Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/QoEjQvBb_bQhtNAlfk5CGbkIX4k.roa
File: QoEjQvBb_bQhtNAlfk5CGbkIX4k.roa (raw, json)
Hash identifier: QSgKCi8ZJsGSY/M7FCA6eUPS390kKzqcAcZk9GdKmbA=
Subject key identifier: 42:81:23:42:F0:5B:FD:B4:21:B4:D0:25:7E:4E:42:19:B9:08:5F:89
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 106C9B7F
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/QoEjQvBb_bQhtNAlfk5CGbkIX4k.roa
Signing time: Sat 01 Jan 2022 09:04:35 +0000
ROA not before: Sat 01 Jan 2022 09:04:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6939
IP address blocks: 2a0e:97c0:4b0::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 275553151 (0x106c9b7f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 1 09:04:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=42812342f05bfdb421b4d0257e4e4219b9085f89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:c2:60:f3:77:50:6b:1b:2e:3f:c7:81:0f:f8:
05:10:c3:20:87:bb:34:c4:4c:35:63:99:ce:ce:26:
43:e4:6b:6c:dc:fc:4a:01:5e:db:60:f2:44:2a:62:
df:4c:a2:c1:5f:d2:0c:51:5e:d9:03:26:0c:f9:6d:
1c:ac:90:8f:bd:c6:0d:64:f7:ac:be:8b:40:4d:d0:
f6:43:5d:14:f5:74:c2:e8:ac:c8:06:b5:da:b6:8f:
65:7b:96:79:a5:9b:ba:e9:75:d9:78:0f:8a:c5:4a:
0d:8e:7b:0f:4e:16:dd:a3:5d:32:ab:17:a7:91:4d:
42:d5:fa:d6:b0:2d:20:84:db:ae:68:f4:c9:d7:e1:
d1:56:5c:b5:8f:47:bd:c0:f3:10:09:8d:1e:4c:2e:
e3:49:b2:36:bb:51:b8:ae:ae:93:01:c9:d8:8e:24:
74:fd:7b:2b:44:63:c3:74:53:ba:dc:3c:f3:97:96:
bc:f6:19:05:6e:ad:f4:c0:9b:e0:f7:d1:74:ac:70:
bd:f6:d8:7f:e6:93:3a:b5:f9:5f:5f:db:60:e5:a6:
59:8a:81:c3:31:73:23:c8:14:28:12:3a:7e:9a:96:
41:80:af:28:d5:9d:9e:74:6e:65:b1:81:dd:65:76:
20:79:7c:a3:b7:72:6b:06:f8:f0:7f:7d:48:92:46:
f2:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:81:23:42:F0:5B:FD:B4:21:B4:D0:25:7E:4E:42:19:B9:08:5F:89
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/QoEjQvBb_bQhtNAlfk5CGbkIX4k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:4b0::/44
Signature Algorithm: sha256WithRSAEncryption
8e:73:e2:d0:2e:53:e9:61:e9:7f:5d:b6:39:a8:06:0c:ed:de:
20:81:96:7f:d2:84:dc:f7:6b:cd:80:63:75:79:ca:30:4e:f2:
ce:47:14:e1:88:fb:b7:55:b1:fd:7e:18:75:e8:5a:e5:a5:52:
10:46:5b:ef:ec:19:c7:8d:82:ce:3a:ea:37:5d:42:0e:d1:14:
e9:49:c4:a9:be:80:27:8c:48:72:cc:7b:5f:24:a9:d9:1e:d3:
e4:b9:15:75:9f:0a:e1:09:63:a7:2c:68:cf:c2:c8:d4:3e:f5:
a9:05:6d:98:1d:ac:73:de:f9:cf:e0:22:ef:d3:68:41:77:7e:
aa:0a:d6:7e:48:c2:94:c4:7b:89:53:81:86:de:81:80:c4:6c:
34:37:2d:15:92:01:ec:52:58:2b:3b:a6:9c:e2:c3:0f:91:ff:
12:f7:6f:36:61:bc:40:fc:e4:85:75:44:d8:c7:14:5f:31:02:
47:dd:6d:c1:53:a0:ca:3b:0c:40:41:86:4c:25:bf:0a:6c:c8:
f9:e1:28:5f:5a:c1:93:c2:50:bf:ce:1a:fa:40:c7:14:4b:e9:
98:39:35:f8:9c:09:47:df:87:51:b9:2f:59:0d:24:05:71:6c:
2c:02:39:70:06:f4:ad:a0:68:23:f1:c2:9a:28:b3:35:ab:a6:
1d:6a:ef:30
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEEGybfzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDEw
MTA5MDQzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDI4MTIzNDJmMDVi
ZmRiNDIxYjRkMDI1N2U0ZTQyMTliOTA4NWY4OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANfCYPN3UGsbLj/HgQ/4BRDDIIe7NMRMNWOZzs4mQ+RrbNz8
SgFe22DyRCpi30yiwV/SDFFe2QMmDPltHKyQj73GDWT3rL6LQE3Q9kNdFPV0wuis
yAa12raPZXuWeaWbuul12XgPisVKDY57D04W3aNdMqsXp5FNQtX61rAtIITbrmj0
ydfh0VZctY9HvcDzEAmNHkwu40myNrtRuK6ukwHJ2I4kdP17K0Rjw3RTutw885eW
vPYZBW6t9MCb4PfRdKxwvfbYf+aTOrX5X1/bYOWmWYqBwzFzI8gUKBI6fpqWQYCv
KNWdnnRuZbGB3WV2IHl8o7dyawb48H99SJJG8qMCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBRCgSNC8Fv9tCG00CV+TkIZuQhfiTAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
L1FvRWpRdkJiX2JRaHROQWxmazVDR2JrSVg0ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoOl8AEsDANBgkqhkiG9w0BAQsF
AAOCAQEAjnPi0C5T6WHpf122OagGDO3eIIGWf9KE3PdrzYBjdXnKME7yzkcU4Yj7
t1Wx/X4Ydeha5aVSEEZb7+wZx42CzjrqN11CDtEU6UnEqb6AJ4xIcsx7XySp2R7T
5LkVdZ8K4Qljpyxoz8LI1D71qQVtmB2sc975z+Ai79NoQXd+qgrWfkjClMR7iVOB
ht6BgMRsNDctFZIB7FJYKzumnOLDD5H/EvdvNmG8QPzkhXVE2McUXzECR91twVOg
yjsMQEGGTCW/CmzI+eEoX1rBk8JQv84a+kDHFEvpmDk1+JwJR9+HUbkvWQ0kBXFs
LAI5cAb0raBoI/HCmiizNaumHWrvMA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:59 2023 by rpki-client on console-ams.rpki-client.org