Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/QL9vsRUF_U5JXlbpF4KmJG7YZKQ.roa
File: QL9vsRUF_U5JXlbpF4KmJG7YZKQ.roa (raw, json)
Hash identifier: nzy13bLgm/ePKxD1EnpmSFrHs0uVHDX7wZA5Az+pdJk=
Subject key identifier: 40:BF:6F:B1:15:05:FD:4E:49:5E:56:E9:17:82:A6:24:6E:D8:64:A4
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018242DE712E1AEC937A085F9542DD2C8A3C
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/QL9vsRUF_U5JXlbpF4KmJG7YZKQ.roa
Signing time: Thu 28 Jul 2022 03:34:10 +0000
ROA not before: Thu 28 Jul 2022 03:34:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203691
IP address blocks: 2a0e:b107:1c0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:42:de:71:2e:1a:ec:93:7a:08:5f:95:42:dd:2c:8a:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jul 28 03:34:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=40bf6fb11505fd4e495e56e91782a6246ed864a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:09:09:2a:4b:11:a3:d1:7f:b6:69:e4:6f:a4:
73:d9:54:ea:a1:82:c7:46:3f:b0:51:34:ad:df:ea:
5e:42:bf:85:b2:92:d0:cb:cc:f7:9b:2f:44:9e:4f:
78:9e:62:59:a7:e2:ca:5f:e8:25:11:8f:b6:f2:43:
b9:0f:63:23:81:b6:34:92:a8:a8:19:d4:2b:e2:bb:
a7:24:93:23:fa:48:15:ee:9b:ee:5b:52:82:93:32:
b0:3c:4f:f5:b1:6b:f8:f8:1a:14:0a:46:13:fc:b3:
e9:cb:91:78:e4:d2:b1:c2:5a:7d:9c:92:97:2f:55:
61:69:6c:c7:8e:d8:57:c9:ab:ed:b1:32:86:47:51:
27:48:0f:b3:e7:1a:1e:9a:cb:2a:a4:6d:4b:b4:37:
46:47:ff:93:ee:08:87:cb:cf:10:fb:54:7f:4c:4a:
30:4e:0b:b5:cf:3f:72:c6:18:67:96:ec:c4:0b:95:
f6:70:f8:5d:e6:1f:fe:dc:44:c7:78:9f:94:bd:8c:
65:fc:a0:cb:aa:a2:ff:7e:5c:77:38:cf:2a:cb:48:
e9:18:32:4a:66:0d:72:02:df:79:6a:3e:e3:7f:23:
bf:b0:7e:fe:9e:d9:73:e1:44:5c:43:c4:09:ef:41:
bb:43:1e:87:2a:49:af:1f:f5:87:eb:89:c3:2c:eb:
4e:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:BF:6F:B1:15:05:FD:4E:49:5E:56:E9:17:82:A6:24:6E:D8:64:A4
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/QL9vsRUF_U5JXlbpF4KmJG7YZKQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:1c0::/48
Signature Algorithm: sha256WithRSAEncryption
92:3a:b7:aa:62:88:6e:44:6d:41:e6:c6:1a:3a:00:f7:76:fe:
c1:36:8f:70:2e:86:45:1b:b1:da:75:5e:d0:12:7d:68:58:41:
e0:91:38:51:7d:6c:8e:74:e1:9d:fe:4a:fa:36:0c:3e:08:52:
12:76:81:11:5b:88:0d:31:1d:da:05:84:f4:33:8f:45:09:da:
3f:7a:37:94:88:e8:de:bf:9d:fd:ca:92:36:a4:01:ab:f7:bc:
04:d9:e9:1b:6e:b6:6a:67:89:8c:23:1a:17:a8:98:7d:e9:13:
34:5a:93:1f:fc:69:f8:1a:a9:21:86:a1:2b:06:c6:9a:1c:92:
80:9c:dd:58:04:aa:44:d1:ec:b7:44:18:5b:8c:fd:14:7b:84:
63:32:d5:c4:c1:91:41:99:26:f6:fb:5b:7d:43:8b:c2:4e:cb:
95:ae:6e:f7:1d:51:36:92:2e:63:56:ef:fd:be:21:ba:c5:83:
59:ea:b1:ce:90:b8:8e:16:6f:49:86:cc:9d:bf:89:70:5c:7e:
55:c7:45:db:0b:f5:f7:f0:41:14:63:75:ca:80:75:c8:a3:18:
19:60:a7:45:a1:62:47:67:b9:ec:c2:9f:a3:56:16:bd:8c:53:
b9:eb:c2:31:08:08:eb:00:15:3c:ba:de:15:90:20:bd:8e:e0:
a9:96:4c:dd
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYJC3nEuGuyTeghflULdLIo8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIwNzI4MDMzNDEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGJmNmZiMTE1MDVmZDRlNDk1ZTU2ZTkxNzgyYTYyNDZlZDg2NGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAowkJKksRo9F/tmnkb6Rz2VTqoYLH
Rj+wUTSt3+peQr+FspLQy8z3my9Enk94nmJZp+LKX+glEY+28kO5D2MjgbY0kqio
GdQr4runJJMj+kgV7pvuW1KCkzKwPE/1sWv4+BoUCkYT/LPpy5F45NKxwlp9nJKX
L1VhaWzHjthXyavtsTKGR1EnSA+z5xoemssqpG1LtDdGR/+T7giHy88Q+1R/TEow
Tgu1zz9yxhhnluzEC5X2cPhd5h/+3ETHeJ+UvYxl/KDLqqL/flx3OM8qy0jpGDJK
Zg1yAt95aj7jfyO/sH7+ntlz4URcQ8QJ70G7Qx6HKkmvH/WH64nDLOtOiwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEC/b7EVBf1OSV5W6ReCpiRu2GSkMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvUUw5dnNSVUZfVTVKWGxicEY0S21KRzdZWktRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6xBwHA
MA0GCSqGSIb3DQEBCwUAA4IBAQCSOreqYohuRG1B5sYaOgD3dv7BNo9wLoZFG7Ha
dV7QEn1oWEHgkThRfWyOdOGd/kr6Ngw+CFISdoERW4gNMR3aBYT0M49FCdo/ejeU
iOjev539ypI2pAGr97wE2ekbbrZqZ4mMIxoXqJh96RM0WpMf/Gn4GqkhhqErBsaa
HJKAnN1YBKpE0ey3RBhbjP0Ue4RjMtXEwZFBmSb2+1t9Q4vCTsuVrm73HVE2ki5j
Vu/9viG6xYNZ6rHOkLiOFm9Jhsydv4lwXH5Vx0XbC/X38EEUY3XKgHXIoxgZYKdF
oWJHZ7nswp+jVha9jFO568IxCAjrABU8ut4VkCC9juCplkzd
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:16 2023 by rpki-client on console-fra.rpki-client.org