Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/d9a672-26c3-4ab4-b53b-099fd2101385/1/t0qCL2X6PdtHfRjlyPLQgEQqEAM.roa
File: t0qCL2X6PdtHfRjlyPLQgEQqEAM.roa (raw, json)
Hash identifier: qoUTQv6No7vDqwnmkxiRAqIzY5T74TgB4u/6GvkyeaM=
Subject key identifier: B7:4A:82:2F:65:FA:3D:DB:47:7D:18:E5:C8:F2:D0:80:44:2A:10:03
Certificate issuer: /CN=b4fb331fa42fb451e4551c6f91cbb9c19ee37a4e
Certificate serial: 01856B8A3DAA7D3569AC049AFB30A9D1D4CA
Authority key identifier: B4:FB:33:1F:A4:2F:B4:51:E4:55:1C:6F:91:CB:B9:C1:9E:E3:7A:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPszH6QvtFHkVRxvkcu5wZ7jek4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/d9a672-26c3-4ab4-b53b-099fd2101385/1/t0qCL2X6PdtHfRjlyPLQgEQqEAM.roa
Signing time: Sun 01 Jan 2023 04:14:59 +0000
ROA not before: Sun 01 Jan 2023 04:14:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1654
IP address blocks: 2a02:bf8:1601::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:8a:3d:aa:7d:35:69:ac:04:9a:fb:30:a9:d1:d4:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4fb331fa42fb451e4551c6f91cbb9c19ee37a4e
Validity
Not Before: Jan 1 04:14:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b74a822f65fa3ddb477d18e5c8f2d080442a1003
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:34:55:54:66:1a:b8:7a:3d:de:9f:75:f5:ad:
9a:ee:b1:64:d8:0b:5d:70:c1:72:31:d1:db:ef:e0:
90:c9:7b:0c:b0:46:47:37:7c:d3:20:71:fb:0f:76:
4e:4a:86:1a:f9:08:54:ca:88:4d:0c:98:7c:8b:7a:
04:d5:ba:d3:a0:5c:03:a6:bb:00:34:09:4e:9b:9d:
65:dc:88:be:28:10:bf:8a:b1:66:db:e1:d9:78:7d:
e5:a9:3d:ad:03:48:69:b3:86:cc:ee:ef:9f:1b:c1:
48:8d:3b:2e:fd:16:0b:41:10:53:d0:6a:b4:53:81:
f0:c7:30:97:60:ef:b9:c9:7c:da:91:20:ff:91:70:
4e:4f:7a:09:28:9a:58:28:36:89:eb:bf:46:b8:ee:
ca:f7:01:e6:22:fe:54:d7:fc:8a:db:06:38:de:38:
85:a0:c7:70:08:24:10:0d:57:53:e0:33:7b:bd:b1:
7a:c1:89:df:3c:0f:b0:db:e2:d9:56:fa:9d:f4:b4:
2d:f0:3a:41:be:5c:0f:9b:8f:65:aa:b8:c3:c8:7b:
2c:b8:a5:36:f3:f8:5d:97:45:93:cb:9c:ba:41:dd:
0c:e8:fd:c2:a6:d1:64:de:db:87:bc:e0:fb:f2:03:
15:f9:4b:a2:09:80:45:b6:89:44:67:86:8b:e6:89:
73:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:4A:82:2F:65:FA:3D:DB:47:7D:18:E5:C8:F2:D0:80:44:2A:10:03
X509v3 Authority Key Identifier:
keyid:B4:FB:33:1F:A4:2F:B4:51:E4:55:1C:6F:91:CB:B9:C1:9E:E3:7A:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPszH6QvtFHkVRxvkcu5wZ7jek4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/d9a672-26c3-4ab4-b53b-099fd2101385/1/t0qCL2X6PdtHfRjlyPLQgEQqEAM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/d9a672-26c3-4ab4-b53b-099fd2101385/1/tPszH6QvtFHkVRxvkcu5wZ7jek4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:bf8:1601::/48
Signature Algorithm: sha256WithRSAEncryption
2a:c1:42:08:74:ff:9a:c2:cf:29:e9:95:06:59:b7:1f:a1:56:
25:93:60:53:83:f8:50:c5:c1:f7:bc:88:3a:31:29:9b:75:9c:
8d:e7:85:ee:8f:79:eb:84:c9:0a:d8:c6:16:29:3b:c1:fb:a3:
da:a2:6c:67:09:1a:dc:7d:36:b2:9b:2b:b8:42:50:20:88:36:
c2:79:f4:34:53:2f:f3:7e:22:b2:20:6b:c1:e6:9c:93:da:12:
43:58:3a:58:8f:50:5c:ef:d8:f5:29:0b:e8:c9:12:d4:41:03:
22:b1:6c:74:29:09:a4:68:60:19:c4:56:79:f5:ca:45:05:61:
e3:d4:f7:2c:10:07:af:f7:79:cb:b2:b9:7c:c4:f9:cb:bb:43:
64:4d:9b:7d:5f:a0:a4:29:7c:ae:86:53:4b:b0:ab:88:4d:3e:
d2:54:44:13:db:f1:a5:8f:8e:e1:44:7a:ea:a7:d1:33:37:73:
d4:94:7e:a3:6b:7f:e7:2c:33:59:21:9b:72:dd:50:60:c4:2d:
ef:b3:7b:07:93:68:8a:ff:09:09:12:7a:38:70:86:d3:e5:34:
15:13:96:bd:66:82:60:0e:cd:58:99:b3:21:25:e1:fa:bd:2e:
ff:b6:36:3e:06:81:db:f3:19:2e:55:a6:39:3e:d5:8c:f1:9b:
6d:dc:33:a8
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVrij2qfTVprASa+zCp0dTKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0ZmIzMzFmYTQyZmI0NTFlNDU1MWM2ZjkxY2JiOWMxOWVl
MzdhNGUwHhcNMjMwMTAxMDQxNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzRhODIyZjY1ZmEzZGRiNDc3ZDE4ZTVjOGYyZDA4MDQ0MmExMDAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApTRVVGYauHo93p919a2a7rFk2Atd
cMFyMdHb7+CQyXsMsEZHN3zTIHH7D3ZOSoYa+QhUyohNDJh8i3oE1brToFwDprsA
NAlOm51l3Ii+KBC/irFm2+HZeH3lqT2tA0hps4bM7u+fG8FIjTsu/RYLQRBT0Gq0
U4HwxzCXYO+5yXzakSD/kXBOT3oJKJpYKDaJ679GuO7K9wHmIv5U1/yK2wY43jiF
oMdwCCQQDVdT4DN7vbF6wYnfPA+w2+LZVvqd9LQt8DpBvlwPm49lqrjDyHssuKU2
8/hdl0WTy5y6Qd0M6P3CptFk3tuHvOD78gMV+UuiCYBFtolEZ4aL5olzKQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFLdKgi9l+j3bR30Y5cjy0IBEKhADMB8GA1UdIwQY
MBaAFLT7Mx+kL7RR5FUcb5HLucGe43pOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBzekg2UXZ0RkhrVlJ4dmtjdTV3WjdqZWs0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9kOWE2NzItMjZjMy00YWI0LWI1M2It
MDk5ZmQyMTAxMzg1LzEvdDBxQ0wyWDZQZHRIZlJqbHlQTFFnRVFxRUFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9kOWE2NzItMjZjMy00YWI0LWI1M2ItMDk5ZmQyMTAxMzg1
LzEvdFBzekg2UXZ0RkhrVlJ4dmtjdTV3WjdqZWs0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgIL+BYB
MA0GCSqGSIb3DQEBCwUAA4IBAQAqwUIIdP+aws8p6ZUGWbcfoVYlk2BTg/hQxcH3
vIg6MSmbdZyN54Xuj3nrhMkK2MYWKTvB+6PaomxnCRrcfTaymyu4QlAgiDbCefQ0
Uy/zfiKyIGvB5pyT2hJDWDpYj1Bc79j1KQvoyRLUQQMisWx0KQmkaGAZxFZ59cpF
BWHj1PcsEAev93nLsrl8xPnLu0NkTZt9X6CkKXyuhlNLsKuITT7SVEQT2/Glj47h
RHrqp9EzN3PUlH6ja3/nLDNZIZty3VBgxC3vs3sHk2iK/wkJEno4cIbT5TQVE5a9
ZoJgDs1YmbMhJeH6vS7/tjY+BoHb8xkuVaY5PtWM8Ztt3DOo
-----END CERTIFICATE-----
Generated at Mon Apr 28 04:31:28 2025 by rpki-client