Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/QcwK-2z6tdHqlmPBwTExHz0nhT0.roa
File: QcwK-2z6tdHqlmPBwTExHz0nhT0.roa (raw, json)
Hash identifier: b/JvXrJ2oVZe5gl3rQuJxFtNVSAE7g/WRadg9RPzqEM=
Subject key identifier: 41:CC:0A:FB:6C:FA:B5:D1:EA:96:63:C1:C1:31:31:1F:3D:27:85:3D
Certificate issuer: /CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Certificate serial: 095F00AA
Authority key identifier: 93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/QcwK-2z6tdHqlmPBwTExHz0nhT0.roa
Signing time: Sat 01 Jan 2022 09:03:50 +0000
ROA not before: Sat 01 Jan 2022 09:03:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60021
IP address blocks: 45.9.8.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 157221034 (0x95f00aa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Validity
Not Before: Jan 1 09:03:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=41cc0afb6cfab5d1ea9663c1c131311f3d27853d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:64:f9:57:67:f2:02:9c:5e:3c:cc:8c:44:bf:
04:f7:a8:b4:61:42:a1:03:16:94:67:85:13:9e:17:
81:75:55:5d:34:a7:61:a0:23:96:f1:31:14:66:7d:
cd:ac:25:4e:c0:57:af:3e:bd:fa:e6:4a:bf:43:82:
a6:ad:98:42:6d:8a:9b:ce:42:30:f1:e8:e0:f5:67:
86:85:30:fb:f6:6d:15:58:9d:a9:1a:25:8b:88:6f:
13:c1:53:6f:42:91:1a:c9:a2:3b:70:8a:fc:44:e3:
6c:5c:bd:09:fb:7a:d9:81:31:32:97:32:fc:9a:1e:
a5:94:10:0d:44:80:3e:3a:c5:f8:b9:53:f1:69:37:
12:55:f7:5e:d4:16:ee:36:6a:3d:1e:d0:14:d4:7e:
35:06:3b:e8:20:8d:4f:18:06:2f:32:73:86:e9:43:
ce:02:0c:ac:c6:87:b7:25:d0:af:5d:4c:14:44:51:
ec:90:dd:8d:ea:0b:b1:fc:e0:7c:60:9b:06:53:d2:
0c:d7:0e:a0:e2:93:a0:6c:65:d7:0c:e9:00:8e:96:
47:77:8b:d2:26:56:19:54:f3:14:c1:9a:19:12:b4:
89:7c:52:c5:2d:70:a0:2e:92:91:1e:c7:8d:0a:5c:
14:89:4c:3f:2e:4b:db:5c:db:69:75:83:c8:e1:5a:
1b:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:CC:0A:FB:6C:FA:B5:D1:EA:96:63:C1:C1:31:31:1F:3D:27:85:3D
X509v3 Authority Key Identifier:
keyid:93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/QcwK-2z6tdHqlmPBwTExHz0nhT0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.8.0/23
Signature Algorithm: sha256WithRSAEncryption
0a:49:97:e3:0b:a8:14:37:66:28:df:5c:9b:c0:f0:7e:73:69:
24:d7:64:77:30:c8:1d:56:14:9d:db:67:d7:0a:a0:cf:fe:67:
91:ea:4f:dd:0a:56:78:7d:26:3a:62:03:51:82:94:90:96:ce:
78:61:b5:d4:84:06:84:af:11:b7:2c:e7:a7:97:a1:81:e4:1c:
d1:20:0f:c9:ed:51:84:2b:f1:40:d5:a5:11:4d:ac:e6:3c:13:
d4:46:f8:de:c4:03:1a:23:76:88:c1:9f:ad:e3:46:d3:e7:03:
be:ce:7f:24:83:91:82:b5:ef:04:4a:7c:eb:88:fa:5e:3c:1d:
fe:86:52:d6:03:b1:b7:73:25:79:21:9b:8f:97:b4:a0:62:d2:
8d:2a:ce:07:90:55:f3:d8:a6:72:c1:9a:3b:01:e6:a9:db:0b:
6c:a8:25:5c:57:ea:92:9f:62:31:94:05:fd:98:6d:63:ca:f6:
9d:c8:96:1c:4e:56:a9:62:2c:9e:c1:df:12:39:df:95:bf:1a:
7d:73:df:0f:d6:ac:e3:bd:b7:b1:c9:9c:64:90:4d:71:c0:a1:
1d:c5:15:c5:fb:f0:a7:b5:ac:1a:db:d4:ba:1b:67:0f:7f:e9:
34:bd:db:6f:b7:42:5e:f7:e2:87:db:17:0e:97:2d:e1:f5:1f:
2b:1a:83:42
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECV8AqjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MzYxYjVjZDY5NjgyNWI3NGZjY2JhN2Q5N2MzZDBhMjcyNGVmM2FhMB4XDTIyMDEw
MTA5MDM1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDFjYzBhZmI2Y2Zh
YjVkMWVhOTY2M2MxYzEzMTMxMWYzZDI3ODUzZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALlk+Vdn8gKcXjzMjES/BPeotGFCoQMWlGeFE54XgXVVXTSn
YaAjlvExFGZ9zawlTsBXrz69+uZKv0OCpq2YQm2Km85CMPHo4PVnhoUw+/ZtFVid
qRoli4hvE8FTb0KRGsmiO3CK/ETjbFy9Cft62YExMpcy/JoepZQQDUSAPjrF+LlT
8Wk3ElX3XtQW7jZqPR7QFNR+NQY76CCNTxgGLzJzhulDzgIMrMaHtyXQr11MFERR
7JDdjeoLsfzgfGCbBlPSDNcOoOKToGxl1wzpAI6WR3eL0iZWGVTzFMGaGRK0iXxS
xS1woC6SkR7HjQpcFIlMPy5L21zbaXWDyOFaG+kCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRBzAr7bPq10eqWY8HBMTEfPSeFPTAfBgNVHSMEGDAWgBSTYbXNaWglt0/M
un2Xw9Cick7zqjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2syRzF6V2xvSmJkUHpMcDlsOFBRb25KTzg2by5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2YvNzJiZjJmLThlMzQtNDhhMi04NDlhLWE1NDFkMWJjZWUxOS8x
L1Fjd0stMno2dGRIcWxtUEJ3VEV4SHowbmhUMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Yv
NzJiZjJmLThlMzQtNDhhMi04NDlhLWE1NDFkMWJjZWUxOS8xL2syRzF6V2xvSmJk
UHpMcDlsOFBRb25KTzg2by5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAS0JCDANBgkqhkiG9w0BAQsFAAOC
AQEACkmX4wuoFDdmKN9cm8DwfnNpJNdkdzDIHVYUndtn1wqgz/5nkepP3QpWeH0m
OmIDUYKUkJbOeGG11IQGhK8Rtyznp5ehgeQc0SAPye1RhCvxQNWlEU2s5jwT1Eb4
3sQDGiN2iMGfreNG0+cDvs5/JIORgrXvBEp864j6Xjwd/oZS1gOxt3MleSGbj5e0
oGLSjSrOB5BV89imcsGaOwHmqdsLbKglXFfqkp9iMZQF/ZhtY8r2nciWHE5WqWIs
nsHfEjnflb8afXPfD9as4723scmcZJBNccChHcUVxfvwp7WsGtvUuhtnD3/pNL3b
b7dCXvfih9sXDpct4fUfKxqDQg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:37 2024 by rpki-client on console-fra.rpki-client.org