Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/4d5660-5364-4454-a9be-4f8902bfe172/1/qnK2ra8kKoJ-8Tn66EN7yBPjuFw.roa
File: qnK2ra8kKoJ-8Tn66EN7yBPjuFw.roa (raw, json)
Hash identifier: 3dkRmuGcq1Tx4YB7jMaUof3M3LDOveVwtYqvSWV81Vs=
Subject key identifier: AA:72:B6:AD:AF:24:2A:82:7E:F1:39:FA:E8:43:7B:C8:13:E3:B8:5C
Certificate issuer: /CN=fd1196d98decd38eb03f5f06b48e556c74f231f4
Certificate serial: 02F24744
Authority key identifier: FD:11:96:D9:8D:EC:D3:8E:B0:3F:5F:06:B4:8E:55:6C:74:F2:31:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_RGW2Y3s046wP18GtI5VbHTyMfQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/4d5660-5364-4454-a9be-4f8902bfe172/1/qnK2ra8kKoJ-8Tn66EN7yBPjuFw.roa
Signing time: Sat 01 Jan 2022 15:58:21 +0000
ROA not before: Sat 01 Jan 2022 15:58:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12874
IP address blocks: 2a04:a580::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 49432388 (0x2f24744)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fd1196d98decd38eb03f5f06b48e556c74f231f4
Validity
Not Before: Jan 1 15:58:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=aa72b6adaf242a827ef139fae8437bc813e3b85c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:46:af:22:ea:af:2d:58:5e:38:58:fe:c1:29:
b0:ca:d6:0e:fc:7b:c3:a8:38:18:c8:94:78:7e:5c:
f3:3e:f0:67:a9:62:6c:e7:2b:75:88:c4:af:9e:d0:
a2:ad:83:db:53:ff:3e:2a:4c:46:e2:80:ef:96:38:
20:5d:f1:1f:bf:72:69:f3:2f:6f:22:cd:0c:76:9d:
1e:8f:96:7e:2a:46:49:9d:a4:f2:3c:21:39:e5:08:
a3:39:5d:a3:39:0c:ee:7b:a4:b3:20:cf:48:64:66:
e4:b9:fe:71:4d:ac:1c:5e:e9:b7:27:7f:10:15:c8:
5c:3c:f0:f8:31:11:89:00:21:ee:b9:ec:5d:98:fe:
6f:11:58:bc:fa:28:6d:f4:be:fe:d9:d2:95:21:39:
0e:a8:db:ed:5f:7b:74:bf:05:b2:c9:4c:bf:c1:f6:
a0:26:5a:07:56:34:73:19:73:9c:d5:24:73:9e:bb:
b6:8b:f5:63:a7:ef:21:8c:1f:1d:6b:c1:2e:fe:1c:
0d:9c:62:28:18:f9:ec:5f:46:0b:7d:8b:18:c4:f4:
83:54:57:4a:ce:da:14:b0:64:05:3d:b6:23:7f:6c:
04:d7:0c:ee:4e:b1:0e:cc:3a:87:85:63:22:f6:83:
c1:99:ed:3a:f5:23:8d:58:ed:d2:f2:94:23:cc:aa:
1f:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:72:B6:AD:AF:24:2A:82:7E:F1:39:FA:E8:43:7B:C8:13:E3:B8:5C
X509v3 Authority Key Identifier:
keyid:FD:11:96:D9:8D:EC:D3:8E:B0:3F:5F:06:B4:8E:55:6C:74:F2:31:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_RGW2Y3s046wP18GtI5VbHTyMfQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/4d5660-5364-4454-a9be-4f8902bfe172/1/qnK2ra8kKoJ-8Tn66EN7yBPjuFw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/4d5660-5364-4454-a9be-4f8902bfe172/1/_RGW2Y3s046wP18GtI5VbHTyMfQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:a580::/29
Signature Algorithm: sha256WithRSAEncryption
0d:a3:47:00:dc:6c:92:01:31:72:cd:6d:8c:40:8e:01:cb:9d:
a6:82:f3:eb:e4:6c:2e:eb:54:43:b5:f2:c5:88:cc:43:4c:50:
12:f9:1f:07:04:e2:f1:dc:69:54:75:e7:11:96:69:46:cf:d7:
bb:cd:a0:e4:f7:90:2a:33:9f:ec:4e:c0:19:02:ad:ea:35:4e:
bf:a4:54:5e:e8:37:a8:17:e3:06:1f:e4:31:c0:1e:1e:8e:f1:
5a:c8:77:cf:76:0e:d7:dd:be:54:12:94:e2:60:61:36:f0:3a:
c5:22:88:2e:a3:d9:15:30:2d:f3:28:b3:b7:9c:4a:c2:72:01:
49:3a:2c:eb:6f:a6:16:51:38:0a:00:24:5e:7d:20:4e:2a:4f:
76:35:9b:b4:31:2a:79:35:4f:cd:59:9e:a8:af:2b:19:86:e2:
88:fe:46:3b:4a:be:8a:aa:c7:15:69:c1:69:fc:9e:7b:4a:bd:
db:1a:d5:9c:4d:a2:a7:af:b5:0a:de:d2:1d:dd:0f:a9:05:4b:
6a:ed:eb:1a:e1:52:6b:b0:3e:10:2a:32:43:af:98:95:e9:0b:
c2:4a:80:da:b8:35:a6:08:09:e6:1e:0e:d8:c4:90:a8:39:24:
46:23:0c:cf:7c:cf:2e:39:3e:01:c1:ea:d0:d5:f6:b9:44:b7:
de:b7:c0:e7
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIEAvJHRDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ZDExOTZkOThkZWNkMzhlYjAzZjVmMDZiNDhlNTU2Yzc0ZjIzMWY0MB4XDTIyMDEw
MTE1NTgyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWE3MmI2YWRhZjI0
MmE4MjdlZjEzOWZhZTg0MzdiYzgxM2UzYjg1YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALpGryLqry1YXjhY/sEpsMrWDvx7w6g4GMiUeH5c8z7wZ6li
bOcrdYjEr57Qoq2D21P/PipMRuKA75Y4IF3xH79yafMvbyLNDHadHo+WfipGSZ2k
8jwhOeUIozldozkM7nuksyDPSGRm5Ln+cU2sHF7ptyd/EBXIXDzw+DERiQAh7rns
XZj+bxFYvPoobfS+/tnSlSE5Dqjb7V97dL8FsslMv8H2oCZaB1Y0cxlznNUkc567
tov1Y6fvIYwfHWvBLv4cDZxiKBj57F9GC32LGMT0g1RXSs7aFLBkBT22I39sBNcM
7k6xDsw6h4VjIvaDwZntOvUjjVjt0vKUI8yqH0cCAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBSqcratryQqgn7xOfroQ3vIE+O4XDAfBgNVHSMEGDAWgBT9EZbZjezTjrA/
Xwa0jlVsdPIx9DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L19SR1cyWTNzMDQ2d1AxOEd0STVWYkhUeU1mUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWUvNGQ1NjYwLTUzNjQtNDQ1NC1hOWJlLTRmODkwMmJmZTE3Mi8x
L3FuSzJyYThrS29KLThUbjY2RU43eUJQanVGdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWUv
NGQ1NjYwLTUzNjQtNDQ1NC1hOWJlLTRmODkwMmJmZTE3Mi8xL19SR1cyWTNzMDQ2
d1AxOEd0STVWYkhUeU1mUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFAyoEpYAwDQYJKoZIhvcNAQELBQAD
ggEBAA2jRwDcbJIBMXLNbYxAjgHLnaaC8+vkbC7rVEO18sWIzENMUBL5HwcE4vHc
aVR15xGWaUbP17vNoOT3kCozn+xOwBkCreo1Tr+kVF7oN6gX4wYf5DHAHh6O8VrI
d892DtfdvlQSlOJgYTbwOsUiiC6j2RUwLfMos7ecSsJyAUk6LOtvphZROAoAJF59
IE4qT3Y1m7QxKnk1T81ZnqivKxmG4oj+RjtKvoqqxxVpwWn8nntKvdsa1ZxNoqev
tQre0h3dD6kFS2rt6xrhUmuwPhAqMkOvmJXpC8JKgNq4NaYICeYeDtjEkKg5JEYj
DM98zy45PgHB6tDV9rlEt963wOc=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:00:04 2023 by rpki-client on console-fra.rpki-client.org