Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/COQLH1NNddCOvideVwx4JcaGWQ0.roa
File: COQLH1NNddCOvideVwx4JcaGWQ0.roa (raw, json)
Hash identifier: oitz2H3ipIuXl0fI7EA/8YrSMG/jjAdF7hxmw79HBhQ=
Subject key identifier: 08:E4:0B:1F:53:4D:75:D0:8E:BE:27:5E:57:0C:78:25:C6:86:59:0D
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018CAA81A25F187AE30952E2CACB3ED13181
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/COQLH1NNddCOvideVwx4JcaGWQ0.roa
Signing time: Wed 27 Dec 2023 09:01:11 +0000
ROA not before: Wed 27 Dec 2023 09:01:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 395839
IP address blocks: 2a0f:2e80::/29 maxlen: 29
2a0f:3940::/29 maxlen: 29
2a0f:39c0::/29 maxlen: 29
2a11:4e80::/29 maxlen: 29
2a12:d5c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:aa:81:a2:5f:18:7a:e3:09:52:e2:ca:cb:3e:d1:31:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Dec 27 09:01:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=08e40b1f534d75d08ebe275e570c7825c686590d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:4f:1f:cc:00:97:3f:fe:c3:f1:7c:b4:bd:87:
60:dc:56:63:51:b3:3c:48:31:37:ed:bc:5d:52:27:
e1:e3:df:18:4c:e3:12:3b:00:4f:94:fe:4e:ee:54:
78:83:12:4c:af:6e:b2:c1:6c:fc:03:ff:9c:e6:91:
c7:83:12:02:e1:3e:71:48:94:71:03:26:47:22:eb:
66:f7:59:52:d5:b2:50:06:ba:f2:fa:e3:28:98:f0:
8f:1f:e3:7d:80:1c:14:07:96:b8:f0:8f:18:8e:cf:
4f:93:82:fe:7f:2e:b9:8b:6f:94:c6:92:68:f5:9f:
01:0a:7f:ce:50:bb:3b:03:e1:c7:dc:f2:a8:61:87:
f6:b2:10:91:e7:17:6a:c2:1a:74:36:bb:41:f3:bb:
bd:58:39:f3:f1:af:c8:30:44:d8:a1:19:dd:2d:92:
24:e7:f9:77:ce:23:c3:16:c9:47:75:d8:b9:63:1e:
93:b2:b9:a2:4e:d8:63:b4:ab:47:34:e7:29:cc:db:
3a:76:96:5c:1e:31:87:93:0b:40:a5:63:85:30:70:
da:f6:b5:69:27:63:04:49:c3:f2:1c:4f:fc:b4:cf:
d7:cb:c5:d4:b2:30:85:76:a7:21:68:ea:c8:68:5a:
52:86:6e:b4:74:2e:18:a8:41:86:05:64:ef:cd:b1:
6b:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:E4:0B:1F:53:4D:75:D0:8E:BE:27:5E:57:0C:78:25:C6:86:59:0D
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/COQLH1NNddCOvideVwx4JcaGWQ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:2e80::/29
2a0f:3940::/29
2a0f:39c0::/29
2a11:4e80::/29
2a12:d5c0::/29
Signature Algorithm: sha256WithRSAEncryption
05:8d:d9:e1:3f:76:5b:60:cf:87:a5:22:3d:5b:de:d8:fb:20:
27:e9:ce:47:f7:95:27:f6:97:0b:28:cf:21:ff:28:de:39:bd:
b1:6f:e0:bf:db:de:dc:73:bf:ca:8b:a2:e7:08:e0:bf:dd:f6:
d3:37:fc:af:90:fa:9d:8c:0e:26:5a:ad:3b:8f:90:1d:8c:1e:
b6:47:2c:7b:57:bb:bb:bb:db:2c:5f:80:6e:0c:55:41:92:20:
29:ac:c7:b3:f1:8c:15:ad:28:6d:62:ef:e5:b4:e8:b7:bc:11:
55:12:4c:55:a2:6b:e4:e1:bf:4b:fc:5d:34:6f:3e:ef:94:dc:
a8:e2:c8:1d:27:15:3e:27:5f:70:b0:3c:a1:9f:dc:93:51:82:
08:58:86:e5:95:25:56:3e:a9:57:e6:4f:e7:bf:fd:3e:6b:28:
ee:2e:c8:43:cb:94:ec:e8:50:8e:44:31:01:c0:8a:5b:d0:7f:
b6:5a:1d:4e:79:2a:41:d9:69:6a:7b:6d:2c:54:af:67:93:98:
43:b1:db:d8:d3:53:70:1a:1e:1d:e2:40:48:28:61:0e:a7:33:
7d:97:99:49:c0:39:aa:a2:e4:28:2c:24:e1:80:87:1a:63:f5:
cf:23:02:37:09:13:b8:c0:d3:74:6d:57:77:4a:bf:75:80:af:
71:e5:08:ec
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYyqgaJfGHrjCVLiyss+0TGBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMxMjI3MDkwMTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGU0MGIxZjUzNGQ3NWQwOGViZTI3NWU1NzBjNzgyNWM2ODY1OTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmk8fzACXP/7D8Xy0vYdg3FZjUbM8
SDE37bxdUifh498YTOMSOwBPlP5O7lR4gxJMr26ywWz8A/+c5pHHgxIC4T5xSJRx
AyZHIutm91lS1bJQBrry+uMomPCPH+N9gBwUB5a48I8Yjs9Pk4L+fy65i2+UxpJo
9Z8BCn/OULs7A+HH3PKoYYf2shCR5xdqwhp0NrtB87u9WDnz8a/IMETYoRndLZIk
5/l3ziPDFslHddi5Yx6TsrmiTthjtKtHNOcpzNs6dpZcHjGHkwtApWOFMHDa9rVp
J2MEScPyHE/8tM/Xy8XUsjCFdqchaOrIaFpShm60dC4YqEGGBWTvzbFrBQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFAjkCx9TTXXQjr4nXlcMeCXGhlkNMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvQ09RTEgxTk5kZENPdmlkZVZ3eDRKY2FHV1EwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzApBAIAAjAjAwUDKg8ugAMF
AyoPOUADBQMqDznAAwUDKhFOgAMFAyoS1cAwDQYJKoZIhvcNAQELBQADggEBAAWN
2eE/dltgz4elIj1b3tj7ICfpzkf3lSf2lwsozyH/KN45vbFv4L/b3txzv8qLoucI
4L/d9tM3/K+Q+p2MDiZarTuPkB2MHrZHLHtXu7u72yxfgG4MVUGSICmsx7PxjBWt
KG1i7+W06Le8EVUSTFWia+Thv0v8XTRvPu+U3KjiyB0nFT4nX3CwPKGf3JNRgghY
huWVJVY+qVfmT+e//T5rKO4uyEPLlOzoUI5EMQHAilvQf7ZaHU55KkHZaWp7bSxU
r2eTmEOx29jTU3AaHh3iQEgoYQ6nM32XmUnAOaqi5CgsJOGAhxpj9c8jAjcJE7jA
03RtV3dKv3WAr3HlCOw=
-----END CERTIFICATE-----
Generated at Tue Apr 22 03:34:45 2025 by rpki-client