Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/bb19bc-8da1-4729-8686-fcce147c327a/1/QaCkXxw-r9il69MKizQzWwnh4lQ.roa
File: QaCkXxw-r9il69MKizQzWwnh4lQ.roa (raw, json)
Hash identifier: 2PHl6HUi04HauMWKGkM1SNd7tJqWq+HHY+SLLgcgov8=
Subject key identifier: 41:A0:A4:5F:1C:3E:AF:D8:A5:EB:D3:0A:8B:34:33:5B:09:E1:E2:54
Certificate issuer: /CN=c0166e216c360c36e0f75b0d39123dbad42264e9
Certificate serial: 089AEE0E
Authority key identifier: C0:16:6E:21:6C:36:0C:36:E0:F7:5B:0D:39:12:3D:BA:D4:22:64:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wBZuIWw2DDbg91sNORI9utQiZOk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/bb19bc-8da1-4729-8686-fcce147c327a/1/QaCkXxw-r9il69MKizQzWwnh4lQ.roa
Signing time: Sat 01 Jan 2022 01:55:31 +0000
ROA not before: Sat 01 Jan 2022 01:55:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209075
IP address blocks: 2001:678:a5c::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 144371214 (0x89aee0e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c0166e216c360c36e0f75b0d39123dbad42264e9
Validity
Not Before: Jan 1 01:55:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=41a0a45f1c3eafd8a5ebd30a8b34335b09e1e254
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:42:b3:59:67:7e:a8:b3:1e:2d:1e:de:f3:d1:
7e:f9:2e:1f:8a:77:5f:2e:7d:ab:55:cc:45:db:e0:
21:b3:52:01:57:a6:da:b8:ad:7a:05:bb:21:26:d9:
30:fd:91:ad:69:2a:0e:54:1f:af:20:3b:32:a7:d9:
2e:d4:42:08:b6:66:df:ab:6c:6e:8f:32:69:5a:e7:
08:e9:aa:e0:c6:59:ea:07:41:00:2f:03:35:86:bb:
cc:87:27:2c:f2:62:18:73:24:7c:3c:39:ec:52:52:
a9:ef:6f:ee:5b:67:b9:ee:f9:16:7c:0b:f2:2d:43:
79:5e:1f:33:14:ef:bd:59:a7:39:dc:52:78:b1:f1:
b6:15:9b:38:f5:0e:38:db:b6:a5:99:18:f4:df:1c:
59:d4:fd:3b:b9:6b:73:95:d5:40:8f:1b:11:58:af:
72:f0:dc:ff:99:53:7d:5b:2b:2f:5a:5f:2f:9c:04:
bf:7c:30:a1:80:89:49:79:a7:de:5a:4b:85:fb:a7:
e1:47:16:7f:55:0c:62:44:66:ea:4d:0f:fe:70:ff:
1a:68:98:cd:f2:c3:5e:5f:4d:4e:32:a6:26:37:59:
a9:99:27:41:fc:3b:38:15:70:04:a8:89:d1:73:3e:
0e:09:51:5c:9d:ed:f9:06:df:2e:89:f8:7b:20:a5:
32:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:A0:A4:5F:1C:3E:AF:D8:A5:EB:D3:0A:8B:34:33:5B:09:E1:E2:54
X509v3 Authority Key Identifier:
keyid:C0:16:6E:21:6C:36:0C:36:E0:F7:5B:0D:39:12:3D:BA:D4:22:64:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wBZuIWw2DDbg91sNORI9utQiZOk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/bb19bc-8da1-4729-8686-fcce147c327a/1/QaCkXxw-r9il69MKizQzWwnh4lQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/bb19bc-8da1-4729-8686-fcce147c327a/1/wBZuIWw2DDbg91sNORI9utQiZOk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:a5c::/48
Signature Algorithm: sha256WithRSAEncryption
36:b5:0d:0f:94:c7:01:6e:32:33:43:ad:32:3b:42:93:75:0c:
1f:93:d4:c5:f6:49:e3:9c:62:65:78:5a:ef:40:65:f3:f1:64:
e1:af:71:0a:8e:bf:08:73:4c:11:b9:9c:98:d3:25:92:59:b5:
b4:7f:b9:11:8c:64:05:91:0b:32:24:f8:9b:5d:22:c6:76:16:
7c:d2:d7:c6:ec:2f:56:ea:0a:b1:bc:3f:f7:bb:60:97:8c:e4:
80:9e:35:73:45:14:0c:2d:ce:85:0e:b0:66:c2:d6:e9:e3:19:
61:87:2c:ec:75:7b:55:64:5e:7a:04:26:dd:e0:e6:3d:56:28:
1c:66:ef:6d:88:9a:25:47:17:26:ca:79:c1:23:5e:d9:74:f3:
df:9d:99:9e:89:90:a7:55:cc:34:07:6b:ca:f6:5a:bf:6e:54:
88:95:31:4e:cf:1f:5a:42:7e:ae:11:de:27:12:7e:82:04:83:
99:91:1d:9d:20:41:1a:ba:4f:0b:ba:2e:20:57:39:8c:a8:49:
34:6e:bd:6e:85:4d:2a:f2:7b:35:71:51:6b:d5:d2:dc:bb:7d:
99:7c:60:84:0e:72:75:c2:61:d8:bd:76:11:76:4f:1d:13:d6:
f9:5c:d6:9a:82:8c:9c:91:95:8f:b4:a1:9a:6e:e3:35:d3:3d:
e7:20:30:20
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIECJruDjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
MDE2NmUyMTZjMzYwYzM2ZTBmNzViMGQzOTEyM2RiYWQ0MjI2NGU5MB4XDTIyMDEw
MTAxNTUzMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDFhMGE0NWYxYzNl
YWZkOGE1ZWJkMzBhOGIzNDMzNWIwOWUxZTI1NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALJCs1lnfqizHi0e3vPRfvkuH4p3Xy59q1XMRdvgIbNSAVem
2ritegW7ISbZMP2RrWkqDlQfryA7MqfZLtRCCLZm36tsbo8yaVrnCOmq4MZZ6gdB
AC8DNYa7zIcnLPJiGHMkfDw57FJSqe9v7ltnue75FnwL8i1DeV4fMxTvvVmnOdxS
eLHxthWbOPUOONu2pZkY9N8cWdT9O7lrc5XVQI8bEVivcvDc/5lTfVsrL1pfL5wE
v3wwoYCJSXmn3lpLhfun4UcWf1UMYkRm6k0P/nD/GmiYzfLDXl9NTjKmJjdZqZkn
Qfw7OBVwBKiJ0XM+DglRXJ3t+QbfLon4eyClMr8CAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBRBoKRfHD6v2KXr0wqLNDNbCeHiVDAfBgNVHSMEGDAWgBTAFm4hbDYMNuD3
Ww05Ej261CJk6TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3dCWnVJV3cyRERiZzkxc05PUkk5dXRRaVpPay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTYvYmIxOWJjLThkYTEtNDcyOS04Njg2LWZjY2UxNDdjMzI3YS8x
L1FhQ2tYeHctcjlpbDY5TUtpelF6V3duaDRsUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTYv
YmIxOWJjLThkYTEtNDcyOS04Njg2LWZjY2UxNDdjMzI3YS8xL3dCWnVJV3cyRERi
Zzkxc05PUkk5dXRRaVpPay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABBngKXDANBgkqhkiG9w0BAQsF
AAOCAQEANrUND5THAW4yM0OtMjtCk3UMH5PUxfZJ45xiZXha70Bl8/Fk4a9xCo6/
CHNMEbmcmNMlklm1tH+5EYxkBZELMiT4m10ixnYWfNLXxuwvVuoKsbw/97tgl4zk
gJ41c0UUDC3OhQ6wZsLW6eMZYYcs7HV7VWReegQm3eDmPVYoHGbvbYiaJUcXJsp5
wSNe2XTz352ZnomQp1XMNAdryvZav25UiJUxTs8fWkJ+rhHeJxJ+ggSDmZEdnSBB
GrpPC7ouIFc5jKhJNG69boVNKvJ7NXFRa9XS3Lt9mXxghA5ydcJh2L12EXZPHRPW
+VzWmoKMnJGVj7Shmm7jNdM95yAwIA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:49:52 2024 by rpki-client on console-ams.rpki-client.org