Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/4ddd75-3160-4065-bb69-bb17875db323/1/QhmNf0e8_4qheirbpeuDE8bEZI0.roa
File: QhmNf0e8_4qheirbpeuDE8bEZI0.roa (raw, json)
Hash identifier: SjEFcGwNJ/Fg9nmDWIFRUbrXI+pz7w8RLSjRtk8GNgE=
Subject key identifier: 42:19:8D:7F:47:BC:FF:8A:A1:7A:2A:DB:A5:EB:83:13:C6:C4:64:8D
Certificate issuer: /CN=24954f608ac12b684ef865f39af0e94e250b9454
Certificate serial: 0170B2
Authority key identifier: 24:95:4F:60:8A:C1:2B:68:4E:F8:65:F3:9A:F0:E9:4E:25:0B:94:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JJVPYIrBK2hO-GXzmvDpTiULlFQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d6/4ddd75-3160-4065-bb69-bb17875db323/1/QhmNf0e8_4qheirbpeuDE8bEZI0.roa
Signing time: Thu 17 Mar 2022 15:32:43 +0000
ROA not before: Thu 17 Mar 2022 15:32:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42831
IP address blocks: 2a12:ab40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 94386 (0x170b2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=24954f608ac12b684ef865f39af0e94e250b9454
Validity
Not Before: Mar 17 15:32:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=42198d7f47bcff8aa17a2adba5eb8313c6c4648d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:52:0a:e4:2b:af:5e:ef:fc:d2:15:a8:57:f3:
97:9d:a7:01:b7:ae:6b:50:d6:80:64:ac:2a:87:f6:
b7:d0:24:51:99:43:6a:9a:8d:92:b8:6f:eb:c6:bb:
81:46:8f:15:76:e2:af:22:77:dd:cf:f5:19:18:fe:
b2:ab:dc:20:53:52:fd:1e:2f:8c:a0:df:6f:65:ee:
d7:63:a4:00:22:98:d5:af:f0:6d:db:26:dd:4a:59:
8b:e2:57:4c:51:12:03:53:40:f8:d4:bd:52:af:c2:
66:ea:f6:19:0f:2c:e1:74:ba:25:05:3e:9c:97:41:
4f:d5:c4:8a:cd:56:a6:d9:9a:45:e3:bf:6b:f1:07:
ab:95:e3:5b:d0:81:e0:f8:b9:80:34:31:29:75:b1:
94:4d:c0:bf:8c:68:00:ac:dc:49:99:93:d6:72:e1:
33:cf:67:87:c9:fe:19:bd:3a:74:68:a8:10:8d:69:
c5:a1:fd:25:98:3c:09:aa:0f:26:95:9d:0f:e4:0e:
8f:d3:15:f1:c0:28:69:fc:c9:c2:5f:10:18:52:e8:
94:4d:a7:34:59:f7:66:21:22:1d:04:8e:a5:2b:c6:
83:2e:a7:bf:fd:5d:df:bc:32:a6:77:3c:a1:a8:cc:
ab:96:45:99:1d:e2:10:21:90:17:8a:7e:c0:f1:9d:
ee:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:19:8D:7F:47:BC:FF:8A:A1:7A:2A:DB:A5:EB:83:13:C6:C4:64:8D
X509v3 Authority Key Identifier:
keyid:24:95:4F:60:8A:C1:2B:68:4E:F8:65:F3:9A:F0:E9:4E:25:0B:94:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JJVPYIrBK2hO-GXzmvDpTiULlFQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/4ddd75-3160-4065-bb69-bb17875db323/1/QhmNf0e8_4qheirbpeuDE8bEZI0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/4ddd75-3160-4065-bb69-bb17875db323/1/JJVPYIrBK2hO-GXzmvDpTiULlFQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:ab40::/29
Signature Algorithm: sha256WithRSAEncryption
17:ee:7f:1f:60:25:23:aa:bc:f6:9e:c1:1b:20:cb:25:5c:dd:
f9:e8:3c:d1:8c:4a:82:39:d5:cb:e5:9a:67:ec:2e:ba:c6:61:
a0:67:61:88:e8:c3:8b:7b:4f:71:e9:f3:38:8a:a5:a8:43:8f:
bd:a1:99:c9:da:76:8b:2e:cb:7e:7f:3d:94:82:11:45:73:96:
f1:c3:36:b1:2c:98:87:60:60:e8:aa:69:b4:e0:33:97:fd:c5:
ac:21:90:87:df:1c:6c:2a:c9:78:a9:4e:0b:a1:f4:56:3a:77:
6b:6f:b2:d1:32:4f:a5:1e:07:f8:88:5d:ea:b9:59:12:6a:08:
d3:9c:c4:7d:75:f3:63:cb:d5:88:17:f6:c2:69:ba:f4:29:9f:
c6:94:71:d9:0b:8b:bb:15:62:84:e6:39:df:33:a6:ab:f9:a9:
3f:2d:4c:88:8d:22:ee:a4:f6:57:0c:1f:09:a5:9a:1e:bc:ec:
f7:70:24:bc:58:d2:3d:02:8f:52:ea:52:01:d2:e2:9c:a8:8b:
fe:ac:7f:1e:92:ff:cf:25:8d:68:f3:6e:c1:3b:d7:2e:00:7f:
b2:e7:30:5b:8f:bf:40:61:1a:7c:40:6a:76:05:17:c2:f5:17:
01:07:4c:3e:fd:a8:62:b6:6b:ff:ae:22:32:01:7a:1a:f8:f5:
11:50:51:28
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIDAXCyMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDI0
OTU0ZjYwOGFjMTJiNjg0ZWY4NjVmMzlhZjBlOTRlMjUwYjk0NTQwHhcNMjIwMzE3
MTUzMjQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg0MjE5OGQ3ZjQ3YmNm
ZjhhYTE3YTJhZGJhNWViODMxM2M2YzQ2NDhkMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA7FIK5CuvXu/80hWoV/OXnacBt65rUNaAZKwqh/a30CRRmUNq
mo2SuG/rxruBRo8VduKvInfdz/UZGP6yq9wgU1L9Hi+MoN9vZe7XY6QAIpjVr/Bt
2ybdSlmL4ldMURIDU0D41L1Sr8Jm6vYZDyzhdLolBT6cl0FP1cSKzVam2ZpF479r
8QerleNb0IHg+LmANDEpdbGUTcC/jGgArNxJmZPWcuEzz2eHyf4ZvTp0aKgQjWnF
of0lmDwJqg8mlZ0P5A6P0xXxwChp/MnCXxAYUuiUTac0WfdmISIdBI6lK8aDLqe/
/V3fvDKmdzyhqMyrlkWZHeIQIZAXin7A8Z3uFwIDAQABo4ICCjCCAgYwHQYDVR0O
BBYEFEIZjX9HvP+KoXoq26XrgxPGxGSNMB8GA1UdIwQYMBaAFCSVT2CKwStoTvhl
85rw6U4lC5RUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
SkpWUFlJckJLMmhPLUdYem12RHBUaVVMbEZRLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9kNi80ZGRkNzUtMzE2MC00MDY1LWJiNjktYmIxNzg3NWRiMzIzLzEv
UWhtTmYwZThfNHFoZWlyYnBldURFOGJFWkkwLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi80
ZGRkNzUtMzE2MC00MDY1LWJiNjktYmIxNzg3NWRiMzIzLzEvSkpWUFlJckJLMmhP
LUdYem12RHBUaVVMbEZRLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAG
CCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhKrQDANBgkqhkiG9w0BAQsFAAOC
AQEAF+5/H2AlI6q89p7BGyDLJVzd+eg80YxKgjnVy+WaZ+wuusZhoGdhiOjDi3tP
cenzOIqlqEOPvaGZydp2iy7Lfn89lIIRRXOW8cM2sSyYh2Bg6KpptOAzl/3FrCGQ
h98cbCrJeKlOC6H0Vjp3a2+y0TJPpR4H+Ihd6rlZEmoI05zEfXXzY8vViBf2wmm6
9CmfxpRx2QuLuxVihOY53zOmq/mpPy1MiI0i7qT2VwwfCaWaHrzs93AkvFjSPQKP
UupSAdLinKiL/qx/HpL/zyWNaPNuwTvXLgB/sucwW4+/QGEafEBqdgUXwvUXAQdM
Pv2oYrZr/64iMgF6Gvj1EVBRKA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:39 2023 by rpki-client on console-fra.rpki-client.org