Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/8f50aa-5456-4159-8840-b01d8f295c19/1/bqptcmJ5047CM_1DrkZoWKY-cMA.roa
File: bqptcmJ5047CM_1DrkZoWKY-cMA.roa (raw, json)
Hash identifier: walkd4/DChlo/EB0e+YnVzMtWX/HD+OD7btF93eFuI0=
Subject key identifier: 6E:AA:6D:72:62:79:D3:8E:C2:33:FD:43:AE:46:68:58:A6:3E:70:C0
Certificate issuer: /CN=67aba9afa37d9bce407fe23c7919892d9d9c0939
Certificate serial: 018ADAA1BCB1BB8C5D9BA86AB3F0D4FCA97E
Authority key identifier: 67:AB:A9:AF:A3:7D:9B:CE:40:7F:E2:3C:79:19:89:2D:9D:9C:09:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z6upr6N9m85Af-I8eRmJLZ2cCTk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/8f50aa-5456-4159-8840-b01d8f295c19/1/bqptcmJ5047CM_1DrkZoWKY-cMA.roa
Signing time: Thu 28 Sep 2023 07:12:27 +0000
ROA not before: Thu 28 Sep 2023 07:12:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 2001:67c:a0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:da:a1:bc:b1:bb:8c:5d:9b:a8:6a:b3:f0:d4:fc:a9:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67aba9afa37d9bce407fe23c7919892d9d9c0939
Validity
Not Before: Sep 28 07:12:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6eaa6d726279d38ec233fd43ae466858a63e70c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:70:91:f4:83:de:fc:3e:24:47:9d:eb:bf:78:
1e:70:e0:f9:9c:15:9a:f5:4a:0b:56:a8:c2:6c:ce:
c7:01:b3:17:e0:81:c9:d5:da:da:53:7e:b4:6c:3f:
1a:38:54:84:37:ca:70:b3:46:31:28:7f:94:bf:8f:
89:b0:60:a8:d6:bb:53:47:fe:9b:e0:d8:d4:4b:2e:
c6:31:83:4a:00:66:fa:9d:3d:3d:43:06:2a:c6:a6:
f9:c7:8e:1d:30:c6:67:f7:1e:47:49:0d:3d:f6:67:
c0:d1:f0:dc:f7:2c:01:7c:01:ba:66:ea:9a:3c:b7:
d4:1f:22:fc:e5:a4:d4:28:0d:07:ed:2f:29:56:fc:
5e:c5:1a:38:10:ee:d7:8f:66:67:b3:c1:e5:e7:e2:
94:29:70:dc:43:d8:40:6e:a9:b1:5e:02:77:e3:86:
fc:68:37:68:09:0e:ed:e6:1e:28:fa:62:6d:4a:2e:
09:35:20:82:2f:d4:35:53:9f:55:ca:a9:44:f7:c4:
a1:95:21:74:f2:18:5c:7a:03:92:ce:24:68:45:33:
6c:6b:39:1c:55:e4:71:a5:4d:60:2a:6e:44:0b:00:
46:45:06:da:7b:0d:95:71:a8:f2:48:a7:3a:15:ca:
90:92:ab:a9:38:ba:ed:bf:aa:8f:b9:5a:c8:c6:5c:
3e:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:AA:6D:72:62:79:D3:8E:C2:33:FD:43:AE:46:68:58:A6:3E:70:C0
X509v3 Authority Key Identifier:
keyid:67:AB:A9:AF:A3:7D:9B:CE:40:7F:E2:3C:79:19:89:2D:9D:9C:09:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z6upr6N9m85Af-I8eRmJLZ2cCTk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/8f50aa-5456-4159-8840-b01d8f295c19/1/bqptcmJ5047CM_1DrkZoWKY-cMA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/8f50aa-5456-4159-8840-b01d8f295c19/1/Z6upr6N9m85Af-I8eRmJLZ2cCTk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:a0::/48
Signature Algorithm: sha256WithRSAEncryption
1c:d0:72:f5:5d:ed:26:4e:e0:ca:42:07:e0:b6:1d:2a:99:a6:
08:8d:39:fc:de:b8:23:6d:69:aa:a9:da:36:33:33:63:9d:46:
4d:69:a2:5f:04:d2:11:91:ce:6d:36:ad:37:25:9e:b0:c2:2f:
60:14:c7:17:fa:d9:9a:99:b9:cb:64:47:c1:a4:37:a8:d8:3d:
94:1d:5d:dd:12:83:80:ee:4f:14:fa:6c:0b:b9:f3:48:d8:14:
79:4a:3c:54:62:af:cb:2e:c4:21:6e:20:cf:85:92:92:1f:41:
8f:f9:d4:d7:e1:07:40:77:e8:43:e3:31:c1:f6:97:51:45:c2:
4e:bd:67:f6:24:0f:c4:6c:80:38:8b:3c:89:d3:96:f6:45:60:
09:52:a4:fd:74:ff:9b:c4:66:90:d7:20:c4:8e:92:7d:b4:27:
5e:f1:d2:52:47:b3:2b:b0:ef:32:0e:1d:60:54:a3:d0:ec:2c:
3d:2f:90:bb:4a:0b:e9:ab:f0:aa:18:75:39:96:5a:76:22:a5:
4c:b9:ce:4d:e6:c0:08:e5:e5:21:e6:db:40:db:14:20:1f:74:
0a:c8:2b:06:5b:a1:a4:25:ba:86:b4:1c:d1:e5:dd:9e:bc:06:
a9:02:57:b0:10:d9:61:17:ad:9d:b4:eb:a7:03:cb:4c:fa:c7:
c4:26:d8:2c
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYraobyxu4xdm6hqs/DU/Kl+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3YWJhOWFmYTM3ZDliY2U0MDdmZTIzYzc5MTk4OTJkOWQ5
YzA5MzkwHhcNMjMwOTI4MDcxMjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWFhNmQ3MjYyNzlkMzhlYzIzM2ZkNDNhZTQ2Njg1OGE2M2U3MGMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi3CR9IPe/D4kR53rv3gecOD5nBWa
9UoLVqjCbM7HAbMX4IHJ1draU360bD8aOFSEN8pws0YxKH+Uv4+JsGCo1rtTR/6b
4NjUSy7GMYNKAGb6nT09QwYqxqb5x44dMMZn9x5HSQ099mfA0fDc9ywBfAG6Zuqa
PLfUHyL85aTUKA0H7S8pVvxexRo4EO7Xj2Zns8Hl5+KUKXDcQ9hAbqmxXgJ344b8
aDdoCQ7t5h4o+mJtSi4JNSCCL9Q1U59VyqlE98ShlSF08hhcegOSziRoRTNsazkc
VeRxpU1gKm5ECwBGRQbaew2VcajySKc6FcqQkqupOLrtv6qPuVrIxlw+cQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFG6qbXJiedOOwjP9Q65GaFimPnDAMB8GA1UdIwQY
MBaAFGerqa+jfZvOQH/iPHkZiS2dnAk5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjZ1cHI2TjltODVBZi1JOGVSbUpMWjJjQ1RrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi84ZjUwYWEtNTQ1Ni00MTU5LTg4NDAt
YjAxZDhmMjk1YzE5LzEvYnFwdGNtSjUwNDdDTV8xRHJrWm9XS1ktY01BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi84ZjUwYWEtNTQ1Ni00MTU5LTg4NDAtYjAxZDhmMjk1YzE5
LzEvWjZ1cHI2TjltODVBZi1JOGVSbUpMWjJjQ1RrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfACg
MA0GCSqGSIb3DQEBCwUAA4IBAQAc0HL1Xe0mTuDKQgfgth0qmaYIjTn83rgjbWmq
qdo2MzNjnUZNaaJfBNIRkc5tNq03JZ6wwi9gFMcX+tmambnLZEfBpDeo2D2UHV3d
EoOA7k8U+mwLufNI2BR5SjxUYq/LLsQhbiDPhZKSH0GP+dTX4QdAd+hD4zHB9pdR
RcJOvWf2JA/EbIA4izyJ05b2RWAJUqT9dP+bxGaQ1yDEjpJ9tCde8dJSR7MrsO8y
Dh1gVKPQ7Cw9L5C7Sgvpq/CqGHU5llp2IqVMuc5N5sAI5eUh5ttA2xQgH3QKyCsG
W6GkJbqGtBzR5d2evAapAlewENlhF62dtOunA8tM+sfEJtgs
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:43:31 2025 by rpki-client