Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/iwqnrl6TBBOHX1ZwsuohoHZemqA.roa
File: iwqnrl6TBBOHX1ZwsuohoHZemqA.roa (raw, json)
Hash identifier: KghzNRejjccfB7IUYtsssV68cPsS4qw9xebQXhJHSjU=
Subject key identifier: 8B:0A:A7:AE:5E:93:04:13:87:5F:56:70:B2:EA:21:A0:76:5E:9A:A0
Certificate issuer: /CN=3ba5b1c09aa31f6713c61b32e558109e47966d42
Certificate serial: 0185F364335B566FBEE3C0109E775B13FBD5
Authority key identifier: 3B:A5:B1:C0:9A:A3:1F:67:13:C6:1B:32:E5:58:10:9E:47:96:6D:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O6WxwJqjH2cTxhsy5VgQnkeWbUI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/iwqnrl6TBBOHX1ZwsuohoHZemqA.roa
Signing time: Fri 27 Jan 2023 13:21:48 +0000
ROA not before: Fri 27 Jan 2023 13:21:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1759
IP address blocks: 2001:2000:6000::/40 maxlen: 40
2001:2062::/32 maxlen: 32
2001:2003::/32 maxlen: 32
2001:2061::/32 maxlen: 32
2001:2001:6000::/40 maxlen: 40
2001:2060::/27 maxlen: 27
2001:2060::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:f3:64:33:5b:56:6f:be:e3:c0:10:9e:77:5b:13:fb:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ba5b1c09aa31f6713c61b32e558109e47966d42
Validity
Not Before: Jan 27 13:21:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8b0aa7ae5e930413875f5670b2ea21a0765e9aa0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:57:ce:4b:50:5c:09:b2:c5:ef:b9:78:fb:e3:
8f:e0:44:20:4c:f4:1e:bc:e9:2f:9e:85:47:bb:90:
69:c7:fd:5e:d9:70:96:12:72:b2:c4:53:e2:75:39:
0b:95:76:75:f4:c6:69:50:84:bf:ed:9e:14:8f:b4:
2f:ca:47:38:82:9d:79:bd:1a:cc:86:7e:a7:28:f1:
82:61:ba:0e:01:91:74:69:4e:f8:df:38:69:ef:77:
be:2b:f2:d6:48:3a:4d:bd:ce:b0:6b:ca:13:95:94:
4a:67:57:a2:ff:4b:2a:f8:92:d7:8e:e9:32:ba:b0:
bb:e7:49:83:22:d0:da:1e:d4:1c:c0:0d:1e:c3:b5:
96:b2:9a:df:e8:70:75:25:87:aa:27:f5:d0:f4:9d:
1c:0b:01:54:f5:18:45:41:02:30:94:ae:5e:35:9c:
e9:87:ca:bf:f8:4a:5e:00:0c:e0:f7:6f:2c:56:04:
a9:8c:31:84:91:e0:7b:e1:c7:7f:d6:07:2b:ae:44:
49:e3:08:84:b9:83:ea:1a:d1:88:40:a4:df:0f:31:
9b:64:16:f1:75:b4:3f:07:30:e7:ad:9c:cd:1d:ca:
3e:54:18:56:1d:71:3d:e6:d1:6d:51:73:d3:72:93:
02:f4:c2:0f:fe:21:f5:6a:fd:a4:09:05:80:9a:db:
90:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:0A:A7:AE:5E:93:04:13:87:5F:56:70:B2:EA:21:A0:76:5E:9A:A0
X509v3 Authority Key Identifier:
keyid:3B:A5:B1:C0:9A:A3:1F:67:13:C6:1B:32:E5:58:10:9E:47:96:6D:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O6WxwJqjH2cTxhsy5VgQnkeWbUI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/iwqnrl6TBBOHX1ZwsuohoHZemqA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/O6WxwJqjH2cTxhsy5VgQnkeWbUI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:2000:6000::/40
2001:2001:6000::/40
2001:2003::/32
2001:2060::/27
Signature Algorithm: sha256WithRSAEncryption
34:b6:81:42:9a:a1:93:eb:b4:60:0d:bc:22:2e:ed:e3:10:fb:
87:85:c5:40:ca:7e:cd:9c:c3:18:eb:b3:0a:23:2f:cc:37:58:
62:58:18:41:f7:4f:85:dd:18:e3:df:8f:a5:67:00:ff:a3:e6:
16:70:5c:34:7e:61:7a:af:ef:f0:68:b8:ac:4d:64:8c:1a:0b:
5d:09:59:0a:dd:1c:20:25:07:c0:6a:9a:d6:19:51:a4:3d:22:
49:54:c7:0f:e0:78:54:a8:92:6b:07:81:d9:30:b4:f2:3a:c4:
8b:82:f8:64:9b:23:ca:3c:4b:e3:0f:5a:42:61:8e:a4:a1:8c:
75:d8:d8:94:76:c9:f2:af:4b:36:e5:93:34:1f:1e:42:a9:9b:
b4:74:98:f7:6c:bc:81:a4:8e:46:64:d8:fe:63:93:77:73:d9:
62:db:48:2d:bc:de:0c:79:6d:71:90:aa:7d:ae:bd:64:ca:03:
45:a2:0a:c5:9b:ad:1f:63:92:cb:d9:de:ea:62:5c:1b:a1:1b:
a5:6c:dc:4c:52:30:36:89:ad:21:00:e1:9e:c7:fc:b5:46:40:
c3:58:c1:5f:65:c6:3a:ba:33:49:69:c0:42:a0:29:bb:7a:8f:
30:2b:2e:86:4a:08:2c:f7:df:6a:5c:60:56:7a:71:ed:8d:66:
85:a1:d7:a4
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYXzZDNbVm++48AQnndbE/vVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiYTViMWMwOWFhMzFmNjcxM2M2MWIzMmU1NTgxMDllNDc5
NjZkNDIwHhcNMjMwMTI3MTMyMTQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjBhYTdhZTVlOTMwNDEzODc1ZjU2NzBiMmVhMjFhMDc2NWU5YWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiVfOS1BcCbLF77l4++OP4EQgTPQe
vOkvnoVHu5Bpx/1e2XCWEnKyxFPidTkLlXZ19MZpUIS/7Z4Uj7Qvykc4gp15vRrM
hn6nKPGCYboOAZF0aU743zhp73e+K/LWSDpNvc6wa8oTlZRKZ1ei/0sq+JLXjuky
urC750mDItDaHtQcwA0ew7WWsprf6HB1JYeqJ/XQ9J0cCwFU9RhFQQIwlK5eNZzp
h8q/+EpeAAzg928sVgSpjDGEkeB74cd/1gcrrkRJ4wiEuYPqGtGIQKTfDzGbZBbx
dbQ/BzDnrZzNHco+VBhWHXE95tFtUXPTcpMC9MIP/iH1av2kCQWAmtuQVwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFIsKp65ekwQTh19WcLLqIaB2XpqgMB8GA1UdIwQY
MBaAFDulscCaox9nE8YbMuVYEJ5Hlm1CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzZXeHdKcWpIMmNUeGhzeTVWZ1Fua2VXYlVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC8xM2JkNzctZDI5Ny00Njg5LWJlZTQt
NDY2ZTljYWI3ODY0LzEvaXdxbnJsNlRCQk9IWDFad3N1b2hvSFplbXFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC8xM2JkNzctZDI5Ny00Njg5LWJlZTQtNDY2ZTljYWI3ODY0
LzEvTzZXeHdKcWpIMmNUeGhzeTVWZ1Fua2VXYlVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAAjAeAwYAIAEgAGAD
BgAgASABYAMFACABIAMDBQUgASBgMA0GCSqGSIb3DQEBCwUAA4IBAQA0toFCmqGT
67RgDbwiLu3jEPuHhcVAyn7NnMMY67MKIy/MN1hiWBhB90+F3Rjj34+lZwD/o+YW
cFw0fmF6r+/waLisTWSMGgtdCVkK3RwgJQfAaprWGVGkPSJJVMcP4HhUqJJrB4HZ
MLTyOsSLgvhkmyPKPEvjD1pCYY6koYx12NiUdsnyr0s25ZM0Hx5CqZu0dJj3bLyB
pI5GZNj+Y5N3c9li20gtvN4MeW1xkKp9rr1kygNFogrFm60fY5LL2d7qYlwboRul
bNxMUjA2ia0hAOGex/y1RkDDWMFfZcY6ujNJacBCoCm7eo8wKy6GSggs999qXGBW
enHtjWaFodek
-----END CERTIFICATE-----
Generated at Sat Apr 19 07:27:58 2025 by rpki-client