Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/6af6b2-578c-4a25-a2cc-ffad4fb0a713/1/QnaDsde9CvP2bajSyLVfeFgca-g.roa
File: QnaDsde9CvP2bajSyLVfeFgca-g.roa (raw, json)
Hash identifier: ZI2S1RZwznFws+dbo7SuMV7Q4obikb8zRLorntMQ0Cs=
Subject key identifier: 42:76:83:B1:D7:BD:0A:F3:F6:6D:A8:D2:C8:B5:5F:78:58:1C:6B:E8
Certificate issuer: /CN=f7fac2c21b2dbc812dd25d1cb79c3fba5419e593
Certificate serial: 0184F7FBB9E14E67ACD78EC2070765EF36DE
Authority key identifier: F7:FA:C2:C2:1B:2D:BC:81:2D:D2:5D:1C:B7:9C:3F:BA:54:19:E5:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9_rCwhstvIEt0l0ct5w_ulQZ5ZM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/6af6b2-578c-4a25-a2cc-ffad4fb0a713/1/QnaDsde9CvP2bajSyLVfeFgca-g.roa
Signing time: Fri 09 Dec 2022 17:43:00 +0000
ROA not before: Fri 09 Dec 2022 17:43:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211194
IP address blocks: 2001:67c:b28::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:f7:fb:b9:e1:4e:67:ac:d7:8e:c2:07:07:65:ef:36:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f7fac2c21b2dbc812dd25d1cb79c3fba5419e593
Validity
Not Before: Dec 9 17:43:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=427683b1d7bd0af3f66da8d2c8b55f78581c6be8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:cb:a1:87:c5:bc:e3:cb:75:1d:9e:bd:7e:88:
8d:00:c6:3b:3d:1c:4c:7e:53:1c:a1:48:07:62:87:
a9:06:ec:08:10:4e:7f:18:8f:4b:e5:88:1e:f7:97:
ca:a0:ee:8b:af:49:3e:7b:59:16:48:f6:d1:4f:53:
69:df:5f:09:5c:69:06:c4:da:8f:31:a3:33:37:f3:
47:e1:24:d9:f5:56:0d:39:31:36:47:19:7a:55:70:
46:35:c8:22:52:4d:89:09:08:9e:2d:4a:03:58:f7:
21:c7:e1:9e:c7:a3:d9:29:e3:83:bd:68:c0:db:0e:
ea:8a:36:f5:a8:17:0b:32:f6:77:2f:8c:9d:ae:f4:
12:86:1b:92:68:bd:86:cb:2b:25:7f:ef:c2:76:35:
57:a5:be:4e:ba:c3:53:f1:47:2c:cc:4a:d1:5b:45:
71:17:53:da:94:cf:9b:24:4f:1d:cd:a2:2a:07:bf:
ac:48:11:24:3b:96:e9:1f:2c:a6:86:9f:d0:8a:6d:
0c:53:8e:dd:37:cc:fd:14:5b:10:34:24:22:73:3f:
fb:20:9d:90:61:8d:f0:93:66:ae:07:f4:67:08:4d:
08:f3:71:05:88:71:18:65:30:41:7f:6b:06:11:31:
bd:aa:2f:cf:2b:d8:16:b0:a3:9d:61:a2:86:55:8e:
2c:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:76:83:B1:D7:BD:0A:F3:F6:6D:A8:D2:C8:B5:5F:78:58:1C:6B:E8
X509v3 Authority Key Identifier:
keyid:F7:FA:C2:C2:1B:2D:BC:81:2D:D2:5D:1C:B7:9C:3F:BA:54:19:E5:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9_rCwhstvIEt0l0ct5w_ulQZ5ZM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/6af6b2-578c-4a25-a2cc-ffad4fb0a713/1/QnaDsde9CvP2bajSyLVfeFgca-g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/6af6b2-578c-4a25-a2cc-ffad4fb0a713/1/9_rCwhstvIEt0l0ct5w_ulQZ5ZM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:b28::/48
Signature Algorithm: sha256WithRSAEncryption
3c:d5:39:85:ab:e4:d5:0e:c3:34:78:62:ff:21:aa:7d:6a:0a:
41:45:e6:95:5e:d9:54:1c:69:13:2a:19:65:cc:8e:76:b9:75:
27:9c:9b:3c:9e:c0:23:36:81:f2:80:aa:98:4b:0c:88:04:ef:
58:16:e3:f4:41:10:c5:55:b0:e1:1d:60:78:d3:ae:4e:e3:42:
1c:59:95:bb:c7:5e:2d:07:e2:f1:84:4f:05:ae:3e:ad:d3:06:
a7:9e:ce:0c:8c:81:36:4d:fa:5f:7e:89:bd:76:e1:18:9d:d5:
63:ed:e9:28:0c:13:04:55:55:f4:ef:06:13:11:d0:5f:4a:e1:
a5:6d:86:ce:4b:4c:2b:c7:fe:68:3a:6b:c5:d4:ab:97:23:8c:
95:47:05:ed:2a:e2:a0:6c:80:ee:4c:17:1d:34:0d:df:34:79:
46:c6:ad:d4:f1:42:fb:b7:00:d8:ed:f9:01:02:9c:be:20:50:
b3:f7:98:6b:9d:4e:e9:09:20:ea:9f:78:e0:fb:30:96:d5:8a:
38:8f:a2:8b:55:de:5d:12:bb:ef:b3:0e:03:d1:6d:e4:53:cf:
fd:24:52:f6:68:0a:01:94:91:85:e0:ab:9a:f8:38:45:f1:81:
23:bc:7f:fd:78:2b:74:d3:50:0e:cd:05:85:82:35:d4:e3:45:
24:e3:eb:71
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYT3+7nhTmes147CBwdl7zbeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3ZmFjMmMyMWIyZGJjODEyZGQyNWQxY2I3OWMzZmJhNTQx
OWU1OTMwHhcNMjIxMjA5MTc0MzAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Mjc2ODNiMWQ3YmQwYWYzZjY2ZGE4ZDJjOGI1NWY3ODU4MWM2YmU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAksuhh8W848t1HZ69foiNAMY7PRxM
flMcoUgHYoepBuwIEE5/GI9L5Yge95fKoO6Lr0k+e1kWSPbRT1Np318JXGkGxNqP
MaMzN/NH4STZ9VYNOTE2Rxl6VXBGNcgiUk2JCQieLUoDWPchx+Gex6PZKeODvWjA
2w7qijb1qBcLMvZ3L4ydrvQShhuSaL2Gyyslf+/CdjVXpb5OusNT8UcszErRW0Vx
F1PalM+bJE8dzaIqB7+sSBEkO5bpHyymhp/Qim0MU47dN8z9FFsQNCQicz/7IJ2Q
YY3wk2auB/RnCE0I83EFiHEYZTBBf2sGETG9qi/PK9gWsKOdYaKGVY4s+wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEJ2g7HXvQrz9m2o0si1X3hYHGvoMB8GA1UdIwQY
MBaAFPf6wsIbLbyBLdJdHLecP7pUGeWTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOV9yQ3doc3R2SUV0MGwwY3Q1d191bFFaNVpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS82YWY2YjItNTc4Yy00YTI1LWEyY2Mt
ZmZhZDRmYjBhNzEzLzEvUW5hRHNkZTlDdlAyYmFqU3lMVmZlRmdjYS1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS82YWY2YjItNTc4Yy00YTI1LWEyY2MtZmZhZDRmYjBhNzEz
LzEvOV9yQ3doc3R2SUV0MGwwY3Q1d191bFFaNVpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfAso
MA0GCSqGSIb3DQEBCwUAA4IBAQA81TmFq+TVDsM0eGL/Iap9agpBReaVXtlUHGkT
KhllzI52uXUnnJs8nsAjNoHygKqYSwyIBO9YFuP0QRDFVbDhHWB4065O40IcWZW7
x14tB+LxhE8Frj6t0wanns4MjIE2Tfpffom9duEYndVj7ekoDBMEVVX07wYTEdBf
SuGlbYbOS0wrx/5oOmvF1KuXI4yVRwXtKuKgbIDuTBcdNA3fNHlGxq3U8UL7twDY
7fkBApy+IFCz95hrnU7pCSDqn3jg+zCW1Yo4j6KLVd5dErvvsw4D0W3kU8/9JFL2
aAoBlJGF4Kua+DhF8YEjvH/9eCt001AOzQWFgjXU40Uk4+tx
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:01 2023 by rpki-client on console-fra.rpki-client.org