Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/8e79ab-ba83-44cb-aec0-0990ce7481e7/1/QnMhqcDitcdGh1s-NcTWYUTzFig.roa
File: QnMhqcDitcdGh1s-NcTWYUTzFig.roa (raw, json)
Hash identifier: cJZ8ezGtyuv66IOhJrQBltEfsmRBs9oZ0LH5aBHIIUw=
Subject key identifier: 42:73:21:A9:C0:E2:B5:C7:46:87:5B:3E:35:C4:D6:61:44:F3:16:28
Certificate issuer: /CN=bc15921f5ba6bd147ff400117aa9738633f1587d
Certificate serial: 36DB9AB0
Authority key identifier: BC:15:92:1F:5B:A6:BD:14:7F:F4:00:11:7A:A9:73:86:33:F1:58:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vBWSH1umvRR_9AAReqlzhjPxWH0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/8e79ab-ba83-44cb-aec0-0990ce7481e7/1/QnMhqcDitcdGh1s-NcTWYUTzFig.roa
Signing time: Sat 01 Jan 2022 16:01:37 +0000
ROA not before: Sat 01 Jan 2022 16:01:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1756
IP address blocks: 178.173.178.0/24 maxlen: 24
178.173.179.0/24 maxlen: 24
178.173.176.0/24 maxlen: 24
178.173.177.0/24 maxlen: 24
178.173.173.0/24 maxlen: 24
178.173.186.0/24 maxlen: 24
178.173.192.0/24 maxlen: 24
178.173.199.0/24 maxlen: 24
178.173.197.0/24 maxlen: 24
178.173.198.0/24 maxlen: 24
178.173.193.0/24 maxlen: 24
178.173.195.0/24 maxlen: 24
178.173.196.0/24 maxlen: 24
178.173.194.0/24 maxlen: 24
178.173.206.0/24 maxlen: 24
178.173.204.0/24 maxlen: 24
178.173.205.0/24 maxlen: 24
178.173.200.0/24 maxlen: 24
178.173.202.0/24 maxlen: 24
178.173.203.0/24 maxlen: 24
178.173.201.0/24 maxlen: 24
178.173.207.0/24 maxlen: 24
178.173.209.0/24 maxlen: 24
178.173.210.0/24 maxlen: 24
178.173.208.0/24 maxlen: 24
178.173.213.0/24 maxlen: 24
178.173.211.0/24 maxlen: 24
178.173.212.0/24 maxlen: 24
178.173.218.0/24 maxlen: 24
178.173.219.0/24 maxlen: 24
178.173.216.0/24 maxlen: 24
178.173.217.0/24 maxlen: 24
178.173.214.0/24 maxlen: 24
178.173.215.0/24 maxlen: 24
178.173.220.0/24 maxlen: 24
178.173.223.0/24 maxlen: 24
178.173.221.0/24 maxlen: 24
178.173.222.0/24 maxlen: 24
178.173.129.0/24 maxlen: 24
178.173.130.0/24 maxlen: 24
178.173.128.0/24 maxlen: 24
178.173.131.0/24 maxlen: 24
178.173.132.0/24 maxlen: 24
178.173.135.0/24 maxlen: 24
178.173.133.0/24 maxlen: 24
178.173.134.0/24 maxlen: 24
178.173.143.0/24 maxlen: 24
178.173.144.0/24 maxlen: 24
178.173.141.0/24 maxlen: 24
178.173.142.0/24 maxlen: 24
178.173.145.0/24 maxlen: 24
178.173.150.0/24 maxlen: 24
178.173.151.0/24 maxlen: 24
178.173.148.0/24 maxlen: 24
178.173.149.0/24 maxlen: 24
178.173.152.0/24 maxlen: 24
178.173.147.0/24 maxlen: 24
178.173.146.0/24 maxlen: 24
178.173.154.0/24 maxlen: 24
178.173.153.0/24 maxlen: 24
178.173.157.0/24 maxlen: 24
178.173.158.0/24 maxlen: 24
178.173.155.0/24 maxlen: 24
178.173.156.0/24 maxlen: 24
178.173.159.0/24 maxlen: 24
178.173.164.0/24 maxlen: 24
178.173.165.0/24 maxlen: 24
178.173.162.0/24 maxlen: 24
178.173.163.0/24 maxlen: 24
178.173.166.0/24 maxlen: 24
178.173.161.0/24 maxlen: 24
178.173.160.0/24 maxlen: 24
178.173.171.0/24 maxlen: 24
178.173.172.0/24 maxlen: 24
178.173.170.0/24 maxlen: 24
178.173.167.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 920361648 (0x36db9ab0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc15921f5ba6bd147ff400117aa9738633f1587d
Validity
Not Before: Jan 1 16:01:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=427321a9c0e2b5c746875b3e35c4d66144f31628
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:99:c5:eb:bf:07:31:06:fb:45:ef:db:44:15:
52:26:45:34:6c:cd:1c:29:05:e9:3b:6b:b5:b8:ca:
5f:7e:c9:2f:50:08:f9:e6:45:45:59:4a:63:d8:dc:
f1:e0:79:fb:fc:23:ff:03:b1:c4:19:70:f7:ed:c2:
db:96:40:6c:a3:2c:61:11:7b:72:7c:ee:2c:10:cd:
57:89:f4:c4:1e:6b:df:79:14:12:b1:56:27:36:ef:
34:b5:f2:75:ac:ba:d6:d3:67:f4:68:6a:01:b3:b5:
43:6f:31:97:04:40:8a:7b:c3:b3:c6:8b:e6:24:39:
24:55:bf:36:02:29:91:9c:2c:63:04:4b:ae:f7:f2:
24:05:0d:d4:42:4f:c2:fc:16:d2:5c:ff:c6:5f:81:
18:a2:af:a2:53:10:dc:5b:2c:e2:db:e0:ac:53:b9:
4e:b4:0e:78:30:40:e2:cd:14:1d:de:ff:95:3f:3e:
a6:3a:84:8b:59:06:ab:46:b4:6a:fb:66:5b:5d:0e:
b9:e8:d3:bf:7d:cf:47:8d:13:03:08:32:52:27:13:
8f:76:69:0a:f5:71:7f:04:c0:34:8d:4c:97:d4:88:
6e:8a:b5:05:c1:fa:12:71:01:5e:3e:8c:3a:9b:f4:
99:9a:f3:c3:0d:fd:e2:32:e7:84:b8:69:30:95:f3:
c5:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:73:21:A9:C0:E2:B5:C7:46:87:5B:3E:35:C4:D6:61:44:F3:16:28
X509v3 Authority Key Identifier:
keyid:BC:15:92:1F:5B:A6:BD:14:7F:F4:00:11:7A:A9:73:86:33:F1:58:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vBWSH1umvRR_9AAReqlzhjPxWH0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/8e79ab-ba83-44cb-aec0-0990ce7481e7/1/QnMhqcDitcdGh1s-NcTWYUTzFig.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/8e79ab-ba83-44cb-aec0-0990ce7481e7/1/vBWSH1umvRR_9AAReqlzhjPxWH0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.173.128.0/21
178.173.141.0-178.173.167.255
178.173.170.0-178.173.173.255
178.173.176.0/22
178.173.186.0/24
178.173.192.0/19
Signature Algorithm: sha256WithRSAEncryption
4f:bb:7c:9f:f3:74:20:47:99:4b:5a:90:48:cc:93:9a:34:9e:
03:14:8d:4e:19:07:12:1a:46:9d:47:ec:8d:2c:8e:76:52:3a:
2a:2d:0c:a9:57:ca:1d:2d:30:8f:6d:d6:90:34:29:37:e0:11:
39:2f:40:b0:60:86:23:5c:d9:6f:a2:d3:7a:f3:55:df:14:3c:
6d:dd:7c:23:c6:e3:67:e9:9f:ea:dd:3f:29:a1:1a:d4:17:8d:
4e:42:44:fb:52:cf:eb:37:b1:0b:09:7c:ba:e8:45:77:d8:52:
fd:c3:99:26:f6:f4:5a:57:40:cc:52:bb:c7:52:53:01:8a:62:
43:56:af:ec:87:ba:17:ce:c5:e0:4f:3b:32:f6:6b:75:7b:ff:
90:d5:5f:d0:a2:3d:f9:9e:fa:d0:eb:1d:29:19:ac:78:59:ee:
03:93:01:d2:34:a4:4c:99:d9:ec:4d:23:7e:d7:64:35:42:a2:
49:61:ee:ed:c9:44:86:11:e2:0a:6d:ca:8c:04:18:e3:e6:87:
d8:d8:01:61:17:bd:2f:50:4c:18:a1:97:a7:e4:e8:52:f8:22:
e2:7d:b9:88:87:be:7f:25:12:ac:04:1f:bf:8f:24:29:45:33:
46:53:50:bb:32:72:90:02:38:77:90:9a:a3:f4:40:a6:7a:bc:
f8:51:d5:e4
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgIENtuasDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
YzE1OTIxZjViYTZiZDE0N2ZmNDAwMTE3YWE5NzM4NjMzZjE1ODdkMB4XDTIyMDEw
MTE2MDEzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDI3MzIxYTljMGUy
YjVjNzQ2ODc1YjNlMzVjNGQ2NjE0NGYzMTYyODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI6Zxeu/BzEG+0Xv20QVUiZFNGzNHCkF6TtrtbjKX37JL1AI
+eZFRVlKY9jc8eB5+/wj/wOxxBlw9+3C25ZAbKMsYRF7cnzuLBDNV4n0xB5r33kU
ErFWJzbvNLXyday61tNn9GhqAbO1Q28xlwRAinvDs8aL5iQ5JFW/NgIpkZwsYwRL
rvfyJAUN1EJPwvwW0lz/xl+BGKKvolMQ3Fss4tvgrFO5TrQOeDBA4s0UHd7/lT8+
pjqEi1kGq0a0avtmW10OuejTv33PR40TAwgyUicTj3ZpCvVxfwTANI1Ml9SIboq1
BcH6EnEBXj6MOpv0mZrzww394jLnhLhpMJXzxU8CAwEAAaOCAjcwggIzMB0GA1Ud
DgQWBBRCcyGpwOK1x0aHWz41xNZhRPMWKDAfBgNVHSMEGDAWgBS8FZIfW6a9FH/0
ABF6qXOGM/FYfTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3ZCV1NIMXVtdlJSXzlBQVJlcWx6aGpQeFdIMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDQvOGU3OWFiLWJhODMtNDRjYi1hZWMwLTA5OTBjZTc0ODFlNy8x
L1FuTWhxY0RpdGNkR2gxcy1OY1RXWVVUekZpZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDQv
OGU3OWFiLWJhODMtNDRjYi1hZWMwLTA5OTBjZTc0ODFlNy8xL3ZCV1NIMXVtdlJS
XzlBQVJlcWx6aGpQeFdIMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBN
BggrBgEFBQcBBwEB/wQ+MDwwOgQCAAEwNAMEA7KtgDAMAwQAsq2NAwQDsq2gMAwD
BAGyraoDBAGyrawDBAKyrbADBACyrboDBAWyrcAwDQYJKoZIhvcNAQELBQADggEB
AE+7fJ/zdCBHmUtakEjMk5o0ngMUjU4ZBxIaRp1H7I0sjnZSOiotDKlXyh0tMI9t
1pA0KTfgETkvQLBghiNc2W+i03rzVd8UPG3dfCPG42fpn+rdPymhGtQXjU5CRPtS
z+s3sQsJfLroRXfYUv3DmSb29FpXQMxSu8dSUwGKYkNWr+yHuhfOxeBPOzL2a3V7
/5DVX9CiPfme+tDrHSkZrHhZ7gOTAdI0pEyZ2exNI37XZDVCoklh7u3JRIYR4gpt
yowEGOPmh9jYAWEXvS9QTBihl6fk6FL4IuJ9uYiHvn8lEqwEH7+PJClFM0ZTULsy
cpACOHeQmqP0QKZ6vPhR1eQ=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:33:49 2025 by rpki-client