Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/QWn4YYpwEC231DTwtlnKPmZOIcw.roa
File: QWn4YYpwEC231DTwtlnKPmZOIcw.roa (raw, json)
Hash identifier: YJxQZE6DXJOYNFJSNcYrSpOl+uieBpBhNcmfm4wzlI4=
Subject key identifier: 41:69:F8:61:8A:70:10:2D:B7:D4:34:F0:B6:59:CA:3E:66:4E:21:CC
Certificate issuer: /CN=b9954499977278a75570b3403f4d3aa00b1b36e8
Certificate serial: 2AF048A4
Authority key identifier: B9:95:44:99:97:72:78:A7:55:70:B3:40:3F:4D:3A:A0:0B:1B:36:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uZVEmZdyeKdVcLNAP006oAsbNug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/QWn4YYpwEC231DTwtlnKPmZOIcw.roa
Signing time: Sat 01 Jan 2022 13:57:52 +0000
ROA not before: Sat 01 Jan 2022 13:57:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34656
IP address blocks: 178.16.119.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 720390308 (0x2af048a4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9954499977278a75570b3403f4d3aa00b1b36e8
Validity
Not Before: Jan 1 13:57:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4169f8618a70102db7d434f0b659ca3e664e21cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:12:62:36:9f:ed:9c:65:37:7e:0f:e1:35:6f:
b1:12:67:92:47:25:61:dd:66:29:d5:ce:34:a7:d4:
52:0b:c8:2c:1b:33:8f:5a:0f:1b:e2:82:1f:bc:24:
88:c3:20:8a:2d:04:71:83:60:38:ff:f2:7d:8b:6e:
c1:00:9a:fd:db:14:d9:ef:5a:ab:17:81:85:8f:6d:
4e:4d:cc:16:3b:62:01:27:82:a3:a0:18:0a:71:4c:
cf:eb:d8:0a:2a:b3:64:fc:89:79:b8:1f:50:dd:54:
c4:eb:68:13:40:da:eb:a4:c9:d4:ca:e4:e7:f6:12:
80:10:db:4a:5e:71:1e:cb:3a:00:59:dc:a2:b9:d4:
81:ca:b1:10:5d:0b:e0:79:c0:bd:65:15:78:0b:7c:
81:d7:77:e8:d4:7d:ba:0c:70:49:b1:19:bc:dd:f5:
4a:bf:34:9b:8c:c4:e3:a2:e7:99:fb:47:19:3f:00:
3a:69:94:e3:67:0a:6f:1e:03:ff:e8:66:11:f6:d4:
97:a9:69:61:94:27:69:12:98:73:dd:a3:b1:b2:31:
5a:20:7b:b5:d6:cd:6e:23:8d:9f:6c:02:f8:d7:7b:
a1:26:85:bf:87:07:55:62:52:4e:f1:96:3b:92:6d:
c6:c1:09:ae:c8:a7:4d:37:5b:f9:0b:63:ae:96:aa:
a3:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:69:F8:61:8A:70:10:2D:B7:D4:34:F0:B6:59:CA:3E:66:4E:21:CC
X509v3 Authority Key Identifier:
keyid:B9:95:44:99:97:72:78:A7:55:70:B3:40:3F:4D:3A:A0:0B:1B:36:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uZVEmZdyeKdVcLNAP006oAsbNug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/QWn4YYpwEC231DTwtlnKPmZOIcw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/uZVEmZdyeKdVcLNAP006oAsbNug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.16.119.0/24
Signature Algorithm: sha256WithRSAEncryption
55:1f:e8:52:1a:e7:01:ed:f1:c6:66:a5:12:9a:88:ea:ec:ff:
a3:5a:d7:14:1d:06:66:1e:e0:74:f3:25:84:be:6a:7a:53:99:
de:ef:df:0e:6d:a4:c1:6f:ba:20:ad:4b:7e:f2:1a:a5:5f:78:
b9:cb:21:11:57:a7:e1:d6:7d:61:cb:7e:1e:24:23:fd:05:2d:
a8:1a:b9:d4:7b:b8:60:24:2a:8c:bb:a2:b3:29:5f:8e:f7:1b:
81:98:77:9c:8a:0c:fe:56:33:59:fe:86:81:99:fc:42:2c:bb:
52:cd:4a:d2:e3:9e:f1:f4:e4:ea:2c:05:a1:9c:a3:59:b1:a8:
b9:0a:63:d9:37:5f:94:e0:14:9e:bc:b3:b4:d7:78:54:e3:be:
3b:e2:9d:58:60:8d:5e:66:bf:37:2f:94:07:8e:a7:95:42:de:
7c:3e:bf:07:88:bc:b8:13:b1:71:a8:11:71:e3:54:bc:0f:91:
58:0f:c3:49:b0:58:c6:37:57:d6:21:69:1f:64:90:c9:97:81:
50:44:58:98:60:33:1f:6f:55:4c:9a:e0:6b:98:b0:e0:fb:7d:
b3:ea:02:e9:0a:42:a8:22:0c:ff:32:ef:24:5f:f3:8b:3f:b1:
3c:2e:1b:04:0c:20:fd:5b:f1:83:12:8e:ce:e4:0f:4d:f8:a7:
5c:76:b4:ce
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEKvBIpDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
OTk1NDQ5OTk3NzI3OGE3NTU3MGIzNDAzZjRkM2FhMDBiMWIzNmU4MB4XDTIyMDEw
MTEzNTc1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDE2OWY4NjE4YTcw
MTAyZGI3ZDQzNGYwYjY1OWNhM2U2NjRlMjFjYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKESYjaf7ZxlN34P4TVvsRJnkkclYd1mKdXONKfUUgvILBsz
j1oPG+KCH7wkiMMgii0EcYNgOP/yfYtuwQCa/dsU2e9aqxeBhY9tTk3MFjtiASeC
o6AYCnFMz+vYCiqzZPyJebgfUN1UxOtoE0Da66TJ1Mrk5/YSgBDbSl5xHss6AFnc
ornUgcqxEF0L4HnAvWUVeAt8gdd36NR9ugxwSbEZvN31Sr80m4zE46LnmftHGT8A
OmmU42cKbx4D/+hmEfbUl6lpYZQnaRKYc92jsbIxWiB7tdbNbiONn2wC+Nd7oSaF
v4cHVWJSTvGWO5JtxsEJrsinTTdb+Qtjrpaqo58CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRBafhhinAQLbfUNPC2Wco+Zk4hzDAfBgNVHSMEGDAWgBS5lUSZl3J4p1Vw
s0A/TTqgCxs26DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3VaVkVtWmR5ZUtkVmNMTkFQMDA2b0FzYk51Zy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDcvNzg4ODAzLWJlMTItNDMzZi1hOGQwLTAyNGIxNjU1YzI0Ny8x
L1FXbjRZWXB3RUMyMzFEVHd0bG5LUG1aT0ljdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDcv
Nzg4ODAzLWJlMTItNDMzZi1hOGQwLTAyNGIxNjU1YzI0Ny8xL3VaVkVtWmR5ZUtk
VmNMTkFQMDA2b0FzYk51Zy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALIQdzANBgkqhkiG9w0BAQsFAAOC
AQEAVR/oUhrnAe3xxmalEpqI6uz/o1rXFB0GZh7gdPMlhL5qelOZ3u/fDm2kwW+6
IK1LfvIapV94ucshEVen4dZ9Yct+HiQj/QUtqBq51Hu4YCQqjLuisylfjvcbgZh3
nIoM/lYzWf6GgZn8Qiy7Us1K0uOe8fTk6iwFoZyjWbGouQpj2TdflOAUnryztNd4
VOO+O+KdWGCNXma/Ny+UB46nlULefD6/B4i8uBOxcagRceNUvA+RWA/DSbBYxjdX
1iFpH2SQyZeBUERYmGAzH29VTJrga5iw4Pt9s+oC6QpCqCIM/zLvJF/ziz+xPC4b
BAwg/VvxgxKOzuQPTfinXHa0zg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:47 2024 by rpki-client on console-fra.rpki-client.org