Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/544bea-f1ec-4666-81c0-78a4d65693fe/1/QkYGgfKihfy1DmeKsCc4zR5aFMA.roa
File: QkYGgfKihfy1DmeKsCc4zR5aFMA.roa (raw, json)
Hash identifier: EiO6hGH1DOt2YAQnxpueHHiE3FS6TlMF+P/fc19LBhI=
Subject key identifier: 42:46:06:81:F2:A2:85:FC:B5:0E:67:8A:B0:27:38:CD:1E:5A:14:C0
Certificate issuer: /CN=0fdee7944ac4da3111295d81e29deba00c163a96
Certificate serial: 0155EE47
Authority key identifier: 0F:DE:E7:94:4A:C4:DA:31:11:29:5D:81:E2:9D:EB:A0:0C:16:3A:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D97nlErE2jERKV2B4p3roAwWOpY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/544bea-f1ec-4666-81c0-78a4d65693fe/1/QkYGgfKihfy1DmeKsCc4zR5aFMA.roa
Signing time: Sat 01 Jan 2022 10:01:51 +0000
ROA not before: Sat 01 Jan 2022 10:01:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 199249
IP address blocks: 2001:67c:12bc::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22408775 (0x155ee47)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0fdee7944ac4da3111295d81e29deba00c163a96
Validity
Not Before: Jan 1 10:01:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=42460681f2a285fcb50e678ab02738cd1e5a14c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:e9:80:b5:7c:d0:65:26:c7:1e:4b:42:d2:49:
8d:25:b2:5a:82:a1:5a:47:b3:a6:50:79:2b:48:30:
ba:6d:87:fc:75:72:96:96:de:29:9a:3b:66:8f:0e:
93:83:b1:4c:1e:6a:52:88:ff:ec:5b:da:9b:07:f9:
45:d9:82:be:ba:69:a4:72:f9:4f:b3:88:91:1e:29:
80:e7:63:ab:81:1b:27:a6:e4:e2:7c:98:b7:7c:a1:
59:7e:f8:69:d2:1a:ca:a8:97:1b:ad:f6:ea:73:78:
49:4a:23:1c:af:97:f3:15:da:97:d4:dd:6c:49:2b:
a5:f8:cd:45:26:96:22:1a:35:bf:40:56:81:18:0c:
15:cd:c0:70:a6:05:22:78:ab:62:2c:57:80:98:2b:
52:dd:33:dd:3b:0d:f2:fb:51:e8:34:25:3d:3a:71:
9b:bd:c9:a7:6f:c3:e0:4b:c7:92:d9:38:0e:aa:0b:
dc:b9:e9:81:84:fe:87:d5:d7:bb:5a:e9:7d:b3:7d:
33:99:1f:d4:1b:36:ae:33:43:bc:05:be:e8:51:d1:
e5:19:8f:9f:a5:3e:5a:6f:dc:5e:fe:e1:e9:c8:c4:
e0:9c:74:17:2b:0d:b8:96:76:85:62:7e:6a:0f:e0:
89:c5:70:ff:6c:39:99:fb:c4:61:97:f1:61:6a:e5:
64:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:46:06:81:F2:A2:85:FC:B5:0E:67:8A:B0:27:38:CD:1E:5A:14:C0
X509v3 Authority Key Identifier:
keyid:0F:DE:E7:94:4A:C4:DA:31:11:29:5D:81:E2:9D:EB:A0:0C:16:3A:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D97nlErE2jERKV2B4p3roAwWOpY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/544bea-f1ec-4666-81c0-78a4d65693fe/1/QkYGgfKihfy1DmeKsCc4zR5aFMA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/544bea-f1ec-4666-81c0-78a4d65693fe/1/D97nlErE2jERKV2B4p3roAwWOpY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:12bc::/48
Signature Algorithm: sha256WithRSAEncryption
2f:53:cf:1f:ff:a1:37:ba:a4:53:e9:f7:f5:bb:09:39:f2:e4:
af:cf:2e:74:10:1f:2e:b4:10:50:c7:00:ee:23:78:2d:ad:b5:
99:fa:c2:76:e6:d9:19:c2:3c:be:b8:5e:41:d0:ad:47:97:01:
00:00:cc:ec:9e:6f:53:6b:8f:4d:37:9a:3d:43:0e:6f:ab:93:
a3:f4:18:d9:bd:1a:c8:b7:63:82:82:da:64:7b:1a:f6:7c:11:
2c:64:64:d5:74:6f:5a:6b:36:13:28:7f:38:34:03:c2:8b:be:
b9:b6:ef:fe:d2:9b:de:7c:0c:9c:d1:b8:3f:24:dd:b2:9e:49:
f6:69:38:d2:f8:ae:10:b1:9a:71:7e:12:d7:69:d7:e6:ea:63:
5a:69:3d:c7:bd:55:e3:89:63:9a:d4:c4:3c:3c:26:8b:19:64:
4d:c0:a3:f4:3c:d0:82:7f:57:7d:71:d3:cf:6c:c0:e8:4f:52:
39:99:e4:a4:30:8f:07:55:f1:2b:cc:46:3d:35:ec:74:a8:9f:
20:71:e5:53:c8:e1:3a:b9:14:98:35:28:a7:bc:7d:66:df:52:
52:b1:00:25:36:37:8d:c1:6c:e7:53:c7:c3:11:fb:cf:c1:69:
e5:c5:ca:cf:ef:c1:65:9a:97:04:c1:d4:f7:36:cb:11:8a:a3:
56:54:07:7e
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEAVXuRzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
ZmRlZTc5NDRhYzRkYTMxMTEyOTVkODFlMjlkZWJhMDBjMTYzYTk2MB4XDTIyMDEw
MTEwMDE1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDI0NjA2ODFmMmEy
ODVmY2I1MGU2NzhhYjAyNzM4Y2QxZTVhMTRjMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK3pgLV80GUmxx5LQtJJjSWyWoKhWkezplB5K0gwum2H/HVy
lpbeKZo7Zo8Ok4OxTB5qUoj/7Fvamwf5RdmCvrpppHL5T7OIkR4pgOdjq4EbJ6bk
4nyYt3yhWX74adIayqiXG6326nN4SUojHK+X8xXal9TdbEkrpfjNRSaWIho1v0BW
gRgMFc3AcKYFInirYixXgJgrUt0z3TsN8vtR6DQlPTpxm73Jp2/D4EvHktk4DqoL
3LnpgYT+h9XXu1rpfbN9M5kf1Bs2rjNDvAW+6FHR5RmPn6U+Wm/cXv7h6cjE4Jx0
FysNuJZ2hWJ+ag/gicVw/2w5mfvEYZfxYWrlZN0CAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBRCRgaB8qKF/LUOZ4qwJzjNHloUwDAfBgNVHSMEGDAWgBQP3ueUSsTaMREp
XYHineugDBY6ljAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0Q5N25sRXJFMmpFUktWMkI0cDNyb0F3V09wWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzUvNTQ0YmVhLWYxZWMtNDY2Ni04MWMwLTc4YTRkNjU2OTNmZS8x
L1FrWUdnZktpaGZ5MURtZUtzQ2M0elI1YUZNQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzUv
NTQ0YmVhLWYxZWMtNDY2Ni04MWMwLTc4YTRkNjU2OTNmZS8xL0Q5N25sRXJFMmpF
UktWMkI0cDNyb0F3V09wWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABBnwSvDANBgkqhkiG9w0BAQsF
AAOCAQEAL1PPH/+hN7qkU+n39bsJOfLkr88udBAfLrQQUMcA7iN4La21mfrCdubZ
GcI8vrheQdCtR5cBAADM7J5vU2uPTTeaPUMOb6uTo/QY2b0ayLdjgoLaZHsa9nwR
LGRk1XRvWms2Eyh/ODQDwou+ubbv/tKb3nwMnNG4PyTdsp5J9mk40viuELGacX4S
12nX5upjWmk9x71V44ljmtTEPDwmixlkTcCj9DzQgn9XfXHTz2zA6E9SOZnkpDCP
B1XxK8xGPTXsdKifIHHlU8jhOrkUmDUop7x9Zt9SUrEAJTY3jcFs51PHwxH7z8Fp
5cXKz+/BZZqXBMHU9zbLEYqjVlQHfg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:06 2024 by rpki-client on console-fra.rpki-client.org