Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/652eb4-321c-48c0-9272-3ae711af034b/1/kQu9KBpQIl2gHii1rUL2sSN1Rsw.roa
File: kQu9KBpQIl2gHii1rUL2sSN1Rsw.roa (raw, json)
Hash identifier: XWJJAGZXGsIB4l/fO4K4Yk+RFiP3Rs57dL/8RFFxWtQ=
Subject key identifier: 91:0B:BD:28:1A:50:22:5D:A0:1E:28:B5:AD:42:F6:B1:23:75:46:CC
Certificate issuer: /CN=8f2824c61357dc344bbdf35b83577459b9d3fc44
Certificate serial: 02E1378B
Authority key identifier: 8F:28:24:C6:13:57:DC:34:4B:BD:F3:5B:83:57:74:59:B9:D3:FC:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jygkxhNX3DRLvfNbg1d0WbnT_EQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/652eb4-321c-48c0-9272-3ae711af034b/1/kQu9KBpQIl2gHii1rUL2sSN1Rsw.roa
Signing time: Sat 01 Jan 2022 14:59:18 +0000
ROA not before: Sat 01 Jan 2022 14:59:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 14618
IP address blocks: 2a00:4bc0:2000::/44 maxlen: 56
2a00:4bc0:2100::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 48314251 (0x2e1378b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f2824c61357dc344bbdf35b83577459b9d3fc44
Validity
Not Before: Jan 1 14:59:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=910bbd281a50225da01e28b5ad42f6b1237546cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:d6:15:b9:3a:c7:aa:d0:45:fd:68:70:ef:27:
c9:ee:52:c0:77:38:8f:c8:20:72:2a:2b:e0:a0:37:
4f:70:da:2f:44:d4:6c:c5:4d:a9:56:00:ac:61:43:
99:72:77:89:9a:f8:80:b7:15:76:95:cc:79:f2:d4:
c8:3b:a5:dc:43:23:f2:34:f8:89:ea:ea:2d:f4:19:
b0:66:11:61:70:11:68:0d:29:52:49:a2:02:fc:4a:
7e:b1:c8:4f:7c:3f:04:80:aa:2e:ef:37:7f:18:be:
d6:3d:df:97:df:43:7f:c7:82:33:3d:3e:fe:fe:a4:
2f:45:16:35:f0:35:c8:a8:1c:fd:27:c9:00:48:93:
35:c7:c7:14:29:bf:30:eb:4b:62:4b:b1:2b:94:32:
0c:4e:ca:62:53:71:d0:8b:98:34:4a:aa:0c:dd:e7:
fc:6e:0b:cb:c4:35:41:f8:09:d1:32:b2:ac:56:29:
3f:59:bc:43:da:d4:63:f0:bb:8e:e4:dd:67:ad:d2:
5a:a8:ee:3a:17:b7:a9:31:5c:ba:aa:de:bf:5e:db:
96:26:1c:87:3f:6f:64:3e:37:a3:2f:0b:49:2d:2b:
12:7a:6e:75:ce:7d:b2:46:87:23:17:ae:22:fe:62:
3c:8d:bc:28:71:65:0c:b6:fa:3b:19:4e:66:45:04:
d3:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:0B:BD:28:1A:50:22:5D:A0:1E:28:B5:AD:42:F6:B1:23:75:46:CC
X509v3 Authority Key Identifier:
keyid:8F:28:24:C6:13:57:DC:34:4B:BD:F3:5B:83:57:74:59:B9:D3:FC:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jygkxhNX3DRLvfNbg1d0WbnT_EQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/652eb4-321c-48c0-9272-3ae711af034b/1/kQu9KBpQIl2gHii1rUL2sSN1Rsw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/652eb4-321c-48c0-9272-3ae711af034b/1/jygkxhNX3DRLvfNbg1d0WbnT_EQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:4bc0:2000::/44
2a00:4bc0:2100::/40
Signature Algorithm: sha256WithRSAEncryption
02:f8:41:b9:c4:5e:36:79:c9:36:63:6b:13:55:3f:1e:60:60:
25:97:87:00:95:82:a2:6a:93:9d:f9:2b:e2:d1:a2:57:38:f8:
d9:f0:5f:cb:31:e5:41:5a:17:28:a3:a9:86:8f:c1:18:eb:a6:
36:85:63:2b:40:65:00:81:6c:0b:58:6f:fe:d7:d0:47:a3:c5:
0c:52:c3:a7:9a:40:47:9f:e1:25:16:f1:a2:2e:e0:ff:17:b5:
9e:d8:e5:4e:fe:ee:20:20:55:85:6c:5c:23:f3:20:2b:af:b3:
3a:30:83:24:0f:ae:ca:6a:04:15:c2:52:69:33:b7:2a:47:da:
d7:95:b2:d1:11:9d:b3:68:17:4f:2a:fb:b1:28:34:b7:ed:f5:
27:84:45:dd:59:1d:f4:19:64:07:34:71:7e:a9:27:47:d2:77:
08:9b:cc:a6:57:61:58:4c:43:fd:3d:d7:ec:4d:96:59:68:43:
a4:8d:f6:d0:36:b8:b4:b2:e7:b5:25:ad:48:0b:5a:b5:ac:f2:
2b:7a:b0:86:48:52:d9:0d:99:b8:9b:90:a0:b8:d8:ba:b9:d4:
e3:41:62:77:96:25:22:9b:5e:50:be:81:1b:63:54:bd:fa:71:
3e:4a:c1:c0:2a:4d:e7:47:6a:5a:94:ba:87:d7:c6:59:95:e3:
45:97:c6:42
-----BEGIN CERTIFICATE-----
MIIE+jCCA+KgAwIBAgIEAuE3izANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ZjI4MjRjNjEzNTdkYzM0NGJiZGYzNWI4MzU3NzQ1OWI5ZDNmYzQ0MB4XDTIyMDEw
MTE0NTkxOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTEwYmJkMjgxYTUw
MjI1ZGEwMWUyOGI1YWQ0MmY2YjEyMzc1NDZjYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKnWFbk6x6rQRf1ocO8nye5SwHc4j8ggcior4KA3T3DaL0TU
bMVNqVYArGFDmXJ3iZr4gLcVdpXMefLUyDul3EMj8jT4ierqLfQZsGYRYXARaA0p
UkmiAvxKfrHIT3w/BICqLu83fxi+1j3fl99Df8eCMz0+/v6kL0UWNfA1yKgc/SfJ
AEiTNcfHFCm/MOtLYkuxK5QyDE7KYlNx0IuYNEqqDN3n/G4Ly8Q1QfgJ0TKyrFYp
P1m8Q9rUY/C7juTdZ63SWqjuOhe3qTFcuqrev17bliYchz9vZD43oy8LSS0rEnpu
dc59skaHIxeuIv5iPI28KHFlDLb6OxlOZkUE0zkCAwEAAaOCAhQwggIQMB0GA1Ud
DgQWBBSRC70oGlAiXaAeKLWtQvaxI3VGzDAfBgNVHSMEGDAWgBSPKCTGE1fcNEu9
81uDV3RZudP8RDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2p5Z2t4aE5YM0RSTHZmTmJnMWQwV2JuVF9FUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTkvNjUyZWI0LTMyMWMtNDhjMC05MjcyLTNhZTcxMWFmMDM0Yi8x
L2tRdTlLQnBRSWwyZ0hpaTFyVUwyc1NOMVJzdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTkv
NjUyZWI0LTMyMWMtNDhjMC05MjcyLTNhZTcxMWFmMDM0Yi8xL2p5Z2t4aE5YM0RS
THZmTmJnMWQwV2JuVF9FUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAq
BggrBgEFBQcBBwEB/wQbMBkwFwQCAAIwEQMHBCoAS8AgAAMGACoAS8AhMA0GCSqG
SIb3DQEBCwUAA4IBAQAC+EG5xF42eck2Y2sTVT8eYGAll4cAlYKiapOd+Svi0aJX
OPjZ8F/LMeVBWhcoo6mGj8EY66Y2hWMrQGUAgWwLWG/+19BHo8UMUsOnmkBHn+El
FvGiLuD/F7We2OVO/u4gIFWFbFwj8yArr7M6MIMkD67KagQVwlJpM7cqR9rXlbLR
EZ2zaBdPKvuxKDS37fUnhEXdWR30GWQHNHF+qSdH0ncIm8ymV2FYTEP9PdfsTZZZ
aEOkjfbQNri0sue1Ja1IC1q1rPIrerCGSFLZDZm4m5CguNi6udTjQWJ3liUim15Q
voEbY1S9+nE+SsHAKk3nR2palLqH18ZZleNFl8ZC
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:32 2023 by rpki-client on console-ams.rpki-client.org