Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/2fc266-1247-4f00-b161-6eb9a22129e1/1/qVfGy4ElEY5PKb1Mw-Z9AkOZ6SA.roa
File: qVfGy4ElEY5PKb1Mw-Z9AkOZ6SA.roa (raw, json)
Hash identifier: ScaCFfgeBr12CtbDeqZwl8u3KbXsabEDOWNbOKbrIqA=
Subject key identifier: A9:57:C6:CB:81:25:11:8E:4F:29:BD:4C:C3:E6:7D:02:43:99:E9:20
Certificate issuer: /CN=0aaaa79caacff5f0304b9ae9002e2713fbff6d52
Certificate serial: D14A
Authority key identifier: 0A:AA:A7:9C:AA:CF:F5:F0:30:4B:9A:E9:00:2E:27:13:FB:FF:6D:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CqqnnKrP9fAwS5rpAC4nE_v_bVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/2fc266-1247-4f00-b161-6eb9a22129e1/1/qVfGy4ElEY5PKb1Mw-Z9AkOZ6SA.roa
Signing time: Thu 24 Feb 2022 16:59:35 +0000
ROA not before: Thu 24 Feb 2022 16:59:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12525
IP address blocks: 2001:67c:554::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 53578 (0xd14a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0aaaa79caacff5f0304b9ae9002e2713fbff6d52
Validity
Not Before: Feb 24 16:59:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a957c6cb8125118e4f29bd4cc3e67d024399e920
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:79:5e:28:1a:64:19:c6:07:2e:6c:a1:78:8a:
2a:15:a4:9a:9e:47:be:a9:ba:0d:86:eb:00:4f:b0:
11:94:6c:fe:23:9a:bb:54:1d:61:8c:bd:e2:e4:22:
97:a2:83:86:26:a6:02:59:34:8b:9c:7f:49:5f:b7:
c1:97:27:83:ea:01:91:4a:bc:26:85:8e:47:b8:22:
9d:3f:3c:a7:c7:06:f1:08:5c:fa:04:68:7f:5d:f5:
b7:fb:a4:e6:5d:a1:5d:ff:9f:46:26:9b:33:a5:b5:
5c:8c:2d:b8:9d:5c:d8:f3:13:74:35:71:80:5b:66:
20:2f:0b:86:bf:a0:2f:e4:2f:45:d2:ec:6c:d0:eb:
29:d4:ac:00:17:9b:5d:cd:82:a5:68:b0:dc:52:6b:
9b:87:e4:8a:c9:34:9e:80:44:28:12:e2:c2:e2:08:
9f:8c:ca:d1:86:1d:d0:89:60:e2:4e:79:84:08:c7:
dc:10:d1:69:4d:91:0d:2f:ee:01:05:44:06:28:c6:
1d:44:a9:04:c9:c0:ca:24:31:65:8f:99:87:d1:54:
1a:8b:36:46:c4:f0:9b:c1:b8:9a:af:10:9a:62:91:
64:ec:f8:6a:dd:51:c7:61:35:19:7a:26:fa:48:58:
5f:14:b3:cc:58:20:d1:00:58:fe:d8:7b:f5:0b:87:
28:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:57:C6:CB:81:25:11:8E:4F:29:BD:4C:C3:E6:7D:02:43:99:E9:20
X509v3 Authority Key Identifier:
keyid:0A:AA:A7:9C:AA:CF:F5:F0:30:4B:9A:E9:00:2E:27:13:FB:FF:6D:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CqqnnKrP9fAwS5rpAC4nE_v_bVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/2fc266-1247-4f00-b161-6eb9a22129e1/1/qVfGy4ElEY5PKb1Mw-Z9AkOZ6SA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/2fc266-1247-4f00-b161-6eb9a22129e1/1/CqqnnKrP9fAwS5rpAC4nE_v_bVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:554::/48
Signature Algorithm: sha256WithRSAEncryption
90:ac:64:b9:25:1f:86:29:56:af:4c:44:cc:3f:d5:e8:87:b2:
d4:c4:4b:8c:3a:a1:63:f4:94:c7:83:cc:20:b7:1c:be:cd:ae:
23:be:d4:03:37:c5:93:58:31:1d:3a:f8:f5:22:9d:8e:fc:ec:
61:99:bb:62:78:6e:9b:32:d2:5a:6b:00:89:fb:65:30:8e:cc:
3e:ba:33:04:ca:a2:6b:a2:61:69:34:08:1e:6d:9f:e5:d9:a8:
d8:12:07:1a:9a:38:c9:b6:eb:22:c1:6e:76:a2:76:5a:d2:0f:
df:9d:05:c0:a8:cc:ef:3c:4f:24:a7:fd:67:3a:77:24:b9:bb:
0a:dd:0e:9b:b4:af:b2:83:57:83:54:c6:f3:46:9a:86:99:8e:
67:73:d6:bb:e7:2b:69:fe:b4:a6:aa:34:6f:a0:42:04:45:af:
a7:c2:6c:c5:fd:51:43:82:4b:4c:b5:6d:ff:c7:4f:48:f0:20:
07:0b:22:7d:0a:e0:9d:ea:0d:41:dc:ad:d4:50:2b:53:6e:d1:
17:dd:58:44:77:f3:65:7b:a5:5f:a3:7e:49:4f:e8:6e:87:03:
61:37:c6:f1:d0:b9:c1:7c:f6:b2:7c:33:d8:68:b0:e4:ea:c0:
52:03:54:34:81:25:66:41:e2:ef:02:2c:56:ac:11:be:47:64:
84:61:cc:6a
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIDANFKMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDBh
YWFhNzljYWFjZmY1ZjAzMDRiOWFlOTAwMmUyNzEzZmJmZjZkNTIwHhcNMjIwMjI0
MTY1OTM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhhOTU3YzZjYjgxMjUx
MThlNGYyOWJkNGNjM2U2N2QwMjQzOTllOTIwMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA2nleKBpkGcYHLmyheIoqFaSanke+qboNhusAT7ARlGz+I5q7
VB1hjL3i5CKXooOGJqYCWTSLnH9JX7fBlyeD6gGRSrwmhY5HuCKdPzynxwbxCFz6
BGh/XfW3+6TmXaFd/59GJpszpbVcjC24nVzY8xN0NXGAW2YgLwuGv6Av5C9F0uxs
0Osp1KwAF5tdzYKlaLDcUmubh+SKyTSegEQoEuLC4gifjMrRhh3QiWDiTnmECMfc
ENFpTZENL+4BBUQGKMYdRKkEycDKJDFlj5mH0VQaizZGxPCbwbiarxCaYpFk7Phq
3VHHYTUZeib6SFhfFLPMWCDRAFj+2Hv1C4co0QIDAQABo4ICDDCCAggwHQYDVR0O
BBYEFKlXxsuBJRGOTym9TMPmfQJDmekgMB8GA1UdIwQYMBaAFAqqp5yqz/XwMEua
6QAuJxP7/21SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
Q3Fxbm5LclA5ZkF3UzVycEFDNG5FX3ZfYlZJLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jYy8yZmMyNjYtMTI0Ny00ZjAwLWIxNjEtNmViOWEyMjEyOWUxLzEv
cVZmR3k0RWxFWTVQS2IxTXctWjlBa09aNlNBLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy8y
ZmMyNjYtMTI0Ny00ZjAwLWIxNjEtNmViOWEyMjEyOWUxLzEvQ3Fxbm5LclA5ZkF3
UzVycEFDNG5FX3ZfYlZJLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIG
CCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfAVUMA0GCSqGSIb3DQEBCwUA
A4IBAQCQrGS5JR+GKVavTETMP9Xoh7LUxEuMOqFj9JTHg8wgtxy+za4jvtQDN8WT
WDEdOvj1Ip2O/OxhmbtieG6bMtJaawCJ+2Uwjsw+ujMEyqJromFpNAgebZ/l2ajY
EgcamjjJtusiwW52onZa0g/fnQXAqMzvPE8kp/1nOnckubsK3Q6btK+yg1eDVMbz
RpqGmY5nc9a75ytp/rSmqjRvoEIERa+nwmzF/VFDgktMtW3/x09I8CAHCyJ9CuCd
6g1B3K3UUCtTbtEX3VhEd/Nle6Vfo35JT+huhwNhN8bx0LnBfPayfDPYaLDk6sBS
A1Q0gSVmQeLvAixWrBG+R2SEYcxq
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:03 2023 by rpki-client on console-fra.rpki-client.org