Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/QdtWP3vq7ZxXCbDgKAXubaMJoyc.roa
File: QdtWP3vq7ZxXCbDgKAXubaMJoyc.roa (raw, json)
Hash identifier: eizpeu5n+OqH2W6B41CQFU2Ag66X9npTF2bzmDkSDHo=
Subject key identifier: 41:DB:56:3F:7B:EA:ED:9C:57:09:B0:E0:28:05:EE:6D:A3:09:A3:27
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01846BA2D1E7B642B39F17308BDBE5304EA3
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/QdtWP3vq7ZxXCbDgKAXubaMJoyc.roa
Signing time: Sat 12 Nov 2022 11:39:03 +0000
ROA not before: Sat 12 Nov 2022 11:39:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20473
IP address blocks: 2a0e:15c0:1::/48 maxlen: 48
2a0f:7d00:1::/48 maxlen: 48
2a0e:15c1::/32 maxlen: 32
2a12:d6c1::/32 maxlen: 32
2a12:d6c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:6b:a2:d1:e7:b6:42:b3:9f:17:30:8b:db:e5:30:4e:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Nov 12 11:39:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=41db563f7beaed9c5709b0e02805ee6da309a327
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:f5:96:32:eb:4a:24:3f:0e:df:75:18:9f:c7:
88:a3:c1:e3:b4:26:f6:9e:d3:7c:61:7b:68:0c:9c:
c6:03:3c:4e:31:14:99:79:2d:98:50:1a:98:14:c4:
65:50:91:f6:21:b6:b6:5c:3a:a1:bc:41:ed:f4:51:
77:50:01:87:fd:8c:be:ab:e2:28:29:d1:c0:38:d3:
5c:44:89:de:69:7b:5c:25:bf:46:4c:3b:3e:21:47:
41:fa:1b:66:d7:46:75:c2:de:3b:4a:86:7f:0f:3b:
97:e6:27:bb:08:82:0b:d7:89:05:a9:62:53:ea:35:
9a:e1:87:0f:75:4a:dc:9d:25:46:2d:1c:ed:a2:c4:
6b:d7:c7:73:d8:48:87:bb:69:70:49:9f:13:34:98:
43:f8:85:bf:1b:9f:b3:0c:c4:5a:12:b1:ad:5d:46:
5d:28:33:5e:ab:ce:88:14:17:18:76:cd:2b:59:e7:
80:84:50:60:a3:5e:99:92:f5:04:9c:6a:a0:30:fe:
9f:8b:63:eb:30:8c:80:9a:a5:89:3d:5e:49:b0:87:
64:c9:78:b4:45:e6:ce:55:8d:10:68:93:19:b9:25:
fe:a9:9a:dc:d9:55:9c:8f:e6:0c:d6:15:64:d9:30:
6b:b9:f0:bd:e2:97:04:cb:19:01:65:8d:54:b2:82:
9a:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:DB:56:3F:7B:EA:ED:9C:57:09:B0:E0:28:05:EE:6D:A3:09:A3:27
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/QdtWP3vq7ZxXCbDgKAXubaMJoyc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:15c0:1::/48
2a0e:15c1::/32
2a0f:7d00:1::/48
2a12:d6c0::/29
Signature Algorithm: sha256WithRSAEncryption
ab:02:60:53:71:2a:9a:57:d4:58:dc:17:ce:b4:39:c3:ca:4f:
b1:ef:bc:8f:04:53:61:d4:03:a9:72:84:bd:2e:d5:c1:c7:4a:
bd:93:69:72:ea:b6:05:c5:78:7e:4a:09:d3:46:ce:2a:9b:36:
4a:db:57:32:e8:cc:e5:10:0b:8d:77:6b:52:83:8c:70:8e:c2:
e5:2b:14:45:2e:2f:69:21:c5:1e:96:f6:2e:4e:82:f0:2c:9b:
af:c1:f1:6d:35:87:2f:49:31:19:15:96:75:92:fe:41:71:00:
24:bc:be:83:7a:e4:61:ba:2d:11:10:74:13:00:ed:f2:80:63:
c3:28:4c:b1:65:af:ec:bd:0f:bf:4b:19:da:e6:13:dd:9d:58:
de:a1:77:08:1a:45:46:42:9f:7e:6e:ca:88:ce:82:04:cf:51:
26:25:e8:5c:22:d5:a5:04:62:ab:b1:a9:cb:a2:73:4b:13:e5:
56:6f:28:a2:28:37:21:56:8c:df:c4:7e:bf:05:4b:c0:8d:e5:
da:53:3d:12:35:39:1e:b2:f7:77:04:dc:5b:33:43:24:87:c7:
5a:87:b4:b7:3a:53:50:de:9e:4e:c6:8c:f5:1a:23:74:f6:ae:
2b:b5:20:37:40:1c:94:a9:b3:1e:4c:cc:85:53:48:cf:c6:7f:
87:85:59:ce
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYRrotHntkKznxcwi9vlME6jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjIxMTEyMTEzOTAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWRiNTYzZjdiZWFlZDljNTcwOWIwZTAyODA1ZWU2ZGEzMDlhMzI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq/WWMutKJD8O33UYn8eIo8HjtCb2
ntN8YXtoDJzGAzxOMRSZeS2YUBqYFMRlUJH2Iba2XDqhvEHt9FF3UAGH/Yy+q+Io
KdHAONNcRIneaXtcJb9GTDs+IUdB+htm10Z1wt47SoZ/DzuX5ie7CIIL14kFqWJT
6jWa4YcPdUrcnSVGLRztosRr18dz2EiHu2lwSZ8TNJhD+IW/G5+zDMRaErGtXUZd
KDNeq86IFBcYds0rWeeAhFBgo16ZkvUEnGqgMP6fi2PrMIyAmqWJPV5JsIdkyXi0
RebOVY0QaJMZuSX+qZrc2VWcj+YM1hVk2TBrufC94pcEyxkBZY1UsoKaZwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFEHbVj976u2cVwmw4CgF7m2jCaMnMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvUWR0V1AzdnE3WnhYQ2JEZ0tBWHViYU1Kb3ljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAAjAgAwcAKg4VwAAB
AwUAKg4VwQMHACoPfQAAAQMFAyoS1sAwDQYJKoZIhvcNAQELBQADggEBAKsCYFNx
KppX1FjcF860OcPKT7HvvI8EU2HUA6lyhL0u1cHHSr2TaXLqtgXFeH5KCdNGziqb
NkrbVzLozOUQC413a1KDjHCOwuUrFEUuL2khxR6W9i5OgvAsm6/B8W01hy9JMRkV
lnWS/kFxACS8voN65GG6LREQdBMA7fKAY8MoTLFlr+y9D79LGdrmE92dWN6hdwga
RUZCn35uyojOggTPUSYl6Fwi1aUEYquxqcuic0sT5VZvKKIoNyFWjN/Efr8FS8CN
5dpTPRI1OR6y93cE3FszQySHx1qHtLc6U1Denk7GjPUaI3T2riu1IDdAHJSpsx5M
zIVTSM/Gf4eFWc4=
-----END CERTIFICATE-----
Generated at Mon Apr 21 22:22:06 2025 by rpki-client