Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/stjQkW-GbPv7ZmUHMWAyHPO_LT4.roa
File: stjQkW-GbPv7ZmUHMWAyHPO_LT4.roa (raw, json)
Hash identifier: i/QoiCVrHrQy/ZuD2lOyagMunuTCxkXdTFfJXiVuhKU=
Subject key identifier: B2:D8:D0:91:6F:86:6C:FB:FB:66:65:07:31:60:32:1C:F3:BF:2D:3E
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018B84D72E3CCCBC94BCD07B8F972E893D3E
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/stjQkW-GbPv7ZmUHMWAyHPO_LT4.roa
Signing time: Tue 31 Oct 2023 08:26:16 +0000
ROA not before: Tue 31 Oct 2023 08:26:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205544
IP address blocks: 2a0f:e6c6:1::/48 maxlen: 48
2a13:e101:1::/48 maxlen: 48
2a0f:e1c0:1::/48 maxlen: 48
2a13:3380:1::/48 maxlen: 48
2a0f:e6c7:1::/48 maxlen: 48
2a0f:e6c5:1::/48 maxlen: 48
2a13:e100:1::/48 maxlen: 48
2a0f:e440::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:84:d7:2e:3c:cc:bc:94:bc:d0:7b:8f:97:2e:89:3d:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Oct 31 08:26:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b2d8d0916f866cfbfb6665073160321cf3bf2d3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:27:7b:ea:14:b8:af:3f:db:d2:b0:15:58:0d:
7c:49:54:30:9c:b9:14:cb:ea:8f:52:89:62:83:98:
33:17:f1:83:f0:1e:cb:d5:6c:9c:2e:85:2e:09:c9:
b7:71:27:db:23:98:64:d4:a8:00:e3:83:ff:f7:bb:
c5:59:5e:cf:19:34:24:c5:d5:36:5f:da:cf:42:fb:
72:8f:3a:e3:5b:d5:9f:26:93:02:35:b7:65:dc:b6:
b8:41:e5:81:54:e4:f0:97:1a:54:15:61:c2:23:d7:
46:51:72:d9:16:81:fe:5e:b7:28:44:5c:0d:bd:4a:
ba:19:0b:ec:75:2c:4e:0d:b1:dd:e2:e3:90:47:08:
f9:07:89:c8:ca:76:cf:d3:ab:7e:0b:cf:fe:87:7d:
ac:0c:34:d9:d1:28:30:79:01:37:48:59:b8:50:81:
5d:ea:3a:b8:af:07:33:b5:66:9a:a3:95:67:73:a0:
be:28:8b:28:ab:5a:95:68:7f:14:a0:47:5d:2c:f2:
e5:77:b6:75:e6:ec:c8:aa:45:e9:7f:f0:16:06:e0:
6c:a7:de:1e:17:7b:c6:00:7b:06:eb:e3:7c:c0:4b:
1d:2f:f7:04:bf:c9:8e:73:c3:9a:36:3d:b6:c2:d4:
0b:aa:3c:6f:87:a6:6e:33:fb:bb:3d:f8:a4:3f:3d:
26:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:D8:D0:91:6F:86:6C:FB:FB:66:65:07:31:60:32:1C:F3:BF:2D:3E
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/stjQkW-GbPv7ZmUHMWAyHPO_LT4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:e1c0:1::/48
2a0f:e440::/29
2a0f:e6c5:1::/48
2a0f:e6c6:1::/48
2a0f:e6c7:1::/48
2a13:3380:1::/48
2a13:e100:1::/48
2a13:e101:1::/48
Signature Algorithm: sha256WithRSAEncryption
99:5b:81:5b:83:97:f9:1b:43:7f:8b:99:3e:bf:62:82:b3:bf:
3d:30:5f:51:98:92:e5:5f:0f:a6:80:f7:cf:da:aa:0e:a0:d7:
e3:ab:1c:bb:ad:f4:94:f6:67:25:e6:b4:80:28:90:bc:08:66:
37:4b:ec:9e:1e:9e:75:1c:9c:65:d9:2a:c7:43:e3:d8:bf:46:
3c:25:d7:df:78:f3:25:74:9f:5e:04:f8:27:c8:6d:60:53:59:
b8:4d:8a:7b:7b:09:f8:bb:4a:e5:c7:fb:2f:03:f8:61:5f:c7:
ca:18:7f:a9:e6:ec:78:0c:07:f9:24:42:ef:79:b6:90:77:85:
b9:70:95:c6:9c:17:25:13:15:7a:3c:65:3c:44:24:88:8a:f8:
fc:b9:5b:25:d2:7c:58:07:bf:ab:23:5b:4d:90:87:53:8f:bd:
75:13:94:c2:2e:58:84:37:c0:d8:29:1f:c4:9a:84:1d:7b:41:
65:d5:03:58:3b:43:ad:47:f4:47:32:8c:a2:dd:76:a5:4c:30:
2f:d9:13:69:11:84:35:db:30:7c:e1:d1:e0:fc:91:88:5e:4c:
5c:68:dc:a7:0f:47:16:2a:c8:0e:34:ed:ed:71:ba:ce:f3:e3:
47:ce:3a:a8:e1:fe:06:81:c8:25:8a:8f:11:2f:16:0b:de:e4:
21:65:ea:28
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAYuE1y48zLyUvNB7j5cuiT0+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMxMDMxMDgyNjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMmQ4ZDA5MTZmODY2Y2ZiZmI2NjY1MDczMTYwMzIxY2YzYmYyZDNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjCd76hS4rz/b0rAVWA18SVQwnLkU
y+qPUolig5gzF/GD8B7L1WycLoUuCcm3cSfbI5hk1KgA44P/97vFWV7PGTQkxdU2
X9rPQvtyjzrjW9WfJpMCNbdl3La4QeWBVOTwlxpUFWHCI9dGUXLZFoH+XrcoRFwN
vUq6GQvsdSxODbHd4uOQRwj5B4nIynbP06t+C8/+h32sDDTZ0SgweQE3SFm4UIFd
6jq4rwcztWaao5Vnc6C+KIsoq1qVaH8UoEddLPLld7Z15uzIqkXpf/AWBuBsp94e
F3vGAHsG6+N8wEsdL/cEv8mOc8OaNj22wtQLqjxvh6ZuM/u7PfikPz0m9wIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFLLY0JFvhmz7+2ZlBzFgMhzzvy0+MB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvc3RqUWtXLUdiUHY3Wm1VSE1XQXlIUE9fTFQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjBMBAIAAjBGAwcAKg/hwAAB
AwUDKg/kQAMHACoP5sUAAQMHACoP5sYAAQMHACoP5scAAQMHACoTM4AAAQMHACoT
4QAAAQMHACoT4QEAATANBgkqhkiG9w0BAQsFAAOCAQEAmVuBW4OX+RtDf4uZPr9i
grO/PTBfUZiS5V8PpoD3z9qqDqDX46scu630lPZnJea0gCiQvAhmN0vsnh6edRyc
Zdkqx0Pj2L9GPCXX33jzJXSfXgT4J8htYFNZuE2Ke3sJ+LtK5cf7LwP4YV/Hyhh/
qebseAwH+SRC73m2kHeFuXCVxpwXJRMVejxlPEQkiIr4/LlbJdJ8WAe/qyNbTZCH
U4+9dROUwi5YhDfA2CkfxJqEHXtBZdUDWDtDrUf0RzKMot12pUwwL9kTaRGENdsw
fOHR4PyRiF5MXGjcpw9HFirIDjTt7XG6zvPjR846qOH+BoHIJYqPES8WC97kIWXq
KA==
-----END CERTIFICATE-----
Generated at Tue Apr 22 01:04:34 2025 by rpki-client