Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/Q301giF0u3XzOVjP50sw-yiRYig.roa
File: Q301giF0u3XzOVjP50sw-yiRYig.roa (raw, json)
Hash identifier: CU6CuGTMX+OUl38WoEnbVoD4fuu9crG1k9QZ7hRNZ6E=
Subject key identifier: 43:7D:35:82:21:74:BB:75:F3:39:58:CF:E7:4B:30:FB:28:91:62:28
Certificate issuer: /CN=f77705e89bb65b472e4e0184d6fe9bfb8c58635a
Certificate serial: 0183A4275A70BE22356F63BE3D9B0BE88F0B
Authority key identifier: F7:77:05:E8:9B:B6:5B:47:2E:4E:01:84:D6:FE:9B:FB:8C:58:63:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/93cF6Ju2W0cuTgGE1v6b-4xYY1o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/Q301giF0u3XzOVjP50sw-yiRYig.roa
Signing time: Tue 04 Oct 2022 17:59:45 +0000
ROA not before: Tue 04 Oct 2022 17:59:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202473
IP address blocks: 2a03:5840:310::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:a4:27:5a:70:be:22:35:6f:63:be:3d:9b:0b:e8:8f:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f77705e89bb65b472e4e0184d6fe9bfb8c58635a
Validity
Not Before: Oct 4 17:59:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=437d35822174bb75f33958cfe74b30fb28916228
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:01:5e:93:4e:53:5b:ba:4a:d7:13:1c:3b:d3:
c4:9d:3f:7f:bc:6d:0c:e4:85:b2:4c:27:d5:a9:e7:
f3:d8:3a:ed:bc:6a:78:6d:bb:27:31:94:a6:c7:d6:
13:0e:77:64:39:a5:8e:14:30:07:d6:24:a5:1f:a2:
f6:f4:cc:41:1c:e2:e3:49:c0:3f:09:2b:aa:7c:75:
a7:37:7a:5b:3c:f3:3c:b5:e4:a7:4c:de:0f:ba:aa:
15:59:c7:6c:d9:29:e2:b1:20:92:25:42:94:8f:4b:
d2:94:62:6c:4d:2b:14:bd:61:44:91:d4:51:d1:61:
29:35:e9:6d:9d:c1:30:40:cf:f1:ba:e8:6c:0e:b2:
34:86:cf:68:76:90:77:3c:af:00:ea:33:0c:f1:af:
b3:d0:4a:c7:fd:66:3a:b2:70:45:c6:3a:b4:fa:38:
c6:16:f3:2c:36:dd:be:29:bc:1a:ca:18:08:0a:52:
a5:b8:21:92:32:2c:99:a3:44:7c:f2:5f:fd:e5:c2:
1f:2c:94:5a:76:1f:3a:32:be:6d:e5:bc:40:6c:bb:
ea:ff:47:ec:f9:7a:62:1e:86:b1:ef:db:6a:97:c0:
91:b8:48:7a:aa:cd:69:84:19:c8:02:31:11:4a:3a:
08:78:a0:d5:66:44:53:ea:12:ca:0f:37:9a:74:02:
96:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:7D:35:82:21:74:BB:75:F3:39:58:CF:E7:4B:30:FB:28:91:62:28
X509v3 Authority Key Identifier:
keyid:F7:77:05:E8:9B:B6:5B:47:2E:4E:01:84:D6:FE:9B:FB:8C:58:63:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/93cF6Ju2W0cuTgGE1v6b-4xYY1o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/Q301giF0u3XzOVjP50sw-yiRYig.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/93cF6Ju2W0cuTgGE1v6b-4xYY1o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:5840:310::/44
Signature Algorithm: sha256WithRSAEncryption
aa:f0:29:4a:3f:dc:fa:13:c5:aa:67:b9:7b:87:33:6a:de:3d:
d6:5f:0e:23:b5:0d:6d:05:5e:f0:ce:04:90:f2:58:b9:8a:39:
94:fe:d6:d9:3f:c8:ef:af:65:d6:ed:a7:39:d5:94:96:f0:0e:
fe:99:61:f7:03:ee:d5:c8:36:65:8a:b3:16:30:d7:66:23:a2:
95:78:c4:de:e4:53:86:4d:97:ba:0e:a2:a2:32:be:af:b9:da:
38:1c:c0:77:0d:ac:c9:dc:92:5e:4f:e3:fa:4a:19:68:b8:ea:
1f:36:e6:fd:3c:53:00:ed:3d:51:b7:23:97:26:c0:de:b2:48:
65:2b:ce:52:1f:d8:7a:d3:af:01:42:d5:5a:71:fe:49:ef:23:
d2:15:a3:b5:ba:a4:c2:42:f7:1f:1b:25:18:36:f9:2a:2f:c9:
4b:a9:72:dc:bb:6d:9e:e1:23:e1:fa:ff:82:5a:d2:76:69:98:
17:1c:5d:b3:0a:05:88:f4:62:b5:1e:aa:11:d7:69:9a:f1:1e:
10:31:ba:73:62:9a:2f:2c:02:c3:cd:a5:bf:d8:a1:a2:d5:5c:
6a:d6:e6:d2:17:f4:87:26:38:b0:39:03:4d:ac:f6:24:d0:ce:
0f:05:d2:69:1c:ec:b9:11:0b:ee:32:39:68:d2:e9:dc:52:2a:
ad:5d:f1:53
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYOkJ1pwviI1b2O+PZsL6I8LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3NzcwNWU4OWJiNjViNDcyZTRlMDE4NGQ2ZmU5YmZiOGM1
ODYzNWEwHhcNMjIxMDA0MTc1OTQ1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzdkMzU4MjIxNzRiYjc1ZjMzOTU4Y2ZlNzRiMzBmYjI4OTE2MjI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiAFek05TW7pK1xMcO9PEnT9/vG0M
5IWyTCfVqefz2DrtvGp4bbsnMZSmx9YTDndkOaWOFDAH1iSlH6L29MxBHOLjScA/
CSuqfHWnN3pbPPM8teSnTN4PuqoVWcds2SnisSCSJUKUj0vSlGJsTSsUvWFEkdRR
0WEpNeltncEwQM/xuuhsDrI0hs9odpB3PK8A6jMM8a+z0ErH/WY6snBFxjq0+jjG
FvMsNt2+KbwayhgIClKluCGSMiyZo0R88l/95cIfLJRadh86Mr5t5bxAbLvq/0fs
+XpiHoax79tql8CRuEh6qs1phBnIAjERSjoIeKDVZkRT6hLKDzeadAKW8wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEN9NYIhdLt18zlYz+dLMPsokWIoMB8GA1UdIwQY
MBaAFPd3BeibtltHLk4BhNb+m/uMWGNaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTNjRjZKdTJXMGN1VGdHRTF2NmItNHhZWTFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy8wMjI4MzktNjk4NC00MGQ0LTg3MTYt
NmNiODk3OTFkN2ZkLzEvUTMwMWdpRjB1M1h6T1ZqUDUwc3cteWlSWWlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy8wMjI4MzktNjk4NC00MGQ0LTg3MTYtNmNiODk3OTFkN2Zk
LzEvOTNjRjZKdTJXMGN1VGdHRTF2NmItNHhZWTFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgNYQAMQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCq8ClKP9z6E8WqZ7l7hzNq3j3WXw4jtQ1tBV7w
zgSQ8li5ijmU/tbZP8jvr2XW7ac51ZSW8A7+mWH3A+7VyDZlirMWMNdmI6KVeMTe
5FOGTZe6DqKiMr6vudo4HMB3DazJ3JJeT+P6ShlouOofNub9PFMA7T1RtyOXJsDe
skhlK85SH9h6068BQtVacf5J7yPSFaO1uqTCQvcfGyUYNvkqL8lLqXLcu22e4SPh
+v+CWtJ2aZgXHF2zCgWI9GK1HqoR12ma8R4QMbpzYpovLALDzaW/2KGi1Vxq1ubS
F/SHJjiwOQNNrPYk0M4PBdJpHOy5EQvuMjlo0uncUiqtXfFT
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:59 2023 by rpki-client on console-ams.rpki-client.org