFmZDgwMmIzZGM2YWJkN2E1Y2RhNzg2YTYzMTFl
MWQ2M2QwHhcNMjIxMDMwMDgxOTUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGVmNTA3ODdkZTIwZGI0ZjI5OWFiNGY3MzM2NDQ3MTc1ODZkMTQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAolKIwszYIopXJAndojHZPQ9+4bsQ
DzXjQ+aOirkg+cC1IeeEzWaSU0oM7hQiDHtuBTREJpPpOlTMQtVhrsH0gMGXc/Xb
7ASWoOE6rzpD7+rVHqjq+BbOLx0f3zmLKO9aCsCa14h6C0olpJHqOE4uMf7FdkaJ
wQktralI6SUR3K8TDTkUsUNR9zMWCFUcdiFYlZattOjWTNy2cUt6EvbD7sL6rWKG
MK4JjRYzvVXyApP55DHg2olyvxK1o3fgRkXJ3p+8SKDhy1WohUORpaOMyVNyAIRP
Y0AyqYsMqBS4GTo8v4f59G37Y40loTb53RdiBl5LO4j8kghHC+HeuJID2wIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFKjvUHh94g208pmrT3M2RHF1htFEMB8GA1UdIwQY
MBaAFHmPex/YArPcar16XNp4amMR4dY9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVk5N0g5Z0NzOXhxdlhwYzJuaHFZeEhoMWowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My8zMDg4M2EtMTZkNy00MjEyLTkxOTkt
MDlkMGFhMjhlNTUxLzEvcU85UWVIM2lEYlR5bWF0UGN6WkVjWFdHMFVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My8zMDg4M2EtMTZkNy00MjEyLTkxOTktMDlkMGFhMjhlNTUx
LzEvZVk5N0g5Z0NzOXhxdlhwYzJuaHFZeEhoMWowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhI/wt0w
DQYJKoZIhvcNAQELBQADggEBAHux8NdEDGIVpBBXxM9HCTOQ38eDpf9vUNx76vt4
oj5CcSWJikpUf5vm8hv2dJQiNmZ9/9CheLesKQ2ehTe7gdtOILYLjr6ZQAnGZ8gi
u4TEjJp0S9AiUGXhB+YqeaD13H68cuchDFhpqz10ja6VgUXa/ZB6Ny2np0PYFSmG
BZvid1jLBIHBPfdDppHuVXaFuMIGSl837u1N7V+Ti/l9WlWVh1bfAYN/vtPr7VdI
Enb4Xku/IsZehbBTNIObMX5kGAbvXFlFIDsQX42F5OH+QPQlHnqF0Zj4Vt8aFhoG
gddBsi1QvA1zT8m3xnpXM04sBnM/1LPZChX0P2rynghajfg=
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:59:01 2025 by rpki-client