Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/ce9aa9-8793-4863-a059-5a284064fdb6/1/QA8aHB6TonT9aZJ1KfmR-0vHmrw.roa
File: QA8aHB6TonT9aZJ1KfmR-0vHmrw.roa (raw, json)
Hash identifier: 63StKkqBuQi5aOVmTzqpgE4onW4pR/Yxo2Behb8utj4=
Subject key identifier: 40:0F:1A:1C:1E:93:A2:74:FD:69:92:75:29:F9:91:FB:4B:C7:9A:BC
Certificate issuer: /CN=35371996dc555a98404c7ee712ee293ff6045383
Certificate serial: 039EA16D
Authority key identifier: 35:37:19:96:DC:55:5A:98:40:4C:7E:E7:12:EE:29:3F:F6:04:53:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NTcZltxVWphATH7nEu4pP_YEU4M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/ce9aa9-8793-4863-a059-5a284064fdb6/1/QA8aHB6TonT9aZJ1KfmR-0vHmrw.roa
Signing time: Sat 01 Jan 2022 13:02:37 +0000
ROA not before: Sat 01 Jan 2022 13:02:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 56533
IP address blocks: 91.223.178.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60727661 (0x39ea16d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35371996dc555a98404c7ee712ee293ff6045383
Validity
Not Before: Jan 1 13:02:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=400f1a1c1e93a274fd69927529f991fb4bc79abc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:81:b4:c3:ab:b6:d2:fe:6a:65:ac:51:6e:21:
98:9d:22:54:6d:be:2f:9e:7b:e3:26:23:28:b0:af:
65:8b:45:eb:e0:8c:60:34:ff:16:b4:e4:af:c1:e0:
dd:56:64:d5:ee:1b:3a:d0:9a:ba:35:1e:2f:06:89:
7e:dd:71:d5:f1:cc:f5:03:4f:f3:49:29:f5:fa:f6:
70:f4:df:c5:14:ab:11:3b:d9:89:91:d4:d2:66:63:
b0:22:a7:c2:d9:4d:db:fd:13:7e:d4:21:d6:0b:76:
f1:21:46:73:d8:5f:0e:54:d3:96:13:52:2f:24:fc:
32:a1:c8:bf:c8:82:30:21:da:8e:30:03:c5:55:e6:
e3:4e:34:fa:76:30:dd:65:7b:20:df:1b:15:d0:03:
a0:e3:1e:fd:9a:0e:5e:9f:0e:c6:ef:4e:25:8e:db:
41:5d:d9:e0:e0:d7:cb:f1:0c:78:30:46:89:64:f2:
d5:cc:18:55:a8:f9:91:dc:a4:60:4d:fa:f8:49:55:
77:8a:ac:38:2f:b3:16:a6:fe:80:be:eb:f1:2f:16:
ab:c1:a8:02:10:1a:05:08:4e:be:f2:40:50:2e:b8:
fa:5f:2f:94:fd:8c:b5:66:e1:e3:6f:b8:b9:57:0a:
19:4b:6d:e8:03:c5:df:8b:15:8e:e7:92:8a:d6:d1:
15:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:0F:1A:1C:1E:93:A2:74:FD:69:92:75:29:F9:91:FB:4B:C7:9A:BC
X509v3 Authority Key Identifier:
keyid:35:37:19:96:DC:55:5A:98:40:4C:7E:E7:12:EE:29:3F:F6:04:53:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NTcZltxVWphATH7nEu4pP_YEU4M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/ce9aa9-8793-4863-a059-5a284064fdb6/1/QA8aHB6TonT9aZJ1KfmR-0vHmrw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/ce9aa9-8793-4863-a059-5a284064fdb6/1/NTcZltxVWphATH7nEu4pP_YEU4M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.223.178.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:c4:fc:69:4e:c4:6c:37:a6:b0:d6:6c:27:26:80:3e:fd:88:
a0:0d:88:06:51:74:16:7d:06:f8:e3:cc:7e:7a:fe:f8:d3:16:
56:1a:15:f4:b7:64:b5:28:c4:29:ef:7d:ab:4b:ce:73:c1:f8:
e4:91:d3:14:16:b2:5c:eb:ea:e9:de:f0:a4:e2:a1:6d:57:9e:
48:59:d1:89:93:f5:d2:69:dc:06:11:0c:37:a4:cb:eb:f5:bb:
67:42:2b:9d:c8:da:3d:22:26:38:d2:fe:f3:55:cb:2e:83:cb:
0f:38:98:81:31:ee:fb:cf:5e:9f:af:8b:db:62:12:e5:e1:23:
fd:66:ac:78:1e:62:23:85:b6:cb:b2:cb:70:19:8d:32:f2:68:
fe:8f:91:dc:9e:87:2a:2e:8d:8e:e7:1d:2c:3d:9d:b1:2c:22:
f7:7d:4b:e0:01:f1:37:f3:31:57:d5:41:92:80:27:69:c5:0d:
2c:57:b1:2f:4e:58:db:8e:4a:80:d0:bd:6e:20:f2:eb:de:8c:
37:99:b6:21:81:b4:51:5b:00:2f:eb:b6:3e:6d:e7:5f:38:0a:
54:17:89:76:86:5a:6a:8e:a1:70:90:8e:88:18:1f:c3:e9:83:
0b:16:fe:2a:cb:50:6e:25:6d:6c:6c:ed:eb:4e:39:36:d7:60:
2b:34:f8:4a
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA56hbTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NTM3MTk5NmRjNTU1YTk4NDA0YzdlZTcxMmVlMjkzZmY2MDQ1MzgzMB4XDTIyMDEw
MTEzMDIzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDAwZjFhMWMxZTkz
YTI3NGZkNjk5Mjc1MjlmOTkxZmI0YmM3OWFiYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALGBtMOrttL+amWsUW4hmJ0iVG2+L5574yYjKLCvZYtF6+CM
YDT/FrTkr8Hg3VZk1e4bOtCaujUeLwaJft1x1fHM9QNP80kp9fr2cPTfxRSrETvZ
iZHU0mZjsCKnwtlN2/0TftQh1gt28SFGc9hfDlTTlhNSLyT8MqHIv8iCMCHajjAD
xVXm4040+nYw3WV7IN8bFdADoOMe/ZoOXp8Oxu9OJY7bQV3Z4ODXy/EMeDBGiWTy
1cwYVaj5kdykYE36+ElVd4qsOC+zFqb+gL7r8S8Wq8GoAhAaBQhOvvJAUC64+l8v
lP2MtWbh42+4uVcKGUtt6APF34sVjueSitbRFb8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRADxocHpOidP1pknUp+ZH7S8eavDAfBgNVHSMEGDAWgBQ1NxmW3FVamEBM
fucS7ik/9gRTgzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05UY1psdHhWV3BoQVRIN25FdTRwUF9ZRVU0TS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTgvY2U5YWE5LTg3OTMtNDg2My1hMDU5LTVhMjg0MDY0ZmRiNi8x
L1FBOGFIQjZUb25UOWFaSjFLZm1SLTB2SG1ydy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTgv
Y2U5YWE5LTg3OTMtNDg2My1hMDU5LTVhMjg0MDY0ZmRiNi8xL05UY1psdHhWV3Bo
QVRIN25FdTRwUF9ZRVU0TS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFvfsjANBgkqhkiG9w0BAQsFAAOC
AQEALsT8aU7EbDemsNZsJyaAPv2IoA2IBlF0Fn0G+OPMfnr++NMWVhoV9LdktSjE
Ke99q0vOc8H45JHTFBayXOvq6d7wpOKhbVeeSFnRiZP10mncBhEMN6TL6/W7Z0Ir
ncjaPSImONL+81XLLoPLDziYgTHu+89en6+L22IS5eEj/WaseB5iI4W2y7LLcBmN
MvJo/o+R3J6HKi6NjucdLD2dsSwi931L4AHxN/MxV9VBkoAnacUNLFexL05Y245K
gNC9biDy696MN5m2IYG0UVsAL+u2Pm3nXzgKVBeJdoZaao6hcJCOiBgfw+mDCxb+
KstQbiVtbGzt6045NtdgKzT4Sg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:13 2024 by rpki-client on console-fra.rpki-client.org