Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/3ba7cd-e815-45ce-92e1-202c51720ab7/1/QCC9u3AscptKWf_pYGS5Y9dOJFM.roa
File: QCC9u3AscptKWf_pYGS5Y9dOJFM.roa (raw, json)
Hash identifier: 6fllFBI9c3PkrGhV5Tx2//7NKsAawLGKkxOtORRoxpM=
Subject key identifier: 40:20:BD:BB:70:2C:72:9B:4A:59:FF:E9:60:64:B9:63:D7:4E:24:53
Certificate issuer: /CN=e2c6816e0a3a2f616c3aa77a36b4caf7a9224034
Certificate serial: 0185714C30CCFC1E32A3C644B84CCD3E80E8
Authority key identifier: E2:C6:81:6E:0A:3A:2F:61:6C:3A:A7:7A:36:B4:CA:F7:A9:22:40:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4saBbgo6L2FsOqd6NrTK96kiQDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/3ba7cd-e815-45ce-92e1-202c51720ab7/1/QCC9u3AscptKWf_pYGS5Y9dOJFM.roa
Signing time: Mon 02 Jan 2023 07:04:56 +0000
ROA not before: Mon 02 Jan 2023 07:04:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 680
IP address blocks: 134.102.0.0/16 maxlen: 16
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:4c:30:cc:fc:1e:32:a3:c6:44:b8:4c:cd:3e:80:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2c6816e0a3a2f616c3aa77a36b4caf7a9224034
Validity
Not Before: Jan 2 07:04:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4020bdbb702c729b4a59ffe96064b963d74e2453
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:1b:33:5b:f0:27:f6:a3:b8:29:78:39:b9:ff:
dd:f3:eb:84:e2:1d:56:64:4b:8c:f0:d5:a5:d4:af:
cb:fe:47:12:7f:6c:fd:fa:4c:b2:8c:77:02:40:ab:
17:41:18:c2:35:09:7f:49:12:78:c2:2a:48:e2:21:
a4:ca:2c:2c:2d:5d:58:5f:a9:ee:3d:68:b9:64:d6:
64:6e:42:88:e4:e8:86:a3:a3:4b:f1:7b:b2:f8:78:
ab:d6:89:5d:31:b4:fa:6e:e9:06:00:cd:ec:f8:58:
9b:40:b1:05:13:1f:84:08:5b:b1:96:bb:80:69:91:
b7:9e:e3:32:b1:53:de:4c:08:80:de:9c:25:5c:9d:
58:83:71:19:98:1b:64:5e:74:7a:e7:15:eb:17:0b:
76:08:3d:fc:ca:95:df:57:45:20:54:41:da:3a:cd:
5a:79:b3:c6:5c:ef:fe:60:5a:fa:ca:5c:e4:27:4d:
86:e5:1a:7b:53:1d:4f:b9:25:c8:2d:70:96:29:86:
fb:ad:66:bf:e3:a5:44:ec:9a:a4:eb:33:03:bf:0d:
c3:12:14:fd:03:c8:80:0b:b5:eb:ae:8c:5f:fb:67:
b3:0d:cd:f6:6e:30:b0:8b:9b:4e:53:fa:3c:dc:5a:
78:2f:1e:f0:12:87:92:d8:0b:27:cb:7e:fc:3c:b4:
9a:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:20:BD:BB:70:2C:72:9B:4A:59:FF:E9:60:64:B9:63:D7:4E:24:53
X509v3 Authority Key Identifier:
keyid:E2:C6:81:6E:0A:3A:2F:61:6C:3A:A7:7A:36:B4:CA:F7:A9:22:40:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4saBbgo6L2FsOqd6NrTK96kiQDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/3ba7cd-e815-45ce-92e1-202c51720ab7/1/QCC9u3AscptKWf_pYGS5Y9dOJFM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/3ba7cd-e815-45ce-92e1-202c51720ab7/1/4saBbgo6L2FsOqd6NrTK96kiQDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
134.102.0.0/16
Signature Algorithm: sha256WithRSAEncryption
16:0d:0f:e7:cb:76:fa:9d:03:76:d3:7c:75:7b:f3:40:b8:d6:
69:2a:76:03:f9:7f:78:67:d9:d3:ab:a1:56:3d:6b:eb:e3:94:
7b:cd:9b:ea:2e:2d:55:10:85:29:3b:91:bd:68:cf:4d:9e:85:
97:64:23:a6:ff:6e:d7:9d:f5:61:22:bd:c9:28:a0:5f:26:44:
d6:3f:60:78:97:6e:03:98:1c:4e:41:89:56:6f:69:e2:09:46:
61:d2:d8:a1:d3:7e:d3:98:68:0b:90:ad:fe:4a:3d:07:b6:e9:
57:22:7c:2c:68:80:04:18:8a:84:d1:94:ab:f4:fa:6e:80:67:
12:bc:6d:c9:ac:1e:02:32:51:cb:04:68:f7:05:8e:a9:5a:d9:
bd:53:58:32:2a:e3:c8:6c:bc:15:0f:e9:0f:a2:51:c0:3e:e7:
79:31:8f:f3:fa:ba:b7:a2:a8:44:b8:7a:93:b7:36:9e:eb:f2:
6b:4d:61:3c:b1:ca:a4:b9:1c:fc:39:a1:43:a1:6e:59:d2:d1:
ad:1a:31:4b:cb:0d:98:48:49:76:47:fc:6f:69:51:18:72:9b:
74:6a:3f:75:53:45:2a:e1:dd:2f:29:31:8d:b4:0e:aa:dd:01:
27:22:bb:f5:83:ab:bd:3d:92:27:0b:1b:cd:15:5c:43:7d:7e:
4b:6b:2e:3c
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYVxTDDM/B4yo8ZEuEzNPoDoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYzY4MTZlMGEzYTJmNjE2YzNhYTc3YTM2YjRjYWY3YTky
MjQwMzQwHhcNMjMwMTAyMDcwNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDIwYmRiYjcwMmM3MjliNGE1OWZmZTk2MDY0Yjk2M2Q3NGUyNDUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmhszW/An9qO4KXg5uf/d8+uE4h1W
ZEuM8NWl1K/L/kcSf2z9+kyyjHcCQKsXQRjCNQl/SRJ4wipI4iGkyiwsLV1YX6nu
PWi5ZNZkbkKI5OiGo6NL8Xuy+Hir1oldMbT6bukGAM3s+FibQLEFEx+ECFuxlruA
aZG3nuMysVPeTAiA3pwlXJ1Yg3EZmBtkXnR65xXrFwt2CD38ypXfV0UgVEHaOs1a
ebPGXO/+YFr6ylzkJ02G5Rp7Ux1PuSXILXCWKYb7rWa/46VE7Jqk6zMDvw3DEhT9
A8iAC7Xrroxf+2ezDc32bjCwi5tOU/o83Fp4Lx7wEoeS2Asny378PLSasQIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFEAgvbtwLHKbSln/6WBkuWPXTiRTMB8GA1UdIwQY
MBaAFOLGgW4KOi9hbDqneja0yvepIkA0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHNhQmJnbzZMMkZzT3FkNk5yVEs5NmtpUURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS8zYmE3Y2QtZTgxNS00NWNlLTkyZTEt
MjAyYzUxNzIwYWI3LzEvUUNDOXUzQXNjcHRLV2ZfcFlHUzVZOWRPSkZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS8zYmE3Y2QtZTgxNS00NWNlLTkyZTEtMjAyYzUxNzIwYWI3
LzEvNHNhQmJnbzZMMkZzT3FkNk5yVEs5NmtpUURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAhmYwDQYJ
KoZIhvcNAQELBQADggEBABYND+fLdvqdA3bTfHV780C41mkqdgP5f3hn2dOroVY9
a+vjlHvNm+ouLVUQhSk7kb1oz02ehZdkI6b/bted9WEivckooF8mRNY/YHiXbgOY
HE5BiVZvaeIJRmHS2KHTftOYaAuQrf5KPQe26VcifCxogAQYioTRlKv0+m6AZxK8
bcmsHgIyUcsEaPcFjqla2b1TWDIq48hsvBUP6Q+iUcA+53kxj/P6ureiqES4epO3
Np7r8mtNYTyxyqS5HPw5oUOhblnS0a0aMUvLDZhISXZH/G9pURhym3RqP3VTRSrh
3S8pMY20DqrdASciu/WDq709kicLG80VXEN9fktrLjw=
-----END CERTIFICATE-----
Generated at Sat Apr 19 16:00:04 2025 by rpki-client