Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/qXiKNaqxSCiHBxs6UW_1f4AwXiU.roa
File: qXiKNaqxSCiHBxs6UW_1f4AwXiU.roa (raw, json)
Hash identifier: 8UyrXgo3kOd8XXGGj/dR3BGxxrvA5qDqEaFj9h1VT6w=
Subject key identifier: A9:78:8A:35:AA:B1:48:28:87:07:1B:3A:51:6F:F5:7F:80:30:5E:25
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018AF4C69E5D7EA811D85DF31F8C77A54067
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/qXiKNaqxSCiHBxs6UW_1f4AwXiU.roa
Signing time: Tue 03 Oct 2023 09:02:51 +0000
ROA not before: Tue 03 Oct 2023 09:02:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57043
IP address blocks: 2a11:3500::/29 maxlen: 29
2a0e:5800::/29 maxlen: 29
2a0f:2500::/29 maxlen: 29
2a13:d100::/29 maxlen: 29
2a0f:dfc0::/29 maxlen: 29
2a0d:1140::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f4:c6:9e:5d:7e:a8:11:d8:5d:f3:1f:8c:77:a5:40:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Oct 3 09:02:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a9788a35aab1482887071b3a516ff57f80305e25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:65:f7:23:5e:92:8c:34:fb:a7:58:85:17:9d:
7e:58:8f:ae:06:9f:70:80:1d:0e:41:08:2c:31:50:
42:3d:54:b1:93:da:e7:da:13:6f:9f:2c:0b:0f:74:
b5:9d:0a:1d:d8:e1:63:65:cb:0a:64:7d:59:29:c4:
3c:38:e7:75:cb:ad:5f:83:53:f2:42:06:72:36:09:
c0:ef:ef:fd:e3:d5:24:ba:85:bb:1a:d5:ab:7b:96:
94:46:d7:ec:ba:2e:25:03:c0:da:bb:a2:fc:a2:46:
1e:f0:e3:44:bf:07:21:fe:82:7f:1e:64:d1:28:93:
90:61:d0:2f:a3:3f:4e:cc:2d:0d:dc:28:25:6c:d8:
d4:6c:c8:de:89:c9:ca:a8:e2:01:6f:95:ec:32:08:
62:10:f3:8a:4a:83:e6:87:0a:66:db:c7:bf:aa:de:
60:91:54:d8:6d:87:8c:37:83:a4:07:ce:c0:67:3f:
56:5b:8f:84:78:15:f3:01:3b:a5:13:8c:0e:90:30:
19:66:8b:31:17:b5:73:86:98:0c:8d:74:27:a6:8d:
d6:df:3c:c1:6d:b5:b1:81:f6:98:2d:bb:66:67:1d:
ff:60:8b:22:19:4a:d9:97:26:eb:d3:77:57:2e:7f:
9c:2e:ef:1f:03:de:fa:73:74:60:e7:e4:d8:51:2b:
3f:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:78:8A:35:AA:B1:48:28:87:07:1B:3A:51:6F:F5:7F:80:30:5E:25
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/qXiKNaqxSCiHBxs6UW_1f4AwXiU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:1140::/29
2a0e:5800::/29
2a0f:2500::/29
2a0f:dfc0::/29
2a11:3500::/29
2a13:d100::/29
Signature Algorithm: sha256WithRSAEncryption
92:0f:31:69:9d:8f:0e:33:38:21:00:de:82:6f:5c:58:99:9f:
ce:de:4e:72:f9:82:37:09:d4:fa:d9:d7:99:15:1a:37:1c:73:
42:ce:07:68:b5:16:22:5c:fa:a3:17:41:e4:02:35:c7:fd:6f:
62:3b:68:2d:83:fc:79:3f:42:3a:9d:cb:be:40:a6:6e:0a:fa:
d7:22:77:a9:80:93:a3:19:be:70:d4:d4:00:51:75:23:26:b9:
a1:dd:1e:ef:52:d4:a7:ca:d7:3b:c5:ed:50:e0:dd:5c:36:15:
14:62:3a:f1:b1:99:e3:0d:17:eb:0f:e8:ed:e9:d5:c4:b5:d5:
8f:3a:14:ad:e6:8d:2e:ec:46:00:70:61:c5:57:c6:c4:2f:e2:
14:de:12:6d:49:b9:60:26:83:06:23:bb:71:84:3a:cb:c9:05:
ea:9a:86:77:15:dd:1b:01:15:a1:f3:5f:d1:00:01:cd:ce:05:
9a:c6:58:fd:cd:2e:87:33:ce:f8:e9:69:de:96:8d:78:81:72:
55:f9:4c:c3:b6:ea:ab:d5:85:1e:00:31:2f:ee:ef:fb:7f:f5:
10:dc:0f:72:8e:3f:9c:48:82:b4:a2:28:a0:5a:f3:a8:5a:26:
4f:db:b2:ca:5f:3d:23:e3:e5:a2:c0:bc:51:60:9d:82:7d:07:
53:29:22:f5
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYr0xp5dfqgR2F3zH4x3pUBnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMxMDAzMDkwMjUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTc4OGEzNWFhYjE0ODI4ODcwNzFiM2E1MTZmZjU3ZjgwMzA1ZTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjWX3I16SjDT7p1iFF51+WI+uBp9w
gB0OQQgsMVBCPVSxk9rn2hNvnywLD3S1nQod2OFjZcsKZH1ZKcQ8OOd1y61fg1Py
QgZyNgnA7+/949UkuoW7GtWre5aURtfsui4lA8Dau6L8okYe8ONEvwch/oJ/HmTR
KJOQYdAvoz9OzC0N3CglbNjUbMjeicnKqOIBb5XsMghiEPOKSoPmhwpm28e/qt5g
kVTYbYeMN4OkB87AZz9WW4+EeBXzATulE4wOkDAZZosxF7VzhpgMjXQnpo3W3zzB
bbWxgfaYLbtmZx3/YIsiGUrZlybr03dXLn+cLu8fA976c3Rg5+TYUSs/oQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFKl4ijWqsUgohwcbOlFv9X+AMF4lMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvcVhpS05hcXhTQ2lIQnhzNlVXXzFmNEF3WGlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAAjAqAwUDKg0RQAMF
AyoOWAADBQMqDyUAAwUDKg/fwAMFAyoRNQADBQMqE9EAMA0GCSqGSIb3DQEBCwUA
A4IBAQCSDzFpnY8OMzghAN6Cb1xYmZ/O3k5y+YI3CdT62deZFRo3HHNCzgdotRYi
XPqjF0HkAjXH/W9iO2gtg/x5P0I6ncu+QKZuCvrXInepgJOjGb5w1NQAUXUjJrmh
3R7vUtSnytc7xe1Q4N1cNhUUYjrxsZnjDRfrD+jt6dXEtdWPOhSt5o0u7EYAcGHF
V8bEL+IU3hJtSblgJoMGI7txhDrLyQXqmoZ3Fd0bARWh81/RAAHNzgWaxlj9zS6H
M8746Wnelo14gXJV+UzDtuqr1YUeADEv7u/7f/UQ3A9yjj+cSIK0oiigWvOoWiZP
27LKXz0j4+WiwLxRYJ2CfQdTKSL1
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:01:42 2025 by rpki-client