Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/QNISPP88RdR1gL42qYxIHuyA0J8.roa
File: QNISPP88RdR1gL42qYxIHuyA0J8.roa (raw, json)
Hash identifier: Cwin9moJh7aR1GS8vMLpJz9gMht6zNBIwaCS1TISTIg=
Subject key identifier: 40:D2:12:3C:FF:3C:45:D4:75:80:BE:36:A9:8C:48:1E:EC:80:D0:9F
Certificate issuer: /CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Certificate serial: 0B48FEF6
Authority key identifier: FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/QNISPP88RdR1gL42qYxIHuyA0J8.roa
Signing time: Sat 01 Jan 2022 13:04:59 +0000
ROA not before: Sat 01 Jan 2022 13:04:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41494
IP address blocks: 185.1.36.0/24 maxlen: 24
185.86.67.0/24 maxlen: 24
195.95.178.0/24 maxlen: 24
2a05:b680:11::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 189333238 (0xb48fef6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Validity
Not Before: Jan 1 13:04:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=40d2123cff3c45d47580be36a98c481eec80d09f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:2c:65:f2:e7:a7:f6:c5:3b:0f:ce:5a:b3:6a:
ce:25:f1:5b:ef:81:b2:a2:7d:28:9a:3d:5f:cb:10:
38:72:85:ab:e7:f7:df:5a:3d:2e:02:7d:62:3a:ac:
3d:d0:54:39:78:f4:12:ed:2e:0d:3e:3f:dd:bc:18:
9f:00:b0:fe:e9:5c:a6:95:2b:8e:a8:f4:f3:d5:94:
06:5b:c8:85:c3:44:47:a6:3a:7f:cb:2e:f4:1b:f2:
d1:0d:50:89:27:f9:bf:29:8c:0b:8a:86:ec:f8:15:
ef:ba:81:38:22:9f:a6:44:43:bd:4a:f1:e4:11:69:
f2:34:96:42:34:36:1b:73:ad:92:80:78:01:60:f2:
08:eb:d2:5b:a5:9d:d7:c4:aa:65:14:c1:ec:f2:77:
8d:28:a1:5a:b5:ac:54:a5:49:10:5b:70:ac:21:1f:
f8:b7:1f:25:d7:fb:55:a5:d5:bf:1a:01:fc:03:b8:
c7:67:a2:31:d4:91:6f:2e:8b:b2:e3:d1:7c:db:74:
4f:93:40:78:63:b4:a3:ad:fe:11:b1:9c:d6:cf:2e:
6b:1e:c3:ea:0b:ad:8e:f9:cd:7e:bc:d6:c2:ac:9b:
b8:34:ea:40:df:79:48:18:fe:ee:ae:03:0f:ed:7b:
be:18:38:d2:7f:13:4c:51:be:66:a5:ae:78:86:b6:
53:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:D2:12:3C:FF:3C:45:D4:75:80:BE:36:A9:8C:48:1E:EC:80:D0:9F
X509v3 Authority Key Identifier:
keyid:FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/QNISPP88RdR1gL42qYxIHuyA0J8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.1.36.0/24
185.86.67.0/24
195.95.178.0/24
IPv6:
2a05:b680:11::/48
Signature Algorithm: sha256WithRSAEncryption
99:e8:e2:6f:3a:88:b0:25:c7:39:35:49:c1:54:63:97:e4:f8:
9f:cc:c5:5f:c9:fd:21:c3:6a:88:5b:0c:75:ae:90:2d:58:69:
fe:77:81:f4:a3:2a:a2:62:f4:72:90:0f:5f:a1:16:14:1c:0b:
da:4f:4b:76:dc:9d:aa:31:18:f1:1b:48:06:d2:04:d9:5d:e3:
83:80:c6:d4:c7:fe:57:2b:2c:1c:82:cf:6c:87:37:e5:95:10:
92:09:65:23:6b:ba:ba:18:6c:69:78:63:f0:04:13:44:26:07:
0f:03:23:75:ed:2c:ea:d7:f6:c6:24:1c:35:93:94:ed:79:68:
12:e2:25:1f:c5:3e:65:b8:ff:47:fd:be:d6:ca:31:d1:02:39:
d2:ae:03:77:db:e0:c0:ff:1c:14:97:d1:28:94:05:be:26:dd:
82:ea:14:d4:31:e7:c6:52:a0:65:7a:c8:16:62:a5:f9:68:75:
ea:17:e0:6b:68:63:5e:64:02:e7:d5:ab:9c:5c:cd:6f:2a:da:
60:c2:fc:e3:82:35:75:39:78:a6:27:57:df:78:2a:01:f8:f1:
14:2a:6f:3b:29:59:4f:e4:de:62:9a:44:92:20:5f:78:d0:5f:
cb:13:8a:44:10:b7:24:3a:b0:ee:54:6a:52:8a:0b:c0:0e:20:
57:71:49:a8
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIEC0j+9jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ZTU4OTUyZDM5MzkzNWYwZDNiY2U4MTRmZDkxNzhkMDQ2OTNhZWI5MB4XDTIyMDEw
MTEzMDQ1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDBkMjEyM2NmZjNj
NDVkNDc1ODBiZTM2YTk4YzQ4MWVlYzgwZDA5ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKwsZfLnp/bFOw/OWrNqziXxW++BsqJ9KJo9X8sQOHKFq+f3
31o9LgJ9YjqsPdBUOXj0Eu0uDT4/3bwYnwCw/ulcppUrjqj089WUBlvIhcNER6Y6
f8su9Bvy0Q1QiSf5vymMC4qG7PgV77qBOCKfpkRDvUrx5BFp8jSWQjQ2G3OtkoB4
AWDyCOvSW6Wd18SqZRTB7PJ3jSihWrWsVKVJEFtwrCEf+LcfJdf7VaXVvxoB/AO4
x2eiMdSRby6LsuPRfNt0T5NAeGO0o63+EbGc1s8uax7D6gutjvnNfrzWwqybuDTq
QN95SBj+7q4DD+17vhg40n8TTFG+ZqWueIa2U3UCAwEAAaOCAiYwggIiMB0GA1Ud
DgQWBBRA0hI8/zxF1HWAvjapjEge7IDQnzAfBgNVHSMEGDAWgBT+WJUtOTk18NO8
6BT9kXjQRpOuuTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L19saVZMVGs1TmZEVHZPZ1VfWkY0MEVhVHJyay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzAvYjI2YWE4LWFjZTctNGZhNi05ZThlLTVkNDhiNjVjZTU3My8x
L1FOSVNQUDg4UmRSMWdMNDJxWXhJSHV5QTBKOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzAv
YjI2YWE4LWFjZTctNGZhNi05ZThlLTVkNDhiNjVjZTU3My8xL19saVZMVGs1TmZE
VHZPZ1VfWkY0MEVhVHJyay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA8
BggrBgEFBQcBBwEB/wQtMCswGAQCAAEwEgMEALkBJAMEALlWQwMEAMNfsjAPBAIA
AjAJAwcAKgW2gAARMA0GCSqGSIb3DQEBCwUAA4IBAQCZ6OJvOoiwJcc5NUnBVGOX
5PifzMVfyf0hw2qIWwx1rpAtWGn+d4H0oyqiYvRykA9foRYUHAvaT0t23J2qMRjx
G0gG0gTZXeODgMbUx/5XKywcgs9shzfllRCSCWUja7q6GGxpeGPwBBNEJgcPAyN1
7Szq1/bGJBw1k5TteWgS4iUfxT5luP9H/b7WyjHRAjnSrgN32+DA/xwUl9EolAW+
Jt2C6hTUMefGUqBlesgWYqX5aHXqF+BraGNeZALn1aucXM1vKtpgwvzjgjV1OXim
J1ffeCoB+PEUKm87KVlP5N5imkSSIF940F/LE4pEELckOrDuVGpSigvADiBXcUmo
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:08 2023 by rpki-client on console-fra.rpki-client.org