Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/34011d-01bf-48a1-a8c3-c9fc5f452995/1/QC9zP6z-D3UNHixgUOlS2xQLmkU.roa
File: QC9zP6z-D3UNHixgUOlS2xQLmkU.roa (raw, json)
Hash identifier: DuSOPD9DTgVOoW65L+fbIQN/sWwuD8Q6C/oKSVFASys=
Subject key identifier: 40:2F:73:3F:AC:FE:0F:75:0D:1E:2C:60:50:E9:52:DB:14:0B:9A:45
Certificate issuer: /CN=9df4e80b4cad4e50b788edf16976712deeff6c0d
Certificate serial: 7875E6
Authority key identifier: 9D:F4:E8:0B:4C:AD:4E:50:B7:88:ED:F1:69:76:71:2D:EE:FF:6C:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nfToC0ytTlC3iO3xaXZxLe7_bA0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/34011d-01bf-48a1-a8c3-c9fc5f452995/1/QC9zP6z-D3UNHixgUOlS2xQLmkU.roa
Signing time: Sat 01 Jan 2022 00:56:10 +0000
ROA not before: Sat 01 Jan 2022 00:56:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206321
IP address blocks: 2001:67c:2d2c::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7894502 (0x7875e6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9df4e80b4cad4e50b788edf16976712deeff6c0d
Validity
Not Before: Jan 1 00:56:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=402f733facfe0f750d1e2c6050e952db140b9a45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:e1:22:fc:52:44:ed:de:9c:01:0b:a1:7a:c7:
54:fa:7a:bc:ca:64:45:1b:dd:fe:34:dc:0a:8b:09:
5e:f9:c4:65:ff:05:03:c9:4b:87:9c:aa:ca:12:27:
dd:43:2b:7b:6c:6f:ec:73:78:26:7f:bf:06:be:60:
0e:07:b2:d8:4c:ad:80:ab:02:fc:b0:19:af:b7:f1:
49:6c:96:c5:37:ab:5d:ac:98:cb:d0:6f:5e:b9:d7:
e2:e1:20:9c:79:db:de:9f:ac:ac:f2:76:c9:d2:5f:
ae:5a:d4:b2:4f:18:75:4e:54:33:c4:35:94:92:ae:
00:2a:2c:6b:3f:af:8f:7b:84:c6:8a:c4:f2:4e:8d:
f9:20:41:88:06:08:56:dc:5f:dd:e9:9f:3d:ba:13:
4a:96:f1:de:7c:24:9f:56:49:52:d4:9d:8b:eb:2c:
96:a2:0e:1c:ff:40:e5:a5:a0:41:12:eb:37:3a:4c:
2c:00:3b:23:ec:c0:09:1e:be:8d:fb:95:a9:4f:69:
c3:aa:03:c2:df:c9:c8:3d:d9:80:71:61:e5:56:38:
d4:60:a1:7f:d5:97:79:0e:0f:49:88:c6:c4:2c:fc:
57:ce:e3:8e:6e:c8:94:bc:5f:0c:ae:52:2b:a2:b0:
6b:a8:4b:81:a2:51:6a:9d:65:ed:1b:5e:5a:26:a3:
7c:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:2F:73:3F:AC:FE:0F:75:0D:1E:2C:60:50:E9:52:DB:14:0B:9A:45
X509v3 Authority Key Identifier:
keyid:9D:F4:E8:0B:4C:AD:4E:50:B7:88:ED:F1:69:76:71:2D:EE:FF:6C:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nfToC0ytTlC3iO3xaXZxLe7_bA0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/34011d-01bf-48a1-a8c3-c9fc5f452995/1/QC9zP6z-D3UNHixgUOlS2xQLmkU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/34011d-01bf-48a1-a8c3-c9fc5f452995/1/nfToC0ytTlC3iO3xaXZxLe7_bA0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:2d2c::/48
Signature Algorithm: sha256WithRSAEncryption
38:6a:a1:1f:c5:8c:bb:9e:1c:e0:be:2d:40:5c:29:53:f2:b0:
28:ee:52:db:e5:2e:94:6d:fc:e7:eb:ef:aa:53:80:78:7a:75:
ea:b0:d4:7d:66:1c:ca:bb:af:82:36:2f:09:e0:64:9d:e8:1c:
e5:95:ba:c3:c2:f2:9e:c5:4a:a2:a8:6b:6e:1c:af:73:13:2d:
92:af:d8:74:73:d8:d4:f1:82:39:d5:ef:8f:4c:67:88:89:9d:
35:f9:51:11:76:5b:20:98:56:d9:12:35:95:03:68:24:75:0c:
cc:0c:8c:77:6e:b6:24:0a:81:95:3e:85:1e:a8:50:19:22:3a:
7b:65:eb:cb:bd:63:e1:49:33:e9:12:03:d4:ce:91:df:b2:6d:
b7:65:98:16:88:26:b4:7e:7b:67:d6:83:8f:f3:fd:79:c9:b9:
2f:27:1e:e9:0e:8f:ff:cc:54:bf:57:e7:f2:99:08:ad:e1:87:
2c:ff:17:e3:6e:2f:41:75:24:06:93:e5:12:98:95:4c:8e:38:
27:c6:83:42:7b:cd:a2:22:45:ff:09:6a:5f:02:62:8e:d7:3a:
5b:63:66:15:f0:43:e7:b3:6e:c6:96:1c:16:42:aa:ff:d4:33:
6e:3e:7d:7f:78:91:62:97:23:21:8b:2e:11:f1:7d:1b:96:ad:
39:87:86:b3
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIDeHXmMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDlk
ZjRlODBiNGNhZDRlNTBiNzg4ZWRmMTY5NzY3MTJkZWVmZjZjMGQwHhcNMjIwMTAx
MDA1NjEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg0MDJmNzMzZmFjZmUw
Zjc1MGQxZTJjNjA1MGU5NTJkYjE0MGI5YTQ1MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAvuEi/FJE7d6cAQuhesdU+nq8ymRFG93+NNwKiwle+cRl/wUD
yUuHnKrKEifdQyt7bG/sc3gmf78GvmAOB7LYTK2AqwL8sBmvt/FJbJbFN6tdrJjL
0G9eudfi4SCcedven6ys8nbJ0l+uWtSyTxh1TlQzxDWUkq4AKixrP6+Pe4TGisTy
To35IEGIBghW3F/d6Z89uhNKlvHefCSfVklS1J2L6yyWog4c/0DlpaBBEus3Okws
ADsj7MAJHr6N+5WpT2nDqgPC38nIPdmAcWHlVjjUYKF/1Zd5Dg9JiMbELPxXzuOO
bsiUvF8MrlIrorBrqEuBolFqnWXtG15aJqN8FwIDAQABo4ICDDCCAggwHQYDVR0O
BBYEFEAvcz+s/g91DR4sYFDpUtsUC5pFMB8GA1UdIwQYMBaAFJ306AtMrU5Qt4jt
8Wl2cS3u/2wNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
bmZUb0MweXRUbEMzaU8zeGFYWnhMZTdfYkEwLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC81MC8zNDAxMWQtMDFiZi00OGExLWE4YzMtYzlmYzVmNDUyOTk1LzEv
UUM5elA2ei1EM1VOSGl4Z1VPbFMyeFFMbWtVLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC8z
NDAxMWQtMDFiZi00OGExLWE4YzMtYzlmYzVmNDUyOTk1LzEvbmZUb0MweXRUbEMz
aU8zeGFYWnhMZTdfYkEwLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIG
CCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfC0sMA0GCSqGSIb3DQEBCwUA
A4IBAQA4aqEfxYy7nhzgvi1AXClT8rAo7lLb5S6Ubfzn6++qU4B4enXqsNR9ZhzK
u6+CNi8J4GSd6BzllbrDwvKexUqiqGtuHK9zEy2Sr9h0c9jU8YI51e+PTGeIiZ01
+VERdlsgmFbZEjWVA2gkdQzMDIx3brYkCoGVPoUeqFAZIjp7ZevLvWPhSTPpEgPU
zpHfsm23ZZgWiCa0fntn1oOP8/15ybkvJx7pDo//zFS/V+fymQit4Ycs/xfjbi9B
dSQGk+USmJVMjjgnxoNCe82iIkX/CWpfAmKO1zpbY2YV8EPns27GlhwWQqr/1DNu
Pn1/eJFilyMhiy4R8X0blq05h4az
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:03:29 2025 by rpki-client