Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/c62d00-ffa8-43be-a2bd-7bd9e5f467ad/1/SQEw925xpsK_3CwsSDVx8N4raqQ.roa
File: SQEw925xpsK_3CwsSDVx8N4raqQ.roa (raw, json)
Hash identifier: X2F5idX+5L/Y32Hql7GFCT6xM9bD2Qvno7j81IVaoTs=
Subject key identifier: 49:01:30:F7:6E:71:A6:C2:BF:DC:2C:2C:48:35:71:F0:DE:2B:6A:A4
Certificate issuer: /CN=51626068942586ce95702103bac899d23fcf7242
Certificate serial: 0C3296D8
Authority key identifier: 51:62:60:68:94:25:86:CE:95:70:21:03:BA:C8:99:D2:3F:CF:72:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UWJgaJQlhs6VcCEDusiZ0j_PckI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/c62d00-ffa8-43be-a2bd-7bd9e5f467ad/1/SQEw925xpsK_3CwsSDVx8N4raqQ.roa
Signing time: Sat 01 Jan 2022 01:54:47 +0000
ROA not before: Sat 01 Jan 2022 01:54:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204423
IP address blocks: 2001:678:61c::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 204642008 (0xc3296d8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=51626068942586ce95702103bac899d23fcf7242
Validity
Not Before: Jan 1 01:54:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=490130f76e71a6c2bfdc2c2c483571f0de2b6aa4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:2c:83:f3:34:43:bd:0c:7c:73:d5:da:8e:7c:
6f:51:85:79:ae:79:59:61:8f:6d:65:0a:02:60:68:
81:d4:d7:d5:8a:73:12:c5:7c:60:91:a0:64:a9:81:
ad:b6:6b:49:9b:a5:e3:b7:9e:7b:c6:55:f1:47:12:
a5:2e:b2:c5:57:d5:be:c9:7e:0f:70:c6:f1:23:eb:
ff:e9:c9:f6:1f:f0:25:ba:d9:d1:8c:49:bf:a4:09:
57:b7:87:2c:f2:59:3a:01:f3:ab:d1:f7:c8:2b:bc:
9c:16:9d:0b:32:58:03:02:1e:19:42:7e:33:da:c7:
ce:95:52:0f:c7:53:39:65:12:34:08:af:72:84:25:
53:8d:d0:02:ba:ae:c7:0e:22:c4:36:ff:b0:ce:92:
ed:39:9f:8f:5e:28:7e:c3:b9:48:0f:d9:77:56:fe:
35:bc:3a:58:ee:7d:10:67:18:68:f5:35:54:b6:62:
a6:13:21:46:3e:79:f4:10:21:26:db:8f:ee:73:c5:
96:e1:fd:2f:d1:8a:6e:55:22:3a:dc:a7:7d:f3:82:
5b:b1:77:b2:52:0b:7c:cd:a9:00:96:6f:e7:af:65:
24:26:92:00:49:4f:de:c6:f0:4d:1f:a5:1f:d9:a4:
f0:39:3b:c9:32:ef:4b:08:90:51:9d:89:74:d1:f4:
1a:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:01:30:F7:6E:71:A6:C2:BF:DC:2C:2C:48:35:71:F0:DE:2B:6A:A4
X509v3 Authority Key Identifier:
keyid:51:62:60:68:94:25:86:CE:95:70:21:03:BA:C8:99:D2:3F:CF:72:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UWJgaJQlhs6VcCEDusiZ0j_PckI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/c62d00-ffa8-43be-a2bd-7bd9e5f467ad/1/SQEw925xpsK_3CwsSDVx8N4raqQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/c62d00-ffa8-43be-a2bd-7bd9e5f467ad/1/UWJgaJQlhs6VcCEDusiZ0j_PckI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:61c::/48
Signature Algorithm: sha256WithRSAEncryption
65:a4:92:92:fe:f4:7b:8f:c2:1f:86:0e:1f:7a:ae:c5:d8:c7:
75:21:40:60:30:6a:0f:c1:52:0a:40:15:f1:92:62:43:59:cb:
9a:ba:70:aa:52:4c:78:43:f7:91:ba:6d:86:58:a7:5a:98:4c:
52:7e:c7:0d:65:a5:11:5d:dd:02:87:d6:93:4d:76:a8:c6:d7:
7e:97:ba:c4:36:85:f7:8b:b6:c5:dd:0d:f5:c8:9d:47:9d:33:
e5:a7:f1:7d:b0:64:c2:7d:83:61:79:a0:28:30:09:75:b1:11:
73:54:54:4c:25:64:a0:40:60:d5:77:69:38:ba:a2:3b:06:f7:
a3:c5:00:08:94:ff:54:4e:b2:87:3c:bc:d6:eb:4b:1f:a1:d6:
7f:91:10:ea:a3:a2:77:78:70:f0:53:c1:20:7b:e8:0b:55:63:
ef:48:eb:80:69:e1:2a:3c:73:97:59:36:b8:12:5c:a4:5e:1e:
fb:57:ff:94:0e:46:67:18:6d:d9:6b:35:6f:b0:71:22:f4:fa:
d8:13:bb:16:61:f8:41:7a:2f:25:64:ab:1e:ee:6f:ed:7b:b9:
e9:7f:15:0b:1c:66:ce:1a:57:7f:fe:2f:20:c1:a1:e7:e2:d6:
fb:1c:8a:75:11:1c:cf:57:15:4a:67:da:54:2b:de:49:fd:8d:
f8:74:5b:bf
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEDDKW2DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
MTYyNjA2ODk0MjU4NmNlOTU3MDIxMDNiYWM4OTlkMjNmY2Y3MjQyMB4XDTIyMDEw
MTAxNTQ0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDkwMTMwZjc2ZTcx
YTZjMmJmZGMyYzJjNDgzNTcxZjBkZTJiNmFhNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOUsg/M0Q70MfHPV2o58b1GFea55WWGPbWUKAmBogdTX1Ypz
EsV8YJGgZKmBrbZrSZul47eee8ZV8UcSpS6yxVfVvsl+D3DG8SPr/+nJ9h/wJbrZ
0YxJv6QJV7eHLPJZOgHzq9H3yCu8nBadCzJYAwIeGUJ+M9rHzpVSD8dTOWUSNAiv
coQlU43QArquxw4ixDb/sM6S7Tmfj14ofsO5SA/Zd1b+Nbw6WO59EGcYaPU1VLZi
phMhRj559BAhJtuP7nPFluH9L9GKblUiOtynffOCW7F3slILfM2pAJZv569lJCaS
AElP3sbwTR+lH9mk8Dk7yTLvSwiQUZ2JdNH0Gv0CAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBRJATD3bnGmwr/cLCxINXHw3itqpDAfBgNVHSMEGDAWgBRRYmBolCWGzpVw
IQO6yJnSP89yQjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1VXSmdhSlFsaHM2VmNDRUR1c2laMGpfUGNrSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjMvYzYyZDAwLWZmYTgtNDNiZS1hMmJkLTdiZDllNWY0NjdhZC8x
L1NRRXc5MjV4cHNLXzNDd3NTRFZ4OE40cmFxUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjMv
YzYyZDAwLWZmYTgtNDNiZS1hMmJkLTdiZDllNWY0NjdhZC8xL1VXSmdhSlFsaHM2
VmNDRUR1c2laMGpfUGNrSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABBngGHDANBgkqhkiG9w0BAQsF
AAOCAQEAZaSSkv70e4/CH4YOH3quxdjHdSFAYDBqD8FSCkAV8ZJiQ1nLmrpwqlJM
eEP3kbpthlinWphMUn7HDWWlEV3dAofWk012qMbXfpe6xDaF94u2xd0N9cidR50z
5afxfbBkwn2DYXmgKDAJdbERc1RUTCVkoEBg1XdpOLqiOwb3o8UACJT/VE6yhzy8
1utLH6HWf5EQ6qOid3hw8FPBIHvoC1Vj70jrgGnhKjxzl1k2uBJcpF4e+1f/lA5G
Zxht2Ws1b7BxIvT62BO7FmH4QXovJWSrHu5v7Xu56X8VCxxmzhpXf/4vIMGh5+LW
+xyKdREcz1cVSmfaVCveSf2N+HRbvw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:17 2023 by rpki-client on console-fra.rpki-client.org