Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/QKuALbwniNuJ8VYGJTDUn97yF3M.roa
File: QKuALbwniNuJ8VYGJTDUn97yF3M.roa (raw, json)
Hash identifier: Ti8juKw9Up/f4GU0SANaQvgBEjWk9nSdE/qQo5LNfUk=
Subject key identifier: 40:AB:80:2D:BC:27:88:DB:89:F1:56:06:25:30:D4:9F:DE:F2:17:73
Certificate issuer: /CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
Certificate serial: 0182122809D981D72ACC416D55C2D8D8C9E7
Authority key identifier: B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/QKuALbwniNuJ8VYGJTDUn97yF3M.roa
Signing time: Mon 18 Jul 2022 16:33:10 +0000
ROA not before: Mon 18 Jul 2022 16:33:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 14618
IP address blocks: 2a06:e881:73ff::/48 maxlen: 48
2a06:e881:650f::/48 maxlen: 48
2a06:e881:9200::/45 maxlen: 48
2a06:e881:9300::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:12:28:09:d9:81:d7:2a:cc:41:6d:55:c2:d8:d8:c9:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
Validity
Not Before: Jul 18 16:33:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=40ab802dbc2788db89f156062530d49fdef21773
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:4d:be:cd:0b:7e:7b:aa:10:29:fa:3e:60:5d:
2a:c3:af:d9:93:cf:c1:93:e2:a4:0a:b6:a3:c5:fb:
6f:99:22:d9:eb:26:12:1a:3c:cf:3e:68:bf:5a:a8:
b4:69:d2:dd:7c:ce:33:5c:ab:30:df:b9:6a:c1:c5:
6d:73:2d:87:7a:bd:2b:f7:3e:70:35:b4:7a:9d:a7:
01:11:ab:5d:7b:3b:09:a7:23:f5:38:af:4a:dc:32:
30:cd:e2:02:49:ce:3f:5a:de:5c:40:6a:95:97:54:
f8:39:e5:86:ad:e1:b7:b8:f4:ba:a2:e1:dc:e2:23:
d3:2d:8c:0c:05:96:a8:7f:ae:af:e1:d7:d7:52:36:
8d:6f:2a:86:d5:75:0c:47:42:1d:71:61:97:9f:e3:
e1:d9:8e:3a:2e:5e:d3:fe:6b:a3:fb:bc:7d:58:78:
26:b4:c7:e4:62:17:9f:da:24:80:74:c8:bc:08:ed:
b5:fa:61:21:3b:00:ee:c0:fb:24:35:36:f1:c8:3f:
f6:54:a8:ea:a4:0a:27:eb:3b:50:7e:d2:50:02:83:
05:4b:75:60:f7:1f:01:e4:db:57:32:9e:b6:53:7d:
fc:6b:0a:02:23:3c:09:4f:90:d5:86:74:fa:5c:89:
7f:4e:ee:15:bc:ad:73:d7:27:09:5a:a7:db:89:42:
8f:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:AB:80:2D:BC:27:88:DB:89:F1:56:06:25:30:D4:9F:DE:F2:17:73
X509v3 Authority Key Identifier:
keyid:B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/QKuALbwniNuJ8VYGJTDUn97yF3M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:e881:650f::/48
2a06:e881:73ff::/48
2a06:e881:9200::/45
2a06:e881:9300::/44
Signature Algorithm: sha256WithRSAEncryption
3d:cc:7f:1a:d9:97:cb:a2:3e:3d:48:7f:75:4b:6e:25:f6:52:
56:64:88:97:15:c7:fe:3a:d5:b9:96:31:70:f0:99:bb:dd:f0:
f1:6f:af:39:22:dd:93:76:5c:e1:f8:93:d2:0c:54:74:55:d4:
34:ce:04:4f:e7:84:72:c1:8c:06:fa:a0:a6:dc:f7:9d:e8:4d:
f7:06:9b:26:18:5b:fb:22:c1:c4:47:d8:9e:1e:e3:a9:b1:ff:
8e:0c:bf:0f:e2:02:d2:d7:a1:4c:8e:12:ce:1f:78:99:52:1a:
8c:59:ea:99:60:84:cb:19:a5:04:e1:4f:40:be:6d:f6:49:aa:
40:6d:0c:90:e7:80:f3:c2:2e:8c:f4:0c:37:ff:c5:3c:bf:ce:
b9:60:4c:f0:29:64:97:21:78:fb:0b:55:a3:97:af:1a:0f:ef:
3a:c4:e5:51:b9:9e:04:65:57:67:4e:22:13:8f:96:39:0e:cf:
64:f8:4b:12:0f:8b:f8:f5:ea:a8:17:57:20:74:2a:b4:7a:b8:
da:06:dc:e5:b0:4d:ca:56:b9:10:a1:87:ee:d3:f1:80:f9:04:
1a:7c:d5:c9:9e:ba:29:f9:69:b6:4e:6e:b7:c2:62:0c:a8:80:
46:76:b3:cd:08:0d:11:63:54:ce:8c:5e:b4:f8:99:a6:e6:3f:
26:8d:02:40
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYISKAnZgdcqzEFtVcLY2MnnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4MDc0YjQxOWVhZDRjZWZlYTJmMmFkMmMyNTlkOTc4YzVl
ZDc5NTQwHhcNMjIwNzE4MTYzMzEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGFiODAyZGJjMjc4OGRiODlmMTU2MDYyNTMwZDQ5ZmRlZjIxNzczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo02+zQt+e6oQKfo+YF0qw6/Zk8/B
k+KkCrajxftvmSLZ6yYSGjzPPmi/Wqi0adLdfM4zXKsw37lqwcVtcy2Her0r9z5w
NbR6nacBEatdezsJpyP1OK9K3DIwzeICSc4/Wt5cQGqVl1T4OeWGreG3uPS6ouHc
4iPTLYwMBZaof66v4dfXUjaNbyqG1XUMR0IdcWGXn+Ph2Y46Ll7T/muj+7x9WHgm
tMfkYhef2iSAdMi8CO21+mEhOwDuwPskNTbxyD/2VKjqpAon6ztQftJQAoMFS3Vg
9x8B5NtXMp62U338awoCIzwJT5DVhnT6XIl/Tu4VvK1z1ycJWqfbiUKP7QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFECrgC28J4jbifFWBiUw1J/e8hdzMB8GA1UdIwQY
MBaAFLgHS0GerUzv6i8q0sJZ2XjF7XlUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUFkTFFaNnRUT19xTHlyU3dsblplTVh0ZVZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8xZTQzZTQtZDA2ZS00YTU1LWJkYjYt
M2Q5MWVkZTViMmIxLzEvUUt1QUxid25pTnVKOFZZR0pURFVuOTd5RjNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi8xZTQzZTQtZDA2ZS00YTU1LWJkYjYtM2Q5MWVkZTViMmIx
LzEvdUFkTFFaNnRUT19xTHlyU3dsblplTVh0ZVZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAAjAkAwcAKgbogWUP
AwcAKgbogXP/AwcDKgbogZIAAwcEKgbogZMAMA0GCSqGSIb3DQEBCwUAA4IBAQA9
zH8a2ZfLoj49SH91S24l9lJWZIiXFcf+OtW5ljFw8Jm73fDxb685It2Tdlzh+JPS
DFR0VdQ0zgRP54RywYwG+qCm3Ped6E33BpsmGFv7IsHER9ieHuOpsf+ODL8P4gLS
16FMjhLOH3iZUhqMWeqZYITLGaUE4U9Avm32SapAbQyQ54Dzwi6M9Aw3/8U8v865
YEzwKWSXIXj7C1Wjl68aD+86xOVRuZ4EZVdnTiITj5Y5Ds9k+EsSD4v49eqoF1cg
dCq0erjaBtzlsE3KVrkQoYfu0/GA+QQafNXJnrop+Wm2Tm63wmIMqIBGdrPNCA0R
Y1TOjF60+Jmm5j8mjQJA
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:42 2023 by rpki-client on console-ams.rpki-client.org