Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/Q-D043eE10kgHp3dQH-pupVplUY.roa
File: Q-D043eE10kgHp3dQH-pupVplUY.roa (raw, json)
Hash identifier: PlffQd4rUhbmUGZvEemhPMvlT/wUN62qHOnMQD/s27I=
Subject key identifier: 43:E0:F4:E3:77:84:D7:49:20:1E:9D:DD:40:7F:A9:BA:95:69:95:46
Certificate issuer: /CN=2b967e772cc7298305a11ffa65dd185f6a58910b
Certificate serial: 01839E1B3DA2B081EF1C58F1B5F45F59F1C2
Authority key identifier: 2B:96:7E:77:2C:C7:29:83:05:A1:1F:FA:65:DD:18:5F:6A:58:91:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K5Z-dyzHKYMFoR_6Zd0YX2pYkQs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/Q-D043eE10kgHp3dQH-pupVplUY.roa
Signing time: Mon 03 Oct 2022 13:48:48 +0000
ROA not before: Mon 03 Oct 2022 13:48:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207084
IP address blocks: 2a12:8fc6:200::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:9e:1b:3d:a2:b0:81:ef:1c:58:f1:b5:f4:5f:59:f1:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b967e772cc7298305a11ffa65dd185f6a58910b
Validity
Not Before: Oct 3 13:48:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=43e0f4e37784d749201e9ddd407fa9ba95699546
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:6a:30:09:2a:08:03:e5:da:fd:6c:a8:2e:5d:
8f:df:5f:cf:a7:7f:0c:06:b2:85:8d:c9:91:5c:fb:
0d:bc:b9:7f:90:11:2b:f3:e3:13:1f:e9:92:35:c8:
70:55:da:45:16:f7:e4:54:e3:bf:21:58:ae:fa:3a:
67:e6:3c:f5:1b:09:9f:70:7f:29:37:fb:3a:77:02:
2c:87:7e:a3:6d:76:6c:db:01:73:3a:93:c7:72:01:
a1:2b:b2:23:29:d2:2c:ab:7f:2d:5a:7f:ce:c3:61:
58:41:dd:ee:cb:ba:06:e8:fa:6a:51:20:9f:66:2a:
3b:52:87:82:d8:d1:27:df:50:d7:b8:b4:15:45:b1:
a3:de:d3:df:7f:a9:31:db:2a:f5:e2:07:df:24:bb:
b7:09:8d:44:d5:8d:34:c0:5e:e9:ca:c7:70:ab:a9:
b4:e8:62:be:22:f5:22:25:48:4c:5e:e7:82:d2:34:
cf:6f:6c:6a:7b:bc:1a:a1:b0:8d:80:3d:d8:37:95:
f4:1e:73:ff:0d:27:d0:69:65:71:73:f9:f1:02:a9:
d9:df:34:bf:a1:e4:b9:c1:87:7b:de:23:f0:72:6a:
72:d2:28:cb:18:6e:38:56:2a:58:04:d8:b5:d6:ff:
8e:52:c9:5e:33:4d:74:14:b9:f9:c3:c3:58:df:24:
f1:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:E0:F4:E3:77:84:D7:49:20:1E:9D:DD:40:7F:A9:BA:95:69:95:46
X509v3 Authority Key Identifier:
keyid:2B:96:7E:77:2C:C7:29:83:05:A1:1F:FA:65:DD:18:5F:6A:58:91:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K5Z-dyzHKYMFoR_6Zd0YX2pYkQs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/Q-D043eE10kgHp3dQH-pupVplUY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/K5Z-dyzHKYMFoR_6Zd0YX2pYkQs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:8fc6:200::/48
Signature Algorithm: sha256WithRSAEncryption
55:ff:49:08:82:71:62:e1:e1:14:6b:83:36:9a:f7:ac:77:e4:
df:a9:46:f6:a7:20:01:24:ec:08:94:88:fd:f3:10:84:68:db:
46:66:93:cb:bc:86:05:3c:28:cf:63:fc:45:b8:44:66:9c:5f:
77:9e:d2:01:33:ac:a7:52:c2:6e:6a:86:6e:85:b4:d3:b6:8f:
54:71:ee:67:7c:c2:3c:8e:8e:2d:c6:92:b3:7a:95:7f:f9:ec:
4c:fc:e1:cb:a7:48:aa:0f:d4:1f:70:7f:9f:16:19:38:b6:95:
ea:a0:59:04:4b:2b:d5:cb:8b:d2:b1:4d:22:ff:75:31:62:79:
ff:11:6e:1a:58:72:16:1c:bb:00:22:f9:b1:61:52:95:c6:2a:
e4:74:f6:0f:c2:1a:09:ac:ab:8a:e0:25:50:e6:4c:52:ae:23:
75:ed:28:7a:4b:40:ea:71:f7:7b:d9:2d:37:68:fd:b7:14:c0:
99:46:63:ac:59:ee:27:1e:ee:e3:f1:33:95:3b:0e:e0:ab:60:
d1:1d:6f:03:96:f9:4c:e0:ea:ea:d0:49:d8:fc:b6:bd:33:7b:
92:94:01:c8:16:80:be:27:2c:4d:62:41:0e:85:bd:98:e8:ca:
5e:76:b3:80:f3:84:54:b2:50:8e:3b:fb:e2:8d:1b:2b:71:2e:
3a:e0:02:67
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYOeGz2isIHvHFjxtfRfWfHCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiOTY3ZTc3MmNjNzI5ODMwNWExMWZmYTY1ZGQxODVmNmE1
ODkxMGIwHhcNMjIxMDAzMTM0ODQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2UwZjRlMzc3ODRkNzQ5MjAxZTlkZGQ0MDdmYTliYTk1Njk5NTQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAimowCSoIA+Xa/WyoLl2P31/Pp38M
BrKFjcmRXPsNvLl/kBEr8+MTH+mSNchwVdpFFvfkVOO/IViu+jpn5jz1GwmfcH8p
N/s6dwIsh36jbXZs2wFzOpPHcgGhK7IjKdIsq38tWn/Ow2FYQd3uy7oG6PpqUSCf
Zio7UoeC2NEn31DXuLQVRbGj3tPff6kx2yr14gffJLu3CY1E1Y00wF7pysdwq6m0
6GK+IvUiJUhMXueC0jTPb2xqe7waobCNgD3YN5X0HnP/DSfQaWVxc/nxAqnZ3zS/
oeS5wYd73iPwcmpy0ijLGG44VipYBNi11v+OUsleM010FLn5w8NY3yTxbwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEPg9ON3hNdJIB6d3UB/qbqVaZVGMB8GA1UdIwQY
MBaAFCuWfncsxymDBaEf+mXdGF9qWJELMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzVaLWR5ekhLWU1Gb1JfNlpkMFlYMnBZa1FzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS82NjBlNzQtYTNiYy00NDRiLTljNmEt
NThjOTZkNjZmMGExLzEvUS1EMDQzZUUxMGtnSHAzZFFILXB1cFZwbFVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS82NjBlNzQtYTNiYy00NDRiLTljNmEtNThjOTZkNjZmMGEx
LzEvSzVaLWR5ekhLWU1Gb1JfNlpkMFlYMnBZa1FzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhKPxgIA
MA0GCSqGSIb3DQEBCwUAA4IBAQBV/0kIgnFi4eEUa4M2mvesd+TfqUb2pyABJOwI
lIj98xCEaNtGZpPLvIYFPCjPY/xFuERmnF93ntIBM6ynUsJuaoZuhbTTto9Uce5n
fMI8jo4txpKzepV/+exM/OHLp0iqD9QfcH+fFhk4tpXqoFkESyvVy4vSsU0i/3Ux
Ynn/EW4aWHIWHLsAIvmxYVKVxirkdPYPwhoJrKuK4CVQ5kxSriN17Sh6S0Dqcfd7
2S03aP23FMCZRmOsWe4nHu7j8TOVOw7gq2DRHW8DlvlM4Orq0EnY/La9M3uSlAHI
FoC+JyxNYkEOhb2Y6MpedrOA84RUslCOO/vijRsrcS464AJn
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:20 2023 by rpki-client on console-ams.rpki-client.org