Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/qekAPtNVw-BS1iXbP5wlLATDc7s.roa
File: qekAPtNVw-BS1iXbP5wlLATDc7s.roa (raw, json)
Hash identifier: g/HQVWHa7RWLBI7BsNzpiCLni654+nXv82U6coRy/uU=
Subject key identifier: A9:E9:00:3E:D3:55:C3:E0:52:D6:25:DB:3F:9C:25:2C:04:C3:73:BB
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0184040E3D226F579FF1783B959EE70D3F33
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/qekAPtNVw-BS1iXbP5wlLATDc7s.roa
Signing time: Sun 23 Oct 2022 08:55:52 +0000
ROA not before: Sun 23 Oct 2022 08:55:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209391
IP address blocks: 2a0e:b107:1c90::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:04:0e:3d:22:6f:57:9f:f1:78:3b:95:9e:e7:0d:3f:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Oct 23 08:55:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a9e9003ed355c3e052d625db3f9c252c04c373bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:33:8b:40:dc:75:29:e1:a0:fd:ac:82:ab:4b:
ba:a0:08:48:22:89:e5:17:d6:99:f5:0e:db:f0:3b:
0a:08:4e:ec:6c:f3:74:2d:ce:31:c5:0d:86:d4:df:
5b:60:48:a4:10:1c:d4:ab:64:60:5a:b1:f7:d7:d9:
73:c2:76:a5:0b:27:2b:77:21:1d:ee:b7:ea:ec:15:
fe:7e:72:27:82:64:db:5b:7c:e5:6a:49:16:4b:59:
22:34:71:91:52:e7:99:8a:57:f7:67:cb:22:ec:78:
f3:87:d6:13:08:83:14:a6:07:f3:bb:74:97:d2:fd:
c0:4d:15:1f:e2:34:32:6b:c3:70:79:5f:11:9e:08:
f2:34:2e:1d:65:13:46:0c:58:d6:41:eb:40:21:0d:
6a:c7:77:18:15:58:c7:aa:39:1b:39:f8:e4:f9:41:
81:89:1e:36:12:aa:13:3a:6b:0f:97:2b:9b:85:ea:
04:b6:2e:33:4d:79:30:65:7e:0d:66:62:9e:6d:c5:
25:0b:21:c8:08:71:6b:76:a2:91:9d:2b:3f:f8:b5:
34:e9:43:c7:db:c6:26:44:3d:95:7e:5b:29:49:ab:
81:58:ac:33:49:94:c2:6a:6d:73:b9:59:89:72:f3:
66:e4:aa:bb:8e:8f:bb:6a:e2:e6:29:ec:77:de:90:
08:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:E9:00:3E:D3:55:C3:E0:52:D6:25:DB:3F:9C:25:2C:04:C3:73:BB
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/qekAPtNVw-BS1iXbP5wlLATDc7s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:1c90::/48
Signature Algorithm: sha256WithRSAEncryption
18:7b:09:6b:e2:1e:49:39:5d:cc:4f:c7:4a:08:f1:cc:ae:fc:
2c:40:0d:86:16:ff:62:0f:c1:d4:8b:5d:bd:d8:4a:40:5b:db:
c3:a1:f9:fa:bf:73:30:60:d7:6d:21:bd:cf:dc:ce:fb:61:d0:
63:f1:0f:fe:10:0b:50:be:95:ed:90:b2:f4:b0:cf:a3:3c:d7:
9b:b5:0e:d2:f1:5b:8e:d8:49:1d:8b:05:6e:8a:fc:8f:89:a3:
d3:c8:67:b2:88:8c:4e:12:0c:a8:60:12:01:2d:e2:0c:5e:0e:
f6:0d:61:0f:4c:22:6a:88:90:27:ef:94:b7:11:d8:4d:7d:ca:
90:1d:43:87:ef:08:ab:28:64:da:b6:35:ae:0d:c2:e1:3c:bc:
d5:5e:98:20:10:9b:ba:85:40:41:0f:59:8a:36:9a:ce:89:a5:
3c:af:65:e6:de:6e:ad:14:29:b0:6c:c1:9a:db:df:0d:a7:1f:
bf:c4:6d:12:40:83:9c:ec:b2:3b:11:48:af:a4:46:f9:20:30:
a1:62:a9:43:53:8a:ae:6b:c0:a6:a0:75:c6:49:d1:01:b8:21:
37:6d:2b:22:3e:91:70:f1:88:11:b8:e4:82:ef:7d:39:0e:c3:
f1:3d:38:c1:d0:14:40:6a:79:98:6d:46:82:bb:95:64:9d:cc:
21:cc:44:b6
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYQEDj0ib1ef8Xg7lZ7nDT8zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIxMDIzMDg1NTUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWU5MDAzZWQzNTVjM2UwNTJkNjI1ZGIzZjljMjUyYzA0YzM3M2JiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnzOLQNx1KeGg/ayCq0u6oAhIIonl
F9aZ9Q7b8DsKCE7sbPN0Lc4xxQ2G1N9bYEikEBzUq2RgWrH319lzwnalCycrdyEd
7rfq7BX+fnIngmTbW3zlakkWS1kiNHGRUueZilf3Z8si7Hjzh9YTCIMUpgfzu3SX
0v3ATRUf4jQya8NweV8RngjyNC4dZRNGDFjWQetAIQ1qx3cYFVjHqjkbOfjk+UGB
iR42EqoTOmsPlyubheoEti4zTXkwZX4NZmKebcUlCyHICHFrdqKRnSs/+LU06UPH
28YmRD2VflspSauBWKwzSZTCam1zuVmJcvNm5Kq7jo+7auLmKex33pAIfwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKnpAD7TVcPgUtYl2z+cJSwEw3O7MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvcWVrQVB0TlZ3LUJTMWlYYlA1d2xMQVREYzdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6xBxyQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAYewlr4h5JOV3MT8dKCPHMrvwsQA2GFv9iD8HU
i1292EpAW9vDofn6v3MwYNdtIb3P3M77YdBj8Q/+EAtQvpXtkLL0sM+jPNebtQ7S
8VuO2EkdiwVuivyPiaPTyGeyiIxOEgyoYBIBLeIMXg72DWEPTCJqiJAn75S3EdhN
fcqQHUOH7wirKGTatjWuDcLhPLzVXpggEJu6hUBBD1mKNprOiaU8r2Xm3m6tFCmw
bMGa298Npx+/xG0SQIOc7LI7EUivpEb5IDChYqlDU4qua8CmoHXGSdEBuCE3bSsi
PpFw8YgRuOSC7305DsPxPTjB0BRAanmYbUaCu5VkncwhzES2
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:20 2023 by rpki-client on console-fra.rpki-client.org