Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/9c3d28-05d6-47b0-91ef-e5064db21b20/1/TqwCUI2jAls8Kk_MjgPJ0DGltYE.roa
File: TqwCUI2jAls8Kk_MjgPJ0DGltYE.roa (raw, json)
Hash identifier: IYglDQx11iONDcDkjU3gvQNtjDK1mSfGlQi9+yE8XQo=
Subject key identifier: 4E:AC:02:50:8D:A3:02:5B:3C:2A:4F:CC:8E:03:C9:D0:31:A5:B5:81
Certificate issuer: /CN=1d90344dcaffbd33e68d84895d87d8abf53c74a3
Certificate serial: 01856ECB77D886B6C1B93879CE15250574D0
Authority key identifier: 1D:90:34:4D:CA:FF:BD:33:E6:8D:84:89:5D:87:D8:AB:F5:3C:74:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HZA0Tcr_vTPmjYSJXYfYq_U8dKM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/9c3d28-05d6-47b0-91ef-e5064db21b20/1/TqwCUI2jAls8Kk_MjgPJ0DGltYE.roa
Signing time: Sun 01 Jan 2023 19:25:06 +0000
ROA not before: Sun 01 Jan 2023 19:25:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58299
IP address blocks: 2001:678:ca0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:cb:77:d8:86:b6:c1:b9:38:79:ce:15:25:05:74:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d90344dcaffbd33e68d84895d87d8abf53c74a3
Validity
Not Before: Jan 1 19:25:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4eac02508da3025b3c2a4fcc8e03c9d031a5b581
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:88:65:2a:73:f4:e6:53:ca:50:54:25:94:20:
3a:ec:32:f5:0c:32:48:f6:04:e5:4e:ee:f4:bb:e6:
b6:ab:96:86:77:7f:9e:e9:b7:8c:e6:25:b0:59:8f:
07:a4:ef:c8:49:f9:91:10:60:1f:7c:09:79:4a:2b:
f2:22:be:15:31:36:ae:07:42:ce:b9:f7:5f:cc:d9:
89:a7:55:dc:b4:35:97:45:13:71:19:97:9a:6e:46:
3e:b1:9b:68:cf:86:a3:5c:39:dc:58:c9:97:bf:2c:
90:7c:c9:ff:6d:7c:97:3e:6a:c4:04:e7:eb:79:75:
99:dc:73:f6:a5:26:42:d6:08:a2:17:04:b1:4f:ac:
9f:f1:1a:77:f5:67:5f:d7:29:7e:3f:50:7a:9c:19:
7f:8d:10:c2:45:0a:ef:60:4d:0f:68:d0:01:db:9b:
44:0e:85:84:90:04:0b:73:a1:84:48:7a:c1:62:a9:
74:af:db:30:c0:7a:13:6b:7a:c8:ff:b2:c3:e6:ba:
a4:1b:e6:9b:db:cb:eb:bc:09:05:e0:db:b3:b2:db:
06:7d:7f:89:1d:99:11:89:3e:42:0c:d0:c4:46:5b:
25:2a:dc:ef:88:55:9d:0a:80:3b:5e:ed:32:5a:5e:
d4:89:8a:c6:7f:58:91:2b:5c:c1:b7:ae:9f:ea:98:
7a:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:AC:02:50:8D:A3:02:5B:3C:2A:4F:CC:8E:03:C9:D0:31:A5:B5:81
X509v3 Authority Key Identifier:
keyid:1D:90:34:4D:CA:FF:BD:33:E6:8D:84:89:5D:87:D8:AB:F5:3C:74:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HZA0Tcr_vTPmjYSJXYfYq_U8dKM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/9c3d28-05d6-47b0-91ef-e5064db21b20/1/TqwCUI2jAls8Kk_MjgPJ0DGltYE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/9c3d28-05d6-47b0-91ef-e5064db21b20/1/HZA0Tcr_vTPmjYSJXYfYq_U8dKM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:ca0::/48
Signature Algorithm: sha256WithRSAEncryption
06:6d:ff:a6:0b:fc:ef:ba:41:8b:40:14:fa:b6:d0:cc:59:a6:
39:c4:2c:9e:1c:61:c9:13:fa:6c:25:1a:c1:f4:33:59:29:0d:
94:a9:b9:80:f1:5a:22:d5:62:8b:6f:86:2b:68:24:f1:cd:36:
de:95:09:6d:8d:30:a3:f6:4f:0e:2f:41:1b:b5:82:eb:c5:23:
7a:1e:f7:ce:85:11:54:29:0a:de:fa:7c:79:84:47:4c:e5:00:
77:bc:7b:98:6e:3b:6a:11:c3:b4:55:66:a0:e7:06:73:56:f9:
7a:24:a4:29:c3:79:9f:45:fe:8f:31:56:3b:52:04:33:cc:33:
b6:5f:38:3d:e3:76:f7:0d:d1:b7:ac:23:49:2d:65:b3:0e:72:
10:0a:09:a0:a3:10:53:fd:02:26:a5:40:8d:95:55:01:50:64:
08:3a:a9:53:b1:13:0d:39:17:08:45:38:32:71:53:87:d6:7d:
3e:d3:07:53:87:a4:31:c6:ac:fe:c4:3f:f1:f8:c7:f7:05:fe:
6e:10:41:f9:5e:53:3b:6e:6d:2d:af:24:86:d1:5b:66:65:2e:
6f:7a:dc:02:cc:d4:16:0c:5d:21:66:1a:32:3d:89:12:7b:f0:
a2:14:71:56:0e:bf:f4:98:b5:ee:75:35:87:2c:56:bd:4d:5e:
e6:29:6e:da
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVuy3fYhrbBuTh5zhUlBXTQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkOTAzNDRkY2FmZmJkMzNlNjhkODQ4OTVkODdkOGFiZjUz
Yzc0YTMwHhcNMjMwMTAxMTkyNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZWFjMDI1MDhkYTMwMjViM2MyYTRmY2M4ZTAzYzlkMDMxYTViNTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuYhlKnP05lPKUFQllCA67DL1DDJI
9gTlTu70u+a2q5aGd3+e6beM5iWwWY8HpO/ISfmREGAffAl5SivyIr4VMTauB0LO
ufdfzNmJp1XctDWXRRNxGZeabkY+sZtoz4ajXDncWMmXvyyQfMn/bXyXPmrEBOfr
eXWZ3HP2pSZC1giiFwSxT6yf8Rp39Wdf1yl+P1B6nBl/jRDCRQrvYE0PaNAB25tE
DoWEkAQLc6GESHrBYql0r9swwHoTa3rI/7LD5rqkG+ab28vrvAkF4NuzstsGfX+J
HZkRiT5CDNDERlslKtzviFWdCoA7Xu0yWl7UiYrGf1iRK1zBt66f6ph6gQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFE6sAlCNowJbPCpPzI4DydAxpbWBMB8GA1UdIwQY
MBaAFB2QNE3K/70z5o2EiV2H2Kv1PHSjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFpBMFRjcl92VFBtallTSlhZZllxX1U4ZEtNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi85YzNkMjgtMDVkNi00N2IwLTkxZWYt
ZTUwNjRkYjIxYjIwLzEvVHF3Q1VJMmpBbHM4S2tfTWpnUEowREdsdFlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi85YzNkMjgtMDVkNi00N2IwLTkxZWYtZTUwNjRkYjIxYjIw
LzEvSFpBMFRjcl92VFBtallTSlhZZllxX1U4ZEtNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAyg
MA0GCSqGSIb3DQEBCwUAA4IBAQAGbf+mC/zvukGLQBT6ttDMWaY5xCyeHGHJE/ps
JRrB9DNZKQ2UqbmA8Voi1WKLb4YraCTxzTbelQltjTCj9k8OL0EbtYLrxSN6HvfO
hRFUKQre+nx5hEdM5QB3vHuYbjtqEcO0VWag5wZzVvl6JKQpw3mfRf6PMVY7UgQz
zDO2Xzg943b3DdG3rCNJLWWzDnIQCgmgoxBT/QImpUCNlVUBUGQIOqlTsRMNORcI
RTgycVOH1n0+0wdTh6Qxxqz+xD/x+Mf3Bf5uEEH5XlM7bm0trySG0VtmZS5vetwC
zNQWDF0hZhoyPYkSe/CiFHFWDr/0mLXudTWHLFa9TV7mKW7a
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:28:09 2025 by rpki-client