Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/d4a89c-54b2-445b-bb7c-609a48b2b14d/1/qvmm33IOaouJXy-qmukSFJgJ7hY.roa
File: qvmm33IOaouJXy-qmukSFJgJ7hY.roa (raw, json)
Hash identifier: vsbteUFrCz3bzhzOyDiySsxdQguQMXBjrVGR5nWMRUY=
Subject key identifier: AA:F9:A6:DF:72:0E:6A:8B:89:5F:2F:AA:9A:E9:12:14:98:09:EE:16
Certificate issuer: /CN=387d6df7eb7542e0333aeedd14adff8f51f8cbd8
Certificate serial: 01821CC0F3FEBDF3EAEA88418C7E25B9E43A
Authority key identifier: 38:7D:6D:F7:EB:75:42:E0:33:3A:EE:DD:14:AD:FF:8F:51:F8:CB:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OH1t9-t1QuAzOu7dFK3_j1H4y9g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/d4a89c-54b2-445b-bb7c-609a48b2b14d/1/qvmm33IOaouJXy-qmukSFJgJ7hY.roa
Signing time: Wed 20 Jul 2022 17:56:23 +0000
ROA not before: Wed 20 Jul 2022 17:56:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 213044
IP address blocks: 2a0a:d6c0:217::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:1c:c0:f3:fe:bd:f3:ea:ea:88:41:8c:7e:25:b9:e4:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=387d6df7eb7542e0333aeedd14adff8f51f8cbd8
Validity
Not Before: Jul 20 17:56:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=aaf9a6df720e6a8b895f2faa9ae912149809ee16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:23:a9:ee:ed:0d:0a:ae:08:b1:a2:80:22:34:
fe:d9:5b:7d:d2:66:39:e5:31:cb:37:22:4a:18:a5:
29:1b:c4:46:cb:d5:8a:d8:c4:3f:93:61:7a:66:6a:
09:d6:a4:4c:0f:10:75:e0:5c:93:58:b9:51:b5:19:
f5:b6:66:30:8e:c7:3e:c3:a9:90:03:78:da:aa:df:
a0:11:e2:79:e1:b9:40:bc:17:1e:56:36:4f:a5:6c:
7d:67:9a:d4:85:5f:d9:07:91:09:e8:15:09:c1:c9:
d6:f0:39:48:6c:4c:89:84:38:36:65:1a:b9:6e:d2:
e1:d2:65:97:1e:c4:d1:74:ca:6f:4b:b9:4d:9c:52:
e8:00:6b:53:6e:6c:c1:c6:4c:8a:9d:06:5f:c6:c4:
a4:1a:82:43:7d:ca:2e:66:42:0b:19:12:05:37:d3:
88:df:d9:c6:42:3d:f6:86:88:56:9e:cc:42:59:b7:
4b:7b:73:d3:44:14:68:bd:05:a3:aa:20:1f:25:7d:
1f:d1:ae:38:4c:b5:3e:11:10:5d:99:7c:96:f2:4d:
81:af:5f:90:0b:e7:86:23:9c:46:47:c0:03:38:74:
0c:cb:29:60:c0:e3:9f:9f:06:c3:97:07:3b:a7:04:
bc:08:51:9b:6c:f4:53:a1:4c:22:cf:1f:e6:a7:4e:
68:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:F9:A6:DF:72:0E:6A:8B:89:5F:2F:AA:9A:E9:12:14:98:09:EE:16
X509v3 Authority Key Identifier:
keyid:38:7D:6D:F7:EB:75:42:E0:33:3A:EE:DD:14:AD:FF:8F:51:F8:CB:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OH1t9-t1QuAzOu7dFK3_j1H4y9g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/d4a89c-54b2-445b-bb7c-609a48b2b14d/1/qvmm33IOaouJXy-qmukSFJgJ7hY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/d4a89c-54b2-445b-bb7c-609a48b2b14d/1/OH1t9-t1QuAzOu7dFK3_j1H4y9g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:d6c0:217::/48
Signature Algorithm: sha256WithRSAEncryption
88:bb:ba:92:0e:14:04:ec:fd:7c:c3:9b:68:6b:69:b2:f4:5c:
56:2f:97:1d:ec:c1:21:ff:07:df:58:e7:fe:c1:2d:61:bd:92:
d2:42:f0:a5:f2:0d:79:b0:83:f0:55:38:01:47:89:88:8d:65:
9e:d2:97:81:e8:7e:61:04:c2:b6:d9:08:e7:39:b5:31:15:fc:
b5:08:72:0e:81:a5:c4:8b:8e:54:ed:eb:2b:f7:6f:c8:9c:ab:
d0:4c:76:23:f5:9e:4f:a5:50:c1:47:84:c4:0c:01:90:a9:23:
65:db:17:60:93:be:e4:12:c9:8c:be:68:d0:6d:0c:08:36:94:
dc:52:89:a6:6f:cd:da:9b:9d:83:29:a8:71:76:41:aa:7d:76:
76:07:f5:71:d3:2b:bd:e2:1e:39:f4:f8:ed:fb:01:f0:20:71:
54:6b:32:ef:f5:08:37:a7:00:ff:54:50:f7:a8:ad:7c:7f:9f:
10:23:d9:c4:f3:e0:a8:0e:fa:2e:fc:88:71:3e:4a:3a:4f:25:
66:5d:cf:e8:fc:66:68:54:30:ff:8f:53:91:cc:1f:c7:73:ca:
b3:04:e8:b4:cd:fe:cf:9a:61:f9:3a:ae:4a:44:c0:f2:0e:cc:
f8:7f:da:38:c4:be:d1:7e:ee:af:08:6f:e2:0e:dd:9b:f1:7a:
e5:aa:c6:10
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYIcwPP+vfPq6ohBjH4lueQ6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4N2Q2ZGY3ZWI3NTQyZTAzMzNhZWVkZDE0YWRmZjhmNTFm
OGNiZDgwHhcNMjIwNzIwMTc1NjIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYWY5YTZkZjcyMGU2YThiODk1ZjJmYWE5YWU5MTIxNDk4MDllZTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAySOp7u0NCq4IsaKAIjT+2Vt90mY5
5THLNyJKGKUpG8RGy9WK2MQ/k2F6ZmoJ1qRMDxB14FyTWLlRtRn1tmYwjsc+w6mQ
A3jaqt+gEeJ54blAvBceVjZPpWx9Z5rUhV/ZB5EJ6BUJwcnW8DlIbEyJhDg2ZRq5
btLh0mWXHsTRdMpvS7lNnFLoAGtTbmzBxkyKnQZfxsSkGoJDfcouZkILGRIFN9OI
39nGQj32hohWnsxCWbdLe3PTRBRovQWjqiAfJX0f0a44TLU+ERBdmXyW8k2Br1+Q
C+eGI5xGR8ADOHQMyylgwOOfnwbDlwc7pwS8CFGbbPRToUwizx/mp05oSwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKr5pt9yDmqLiV8vqprpEhSYCe4WMB8GA1UdIwQY
MBaAFDh9bffrdULgMzru3RSt/49R+MvYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0gxdDktdDFRdUF6T3U3ZEZLM19qMUg0eTlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9kNGE4OWMtNTRiMi00NDViLWJiN2Mt
NjA5YTQ4YjJiMTRkLzEvcXZtbTMzSU9hb3VKWHktcW11a1NGSmdKN2hZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9kNGE4OWMtNTRiMi00NDViLWJiN2MtNjA5YTQ4YjJiMTRk
LzEvT0gxdDktdDFRdUF6T3U3ZEZLM19qMUg0eTlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgrWwAIX
MA0GCSqGSIb3DQEBCwUAA4IBAQCIu7qSDhQE7P18w5toa2my9FxWL5cd7MEh/wff
WOf+wS1hvZLSQvCl8g15sIPwVTgBR4mIjWWe0peB6H5hBMK22QjnObUxFfy1CHIO
gaXEi45U7esr92/InKvQTHYj9Z5PpVDBR4TEDAGQqSNl2xdgk77kEsmMvmjQbQwI
NpTcUommb83am52DKahxdkGqfXZ2B/Vx0yu94h459Pjt+wHwIHFUazLv9Qg3pwD/
VFD3qK18f58QI9nE8+CoDvou/IhxPko6TyVmXc/o/GZoVDD/j1ORzB/Hc8qzBOi0
zf7PmmH5Oq5KRMDyDsz4f9o4xL7Rfu6vCG/iDt2b8XrlqsYQ
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:57:27 2025 by rpki-client