Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/c7d22b-2147-4336-9009-f9355fd98b6b/1/QNYd5c_n8kGb6HuGP-Hiz84WVp4.roa
File: QNYd5c_n8kGb6HuGP-Hiz84WVp4.roa (raw, json)
Hash identifier: NOK3AQbaGr0KtdKkEHemGDSnRKF8RJ0Uy/V0vy0mHlY=
Subject key identifier: 40:D6:1D:E5:CF:E7:F2:41:9B:E8:7B:86:3F:E1:E2:CF:CE:16:56:9E
Certificate issuer: /CN=5b673422eff7e41c5e06d78e529f491f59150ff9
Certificate serial: 03E1D8A6
Authority key identifier: 5B:67:34:22:EF:F7:E4:1C:5E:06:D7:8E:52:9F:49:1F:59:15:0F:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W2c0Iu_35BxeBteOUp9JH1kVD_k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/c7d22b-2147-4336-9009-f9355fd98b6b/1/QNYd5c_n8kGb6HuGP-Hiz84WVp4.roa
Signing time: Sat 01 Jan 2022 03:51:08 +0000
ROA not before: Sat 01 Jan 2022 03:51:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208703
IP address blocks: 185.41.220.0/24 maxlen: 24
185.41.223.0/24 maxlen: 24
185.41.222.0/24 maxlen: 24
185.41.221.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65132710 (0x3e1d8a6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b673422eff7e41c5e06d78e529f491f59150ff9
Validity
Not Before: Jan 1 03:51:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=40d61de5cfe7f2419be87b863fe1e2cfce16569e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:8a:f0:32:01:57:33:70:e9:de:7c:5e:1b:20:
33:ac:2e:b2:5d:18:c3:c0:17:f9:cb:d4:d6:64:e1:
41:a2:e9:8f:da:00:35:05:80:3c:dd:df:c8:60:71:
8a:d6:7f:dc:c7:e9:3b:97:2a:f1:ff:56:71:bf:13:
79:5a:5f:83:06:9d:1f:47:22:9e:d0:6c:13:c0:09:
4d:eb:6e:cd:a7:46:88:40:7a:6e:36:90:0e:ec:29:
79:19:e0:79:f5:69:6e:9a:b3:2e:6c:81:26:98:ca:
e7:1d:b1:25:b3:ab:90:aa:18:bb:3e:0e:17:99:73:
28:41:c7:9c:2f:67:77:9e:df:92:35:a8:2e:04:21:
84:72:64:70:ac:de:30:1f:aa:00:5f:92:32:85:46:
b0:a9:9f:d6:4d:dd:84:d7:17:5e:c6:9c:23:e9:a1:
27:25:02:4f:ba:79:23:0b:f3:ff:ae:92:0a:ad:71:
19:68:a1:79:46:32:f4:36:13:08:ee:fa:71:28:de:
45:f3:7a:33:05:c9:ed:48:30:bd:f1:32:c6:92:cd:
b9:29:0c:e4:b6:d4:e1:be:60:6a:c7:ec:73:62:cb:
63:51:00:30:35:5a:15:ae:be:a3:a9:37:5b:aa:03:
ea:45:49:d2:58:c9:8a:ef:ec:e6:9b:bf:00:d4:7a:
a1:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:D6:1D:E5:CF:E7:F2:41:9B:E8:7B:86:3F:E1:E2:CF:CE:16:56:9E
X509v3 Authority Key Identifier:
keyid:5B:67:34:22:EF:F7:E4:1C:5E:06:D7:8E:52:9F:49:1F:59:15:0F:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W2c0Iu_35BxeBteOUp9JH1kVD_k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/c7d22b-2147-4336-9009-f9355fd98b6b/1/QNYd5c_n8kGb6HuGP-Hiz84WVp4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/c7d22b-2147-4336-9009-f9355fd98b6b/1/W2c0Iu_35BxeBteOUp9JH1kVD_k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.41.220.0/22
Signature Algorithm: sha256WithRSAEncryption
08:e5:e1:64:4c:dc:0f:20:30:a0:30:e7:6a:30:f0:11:06:e0:
63:40:01:3b:cf:fd:c9:42:73:75:3b:0b:30:a9:63:70:41:41:
91:d4:22:06:67:35:39:18:eb:e7:9c:6d:4d:7a:01:ac:74:d0:
25:50:cb:40:0e:69:ca:17:1d:67:ed:b3:2d:98:75:97:a5:84:
6f:56:11:7b:82:42:ec:36:a7:89:6f:63:85:d5:4b:4d:86:86:
dc:6e:28:30:18:d2:15:5d:20:3b:6f:91:be:95:15:06:09:e4:
6c:d4:63:9c:61:24:83:2b:e4:ee:71:8e:d7:cf:d7:25:5c:9f:
c6:3c:ac:65:c5:82:cc:d5:86:b2:a3:d7:35:ae:99:58:e4:71:
bc:b4:61:18:83:d2:27:5a:56:44:f2:00:09:ee:b2:a7:0b:88:
8d:08:45:e1:78:9e:b2:72:c0:cd:93:34:ea:a8:80:5e:a3:16:
e8:bd:80:c3:bc:3b:86:68:e8:33:6c:46:31:38:8f:fd:90:87:
c0:bd:ce:3e:d1:ef:28:a3:c3:b0:3e:fc:77:d1:28:c3:c9:10:
e5:1c:f4:f2:a2:65:74:e0:b9:26:3b:c6:7a:7d:6e:31:ff:86:
fa:31:75:73:d7:3b:f4:6e:e7:d1:49:6b:01:6d:93:96:fd:8d:
88:ff:58:f9
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA+HYpjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
YjY3MzQyMmVmZjdlNDFjNWUwNmQ3OGU1MjlmNDkxZjU5MTUwZmY5MB4XDTIyMDEw
MTAzNTEwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDBkNjFkZTVjZmU3
ZjI0MTliZTg3Yjg2M2ZlMWUyY2ZjZTE2NTY5ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ6K8DIBVzNw6d58XhsgM6wusl0Yw8AX+cvU1mThQaLpj9oA
NQWAPN3fyGBxitZ/3MfpO5cq8f9Wcb8TeVpfgwadH0cintBsE8AJTetuzadGiEB6
bjaQDuwpeRngefVpbpqzLmyBJpjK5x2xJbOrkKoYuz4OF5lzKEHHnC9nd57fkjWo
LgQhhHJkcKzeMB+qAF+SMoVGsKmf1k3dhNcXXsacI+mhJyUCT7p5Iwvz/66SCq1x
GWiheUYy9DYTCO76cSjeRfN6MwXJ7UgwvfEyxpLNuSkM5LbU4b5gasfsc2LLY1EA
MDVaFa6+o6k3W6oD6kVJ0ljJiu/s5pu/ANR6oecCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRA1h3lz+fyQZvoe4Y/4eLPzhZWnjAfBgNVHSMEGDAWgBRbZzQi7/fkHF4G
145Sn0kfWRUP+TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1cyYzBJdV8zNUJ4ZUJ0ZU9VcDlKSDFrVkRfay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTYvYzdkMjJiLTIxNDctNDMzNi05MDA5LWY5MzU1ZmQ5OGI2Yi8x
L1FOWWQ1Y19uOGtHYjZIdUdQLUhpejg0V1ZwNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTYv
YzdkMjJiLTIxNDctNDMzNi05MDA5LWY5MzU1ZmQ5OGI2Yi8xL1cyYzBJdV8zNUJ4
ZUJ0ZU9VcDlKSDFrVkRfay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArkp3DANBgkqhkiG9w0BAQsFAAOC
AQEACOXhZEzcDyAwoDDnajDwEQbgY0ABO8/9yUJzdTsLMKljcEFBkdQiBmc1ORjr
55xtTXoBrHTQJVDLQA5pyhcdZ+2zLZh1l6WEb1YRe4JC7DaniW9jhdVLTYaG3G4o
MBjSFV0gO2+RvpUVBgnkbNRjnGEkgyvk7nGO18/XJVyfxjysZcWCzNWGsqPXNa6Z
WORxvLRhGIPSJ1pWRPIACe6ypwuIjQhF4XiesnLAzZM06qiAXqMW6L2Aw7w7hmjo
M2xGMTiP/ZCHwL3OPtHvKKPDsD78d9Eow8kQ5Rz08qJldOC5JjvGen1uMf+G+jF1
c9c79G7n0UlrAW2Tlv2NiP9Y+Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:36 2024 by rpki-client on console-fra.rpki-client.org