Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/QWHNs1QUTjdZ6NgWNqVPb63fQ5k.roa
File: QWHNs1QUTjdZ6NgWNqVPb63fQ5k.roa (raw, json)
Hash identifier: dVyUQsDCovqH5cw6bupryUX8DQ7xHxX6uV6HXLVbvV4=
Subject key identifier: 41:61:CD:B3:54:14:4E:37:59:E8:D8:16:36:A5:4F:6F:AD:DF:43:99
Certificate issuer: /CN=835bc9bb547e27788d221bc8bbd5fb02e024480f
Certificate serial: 10A81BA3
Authority key identifier: 83:5B:C9:BB:54:7E:27:78:8D:22:1B:C8:BB:D5:FB:02:E0:24:48:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g1vJu1R-J3iNIhvIu9X7AuAkSA8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/QWHNs1QUTjdZ6NgWNqVPb63fQ5k.roa
Signing time: Sat 01 Jan 2022 13:59:28 +0000
ROA not before: Sat 01 Jan 2022 13:59:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207080
IP address blocks: 2a0b:6b86:400::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 279452579 (0x10a81ba3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=835bc9bb547e27788d221bc8bbd5fb02e024480f
Validity
Not Before: Jan 1 13:59:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4161cdb354144e3759e8d81636a54f6faddf4399
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:cc:22:2b:d2:c2:0d:1e:d9:4f:c7:f7:d4:00:
49:8e:39:09:3e:fe:7c:1d:cc:1b:77:9c:60:27:af:
5c:b3:e1:9c:58:18:56:ed:09:55:84:7b:b4:57:86:
5e:2c:ad:5e:8f:3a:ef:51:57:d4:59:60:3a:59:09:
d8:ae:80:87:b6:5f:d5:ef:5b:c8:ea:7a:61:28:0f:
5c:b4:1f:6c:46:00:24:65:81:12:21:1f:46:e4:bd:
64:c3:8f:3d:a2:6a:2f:83:41:df:cd:0f:74:fa:4d:
f8:3d:39:fb:c4:e3:33:fb:83:c1:f8:89:b0:5e:f8:
67:e1:50:f9:2f:81:ec:ca:45:03:f2:60:a6:1a:68:
5c:ca:00:c0:bc:8a:8b:85:a4:4e:e8:fa:e8:61:cc:
5b:0b:df:ae:58:68:e1:2b:f0:7c:d3:5d:0b:15:27:
58:af:bb:f8:16:a1:30:db:86:6f:41:c0:55:9b:c0:
12:b0:65:48:c2:41:1e:a3:8d:8e:7a:e6:2d:ac:bb:
87:c0:e0:59:f7:bf:ca:ec:91:2f:07:3f:d0:af:1e:
e1:75:05:71:af:d7:90:26:e9:d6:d6:7d:cb:f5:ce:
b9:1a:d0:3e:33:2c:b3:dc:87:e9:cb:65:88:c8:ad:
6b:4b:19:03:b1:e3:a0:de:88:6b:ee:f0:e2:17:d3:
a8:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:61:CD:B3:54:14:4E:37:59:E8:D8:16:36:A5:4F:6F:AD:DF:43:99
X509v3 Authority Key Identifier:
keyid:83:5B:C9:BB:54:7E:27:78:8D:22:1B:C8:BB:D5:FB:02:E0:24:48:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g1vJu1R-J3iNIhvIu9X7AuAkSA8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/QWHNs1QUTjdZ6NgWNqVPb63fQ5k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/g1vJu1R-J3iNIhvIu9X7AuAkSA8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:6b86:400::/40
Signature Algorithm: sha256WithRSAEncryption
53:5e:6f:b7:59:ad:df:f5:9a:53:c5:02:4c:e8:3c:a4:86:5c:
7b:ae:a2:5b:23:d8:20:34:e8:df:bc:c6:3f:51:15:3a:e5:8e:
9e:b4:39:bf:79:50:ba:68:cc:c2:af:0e:60:bf:3a:1e:3b:ef:
74:e3:02:d2:af:c2:5a:16:9a:6f:fa:12:bd:7e:6c:36:a6:58:
48:a9:12:fa:36:51:f8:c7:1d:68:5b:46:03:d1:ef:82:5a:d5:
ed:41:55:32:f2:b3:a7:ca:04:94:23:2a:35:8a:62:dc:ed:a0:
01:16:5b:4b:86:9f:da:f8:28:74:b4:ba:b9:00:29:85:29:41:
d7:3d:78:03:65:6e:1a:65:b1:04:41:cd:ac:ca:c3:68:b7:00:
40:ca:7b:c8:4d:92:88:a7:10:e6:cb:17:99:db:f0:4c:7b:f1:
d6:61:ce:d8:d7:1f:65:3a:19:41:2b:2c:23:fc:27:de:b3:e0:
01:8b:aa:63:88:ae:4b:3c:2d:11:20:ce:05:d7:3c:de:43:a2:
99:81:9d:73:30:a8:7c:ec:0c:a8:b6:1e:d3:4b:ce:d6:a9:09:
cc:8d:b2:4d:db:d5:3b:1d:40:d4:c7:a3:f9:47:50:ac:19:eb:
3e:ab:48:6f:88:97:82:f5:b7:d1:af:70:05:e0:d9:fe:49:51:
b6:a1:3f:86
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIEEKgbozANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MzViYzliYjU0N2UyNzc4OGQyMjFiYzhiYmQ1ZmIwMmUwMjQ0ODBmMB4XDTIyMDEw
MTEzNTkyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDE2MWNkYjM1NDE0
NGUzNzU5ZThkODE2MzZhNTRmNmZhZGRmNDM5OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMjMIivSwg0e2U/H99QASY45CT7+fB3MG3ecYCevXLPhnFgY
Vu0JVYR7tFeGXiytXo8671FX1FlgOlkJ2K6Ah7Zf1e9byOp6YSgPXLQfbEYAJGWB
EiEfRuS9ZMOPPaJqL4NB380PdPpN+D05+8TjM/uDwfiJsF74Z+FQ+S+B7MpFA/Jg
phpoXMoAwLyKi4WkTuj66GHMWwvfrlho4SvwfNNdCxUnWK+7+BahMNuGb0HAVZvA
ErBlSMJBHqONjnrmLay7h8DgWfe/yuyRLwc/0K8e4XUFca/XkCbp1tZ9y/XOuRrQ
PjMss9yH6ctliMita0sZA7HjoN6Ia+7w4hfTqK8CAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBRBYc2zVBRON1no2BY2pU9vrd9DmTAfBgNVHSMEGDAWgBSDW8m7VH4neI0i
G8i71fsC4CRIDzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2cxdkp1MVItSjNpTklodkl1OVg3QXVBa1NBOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODQvOTYyZmIxLTNkZjAtNGVjMi1iNTBhLWIzNmEyNGQzOTQyNy8x
L1FXSE5zMVFVVGpkWjZOZ1dOcVZQYjYzZlE1ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODQv
OTYyZmIxLTNkZjAtNGVjMi1iNTBhLWIzNmEyNGQzOTQyNy8xL2cxdkp1MVItSjNp
Tklodkl1OVg3QXVBa1NBOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAh
BggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoLa4YEMA0GCSqGSIb3DQEBCwUA
A4IBAQBTXm+3Wa3f9ZpTxQJM6Dykhlx7rqJbI9ggNOjfvMY/URU65Y6etDm/eVC6
aMzCrw5gvzoeO+904wLSr8JaFppv+hK9fmw2plhIqRL6NlH4xx1oW0YD0e+CWtXt
QVUy8rOnygSUIyo1imLc7aABFltLhp/a+Ch0tLq5ACmFKUHXPXgDZW4aZbEEQc2s
ysNotwBAynvITZKIpxDmyxeZ2/BMe/HWYc7Y1x9lOhlBKywj/Cfes+ABi6pjiK5L
PC0RIM4F1zzeQ6KZgZ1zMKh87Ayoth7TS87WqQnMjbJN29U7HUDUx6P5R1CsGes+
q0hviJeC9bfRr3AF4Nn+SVG2oT+G
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:50 2023 by rpki-client on console-fra.rpki-client.org