Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/57d581-3994-4d83-a1b0-968470b650f4/1/Q0cqe2gBN74GarCtCyWAUe5-IAk.roa
File: Q0cqe2gBN74GarCtCyWAUe5-IAk.roa (raw, json)
Hash identifier: Hr8j+8I6TBZi57S1zTCWocyBsWSsMqf4RReOwWWkh8I=
Subject key identifier: 43:47:2A:7B:68:01:37:BE:06:6A:B0:AD:0B:25:80:51:EE:7E:20:09
Certificate issuer: /CN=ff836ed8cd29b81b8421a1dab920905e2ed76184
Certificate serial: 0412E7BD
Authority key identifier: FF:83:6E:D8:CD:29:B8:1B:84:21:A1:DA:B9:20:90:5E:2E:D7:61:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4Nu2M0puBuEIaHauSCQXi7XYYQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/57d581-3994-4d83-a1b0-968470b650f4/1/Q0cqe2gBN74GarCtCyWAUe5-IAk.roa
Signing time: Sat 01 Jan 2022 02:52:20 +0000
ROA not before: Sat 01 Jan 2022 02:52:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206502
IP address blocks: 2a0b:2180::/32 maxlen: 32
2a0b:2180::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 68347837 (0x412e7bd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff836ed8cd29b81b8421a1dab920905e2ed76184
Validity
Not Before: Jan 1 02:52:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=43472a7b680137be066ab0ad0b258051ee7e2009
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:09:83:d8:48:58:96:83:b2:14:a4:2e:a6:f7:
c5:13:88:75:f9:12:bf:cf:d6:87:70:d0:74:14:b7:
98:ef:5e:99:e0:b6:c7:fa:41:31:d3:57:9f:ee:d5:
08:77:16:c7:82:5e:2f:86:e2:3a:be:a0:11:74:a5:
fc:50:1e:71:fc:46:e5:04:67:4a:82:d3:f6:53:e2:
84:89:80:65:fb:90:05:8d:f7:64:e6:1d:70:7b:94:
1d:c6:4b:02:84:97:46:db:9c:fe:5c:61:0f:ba:63:
0d:f8:05:af:c8:9f:da:84:96:7d:3a:01:57:68:96:
46:f3:6a:4f:a7:3e:27:64:3b:c4:88:d4:26:50:31:
10:2d:d0:e4:65:cd:e7:2c:e6:e1:b4:92:a8:79:b6:
fd:86:a0:27:ea:b2:37:24:fb:c0:d7:4f:27:51:4d:
7f:21:ad:6c:1e:a1:98:70:cd:60:37:8b:f6:7a:fb:
66:d9:d7:da:5b:00:e9:2c:03:13:bb:da:f4:63:f2:
31:ff:87:56:42:62:35:36:e2:2b:48:33:84:5a:5f:
34:52:3b:df:1a:fb:55:67:1b:7e:e8:01:ae:ff:45:
87:e1:d5:2f:d5:1b:ff:e9:9c:56:24:01:20:5b:2d:
2a:ba:26:68:73:01:19:e9:f5:1f:48:8b:34:ba:0f:
e0:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:47:2A:7B:68:01:37:BE:06:6A:B0:AD:0B:25:80:51:EE:7E:20:09
X509v3 Authority Key Identifier:
keyid:FF:83:6E:D8:CD:29:B8:1B:84:21:A1:DA:B9:20:90:5E:2E:D7:61:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4Nu2M0puBuEIaHauSCQXi7XYYQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/57d581-3994-4d83-a1b0-968470b650f4/1/Q0cqe2gBN74GarCtCyWAUe5-IAk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/57d581-3994-4d83-a1b0-968470b650f4/1/_4Nu2M0puBuEIaHauSCQXi7XYYQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:2180::/32
Signature Algorithm: sha256WithRSAEncryption
5a:82:da:68:b1:57:b7:a4:a3:6a:d5:c6:5b:65:5e:a2:c9:fd:
43:77:88:57:58:c3:cb:d3:a7:eb:5c:69:2c:e4:11:0c:06:6f:
27:17:29:28:dd:8d:0e:dc:17:0c:3d:a9:18:eb:6c:28:b8:ed:
3e:04:c4:da:f1:3f:d8:67:dc:2f:11:0a:43:07:2e:0b:46:f9:
af:dc:88:53:92:98:eb:eb:21:63:56:66:8c:b5:b4:70:8d:90:
1e:7f:95:8b:f7:92:f7:3f:d1:dd:c6:c5:fd:49:01:5c:57:94:
9b:aa:19:e6:6f:30:63:e1:5a:cd:f0:39:40:f7:48:fd:94:90:
30:42:20:61:ec:d0:eb:62:44:cb:cb:0d:64:88:43:23:a7:03:
21:74:bb:3e:59:c6:e8:d2:32:0d:29:dc:6e:fc:b1:31:bf:0c:
fa:a3:34:e0:7c:e7:be:9a:d3:08:ab:a3:c4:62:05:e4:d9:74:
79:37:c1:42:75:e5:ec:f2:9a:23:42:54:da:e2:4a:90:9c:6d:
35:6e:31:e2:a3:75:3d:0f:d1:65:a8:8f:22:d4:d1:e6:72:e9:
12:ce:9d:4e:b6:27:21:68:7a:4f:04:d5:10:97:20:39:54:a9:
0b:0d:49:08:24:d0:92:11:33:70:63:77:01:7b:80:b1:b2:5c:
1f:a1:5d:69
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIEBBLnvTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ZjgzNmVkOGNkMjliODFiODQyMWExZGFiOTIwOTA1ZTJlZDc2MTg0MB4XDTIyMDEw
MTAyNTIyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDM0NzJhN2I2ODAx
MzdiZTA2NmFiMGFkMGIyNTgwNTFlZTdlMjAwOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALQJg9hIWJaDshSkLqb3xROIdfkSv8/Wh3DQdBS3mO9emeC2
x/pBMdNXn+7VCHcWx4JeL4biOr6gEXSl/FAecfxG5QRnSoLT9lPihImAZfuQBY33
ZOYdcHuUHcZLAoSXRtuc/lxhD7pjDfgFr8if2oSWfToBV2iWRvNqT6c+J2Q7xIjU
JlAxEC3Q5GXN5yzm4bSSqHm2/YagJ+qyNyT7wNdPJ1FNfyGtbB6hmHDNYDeL9nr7
ZtnX2lsA6SwDE7va9GPyMf+HVkJiNTbiK0gzhFpfNFI73xr7VWcbfugBrv9Fh+HV
L9Ub/+mcViQBIFstKromaHMBGen1H0iLNLoP4BMCAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBRDRyp7aAE3vgZqsK0LJYBR7n4gCTAfBgNVHSMEGDAWgBT/g27YzSm4G4Qh
odq5IJBeLtdhhDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L180TnUyTTBwdUJ1RUlhSGF1U0NRWGk3WFlZUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjYvNTdkNTgxLTM5OTQtNGQ4My1hMWIwLTk2ODQ3MGI2NTBmNC8x
L1EwY3FlMmdCTjc0R2FyQ3RDeVdBVWU1LUlBay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjYv
NTdkNTgxLTM5OTQtNGQ4My1hMWIwLTk2ODQ3MGI2NTBmNC8xL180TnUyTTBwdUJ1
RUlhSGF1U0NRWGk3WFlZUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoLIYAwDQYJKoZIhvcNAQELBQAD
ggEBAFqC2mixV7eko2rVxltlXqLJ/UN3iFdYw8vTp+tcaSzkEQwGbycXKSjdjQ7c
Fww9qRjrbCi47T4ExNrxP9hn3C8RCkMHLgtG+a/ciFOSmOvrIWNWZoy1tHCNkB5/
lYv3kvc/0d3Gxf1JAVxXlJuqGeZvMGPhWs3wOUD3SP2UkDBCIGHs0OtiRMvLDWSI
QyOnAyF0uz5ZxujSMg0p3G78sTG/DPqjNOB8576a0wiro8RiBeTZdHk3wUJ15ezy
miNCVNriSpCcbTVuMeKjdT0P0WWojyLU0eZy6RLOnU62JyFoek8E1RCXIDlUqQsN
SQgk0JIRM3BjdwF7gLGyXB+hXWk=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:39 2023 by rpki-client on console.sobornost.net