Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/71a748-b2bc-4728-9ef0-a69cd9d15e31/1/rl-QlH3ZKh8a2CnOENvNA49Gb7w.roa
File: rl-QlH3ZKh8a2CnOENvNA49Gb7w.roa (raw, json)
Hash identifier: pQC5liMXvuhR3VXsA05HFo/ToDSZ5yZUWBexUk1TOiI=
Subject key identifier: AE:5F:90:94:7D:D9:2A:1F:1A:D8:29:CE:10:DB:CD:03:8F:46:6F:BC
Certificate issuer: /CN=51e591e54903d2f9ea840a146955ba3459e33ea1
Certificate serial: 01856274CC6711928819AE69C77BB68D4DE4
Authority key identifier: 51:E5:91:E5:49:03:D2:F9:EA:84:0A:14:69:55:BA:34:59:E3:3E:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UeWR5UkD0vnqhAoUaVW6NFnjPqE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/71a748-b2bc-4728-9ef0-a69cd9d15e31/1/rl-QlH3ZKh8a2CnOENvNA49Gb7w.roa
Signing time: Fri 30 Dec 2022 09:54:59 +0000
ROA not before: Fri 30 Dec 2022 09:54:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 28940
IP address blocks: 193.97.168.0/21 maxlen: 21
2001:67c:29dc::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:62:74:cc:67:11:92:88:19:ae:69:c7:7b:b6:8d:4d:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=51e591e54903d2f9ea840a146955ba3459e33ea1
Validity
Not Before: Dec 30 09:54:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ae5f90947dd92a1f1ad829ce10dbcd038f466fbc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:33:2e:f7:a6:9b:59:a2:ff:3b:d9:03:2a:ed:
b2:48:6a:6f:76:41:06:03:1c:de:51:f5:46:a3:b1:
5e:77:8a:4c:48:20:f4:58:f5:1b:8f:11:7f:b5:7e:
80:fc:71:dd:da:db:c6:33:40:e8:15:17:01:ab:30:
13:21:f7:25:90:6d:8a:a0:2f:ba:3b:cb:9f:de:1f:
80:09:64:bc:28:f4:f7:25:72:6c:07:81:c3:73:bc:
52:37:ed:e3:81:0f:bf:60:31:69:18:95:1d:51:1b:
94:74:90:39:6d:97:2d:2c:52:f8:54:b8:b5:32:08:
17:bc:f6:5d:0e:19:8f:f6:98:58:e6:b6:d9:db:11:
59:1e:00:80:07:2a:47:6f:46:3e:16:6d:ba:ba:14:
89:4b:bd:f3:94:d5:35:13:28:f5:f7:b9:86:26:52:
e9:98:59:be:c2:66:9f:f0:84:5c:eb:51:0e:4a:17:
99:0e:0d:f1:bc:89:91:a2:9b:5b:38:ca:d0:a9:b4:
2e:e7:57:e2:84:d7:83:58:e9:0e:4f:55:3c:31:1d:
86:e6:f3:97:25:10:38:03:48:eb:4f:32:b5:54:40:
eb:8c:69:f5:6f:bb:49:30:7c:1c:8c:a5:12:b6:a8:
40:af:ff:d3:4b:56:e1:28:e6:02:46:5d:ed:ee:a3:
6d:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:5F:90:94:7D:D9:2A:1F:1A:D8:29:CE:10:DB:CD:03:8F:46:6F:BC
X509v3 Authority Key Identifier:
keyid:51:E5:91:E5:49:03:D2:F9:EA:84:0A:14:69:55:BA:34:59:E3:3E:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UeWR5UkD0vnqhAoUaVW6NFnjPqE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/71a748-b2bc-4728-9ef0-a69cd9d15e31/1/rl-QlH3ZKh8a2CnOENvNA49Gb7w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/71a748-b2bc-4728-9ef0-a69cd9d15e31/1/UeWR5UkD0vnqhAoUaVW6NFnjPqE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.97.168.0/21
IPv6:
2001:67c:29dc::/48
Signature Algorithm: sha256WithRSAEncryption
6c:72:28:68:27:06:00:67:33:0d:e1:f6:4a:c7:4d:23:57:67:
cd:ae:d1:1a:ac:ed:b9:20:fa:24:d8:ce:e4:93:6f:fc:27:15:
3c:92:80:cf:08:0b:2b:80:ba:cd:fd:2f:31:44:29:da:75:35:
49:ec:2a:e3:e9:f7:d3:4f:99:95:56:b2:0b:20:57:6f:18:bd:
60:10:b0:68:d9:2c:76:ef:79:33:90:ee:ee:ec:1a:d7:f3:fd:
0a:ed:1b:b4:6b:73:35:2b:00:91:b0:e0:af:2e:9c:04:bd:94:
56:bc:6f:e1:67:be:8e:40:a7:5a:38:f9:bd:8f:55:8e:73:93:
70:08:8c:e0:c4:0b:bb:ed:87:5c:30:4a:06:fd:eb:74:87:43:
74:51:a3:20:2c:c6:b4:8b:56:31:38:c6:cb:91:26:3c:30:99:
2b:4f:f9:91:45:6e:00:c3:d6:12:bf:cb:e1:a5:5d:5b:2e:96:
e5:2f:3f:a4:4b:ca:5c:0d:1a:b1:59:e2:38:59:e3:6b:f9:50:
1e:5c:ea:c0:35:d9:4a:7d:3c:e0:b5:3d:a4:a9:f1:d8:95:f1:
61:15:fd:f5:d1:9b:31:15:52:8d:f1:4c:a4:a4:81:2e:80:b4:
9c:94:9e:c3:34:8c:59:63:71:6c:ce:cc:43:2f:03:45:0c:34:
53:7f:7a:31
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVidMxnEZKIGa5px3u2jU3kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxZTU5MWU1NDkwM2QyZjllYTg0MGExNDY5NTViYTM0NTll
MzNlYTEwHhcNMjIxMjMwMDk1NDU5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTVmOTA5NDdkZDkyYTFmMWFkODI5Y2UxMGRiY2QwMzhmNDY2ZmJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlTMu96abWaL/O9kDKu2ySGpvdkEG
AxzeUfVGo7Fed4pMSCD0WPUbjxF/tX6A/HHd2tvGM0DoFRcBqzATIfclkG2KoC+6
O8uf3h+ACWS8KPT3JXJsB4HDc7xSN+3jgQ+/YDFpGJUdURuUdJA5bZctLFL4VLi1
MggXvPZdDhmP9phY5rbZ2xFZHgCABypHb0Y+Fm26uhSJS73zlNU1Eyj197mGJlLp
mFm+wmaf8IRc61EOSheZDg3xvImRoptbOMrQqbQu51fihNeDWOkOT1U8MR2G5vOX
JRA4A0jrTzK1VEDrjGn1b7tJMHwcjKUStqhAr//TS1bhKOYCRl3t7qNtHQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFK5fkJR92SofGtgpzhDbzQOPRm+8MB8GA1UdIwQY
MBaAFFHlkeVJA9L56oQKFGlVujRZ4z6hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWVXUjVVa0Qwdm5xaEFvVWFWVzZORm5qUHFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi83MWE3NDgtYjJiYy00NzI4LTllZjAt
YTY5Y2Q5ZDE1ZTMxLzEvcmwtUWxIM1pLaDhhMkNuT0VOdk5BNDlHYjd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi83MWE3NDgtYjJiYy00NzI4LTllZjAtYTY5Y2Q5ZDE1ZTMx
LzEvVWVXUjVVa0Qwdm5xaEFvVWFWVzZORm5qUHFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwWGoMA8E
AgACMAkDBwAgAQZ8KdwwDQYJKoZIhvcNAQELBQADggEBAGxyKGgnBgBnMw3h9krH
TSNXZ82u0Rqs7bkg+iTYzuSTb/wnFTySgM8ICyuAus39LzFEKdp1NUnsKuPp99NP
mZVWsgsgV28YvWAQsGjZLHbveTOQ7u7sGtfz/QrtG7RrczUrAJGw4K8unAS9lFa8
b+Fnvo5Ap1o4+b2PVY5zk3AIjODEC7vth1wwSgb963SHQ3RRoyAsxrSLVjE4xsuR
JjwwmStP+ZFFbgDD1hK/y+GlXVsuluUvP6RLylwNGrFZ4jhZ42v5UB5c6sA12Up9
POC1PaSp8diV8WEV/fXRmzEVUo3xTKSkgS6AtJyUnsM0jFljcWzOzEMvA0UMNFN/
ejE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:28 2024 by rpki-client on console-fra.rpki-client.org