Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/QzWmwKiYP_oLveQfdPbMkvzR0j8.roa
File: QzWmwKiYP_oLveQfdPbMkvzR0j8.roa (raw, json)
Hash identifier: Lqx1qSaXtP737OuN0IuwFKleEeywR+/WnHLLBZueSRs=
Subject key identifier: 43:35:A6:C0:A8:98:3F:FA:0B:BD:E4:1F:74:F6:CC:92:FC:D1:D2:3F
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 01857246E092E72C7F83795CEF131DCFE59E
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/QzWmwKiYP_oLveQfdPbMkvzR0j8.roa
Signing time: Mon 02 Jan 2023 11:38:45 +0000
ROA not before: Mon 02 Jan 2023 11:38:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211337
IP address blocks: 2a0c:9a40:8f00::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:46:e0:92:e7:2c:7f:83:79:5c:ef:13:1d:cf:e5:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Jan 2 11:38:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4335a6c0a8983ffa0bbde41f74f6cc92fcd1d23f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:41:db:51:e0:54:c7:aa:47:96:0c:f5:a6:3e:
70:91:2c:41:7d:90:ac:a9:eb:0a:2a:f1:0a:dc:de:
f8:40:21:fb:1e:4b:ae:8b:54:b7:64:1b:4b:ee:82:
9a:8a:11:ac:c8:4e:cf:59:54:5b:37:2e:8e:ad:a3:
5a:a6:08:a4:c9:05:5f:9a:c7:e2:ef:69:a8:54:05:
55:f5:1c:66:db:3a:cf:9e:c6:00:d1:a3:ea:51:ce:
0b:76:1c:9d:3e:7b:a9:c5:25:2e:7b:24:41:00:8e:
b0:dd:04:16:4a:ed:cd:8d:26:f6:bc:09:09:99:5a:
7f:e2:4e:59:24:41:2a:a6:10:ef:e7:5f:07:22:1c:
f4:76:bd:50:f5:79:17:fb:5f:df:73:e3:53:36:26:
3d:b9:a1:99:30:ba:27:44:d5:2b:b9:22:c0:be:cd:
dd:a8:be:06:c2:f2:01:b2:98:33:ae:7f:cf:c1:00:
66:28:aa:2a:71:34:56:95:70:0a:ee:bb:2a:74:97:
92:60:8e:3e:c4:97:33:91:97:95:69:42:9e:a9:14:
79:aa:1d:00:7c:e8:02:d5:54:9d:5e:02:3a:76:46:
5f:72:1b:d9:8a:61:5c:bf:d4:e8:ba:cf:28:1b:3e:
86:73:34:86:60:11:7c:4d:1b:11:63:9d:da:32:10:
6f:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:35:A6:C0:A8:98:3F:FA:0B:BD:E4:1F:74:F6:CC:92:FC:D1:D2:3F
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/QzWmwKiYP_oLveQfdPbMkvzR0j8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9a40:8f00::/40
Signature Algorithm: sha256WithRSAEncryption
90:ac:5f:02:f7:cf:70:bf:52:c9:ce:66:de:66:49:09:f8:62:
94:8c:38:0e:99:ae:f6:b1:3f:87:1d:a1:fd:cd:01:29:8d:fd:
6d:a6:39:22:ec:c7:35:36:1b:50:00:ea:cc:56:4f:0f:24:bd:
e4:bd:9e:3e:de:a7:55:78:32:25:af:6c:08:c8:7a:4d:2e:39:
67:b1:87:fd:c7:44:bb:a2:87:2c:b8:c8:c4:12:95:af:71:4c:
dc:6a:e0:ab:ff:c4:b3:5c:e9:4c:e1:30:f4:6a:6f:f0:80:8a:
4b:e0:10:da:73:eb:e9:d3:e2:d1:59:57:c8:77:a7:70:d0:33:
80:3b:a5:21:1b:91:06:1d:4f:64:b1:21:8b:52:67:80:6c:42:
cd:9e:82:9f:81:ad:d7:68:51:be:fc:3f:0a:c5:9d:49:7c:01:
f9:27:4b:3d:b6:5f:0a:b4:50:d9:54:9a:c6:64:6d:c8:90:5b:
79:94:60:68:3a:0a:bf:b1:7a:11:08:0c:ea:e4:84:4a:82:51:
94:b9:65:b4:07:e2:12:2d:14:2d:65:c0:9b:f0:66:4d:69:f4:
30:47:58:26:ec:9f:2d:51:30:d8:d1:86:4c:bb:5a:58:a8:4c:
00:62:79:c7:b7:e7:67:11:a0:3c:bc:94:cc:8e:25:33:61:1c:
f4:af:e1:4d
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVyRuCS5yx/g3lc7xMdz+WeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjMwMTAyMTEzODQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzM1YTZjMGE4OTgzZmZhMGJiZGU0MWY3NGY2Y2M5MmZjZDFkMjNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoUHbUeBUx6pHlgz1pj5wkSxBfZCs
qesKKvEK3N74QCH7Hkuui1S3ZBtL7oKaihGsyE7PWVRbNy6OraNapgikyQVfmsfi
72moVAVV9Rxm2zrPnsYA0aPqUc4LdhydPnupxSUueyRBAI6w3QQWSu3NjSb2vAkJ
mVp/4k5ZJEEqphDv518HIhz0dr1Q9XkX+1/fc+NTNiY9uaGZMLonRNUruSLAvs3d
qL4GwvIBspgzrn/PwQBmKKoqcTRWlXAK7rsqdJeSYI4+xJczkZeVaUKeqRR5qh0A
fOgC1VSdXgI6dkZfchvZimFcv9Tous8oGz6GczSGYBF8TRsRY53aMhBvFwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFEM1psComD/6C73kH3T2zJL80dI/MB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvUXpXbXdLaVlQX29MdmVRZmRQYk1rdnpSMGo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgyaQI8w
DQYJKoZIhvcNAQELBQADggEBAJCsXwL3z3C/UsnOZt5mSQn4YpSMOA6ZrvaxP4cd
of3NASmN/W2mOSLsxzU2G1AA6sxWTw8kveS9nj7ep1V4MiWvbAjIek0uOWexh/3H
RLuihyy4yMQSla9xTNxq4Kv/xLNc6UzhMPRqb/CAikvgENpz6+nT4tFZV8h3p3DQ
M4A7pSEbkQYdT2SxIYtSZ4BsQs2egp+BrddoUb78PwrFnUl8AfknSz22Xwq0UNlU
msZkbciQW3mUYGg6Cr+xehEIDOrkhEqCUZS5ZbQH4hItFC1lwJvwZk1p9DBHWCbs
ny1RMNjRhky7WlioTABiece352cRoDy8lMyOJTNhHPSv4U0=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:16:16 2025 by rpki-client