Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/CQcxz5Zyl5_4OpvIpQ_59aieqjs.roa
File: CQcxz5Zyl5_4OpvIpQ_59aieqjs.roa (raw, json)
Hash identifier: Pqcqyq09406wNcXWXz/mqOtNnu47/P+bd/XDW9w6wII=
Subject key identifier: 09:07:31:CF:96:72:97:9F:F8:3A:9B:C8:A5:0F:F9:F5:A8:9E:AA:3B
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018BECE65C3E6968087B54BA24DF85DBFF4F
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/CQcxz5Zyl5_4OpvIpQ_59aieqjs.roa
Signing time: Mon 20 Nov 2023 13:23:21 +0000
ROA not before: Mon 20 Nov 2023 13:23:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205544
IP address blocks: 2a0f:e6c6:1::/48 maxlen: 48
2a13:e101:1::/48 maxlen: 48
2a0f:e1c0:1::/48 maxlen: 48
2a12:ecc0:1::/48 maxlen: 48
2a13:3380:1::/48 maxlen: 48
2a0f:e6c7:1::/48 maxlen: 48
2a13:e100:1::/48 maxlen: 48
2a12:ecc4:2::/48 maxlen: 48
2a12:ecc0:f::/48 maxlen: 48
2a0f:e440::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ec:e6:5c:3e:69:68:08:7b:54:ba:24:df:85:db:ff:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Nov 20 13:23:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=090731cf9672979ff83a9bc8a50ff9f5a89eaa3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:f2:32:54:f9:02:5b:7b:93:3b:f4:08:d4:b7:
e8:9e:2a:27:2b:83:b3:b0:63:8c:0a:69:0d:ae:c4:
ca:0d:2f:5c:24:b1:bb:b5:b2:4a:dc:0f:3b:05:4d:
2f:30:50:bf:86:65:f3:0c:eb:e0:1a:50:17:eb:42:
04:48:f3:94:75:39:95:c5:67:dc:e6:3f:fb:67:a0:
43:3c:4e:1e:e8:f4:a7:30:d9:9f:87:d8:27:22:e5:
89:88:a4:44:0d:6a:e8:f1:43:47:6a:72:e9:de:30:
40:51:8a:d7:7a:20:99:66:34:4d:eb:17:53:3f:5e:
2f:9c:c4:35:d6:e5:00:42:56:ab:6d:6b:a5:e2:94:
54:2d:a5:c7:b1:c0:e2:86:6d:ab:bf:7e:e5:e0:b6:
85:f4:9b:97:04:ac:55:2b:e9:5f:a0:e0:3f:ae:71:
26:8b:cf:c5:f8:6d:52:e5:ac:02:03:4a:76:00:27:
d4:74:b0:30:dc:d6:2a:76:4d:9f:99:61:c9:15:a0:
21:7f:7a:a8:b2:77:29:2f:4a:c1:35:4c:ec:96:84:
d1:5c:a0:ba:de:4b:de:30:df:96:b2:19:1f:9b:5c:
c2:08:5c:10:86:70:d2:92:05:79:6b:0c:15:5d:ee:
75:82:1b:9b:e4:b1:80:b5:46:0f:bf:36:7f:d5:62:
f8:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:07:31:CF:96:72:97:9F:F8:3A:9B:C8:A5:0F:F9:F5:A8:9E:AA:3B
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/CQcxz5Zyl5_4OpvIpQ_59aieqjs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:e1c0:1::/48
2a0f:e440::/29
2a0f:e6c6:1::/48
2a0f:e6c7:1::/48
2a12:ecc0:1::/48
2a12:ecc0:f::/48
2a12:ecc4:2::/48
2a13:3380:1::/48
2a13:e100:1::/48
2a13:e101:1::/48
Signature Algorithm: sha256WithRSAEncryption
61:ee:63:55:10:57:21:df:73:52:64:86:cf:65:7b:86:5b:0f:
e4:d4:8c:09:bf:96:a1:9c:f5:2d:71:16:18:0d:9c:77:29:65:
c5:54:08:99:b9:88:d9:cd:55:2f:e2:e0:4c:20:cd:e3:b5:56:
fe:5d:c1:1e:c2:58:f8:29:f5:be:dc:53:e6:a1:bc:b5:12:ed:
5e:84:39:72:4a:47:bf:06:e2:a1:ae:7a:da:57:05:37:50:4a:
5e:15:f8:c3:aa:08:11:4c:51:9f:f2:7b:b3:be:8b:71:23:2c:
b3:cb:70:e4:74:a0:17:23:a0:1a:8b:e0:c1:bd:0d:4f:eb:eb:
29:cf:be:7d:2b:86:a0:95:9d:58:28:62:be:5c:65:a3:b9:e0:
bb:ca:dd:9e:cf:ff:d2:47:87:99:db:22:6d:3a:97:81:59:76:
ae:f9:bc:5a:75:42:92:21:ab:ae:3d:70:61:78:d2:32:f7:c6:
bc:70:dc:99:e3:32:5e:de:05:3c:40:57:de:04:d8:01:da:62:
70:44:ee:dd:7d:71:e6:ab:7b:44:ea:a7:19:8e:a1:57:f0:07:
8c:a4:e2:7f:16:8f:b2:85:54:81:e2:37:a2:ba:8c:53:ea:a5:
17:a1:28:a1:ad:d7:aa:00:58:5c:a9:a9:a3:5e:db:1f:bf:4f:
d9:fe:ef:6b
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAYvs5lw+aWgIe1S6JN+F2/9PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMxMTIwMTMyMzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTA3MzFjZjk2NzI5NzlmZjgzYTliYzhhNTBmZjlmNWE4OWVhYTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlvIyVPkCW3uTO/QI1LfonionK4Oz
sGOMCmkNrsTKDS9cJLG7tbJK3A87BU0vMFC/hmXzDOvgGlAX60IESPOUdTmVxWfc
5j/7Z6BDPE4e6PSnMNmfh9gnIuWJiKREDWro8UNHanLp3jBAUYrXeiCZZjRN6xdT
P14vnMQ11uUAQlarbWul4pRULaXHscDihm2rv37l4LaF9JuXBKxVK+lfoOA/rnEm
i8/F+G1S5awCA0p2ACfUdLAw3NYqdk2fmWHJFaAhf3qosncpL0rBNUzsloTRXKC6
3kveMN+Wshkfm1zCCFwQhnDSkgV5awwVXe51ghub5LGAtUYPvzZ/1WL43QIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFAkHMc+Wcpef+DqbyKUP+fWonqo7MB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvQ1FjeHo1WnlsNV80T3B2SXBRXzU5YWllcWpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBeBAIAAjBYAwcAKg/hwAAB
AwUDKg/kQAMHACoP5sYAAQMHACoP5scAAQMHACoS7MAAAQMHACoS7MAADwMHACoS
7MQAAgMHACoTM4AAAQMHACoT4QAAAQMHACoT4QEAATANBgkqhkiG9w0BAQsFAAOC
AQEAYe5jVRBXId9zUmSGz2V7hlsP5NSMCb+WoZz1LXEWGA2cdyllxVQImbmI2c1V
L+LgTCDN47VW/l3BHsJY+Cn1vtxT5qG8tRLtXoQ5ckpHvwbioa562lcFN1BKXhX4
w6oIEUxRn/J7s76LcSMss8tw5HSgFyOgGovgwb0NT+vrKc++fSuGoJWdWChivlxl
o7ngu8rdns//0keHmdsibTqXgVl2rvm8WnVCkiGrrj1wYXjSMvfGvHDcmeMyXt4F
PEBX3gTYAdpicETu3X1x5qt7ROqnGY6hV/AHjKTifxaPsoVUgeI3orqMU+qlF6Eo
oa3XqgBYXKmpo17bH79P2f7vaw==
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:06:38 2025 by rpki-client