Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/qJ_Fg7McC3CRqe4ideRp_UNPK9g.roa
File: qJ_Fg7McC3CRqe4ideRp_UNPK9g.roa (raw, json)
Hash identifier: 8o01Xd/0Gslht9zelL5Ok3i4Abegs0DGs8YIk83MwmE=
Subject key identifier: A8:9F:C5:83:B3:1C:0B:70:91:A9:EE:22:75:E4:69:FD:43:4F:2B:D8
Certificate issuer: /CN=b05d28d16626bc5dcabf2e915435782b96e14071
Certificate serial: 21AA9AF4
Authority key identifier: B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/qJ_Fg7McC3CRqe4ideRp_UNPK9g.roa
Signing time: Tue 22 Feb 2022 13:52:06 +0000
ROA not before: Tue 22 Feb 2022 13:52:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 13127
IP address blocks: 2a07:3501:1081::/48 maxlen: 48
2a07:3501:1080::/48 maxlen: 48
2a04:9a00:1118::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 564828916 (0x21aa9af4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b05d28d16626bc5dcabf2e915435782b96e14071
Validity
Not Before: Feb 22 13:52:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a89fc583b31c0b7091a9ee2275e469fd434f2bd8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:ee:52:a1:e6:58:db:9b:4b:f5:53:31:53:fc:
25:15:47:4e:b6:ab:29:2b:46:e2:f3:f1:d9:3b:04:
cc:b2:8a:31:8e:17:68:0b:7c:43:c8:25:f2:d1:8d:
35:0a:7e:54:ba:57:4c:90:d5:e3:54:6c:cc:11:06:
e3:42:fd:32:0b:df:7c:62:74:6a:57:03:7c:5c:54:
c0:ab:b3:86:e7:df:7c:11:e2:d0:ed:c7:28:a9:90:
dc:f2:36:69:14:e2:b4:09:c6:92:56:a5:6a:d6:ee:
3f:4d:81:57:6b:c9:7a:fe:7d:b0:fc:a1:fa:e4:94:
ff:7e:55:e2:65:5c:88:88:b7:72:e2:9a:e5:d9:0d:
1e:61:5e:6f:cc:04:7e:0b:d6:2a:30:14:c3:a8:e1:
38:5c:67:a6:0a:7d:f3:08:8f:6b:1a:55:f9:60:e3:
c9:ab:81:89:48:52:86:a2:db:99:2b:b4:ee:4c:be:
32:a0:18:18:5d:b0:cc:df:fd:04:77:23:d5:82:91:
bc:72:5f:74:7a:1b:1d:49:6d:f4:8b:24:88:89:f3:
5b:3e:3c:34:c2:98:27:3a:d0:c8:1b:79:cf:53:ac:
63:ae:c5:b0:0a:56:54:9f:fe:a7:2e:10:f9:db:31:
77:05:1d:a8:c5:27:a9:5a:b1:05:74:5f:eb:45:21:
b7:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:9F:C5:83:B3:1C:0B:70:91:A9:EE:22:75:E4:69:FD:43:4F:2B:D8
X509v3 Authority Key Identifier:
keyid:B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/qJ_Fg7McC3CRqe4ideRp_UNPK9g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:9a00:1118::/48
2a07:3501:1080::/47
Signature Algorithm: sha256WithRSAEncryption
42:eb:86:aa:ac:c1:6d:c1:76:7f:db:19:a9:6d:27:30:07:cf:
50:bb:ad:ce:fa:42:bf:cf:2a:39:c9:6b:b0:34:4d:5a:18:fd:
61:49:36:15:8f:93:85:48:57:b6:a7:be:5d:25:f8:5d:3c:cb:
28:b4:f4:7b:a5:df:64:66:39:fc:a4:62:03:3f:a8:b0:a4:bd:
8f:0d:7d:fd:b3:0b:06:5c:0b:49:95:65:4f:0e:4c:9b:2f:c4:
ee:fc:7e:d2:71:eb:18:0e:b7:66:be:a5:1b:27:fd:ea:bc:b4:
67:bf:37:46:d0:c7:14:de:2b:21:77:09:95:89:dd:43:d6:3c:
17:f8:f5:73:6c:85:b8:3b:43:44:07:a9:3f:ae:ce:22:98:c1:
a5:a1:74:b9:5e:8f:96:06:fd:9b:99:7c:07:72:f6:9f:68:03:
51:56:1d:23:a1:c7:55:c3:77:c8:04:f2:7b:7f:7e:22:8a:ec:
cd:83:38:f1:56:6e:65:08:5f:f2:9d:ad:a8:37:83:bf:71:1f:
db:69:43:05:20:2c:4d:48:ad:ef:fd:1e:6e:99:91:a8:c7:78:
d1:77:be:0b:95:d2:c0:54:1c:35:87:27:a5:6d:56:d5:d1:af:
5d:5f:76:52:b6:18:ca:19:b4:d5:39:2e:ed:0c:ef:0c:82:88:
59:eb:0f:6f
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEIaqa9DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MDVkMjhkMTY2MjZiYzVkY2FiZjJlOTE1NDM1NzgyYjk2ZTE0MDcxMB4XDTIyMDIy
MjEzNTIwNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTg5ZmM1ODNiMzFj
MGI3MDkxYTllZTIyNzVlNDY5ZmQ0MzRmMmJkODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJPuUqHmWNubS/VTMVP8JRVHTrarKStG4vPx2TsEzLKKMY4X
aAt8Q8gl8tGNNQp+VLpXTJDV41RszBEG40L9MgvffGJ0alcDfFxUwKuzhufffBHi
0O3HKKmQ3PI2aRTitAnGklalatbuP02BV2vJev59sPyh+uSU/35V4mVciIi3cuKa
5dkNHmFeb8wEfgvWKjAUw6jhOFxnpgp98wiPaxpV+WDjyauBiUhShqLbmSu07ky+
MqAYGF2wzN/9BHcj1YKRvHJfdHobHUlt9IskiInzWz48NMKYJzrQyBt5z1OsY67F
sApWVJ/+py4Q+dsxdwUdqMUnqVqxBXRf60Uht+sCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBSon8WDsxwLcJGp7iJ15Gn9Q08r2DAfBgNVHSMEGDAWgBSwXSjRZia8Xcq/
LpFUNXgrluFAcTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NGMG8wV1ltdkYzS3Z5NlJWRFY0SzViaFFIRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzMvYmJhOTczLTdjOWYtNGIxMS1iNjExLWFkNTc1NTIyYjM2NS8x
L3FKX0ZnN01jQzNDUnFlNGlkZVJwX1VOUEs5Zy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzMv
YmJhOTczLTdjOWYtNGIxMS1iNjExLWFkNTc1NTIyYjM2NS8xL3NGMG8wV1ltdkYz
S3Z5NlJWRFY0SzViaFFIRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAIwEgMHACoEmgARGAMHASoHNQEQgDANBgkq
hkiG9w0BAQsFAAOCAQEAQuuGqqzBbcF2f9sZqW0nMAfPULutzvpCv88qOclrsDRN
Whj9YUk2FY+ThUhXtqe+XSX4XTzLKLT0e6XfZGY5/KRiAz+osKS9jw19/bMLBlwL
SZVlTw5Mmy/E7vx+0nHrGA63Zr6lGyf96ry0Z783RtDHFN4rIXcJlYndQ9Y8F/j1
c2yFuDtDRAepP67OIpjBpaF0uV6Plgb9m5l8B3L2n2gDUVYdI6HHVcN3yATye39+
IorszYM48VZuZQhf8p2tqDeDv3Ef22lDBSAsTUit7/0ebpmRqMd40Xe+C5XSwFQc
NYcnpW1W1dGvXV92UrYYyhm01Tku7QzvDIKIWesPbw==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:43:28 2025 by rpki-client