Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/4a7539-b149-48e9-88e7-060ac0890966/1/Q68ZEKfMadv-47T6qodCR3jpfc4.roa
File: Q68ZEKfMadv-47T6qodCR3jpfc4.roa (raw, json)
Hash identifier: N4hqL3UbXZepcRjSwnSpc8nUIcX12p00fiIkzdPITOw=
Subject key identifier: 43:AF:19:10:A7:CC:69:DB:FE:E3:B4:FA:AA:87:42:47:78:E9:7D:CE
Certificate issuer: /CN=dd1daecd30aeb74652bbdda5dad9676ce488aa49
Certificate serial: 01870D30120BE7AF6EEF3F5AB156A0728A20
Authority key identifier: DD:1D:AE:CD:30:AE:B7:46:52:BB:DD:A5:DA:D9:67:6C:E4:88:AA:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3R2uzTCut0ZSu92l2tlnbOSIqkk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/4a7539-b149-48e9-88e7-060ac0890966/1/Q68ZEKfMadv-47T6qodCR3jpfc4.roa
Signing time: Thu 23 Mar 2023 06:37:46 +0000
ROA not before: Thu 23 Mar 2023 06:37:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21343
IP address blocks: 2a02:2278:ffff::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:0d:30:12:0b:e7:af:6e:ef:3f:5a:b1:56:a0:72:8a:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd1daecd30aeb74652bbdda5dad9676ce488aa49
Validity
Not Before: Mar 23 06:37:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=43af1910a7cc69dbfee3b4faaa87424778e97dce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:76:2b:a1:7d:04:59:3a:04:30:61:64:e8:2d:
52:2d:9d:0b:7e:1b:45:b7:de:eb:4b:92:45:43:c5:
fb:d9:b3:ff:74:90:fd:6c:25:79:bc:1f:33:62:2f:
91:d1:00:44:29:3a:e0:0a:1b:b3:79:f6:0e:eb:5c:
d4:e9:af:c0:df:a1:94:72:9e:b2:68:6a:90:08:a4:
38:92:77:fc:b1:0c:fc:ba:41:1e:81:ef:91:18:33:
56:af:0e:f8:dc:1b:13:88:83:c5:d7:b1:6d:7b:fb:
71:f1:2d:01:6f:39:8a:66:fa:7b:c1:5a:d2:38:25:
3e:68:03:e3:07:ce:65:94:06:70:48:36:a5:d0:6b:
ec:b3:7b:a2:09:3f:2d:d2:dd:a2:8e:a1:5e:27:0d:
11:fc:b8:04:17:b2:70:08:8d:56:23:d0:95:c8:b8:
d6:e0:59:d6:b0:64:b3:d8:d1:38:00:4d:6f:6a:2a:
94:57:80:e6:e5:08:6b:97:87:d6:81:f3:1d:38:61:
91:09:81:90:d6:48:56:b5:de:22:b6:64:3f:b0:e7:
c6:cc:d0:6d:4b:b9:10:3b:37:d6:2d:a7:aa:2e:d0:
6b:ac:c0:22:8a:66:fc:6a:bc:59:ca:91:53:2c:8c:
d1:d7:1f:26:7c:17:0c:ce:4f:ea:ff:90:73:0a:1f:
af:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:AF:19:10:A7:CC:69:DB:FE:E3:B4:FA:AA:87:42:47:78:E9:7D:CE
X509v3 Authority Key Identifier:
keyid:DD:1D:AE:CD:30:AE:B7:46:52:BB:DD:A5:DA:D9:67:6C:E4:88:AA:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3R2uzTCut0ZSu92l2tlnbOSIqkk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/4a7539-b149-48e9-88e7-060ac0890966/1/Q68ZEKfMadv-47T6qodCR3jpfc4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/4a7539-b149-48e9-88e7-060ac0890966/1/3R2uzTCut0ZSu92l2tlnbOSIqkk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:2278:ffff::/48
Signature Algorithm: sha256WithRSAEncryption
59:b0:77:43:26:e9:d7:ea:38:61:fd:7a:11:3b:5f:9c:9b:99:
83:05:e5:ce:28:5c:76:5c:ad:fa:6b:5c:2d:30:17:14:e7:c6:
37:10:39:d6:45:ec:46:ee:fa:84:85:d9:2f:78:54:71:6e:8f:
d8:21:db:4e:b7:7e:df:9b:21:66:c7:99:03:9b:40:0f:3b:eb:
b1:08:9c:a4:f8:73:d6:2d:4f:15:73:04:3d:8b:dc:dd:1b:12:
44:64:62:61:66:36:be:28:48:f6:6f:c0:b8:1e:93:70:8d:25:
b7:27:1e:9c:84:52:c6:c0:b3:1b:02:a5:47:d9:32:65:71:08:
0c:ba:17:59:71:13:5b:68:93:da:5e:d7:6f:f7:15:81:30:35:
f2:3b:f9:dc:f3:f8:eb:bc:fd:36:57:23:3c:a8:6f:d7:cb:44:
26:b4:e8:3a:ee:e4:01:b4:7c:7a:b4:95:44:ae:a1:6f:ea:4f:
31:75:76:ff:c1:75:84:d1:84:35:b4:34:c3:7f:9f:11:e3:8f:
1d:ae:c8:a1:c9:cb:fb:45:fb:b7:29:eb:3c:5d:1e:e8:df:86:
80:bc:59:48:30:05:f0:b4:39:78:f5:f2:0c:30:ef:cd:f0:9e:
c4:ad:31:32:2d:ec:7c:e6:f1:1c:99:c2:4b:5e:a3:a2:27:e3:
da:f5:6d:cf
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYcNMBIL569u7z9asVagcoogMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkMWRhZWNkMzBhZWI3NDY1MmJiZGRhNWRhZDk2NzZjZTQ4
OGFhNDkwHhcNMjMwMzIzMDYzNzQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2FmMTkxMGE3Y2M2OWRiZmVlM2I0ZmFhYTg3NDI0Nzc4ZTk3ZGNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArHYroX0EWToEMGFk6C1SLZ0LfhtF
t97rS5JFQ8X72bP/dJD9bCV5vB8zYi+R0QBEKTrgChuzefYO61zU6a/A36GUcp6y
aGqQCKQ4knf8sQz8ukEege+RGDNWrw743BsTiIPF17Fte/tx8S0BbzmKZvp7wVrS
OCU+aAPjB85llAZwSDal0Gvss3uiCT8t0t2ijqFeJw0R/LgEF7JwCI1WI9CVyLjW
4FnWsGSz2NE4AE1vaiqUV4Dm5Qhrl4fWgfMdOGGRCYGQ1khWtd4itmQ/sOfGzNBt
S7kQOzfWLaeqLtBrrMAiimb8arxZypFTLIzR1x8mfBcMzk/q/5BzCh+vCwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEOvGRCnzGnb/uO0+qqHQkd46X3OMB8GA1UdIwQY
MBaAFN0drs0wrrdGUrvdpdrZZ2zkiKpJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1IydXpUQ3V0MFpTdTkybDJ0bG5iT1NJcWtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS80YTc1MzktYjE0OS00OGU5LTg4ZTct
MDYwYWMwODkwOTY2LzEvUTY4WkVLZk1hZHYtNDdUNnFvZENSM2pwZmM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS80YTc1MzktYjE0OS00OGU5LTg4ZTctMDYwYWMwODkwOTY2
LzEvM1IydXpUQ3V0MFpTdTkybDJ0bG5iT1NJcWtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgIieP//
MA0GCSqGSIb3DQEBCwUAA4IBAQBZsHdDJunX6jhh/XoRO1+cm5mDBeXOKFx2XK36
a1wtMBcU58Y3EDnWRexG7vqEhdkveFRxbo/YIdtOt37fmyFmx5kDm0APO+uxCJyk
+HPWLU8VcwQ9i9zdGxJEZGJhZja+KEj2b8C4HpNwjSW3Jx6chFLGwLMbAqVH2TJl
cQgMuhdZcRNbaJPaXtdv9xWBMDXyO/nc8/jrvP02VyM8qG/Xy0QmtOg67uQBtHx6
tJVErqFv6k8xdXb/wXWE0YQ1tDTDf58R448drsihycv7Rfu3Kes8XR7o34aAvFlI
MAXwtDl49fIMMO/N8J7ErTEyLex85vEcmcJLXqOiJ+Pa9W3P
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:32:05 2025 by rpki-client