Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/8cec28-8a86-4f69-8f68-c532349a7757/1/QzVZbhjmJemV7JlzanUkVkUkLrE.roa
File: QzVZbhjmJemV7JlzanUkVkUkLrE.roa (raw, json)
Hash identifier: nT4UITrcPsgOOa9lzZ2CDQPyWQUp4Ua6F46lt/reM10=
Subject key identifier: 43:35:59:6E:18:E6:25:E9:95:EC:99:73:6A:75:24:56:45:24:2E:B1
Certificate issuer: /CN=ceac024ffd8df4918741f754c0db218ee7b2748d
Certificate serial: 0171F946
Authority key identifier: CE:AC:02:4F:FD:8D:F4:91:87:41:F7:54:C0:DB:21:8E:E7:B2:74:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zqwCT_2N9JGHQfdUwNshjueydI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/8cec28-8a86-4f69-8f68-c532349a7757/1/QzVZbhjmJemV7JlzanUkVkUkLrE.roa
Signing time: Sat 01 Jan 2022 11:56:19 +0000
ROA not before: Sat 01 Jan 2022 11:56:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43201
IP address blocks: 195.60.236.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 24246598 (0x171f946)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ceac024ffd8df4918741f754c0db218ee7b2748d
Validity
Not Before: Jan 1 11:56:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4335596e18e625e995ec99736a75245645242eb1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:4a:43:22:af:43:23:7a:8b:95:1e:a3:25:60:
17:e4:0c:53:a0:a2:80:71:6c:09:97:b4:13:e3:f3:
30:85:83:57:98:eb:18:3b:6f:9f:f9:bc:0f:c5:cc:
0f:bc:0a:b4:e2:2c:25:d9:cb:a2:a5:10:d3:23:9d:
bc:0c:cc:d6:03:e1:57:a4:84:19:68:e4:97:d3:3b:
0d:b3:ac:5f:83:3f:a2:ff:74:a6:0b:fd:36:ff:0e:
18:8d:b5:17:ad:36:b2:d0:91:65:e0:ba:41:31:2a:
11:74:5b:d7:a4:08:4b:38:4c:1b:d9:8f:85:da:e9:
1c:3f:c4:f6:e0:48:d2:de:0f:df:7d:0a:b1:d0:0f:
77:27:32:ad:39:58:9d:b5:6b:6d:3d:5a:be:e8:ea:
55:a1:d3:27:13:2b:49:3d:41:8d:cf:c3:5d:f1:b2:
1a:0b:fe:07:a5:f3:cb:1e:33:fb:ec:c6:fe:19:cc:
39:ca:12:17:c0:1f:ad:a7:49:96:22:f2:3c:a5:78:
ac:99:45:49:f1:f2:1f:58:30:cf:59:1a:9a:03:4c:
8a:4d:64:ff:62:77:f5:d7:59:07:e9:6e:17:b6:b6:
2e:9e:97:66:0c:59:99:14:2e:6c:37:4a:28:8f:a3:
84:61:60:e8:d1:aa:d5:41:65:bf:e2:50:91:39:d8:
29:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:35:59:6E:18:E6:25:E9:95:EC:99:73:6A:75:24:56:45:24:2E:B1
X509v3 Authority Key Identifier:
keyid:CE:AC:02:4F:FD:8D:F4:91:87:41:F7:54:C0:DB:21:8E:E7:B2:74:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zqwCT_2N9JGHQfdUwNshjueydI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/8cec28-8a86-4f69-8f68-c532349a7757/1/QzVZbhjmJemV7JlzanUkVkUkLrE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/8cec28-8a86-4f69-8f68-c532349a7757/1/zqwCT_2N9JGHQfdUwNshjueydI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.60.236.0/24
Signature Algorithm: sha256WithRSAEncryption
22:16:7f:5f:f1:71:b9:6c:81:9a:38:3e:8a:22:8e:6a:62:b0:
8d:89:a2:27:65:3b:b9:2f:5e:03:ad:4a:b6:30:fa:62:4a:95:
f9:79:5e:69:d5:5b:0b:bf:5a:d8:17:e1:75:6f:36:64:4a:8e:
74:40:75:c7:13:e7:99:6e:c3:d2:e6:5a:15:6b:3f:88:38:8d:
45:21:d2:8a:69:d7:4d:a4:d6:12:13:a6:bb:be:b9:7d:99:c9:
62:4b:df:f4:41:7c:f1:f9:a0:58:b7:04:08:a6:dd:d4:fe:bf:
37:59:3b:d3:fc:fa:dd:cb:5d:34:f1:c5:92:69:3a:77:ba:19:
2d:4f:30:a4:02:92:fe:18:71:77:cc:21:3c:f6:ca:a6:55:40:
44:7f:22:90:d8:ed:88:b7:2c:26:40:eb:07:8a:c3:23:da:27:
29:8d:21:37:e4:68:af:b3:4d:74:58:f6:ec:66:52:1e:87:15:
0d:27:3f:f3:b3:ab:f8:b2:04:f2:25:f6:3e:a4:68:3a:ba:30:
c5:f4:09:07:6a:7b:c9:89:70:da:55:21:ee:68:e1:ed:ef:dc:
0f:d7:c7:1c:29:e3:ec:0f:ab:d2:01:16:68:ce:1f:d6:54:43:
96:19:1d:07:4c:b5:00:b4:9f:90:0a:73:76:eb:58:e1:e4:8b:
12:5c:1f:5b
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAXH5RjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
ZWFjMDI0ZmZkOGRmNDkxODc0MWY3NTRjMGRiMjE4ZWU3YjI3NDhkMB4XDTIyMDEw
MTExNTYxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDMzNTU5NmUxOGU2
MjVlOTk1ZWM5OTczNmE3NTI0NTY0NTI0MmViMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMFKQyKvQyN6i5UeoyVgF+QMU6CigHFsCZe0E+PzMIWDV5jr
GDtvn/m8D8XMD7wKtOIsJdnLoqUQ0yOdvAzM1gPhV6SEGWjkl9M7DbOsX4M/ov90
pgv9Nv8OGI21F602stCRZeC6QTEqEXRb16QISzhMG9mPhdrpHD/E9uBI0t4P330K
sdAPdycyrTlYnbVrbT1avujqVaHTJxMrST1Bjc/DXfGyGgv+B6Xzyx4z++zG/hnM
OcoSF8AfradJliLyPKV4rJlFSfHyH1gwz1kamgNMik1k/2J39ddZB+luF7a2Lp6X
ZgxZmRQubDdKKI+jhGFg6NGq1UFlv+JQkTnYKV0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRDNVluGOYl6ZXsmXNqdSRWRSQusTAfBgNVHSMEGDAWgBTOrAJP/Y30kYdB
91TA2yGO57J0jTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3pxd0NUXzJOOUpHSFFmZFV3TnNoanVleWRJMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjEvOGNlYzI4LThhODYtNGY2OS04ZjY4LWM1MzIzNDlhNzc1Ny8x
L1F6VlpiaGptSmVtVjdKbHphblVrVmtVa0xyRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjEv
OGNlYzI4LThhODYtNGY2OS04ZjY4LWM1MzIzNDlhNzc1Ny8xL3pxd0NUXzJOOUpH
SFFmZFV3TnNoanVleWRJMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMM87DANBgkqhkiG9w0BAQsFAAOC
AQEAIhZ/X/FxuWyBmjg+iiKOamKwjYmiJ2U7uS9eA61KtjD6YkqV+XleadVbC79a
2BfhdW82ZEqOdEB1xxPnmW7D0uZaFWs/iDiNRSHSimnXTaTWEhOmu765fZnJYkvf
9EF88fmgWLcECKbd1P6/N1k70/z63ctdNPHFkmk6d7oZLU8wpAKS/hhxd8whPPbK
plVARH8ikNjtiLcsJkDrB4rDI9onKY0hN+Ror7NNdFj27GZSHocVDSc/87Or+LIE
8iX2PqRoOrowxfQJB2p7yYlw2lUh7mjh7e/cD9fHHCnj7A+r0gEWaM4f1lRDlhkd
B0y1ALSfkApzdutY4eSLElwfWw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:59 2023 by rpki-client on console-ams.rpki-client.org