Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/QkYEGRXSm1tRs6fUWoN2El2NOzA.roa
File: QkYEGRXSm1tRs6fUWoN2El2NOzA.roa (raw, json)
Hash identifier: MP4nHuf2IRbLXK+7Kz7PhW3rHA3rvr287WVX8dcPUoY=
Subject key identifier: 42:46:04:19:15:D2:9B:5B:51:B3:A7:D4:5A:83:76:12:5D:8D:3B:30
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0184E7C95068F5F0D30ADDF2DBFEE2F344DC
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/QkYEGRXSm1tRs6fUWoN2El2NOzA.roa
Signing time: Tue 06 Dec 2022 14:14:00 +0000
ROA not before: Tue 06 Dec 2022 14:14:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 30633
IP address blocks: 2a0f:1e00:987::/48 maxlen: 48
2a0f:1e81:92e8::/48 maxlen: 48
2a0f:39c1::/32 maxlen: 32
2a0e:c780::/32 maxlen: 32
2a0f:7f00::/32 maxlen: 32
2a12:ac40::/48 maxlen: 48
2a0f:e940::/29 maxlen: 29
2a0f:1e81:4319::/48 maxlen: 48
2a0f:1e00:456::/48 maxlen: 48
2a0f:a00::/32 maxlen: 32
2a0e:f201:1::/48 maxlen: 48
2a0f:3d84::/32 maxlen: 32
2a0e:5a80::/29 maxlen: 29
2a0f:1e01:1::/48 maxlen: 48
2a0f:3d80:123::/48 maxlen: 48
2a0f:1e81:2::/48 maxlen: 48
2a12:d540::/29 maxlen: 29
2a0f:39c0::/32 maxlen: 32
2a0f:1e81:cdae::/48 maxlen: 48
2a07:f300::/29 maxlen: 29
2a0e:1a80::/32 maxlen: 32
2a0f:1e81:1293::/48 maxlen: 48
2a0f:3d87::/32 maxlen: 32
2a0f:1e00:abc::/48 maxlen: 48
2a0f:1e81:a3d0::/48 maxlen: 48
2a12:ac40:f::/48 maxlen: 48
2a0f:a01::/32 maxlen: 32
2a0f:1e00:123::/48 maxlen: 48
2a0f:1e00:def9::/48 maxlen: 48
2a0f:3d82::/32 maxlen: 32
2a0f:7f01::/32 maxlen: 32
2a0f:e842::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:e7:c9:50:68:f5:f0:d3:0a:dd:f2:db:fe:e2:f3:44:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Dec 6 14:14:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4246041915d29b5b51b3a7d45a8376125d8d3b30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:7b:65:ac:91:b2:e6:5d:b8:c2:31:60:d5:e4:
9b:7c:e3:b5:23:06:81:06:4a:96:a5:b1:90:c0:2c:
e4:f4:6a:4c:4d:7a:f2:e9:68:4d:a5:1a:9d:75:64:
3c:8d:99:4a:a5:1a:e5:58:3a:e1:0f:8b:1e:52:d0:
76:63:9f:59:c6:77:25:4b:b2:17:9e:1b:61:93:18:
56:7b:1c:55:14:84:f9:90:f6:20:0b:3d:4e:54:63:
23:c7:d2:b4:00:86:07:8f:db:70:84:2b:99:e1:62:
74:d6:07:1f:b8:55:a3:aa:b5:1d:8b:f7:a1:69:c7:
49:27:a1:57:22:15:03:db:85:99:c6:13:88:11:d0:
f6:d9:2c:7f:a8:4c:27:93:df:6b:f3:9f:af:43:9f:
c1:e6:b0:6c:9d:29:69:9d:9e:ee:ec:8c:9e:db:f8:
76:18:a0:14:c9:91:29:12:60:4c:77:1d:72:6a:ab:
6c:0c:90:dc:41:ba:90:62:bd:52:61:5a:23:19:98:
c5:c0:fc:1d:8e:98:43:0a:6b:bd:3b:45:5e:33:fe:
52:5e:b1:32:81:78:bb:09:a8:76:46:65:40:ae:7e:
39:b0:4b:e3:3e:e2:30:c5:fc:32:aa:dc:a0:ee:a1:
a0:59:16:39:3b:cd:5c:bd:a1:56:e4:ca:0f:58:44:
8e:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:46:04:19:15:D2:9B:5B:51:B3:A7:D4:5A:83:76:12:5D:8D:3B:30
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/QkYEGRXSm1tRs6fUWoN2El2NOzA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:f300::/29
2a0e:1a80::/32
2a0e:5a80::/29
2a0e:c780::/32
2a0e:f201:1::/48
2a0f:a00::/31
2a0f:1e00:123::/48
2a0f:1e00:456::/48
2a0f:1e00:987::/48
2a0f:1e00:abc::/48
2a0f:1e00:def9::/48
2a0f:1e01:1::/48
2a0f:1e81:2::/48
2a0f:1e81:1293::/48
2a0f:1e81:4319::/48
2a0f:1e81:92e8::/48
2a0f:1e81:a3d0::/48
2a0f:1e81:cdae::/48
2a0f:39c0::/31
2a0f:3d80:123::/48
2a0f:3d82::/32
2a0f:3d84::/32
2a0f:3d87::/32
2a0f:7f00::/31
2a0f:e842::/32
2a0f:e940::/29
2a12:ac40::/48
2a12:ac40:f::/48
2a12:d540::/29
Signature Algorithm: sha256WithRSAEncryption
a9:7e:9c:26:2c:c4:05:bc:5b:df:92:80:e4:20:d8:bb:17:1f:
b3:4e:1f:58:93:38:a4:6f:35:39:c1:97:df:81:09:49:10:39:
e7:cc:13:66:75:48:34:c1:06:dd:4a:5c:34:a9:04:fc:d7:00:
3e:5a:12:8d:3c:05:b1:2d:f5:34:1d:f4:15:3d:8f:90:b2:44:
7f:87:b9:5e:21:f2:36:01:14:e4:8d:e7:48:f1:a0:3a:72:31:
bd:0b:d9:1b:d3:f9:4b:5f:74:c9:fe:4d:f2:c4:c5:b6:e9:72:
c8:3b:fb:e8:c1:3c:10:1e:96:b9:9d:5f:02:ea:e7:47:91:7c:
ef:5a:6a:bb:d6:47:3d:fb:12:b3:45:7d:5a:9a:25:9c:79:36:
c0:ba:47:fd:17:0f:23:d9:f1:e8:e7:6f:41:7e:9e:18:76:ed:
0d:90:61:49:f6:07:5a:47:80:12:bb:b7:06:3f:a8:d1:4b:02:
05:c7:41:10:e1:09:7d:a0:7e:62:56:27:84:aa:d6:08:be:64:
26:7b:9a:29:b4:1d:ad:65:0d:e0:c5:dd:b1:e7:aa:57:f2:ea:
18:5a:56:ab:30:9e:05:62:4a:27:80:6c:54:c9:cb:cf:1a:9f:
d3:47:f6:b3:8d:d9:ae:53:3b:c2:e8:8b:cc:fc:c2:de:0c:10:
70:b8:a2:ef
-----BEGIN CERTIFICATE-----
MIIF6DCCBNCgAwIBAgISAYTnyVBo9fDTCt3y2/7i80TcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjIxMjA2MTQxNDAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjQ2MDQxOTE1ZDI5YjViNTFiM2E3ZDQ1YTgzNzYxMjVkOGQzYjMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoXtlrJGy5l24wjFg1eSbfOO1IwaB
BkqWpbGQwCzk9GpMTXry6WhNpRqddWQ8jZlKpRrlWDrhD4seUtB2Y59ZxnclS7IX
nhthkxhWexxVFIT5kPYgCz1OVGMjx9K0AIYHj9twhCuZ4WJ01gcfuFWjqrUdi/eh
acdJJ6FXIhUD24WZxhOIEdD22Sx/qEwnk99r85+vQ5/B5rBsnSlpnZ7u7Iye2/h2
GKAUyZEpEmBMdx1yaqtsDJDcQbqQYr1SYVojGZjFwPwdjphDCmu9O0VeM/5SXrEy
gXi7Cah2RmVArn45sEvjPuIwxfwyqtyg7qGgWRY5O81cvaFW5MoPWESOdwIDAQAB
o4IC9DCCAvAwHQYDVR0OBBYEFEJGBBkV0ptbUbOn1FqDdhJdjTswMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvUWtZRUdSWFNtMXRSczZmVVdvTjJFbDJOT3pBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBCAYIKwYBBQUHAQcBAf8EgfgwgfUwgfIEAgACMIHrAwUD
KgfzAAMFACoOGoADBQMqDlqAAwUAKg7HgAMHACoO8gEAAQMFASoPCgADBwAqDx4A
ASMDBwAqDx4ABFYDBwAqDx4ACYcDBwAqDx4ACrwDBwAqDx4A3vkDBwAqDx4BAAED
BwAqDx6BAAIDBwAqDx6BEpMDBwAqDx6BQxkDBwAqDx6BkugDBwAqDx6Bo9ADBwAq
Dx6Bza4DBQEqDznAAwcAKg89gAEjAwUAKg89ggMFACoPPYQDBQAqDz2HAwUBKg9/
AAMFACoP6EIDBQMqD+lAAwcAKhKsQAAAAwcAKhKsQAAPAwUDKhLVQDANBgkqhkiG
9w0BAQsFAAOCAQEAqX6cJizEBbxb35KA5CDYuxcfs04fWJM4pG81OcGX34EJSRA5
58wTZnVINMEG3UpcNKkE/NcAPloSjTwFsS31NB30FT2PkLJEf4e5XiHyNgEU5I3n
SPGgOnIxvQvZG9P5S190yf5N8sTFtulyyDv76ME8EB6WuZ1fAurnR5F871pqu9ZH
PfsSs0V9WpolnHk2wLpH/RcPI9nx6OdvQX6eGHbtDZBhSfYHWkeAEru3Bj+o0UsC
BcdBEOEJfaB+YlYnhKrWCL5kJnuaKbQdrWUN4MXdseeqV/LqGFpWqzCeBWJKJ4Bs
VMnLzxqf00f2s43ZrlM7wuiLzPzC3gwQcLii7w==
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:40:05 2025 by rpki-client