Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/14e091-979a-4ed5-9d5e-4954270e2507/1/nqTuGADW31IxB7B34kfzBjFySyY.roa
File: nqTuGADW31IxB7B34kfzBjFySyY.roa (raw, json)
Hash identifier: ojlXi+g/2zELPO+1cHluy/YW4AOhKSrWWcr4ZPPp2Ik=
Subject key identifier: 9E:A4:EE:18:00:D6:DF:52:31:07:B0:77:E2:47:F3:06:31:72:4B:26
Certificate issuer: /CN=43a8e2899693fca00bd8041ba8801f2d88869108
Certificate serial: 04A31C27
Authority key identifier: 43:A8:E2:89:96:93:FC:A0:0B:D8:04:1B:A8:80:1F:2D:88:86:91:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q6jiiZaT_KAL2AQbqIAfLYiGkQg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/14e091-979a-4ed5-9d5e-4954270e2507/1/nqTuGADW31IxB7B34kfzBjFySyY.roa
Signing time: Sat 01 Jan 2022 16:06:10 +0000
ROA not before: Sat 01 Jan 2022 16:06:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42487
IP address blocks: 45.81.172.0/22 maxlen: 22
2a0e:5b80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 77798439 (0x4a31c27)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43a8e2899693fca00bd8041ba8801f2d88869108
Validity
Not Before: Jan 1 16:06:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9ea4ee1800d6df523107b077e247f30631724b26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:55:f9:35:5c:11:31:a4:fd:e8:21:b8:d4:ae:
aa:0a:14:7c:cc:71:be:30:85:10:83:0d:8e:8c:f9:
e6:c2:1a:6a:69:69:89:b2:56:79:a8:3b:0c:a5:ec:
02:e1:1e:a6:9a:c8:d4:d7:ac:38:bd:aa:07:95:a9:
cd:7f:04:32:07:47:47:ce:5f:9b:0a:a3:5b:38:b4:
82:bb:65:e4:bc:05:d0:7a:af:bf:be:71:1b:f5:b9:
e6:66:e7:4e:28:d3:65:10:a0:73:8d:f3:bf:44:12:
8a:4b:84:93:93:2c:d6:fb:ca:18:20:2d:d3:25:63:
7e:83:97:08:f8:32:91:b4:c3:13:56:58:b3:6a:22:
95:6b:ae:c9:9d:74:49:dd:6a:81:b2:a1:4c:4e:19:
32:88:8a:fb:cb:80:bd:8c:93:c3:d4:3f:8f:90:f2:
9f:7c:7b:90:4d:34:7b:d9:92:5a:b3:bc:dc:95:1c:
ea:ee:a3:46:6d:45:38:24:2c:93:bc:d5:73:79:d5:
c8:6e:76:95:8d:2a:f8:95:91:ad:40:06:96:91:27:
19:4f:13:ec:a0:e9:cb:76:9d:0f:be:2d:de:1a:5f:
f9:2c:f5:c4:e0:f3:70:9a:89:75:32:8f:fd:81:89:
a4:29:fb:6f:60:fc:04:a7:41:dd:f4:ad:26:37:1a:
3e:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:A4:EE:18:00:D6:DF:52:31:07:B0:77:E2:47:F3:06:31:72:4B:26
X509v3 Authority Key Identifier:
keyid:43:A8:E2:89:96:93:FC:A0:0B:D8:04:1B:A8:80:1F:2D:88:86:91:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q6jiiZaT_KAL2AQbqIAfLYiGkQg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/14e091-979a-4ed5-9d5e-4954270e2507/1/nqTuGADW31IxB7B34kfzBjFySyY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/14e091-979a-4ed5-9d5e-4954270e2507/1/Q6jiiZaT_KAL2AQbqIAfLYiGkQg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.81.172.0/22
IPv6:
2a0e:5b80::/29
Signature Algorithm: sha256WithRSAEncryption
83:7a:8c:73:b8:91:c5:39:09:79:8d:2a:fe:14:47:a3:79:ea:
cf:66:e9:3e:37:60:b3:5a:f4:d9:5d:06:8f:e1:86:54:c0:63:
25:a9:0a:a0:e2:62:1b:cf:3c:60:93:ab:de:0d:e5:c0:1b:5f:
7a:c9:87:48:fc:cd:91:c0:de:ec:9e:3b:3d:a5:c1:f0:af:6b:
25:02:c1:58:50:20:4d:c2:a2:35:6e:79:4d:51:13:f2:02:87:
25:7c:0d:d2:4d:f4:ad:b7:b3:fd:9c:4a:d0:fc:7a:59:66:ea:
64:3f:c7:f0:7f:7f:e4:06:77:04:0c:a0:4f:4a:de:5e:87:4c:
4e:15:f5:29:26:01:14:53:9f:74:69:00:93:83:ca:2c:04:4b:
96:87:7e:5a:f3:55:cf:4c:4b:91:43:c5:b8:18:ae:fc:ef:0b:
a4:da:3c:81:32:e9:ad:1e:fb:8e:04:04:18:87:db:c8:95:6b:
ff:a3:61:8c:7f:de:7b:b1:29:c4:80:16:0d:a0:40:6c:10:3b:
37:2a:5a:01:25:29:99:b3:cb:b9:54:aa:f1:28:86:4a:ea:6e:
67:9d:3f:e7:e1:e1:dc:14:3c:89:13:30:c9:fe:b2:42:4f:77:
1d:00:8b:96:76:49:a9:cb:46:66:1f:00:ba:6c:1e:cf:70:a6:
ca:ec:71:73
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEBKMcJzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
M2E4ZTI4OTk2OTNmY2EwMGJkODA0MWJhODgwMWYyZDg4ODY5MTA4MB4XDTIyMDEw
MTE2MDYxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWVhNGVlMTgwMGQ2
ZGY1MjMxMDdiMDc3ZTI0N2YzMDYzMTcyNGIyNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKpV+TVcETGk/eghuNSuqgoUfMxxvjCFEIMNjoz55sIaamlp
ibJWeag7DKXsAuEepprI1NesOL2qB5WpzX8EMgdHR85fmwqjWzi0grtl5LwF0Hqv
v75xG/W55mbnTijTZRCgc43zv0QSikuEk5Ms1vvKGCAt0yVjfoOXCPgykbTDE1ZY
s2oilWuuyZ10Sd1qgbKhTE4ZMoiK+8uAvYyTw9Q/j5Dyn3x7kE00e9mSWrO83JUc
6u6jRm1FOCQsk7zVc3nVyG52lY0q+JWRrUAGlpEnGU8T7KDpy3adD74t3hpf+Sz1
xODzcJqJdTKP/YGJpCn7b2D8BKdB3fStJjcaPksCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBSepO4YANbfUjEHsHfiR/MGMXJLJjAfBgNVHSMEGDAWgBRDqOKJlpP8oAvY
BBuogB8tiIaRCDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1E2amlpWmFUX0tBTDJBUWJxSUFmTFlpR2tRZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTQvMTRlMDkxLTk3OWEtNGVkNS05ZDVlLTQ5NTQyNzBlMjUwNy8x
L25xVHVHQURXMzFJeEI3QjM0a2Z6QmpGeVN5WS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTQv
MTRlMDkxLTk3OWEtNGVkNS05ZDVlLTQ5NTQyNzBlMjUwNy8xL1E2amlpWmFUX0tB
TDJBUWJxSUFmTFlpR2tRZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAi1RrDANBAIAAjAHAwUDKg5bgDAN
BgkqhkiG9w0BAQsFAAOCAQEAg3qMc7iRxTkJeY0q/hRHo3nqz2bpPjdgs1r02V0G
j+GGVMBjJakKoOJiG888YJOr3g3lwBtfesmHSPzNkcDe7J47PaXB8K9rJQLBWFAg
TcKiNW55TVET8gKHJXwN0k30rbez/ZxK0Px6WWbqZD/H8H9/5AZ3BAygT0reXodM
ThX1KSYBFFOfdGkAk4PKLARLlod+WvNVz0xLkUPFuBiu/O8LpNo8gTLprR77jgQE
GIfbyJVr/6NhjH/ee7EpxIAWDaBAbBA7NypaASUpmbPLuVSq8SiGSupuZ50/5+Hh
3BQ8iRMwyf6yQk93HQCLlnZJqctGZh8Aumwez3Cmyuxxcw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:13 2023 by rpki-client on console-ams.rpki-client.org