Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qPwRocsd2-mLBpz0xJ7W82GKXt4.roa
File: qPwRocsd2-mLBpz0xJ7W82GKXt4.roa (raw, json)
Hash identifier: ewdZ8j+BRXamEK5tMrG4MaTthMp55DezZDXGnRKIm30=
Subject key identifier: A8:FC:11:A1:CB:1D:DB:E9:8B:06:9C:F4:C4:9E:D6:F3:61:8A:5E:DE
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 0184A8AA7E8D4A0E1326564166548BA7CE46
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qPwRocsd2-mLBpz0xJ7W82GKXt4.roa
Signing time: Thu 24 Nov 2022 08:04:16 +0000
ROA not before: Thu 24 Nov 2022 08:04:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 21016
IP address blocks: 185.176.118.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:a8:aa:7e:8d:4a:0e:13:26:56:41:66:54:8b:a7:ce:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Nov 24 08:04:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a8fc11a1cb1ddbe98b069cf4c49ed6f3618a5ede
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:53:db:89:77:fd:8b:f0:1e:3a:e6:74:9b:95:
e4:12:76:9b:08:db:5f:95:eb:b4:0d:73:da:86:14:
88:cc:58:44:39:62:0d:0c:68:cf:6d:ef:25:b4:96:
7f:d0:4a:d0:b4:ff:06:13:5d:9d:b3:e3:7b:a1:6d:
e1:5d:ce:8a:b7:fb:69:89:f8:77:bf:9d:9e:c6:e4:
37:04:f4:3e:36:96:ab:d9:95:54:1b:ce:c9:5b:cf:
92:f8:b2:72:eb:87:b6:bf:9b:d1:03:31:c3:c2:a1:
3d:4e:92:be:6a:63:57:8d:2d:ee:42:c9:5c:e6:fd:
28:19:a6:80:db:c7:47:d9:a4:df:05:92:8e:7b:3d:
e0:84:9e:51:1c:cb:03:f4:c4:ae:af:48:35:ad:88:
a1:63:5f:b6:3b:bc:8d:f4:12:81:41:5c:c7:4a:19:
ae:f8:0a:79:7b:3a:b5:31:d2:20:83:7f:99:b0:9d:
ad:f5:f6:8a:8e:62:b5:c8:b0:74:c8:98:c8:f5:a3:
71:dc:7d:f1:e1:f6:bd:28:a8:2e:a5:51:c6:94:f5:
12:1c:ba:b6:d5:0c:dc:41:f7:e7:a4:24:32:a7:a3:
66:d0:42:1e:4e:c1:59:c3:a7:af:16:7a:f0:7d:3c:
57:48:bb:cd:12:82:eb:6d:fc:cd:58:b8:d8:d2:cb:
bf:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:FC:11:A1:CB:1D:DB:E9:8B:06:9C:F4:C4:9E:D6:F3:61:8A:5E:DE
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qPwRocsd2-mLBpz0xJ7W82GKXt4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.176.118.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:96:be:ee:eb:25:e6:e0:b8:e2:ae:b4:16:64:72:a9:75:20:
11:b3:70:af:78:75:89:27:56:96:74:c3:42:98:b4:83:7c:23:
48:0a:9e:57:f6:8a:97:c8:c3:45:93:14:fd:69:b9:f9:fe:d9:
4c:da:74:cb:94:7a:6c:c4:4d:b6:79:18:3e:27:b4:98:5b:20:
91:96:f8:35:06:63:12:e8:fd:af:40:70:a4:82:39:8f:60:0d:
c0:4a:d4:cf:84:45:c5:d0:39:8e:b7:71:38:45:92:0d:5a:5c:
29:40:8c:e0:95:75:a2:12:9c:aa:45:4b:cc:dd:5d:16:f3:59:
73:73:b6:59:29:e6:a1:79:fe:d2:8c:36:c3:5e:ad:66:a4:aa:
47:7f:3b:bc:79:68:6a:34:5d:ac:fb:65:ed:b0:05:f6:6f:0e:
44:e2:ee:1d:d5:88:41:79:88:6a:d9:57:22:3b:2e:b3:af:23:
bd:a0:4d:2e:72:fb:89:18:43:78:ef:41:e4:a3:b0:53:32:46:
ea:bf:89:3b:fa:16:2a:cf:e0:6d:e8:f0:5b:08:1f:c8:fc:01:
5a:ba:aa:3b:99:85:cf:3a:bc:d3:73:db:e1:eb:ed:66:be:02:
17:73:7f:e9:e0:0b:d2:ef:28:a1:5e:5b:23:49:e7:ad:40:0c:
ed:25:e3:3d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYSoqn6NSg4TJlZBZlSLp85GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjIxMTI0MDgwNDE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGZjMTFhMWNiMWRkYmU5OGIwNjljZjRjNDllZDZmMzYxOGE1ZWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhlPbiXf9i/AeOuZ0m5XkEnabCNtf
leu0DXPahhSIzFhEOWINDGjPbe8ltJZ/0ErQtP8GE12ds+N7oW3hXc6Kt/tpifh3
v52exuQ3BPQ+Npar2ZVUG87JW8+S+LJy64e2v5vRAzHDwqE9TpK+amNXjS3uQslc
5v0oGaaA28dH2aTfBZKOez3ghJ5RHMsD9MSur0g1rYihY1+2O7yN9BKBQVzHShmu
+Ap5ezq1MdIgg3+ZsJ2t9faKjmK1yLB0yJjI9aNx3H3x4fa9KKgupVHGlPUSHLq2
1QzcQffnpCQyp6Nm0EIeTsFZw6evFnrwfTxXSLvNEoLrbfzNWLjY0su/AQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKj8EaHLHdvpiwac9MSe1vNhil7eMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvcVB3Um9jc2QyLW1MQnB6MHhKN1c4MkdLWHQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAubB2MA0G
CSqGSIb3DQEBCwUAA4IBAQB8lr7u6yXm4LjirrQWZHKpdSARs3CveHWJJ1aWdMNC
mLSDfCNICp5X9oqXyMNFkxT9abn5/tlM2nTLlHpsxE22eRg+J7SYWyCRlvg1BmMS
6P2vQHCkgjmPYA3AStTPhEXF0DmOt3E4RZINWlwpQIzglXWiEpyqRUvM3V0W81lz
c7ZZKeahef7SjDbDXq1mpKpHfzu8eWhqNF2s+2XtsAX2bw5E4u4d1YhBeYhq2Vci
Oy6zryO9oE0ucvuJGEN470Hko7BTMkbqv4k7+hYqz+Bt6PBbCB/I/AFauqo7mYXP
OrzTc9vh6+1mvgIXc3/p4AvS7yihXlsjSeetQAztJeM9
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:43:46 2023 by rpki-client on console-fra.rpki-client.org