Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/qFaGAfdWzt8FylurLr3LLZO6Ku0.roa
File: qFaGAfdWzt8FylurLr3LLZO6Ku0.roa (raw, json)
Hash identifier: EkQ0FR8La34sXIWJnr9GJ+N9ekx3fti5f0WAVOT34cI=
Subject key identifier: A8:56:86:01:F7:56:CE:DF:05:CA:5B:AB:2E:BD:CB:2D:93:BA:2A:ED
Certificate issuer: /CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Certificate serial: 0AF9BA58
Authority key identifier: AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/qFaGAfdWzt8FylurLr3LLZO6Ku0.roa
Signing time: Sat 01 Jan 2022 13:02:45 +0000
ROA not before: Sat 01 Jan 2022 13:02:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29497
IP address blocks: 2a00:1fa1::/33 maxlen: 33
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 184138328 (0xaf9ba58)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Validity
Not Before: Jan 1 13:02:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a8568601f756cedf05ca5bab2ebdcb2d93ba2aed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:e8:00:bf:1a:bf:07:bc:f6:6e:2d:93:0e:4f:
33:ec:31:41:8b:20:62:65:f3:42:2d:80:1a:a7:00:
b8:82:f9:ae:44:bb:14:2e:da:5a:b0:ea:28:be:c4:
6e:06:c6:a6:a3:4b:81:2c:17:39:23:5a:0f:28:66:
a9:5f:03:3c:87:89:5d:69:20:49:97:84:e3:29:69:
9e:ed:52:40:5a:4c:75:f6:d6:aa:d5:5a:1a:88:bd:
fc:4d:67:55:44:d8:34:8f:93:f6:93:81:c8:4d:44:
08:c4:ca:b7:6d:53:08:89:78:49:ae:36:6b:13:02:
d9:21:5e:40:51:34:dd:ae:d8:54:55:20:e4:a9:56:
e0:90:21:6c:ae:03:1e:eb:73:11:d9:a5:19:cc:72:
bd:97:ab:1a:ae:67:88:c4:a7:6c:11:85:ca:f2:5e:
e1:55:b8:19:fd:17:70:df:fa:c2:0e:16:ac:60:b5:
8f:e4:46:47:14:10:5c:af:5e:43:bb:b4:f2:24:42:
dd:93:c6:c6:ef:26:45:e0:6e:9d:f8:56:39:4b:2d:
94:cc:79:d1:8e:67:34:c8:d6:b1:e8:b9:9f:10:db:
4d:e3:1d:77:8a:19:bc:11:bc:39:04:55:30:3d:83:
04:d6:81:c8:4e:a6:47:15:cb:3c:fa:c8:1f:b5:1e:
2f:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:56:86:01:F7:56:CE:DF:05:CA:5B:AB:2E:BD:CB:2D:93:BA:2A:ED
X509v3 Authority Key Identifier:
keyid:AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/qFaGAfdWzt8FylurLr3LLZO6Ku0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/rv4chZQJrF3nQUxI-Gc5kTvmt-U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:1fa1::/33
Signature Algorithm: sha256WithRSAEncryption
6e:cd:08:f6:3d:5a:d9:d8:ed:fc:53:7e:83:c0:6b:1c:19:12:
56:ac:c5:e9:20:fd:60:c7:03:a5:cf:5f:a4:a5:2b:8c:4d:47:
4c:fa:b8:01:98:37:82:c9:c0:6e:af:3f:3f:48:10:81:69:38:
66:95:90:20:8a:6a:ed:27:ac:5b:a4:70:c0:d7:34:a6:22:f7:
95:a1:37:88:58:0a:20:9b:80:03:d9:09:21:2a:90:c6:9d:15:
f0:f2:4a:ec:a8:01:02:b8:55:4f:50:8f:1b:51:3e:74:e5:ae:
83:f9:b7:e5:6f:4a:d5:f3:14:d8:5f:6f:85:02:14:19:01:4e:
76:e5:74:a1:6a:30:e8:7f:fa:ce:81:09:88:dc:a1:60:36:5a:
ef:c9:14:b2:cb:54:7a:83:ea:bb:c1:a4:50:ab:36:81:77:4a:
1a:8d:a3:7c:33:b9:da:8b:6b:4a:a0:14:60:a6:4f:e5:5d:96:
42:ee:c6:f1:29:c0:05:1b:38:7d:05:37:9d:a4:34:49:d0:35:
95:86:f0:29:eb:08:d9:7a:00:93:19:37:23:a7:60:ef:80:ec:
53:5d:ce:2b:1a:bd:9b:b6:23:bf:7f:c0:b3:dc:59:3c:31:79:
b1:15:54:d8:67:b0:be:e5:9a:33:12:84:4e:77:c8:9c:96:be:
18:11:21:5b
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIECvm6WDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ZWZlMWM4NTk0MDlhYzVkZTc0MTRjNDhmODY3Mzk5MTNiZTZiN2U1MB4XDTIyMDEw
MTEzMDI0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTg1Njg2MDFmNzU2
Y2VkZjA1Y2E1YmFiMmViZGNiMmQ5M2JhMmFlZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANXoAL8avwe89m4tkw5PM+wxQYsgYmXzQi2AGqcAuIL5rkS7
FC7aWrDqKL7EbgbGpqNLgSwXOSNaDyhmqV8DPIeJXWkgSZeE4ylpnu1SQFpMdfbW
qtVaGoi9/E1nVUTYNI+T9pOByE1ECMTKt21TCIl4Sa42axMC2SFeQFE03a7YVFUg
5KlW4JAhbK4DHutzEdmlGcxyvZerGq5niMSnbBGFyvJe4VW4Gf0XcN/6wg4WrGC1
j+RGRxQQXK9eQ7u08iRC3ZPGxu8mReBunfhWOUstlMx50Y5nNMjWsei5nxDbTeMd
d4oZvBG8OQRVMD2DBNaByE6mRxXLPPrIH7UeL3UCAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBSoVoYB91bO3wXKW6suvcstk7oq7TAfBgNVHSMEGDAWgBSu/hyFlAmsXedB
TEj4ZzmRO+a35TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3J2NGNoWlFKckYzblFVeEktR2M1a1R2bXQtVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzkvNDUxZjA0LWUzYzktNDRlYS1hNmExLTQyODQ1ODY3OWNlNC8x
L3FGYUdBZmRXenQ4RnlsdXJMcjNMTFpPNkt1MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzkv
NDUxZjA0LWUzYzktNDRlYS1hNmExLTQyODQ1ODY3OWNlNC8xL3J2NGNoWlFKckYz
blFVeEktR2M1a1R2bXQtVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAh
BggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGByoAH6EAMA0GCSqGSIb3DQEBCwUA
A4IBAQBuzQj2PVrZ2O38U36DwGscGRJWrMXpIP1gxwOlz1+kpSuMTUdM+rgBmDeC
ycBurz8/SBCBaThmlZAgimrtJ6xbpHDA1zSmIveVoTeIWAogm4AD2QkhKpDGnRXw
8krsqAECuFVPUI8bUT505a6D+bflb0rV8xTYX2+FAhQZAU525XShajDof/rOgQmI
3KFgNlrvyRSyy1R6g+q7waRQqzaBd0oajaN8M7nai2tKoBRgpk/lXZZC7sbxKcAF
Gzh9BTedpDRJ0DWVhvAp6wjZegCTGTcjp2DvgOxTXc4rGr2btiO/f8Cz3Fk8MXmx
FVTYZ7C+5ZozEoROd8iclr4YESFb
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:26 2023 by rpki-client on console-ams.rpki-client.org