Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/aba502-d191-4fd7-a7cf-504f2766760f/1/Q2WxXemnH7zVyu0tauzlTkPR0PU.roa
File: Q2WxXemnH7zVyu0tauzlTkPR0PU.roa (raw, json)
Hash identifier: +qIzrWKQD8Lnu42WBeqzaNr9EMkVxPP2aqyw0VZ6sn8=
Subject key identifier: 43:65:B1:5D:E9:A7:1F:BC:D5:CA:ED:2D:6A:EC:E5:4E:43:D1:D0:F5
Certificate issuer: /CN=b27261d715348bfd73ce9dbb72488656993ba2f1
Certificate serial: 01828EE18A2956CA3ECFAA68A1CE4CF731B0
Authority key identifier: B2:72:61:D7:15:34:8B:FD:73:CE:9D:BB:72:48:86:56:99:3B:A2:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/snJh1xU0i_1zzp27ckiGVpk7ovE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/aba502-d191-4fd7-a7cf-504f2766760f/1/Q2WxXemnH7zVyu0tauzlTkPR0PU.roa
Signing time: Thu 11 Aug 2022 21:48:41 +0000
ROA not before: Thu 11 Aug 2022 21:48:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29588
IP address blocks: 2a0e:e6c0:6000::/36 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:8e:e1:8a:29:56:ca:3e:cf:aa:68:a1:ce:4c:f7:31:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b27261d715348bfd73ce9dbb72488656993ba2f1
Validity
Not Before: Aug 11 21:48:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4365b15de9a71fbcd5caed2d6aece54e43d1d0f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:b3:e9:2c:81:d1:70:04:d3:c2:a1:32:0c:9e:
2d:84:41:ea:7c:f9:b0:4b:e9:51:ff:65:91:60:34:
cc:bd:8a:d6:bb:c7:b7:1d:26:d9:e2:18:b7:44:ff:
b5:2f:b5:50:93:72:6b:15:62:fa:e8:d8:3a:3e:6c:
4f:a6:82:b8:42:da:5c:1a:7d:08:88:98:a1:69:5e:
ee:d5:a1:01:54:8c:a0:3b:1a:03:2c:1a:f7:af:1e:
b9:85:38:cb:e9:dd:1d:a7:37:ef:15:31:a5:e2:f4:
9a:3e:58:0a:4f:d1:0d:bd:d6:27:ef:85:8b:06:d0:
38:1a:5e:d1:bf:41:5b:ed:72:cf:b9:d4:66:1e:9b:
6a:e0:3c:37:72:79:95:46:1f:40:b2:78:99:ef:70:
fc:2d:a3:d6:fa:77:c8:34:0c:9f:16:aa:fb:b9:d6:
8a:26:71:4e:0a:22:65:c3:56:6b:23:43:74:1d:32:
59:1b:74:d5:25:48:08:13:aa:9a:4e:d7:3d:95:8c:
3b:1d:2a:2e:83:f6:3c:4c:50:f5:ed:59:dc:f1:61:
f8:72:5e:b0:18:be:7b:26:88:ff:9d:f3:6c:7b:a7:
71:08:1d:f9:af:25:18:c9:fe:78:29:d1:51:bc:b4:
2f:d8:f4:90:f5:8d:48:08:35:fb:80:8c:8c:65:b8:
5e:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:65:B1:5D:E9:A7:1F:BC:D5:CA:ED:2D:6A:EC:E5:4E:43:D1:D0:F5
X509v3 Authority Key Identifier:
keyid:B2:72:61:D7:15:34:8B:FD:73:CE:9D:BB:72:48:86:56:99:3B:A2:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/snJh1xU0i_1zzp27ckiGVpk7ovE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/aba502-d191-4fd7-a7cf-504f2766760f/1/Q2WxXemnH7zVyu0tauzlTkPR0PU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/aba502-d191-4fd7-a7cf-504f2766760f/1/snJh1xU0i_1zzp27ckiGVpk7ovE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:e6c0:6000::/36
Signature Algorithm: sha256WithRSAEncryption
73:9a:4d:2f:81:fe:5a:39:4e:38:9c:d7:61:01:8d:dc:b5:2f:
b6:ac:63:a5:4a:37:2c:b0:be:3d:77:35:df:ab:7a:eb:f7:e1:
50:1c:94:da:f0:c8:61:56:25:27:cc:08:e8:eb:5c:c3:d1:91:
61:09:15:8d:51:1f:fd:4b:d8:d9:42:4e:85:e1:a3:97:30:f0:
7d:97:6f:f9:be:bc:b4:4f:78:a8:a7:a5:78:b2:d3:a3:d2:16:
f6:e3:d5:b7:9b:09:64:69:6f:56:b7:bc:e1:69:06:2c:45:6f:
9b:1e:41:bf:03:e9:55:04:43:27:1d:6e:d4:de:5c:d2:6f:67:
14:e7:c6:cf:e9:54:13:15:16:c7:b3:74:32:01:24:59:38:92:
12:53:e2:81:88:9a:8f:93:1a:b6:ea:3a:49:3f:c1:f0:ea:9c:
b9:af:5d:e0:3c:16:a9:1b:e9:0a:e3:59:7e:b0:32:f4:f3:b4:
e7:df:8e:96:d9:81:af:f2:6a:80:2e:11:f0:d0:c2:8a:aa:93:
27:9a:08:25:15:8b:0f:33:2f:c9:c4:d8:52:4e:a8:09:ae:73:
7b:5a:17:f9:83:0c:b5:8a:eb:66:e9:b4:91:6f:9b:74:8b:06:
90:a1:2e:ab:2f:d4:ee:4e:ad:24:1c:43:f8:ea:79:69:cb:d0:
e8:7d:2f:95
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYKO4YopVso+z6pooc5M9zGwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyNzI2MWQ3MTUzNDhiZmQ3M2NlOWRiYjcyNDg4NjU2OTkz
YmEyZjEwHhcNMjIwODExMjE0ODQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzY1YjE1ZGU5YTcxZmJjZDVjYWVkMmQ2YWVjZTU0ZTQzZDFkMGY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm7PpLIHRcATTwqEyDJ4thEHqfPmw
S+lR/2WRYDTMvYrWu8e3HSbZ4hi3RP+1L7VQk3JrFWL66Ng6PmxPpoK4QtpcGn0I
iJihaV7u1aEBVIygOxoDLBr3rx65hTjL6d0dpzfvFTGl4vSaPlgKT9ENvdYn74WL
BtA4Gl7Rv0Fb7XLPudRmHptq4Dw3cnmVRh9AsniZ73D8LaPW+nfINAyfFqr7udaK
JnFOCiJlw1ZrI0N0HTJZG3TVJUgIE6qaTtc9lYw7HSoug/Y8TFD17Vnc8WH4cl6w
GL57Joj/nfNse6dxCB35ryUYyf54KdFRvLQv2PSQ9Y1ICDX7gIyMZbheUwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFENlsV3ppx+81crtLWrs5U5D0dD1MB8GA1UdIwQY
MBaAFLJyYdcVNIv9c86du3JIhlaZO6LxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc25KaDF4VTBpXzF6enAyN2NraUdWcGs3b3ZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9hYmE1MDItZDE5MS00ZmQ3LWE3Y2Yt
NTA0ZjI3NjY3NjBmLzEvUTJXeFhlbW5IN3pWeXUwdGF1emxUa1BSMFBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9hYmE1MDItZDE5MS00ZmQ3LWE3Y2YtNTA0ZjI3NjY3NjBm
LzEvc25KaDF4VTBpXzF6enAyN2NraUdWcGs3b3ZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYEKg7mwGAw
DQYJKoZIhvcNAQELBQADggEBAHOaTS+B/lo5Tjic12EBjdy1L7asY6VKNyywvj13
Nd+reuv34VAclNrwyGFWJSfMCOjrXMPRkWEJFY1RH/1L2NlCToXho5cw8H2Xb/m+
vLRPeKinpXiy06PSFvbj1bebCWRpb1a3vOFpBixFb5seQb8D6VUEQycdbtTeXNJv
ZxTnxs/pVBMVFsezdDIBJFk4khJT4oGImo+TGrbqOkk/wfDqnLmvXeA8Fqkb6Qrj
WX6wMvTztOffjpbZga/yaoAuEfDQwoqqkyeaCCUViw8zL8nE2FJOqAmuc3taF/mD
DLWK62bptJFvm3SLBpChLqsv1O5OrSQcQ/jqeWnL0Oh9L5U=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:00:05 2023 by rpki-client on console-fra.rpki-client.org