Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/a273e8-67dc-4782-9a34-4aeb6a795511/1/qngTD2dLLbAlYwxCX728jDysJEE.roa
File: qngTD2dLLbAlYwxCX728jDysJEE.roa (raw, json)
Hash identifier: 8Euh9Oz34otBMKDFwcXPC89csZJg/x8LKo70YG1px8I=
Subject key identifier: AA:78:13:0F:67:4B:2D:B0:25:63:0C:42:5F:BD:BC:8C:3C:AC:24:41
Certificate issuer: /CN=b17050d8caf09a91d00f1c090a0b752cd1b3d57c
Certificate serial: 18D127C3
Authority key identifier: B1:70:50:D8:CA:F0:9A:91:D0:0F:1C:09:0A:0B:75:2C:D1:B3:D5:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sXBQ2MrwmpHQDxwJCgt1LNGz1Xw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/a273e8-67dc-4782-9a34-4aeb6a795511/1/qngTD2dLLbAlYwxCX728jDysJEE.roa
Signing time: Sat 01 Jan 2022 10:03:31 +0000
ROA not before: Sat 01 Jan 2022 10:03:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16509
IP address blocks: 185.53.16.0/22 maxlen: 22
2a04:c980::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 416360387 (0x18d127c3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b17050d8caf09a91d00f1c090a0b752cd1b3d57c
Validity
Not Before: Jan 1 10:03:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=aa78130f674b2db025630c425fbdbc8c3cac2441
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:cd:8b:ba:16:9a:20:c8:fe:40:66:4e:46:5a:
c1:8d:ab:68:b7:51:21:e5:6f:00:7b:94:39:bd:9f:
c4:bf:80:9a:e4:90:a1:32:c2:de:8e:f8:35:73:d0:
ea:66:68:1c:31:63:1e:2a:70:dd:11:83:e8:0c:c2:
a8:69:1b:e4:13:86:3f:9e:95:4f:1f:5a:7c:45:78:
2b:7e:12:5a:1e:2e:13:28:fb:51:67:ba:cb:e2:d3:
24:92:58:9d:b3:1a:19:52:8d:ce:b1:d4:2d:a5:dd:
a0:f3:69:7a:f4:7d:38:47:89:d1:fb:72:9c:a8:27:
41:21:e3:51:e3:bf:04:df:93:9c:24:44:2c:c6:61:
51:92:f3:40:fc:78:68:54:58:e3:59:9a:ce:1e:d9:
32:0c:34:e2:8b:42:09:32:41:92:b1:6e:f1:a2:b3:
58:51:b7:b3:12:da:26:4e:22:ed:3e:cf:02:16:99:
f1:72:ef:d5:54:df:7b:75:6d:c5:c4:51:a6:3d:ba:
13:ab:84:cc:c2:b7:da:b0:50:33:6d:88:67:df:b6:
75:56:79:73:b8:8f:a2:09:ea:13:79:53:66:32:cb:
fc:71:40:15:a2:31:92:e3:84:23:b8:f7:f4:d3:ee:
2c:e0:92:47:c9:e9:15:60:58:44:24:cf:61:c3:f5:
c9:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:78:13:0F:67:4B:2D:B0:25:63:0C:42:5F:BD:BC:8C:3C:AC:24:41
X509v3 Authority Key Identifier:
keyid:B1:70:50:D8:CA:F0:9A:91:D0:0F:1C:09:0A:0B:75:2C:D1:B3:D5:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sXBQ2MrwmpHQDxwJCgt1LNGz1Xw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/a273e8-67dc-4782-9a34-4aeb6a795511/1/qngTD2dLLbAlYwxCX728jDysJEE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/a273e8-67dc-4782-9a34-4aeb6a795511/1/sXBQ2MrwmpHQDxwJCgt1LNGz1Xw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.53.16.0/22
IPv6:
2a04:c980::/29
Signature Algorithm: sha256WithRSAEncryption
2e:e6:52:90:80:53:00:31:a5:a1:a6:eb:dc:5b:b3:f3:60:2c:
da:69:f5:1d:0a:76:8e:b7:58:a4:91:cb:11:7c:ba:e3:7e:3a:
7d:9d:0b:dc:48:72:7b:21:76:4d:0f:18:d0:b2:fe:c6:ba:64:
9c:fc:a0:b8:d7:8b:a0:39:e8:ea:96:e7:9c:ac:5d:25:b5:3f:
9f:ab:db:74:04:1a:09:b0:3a:6d:72:1b:3d:ed:08:bf:2f:68:
e9:4d:44:62:c6:ab:a4:d1:c6:ad:ee:f7:a8:e5:84:22:a3:fd:
3a:cd:b0:44:47:0d:4e:e4:67:d8:89:4a:d8:39:ab:0d:75:6e:
dd:d8:9f:1f:c8:6d:1b:fe:9d:f2:88:57:3d:38:02:72:97:57:
8c:4f:28:50:4d:9b:be:53:14:0c:2a:83:63:e9:67:78:ee:33:
22:d7:fa:33:7b:83:2c:0b:45:dd:0d:82:cf:d9:f5:0c:bb:6f:
ba:bd:5a:62:88:3b:4e:81:ac:46:24:cd:0e:1f:83:48:11:43:
17:af:2c:f2:d1:de:6b:f5:b6:a6:3e:1c:4f:72:3d:bd:b6:b7:
c9:13:79:21:de:cf:3b:7c:48:00:75:16:70:b4:27:03:c5:cb:
3b:4f:58:10:90:e9:26:48:5f:41:1e:9b:a3:6b:ba:09:5e:97:
ff:b5:7b:d2
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEGNEnwzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MTcwNTBkOGNhZjA5YTkxZDAwZjFjMDkwYTBiNzUyY2QxYjNkNTdjMB4XDTIyMDEw
MTEwMDMzMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWE3ODEzMGY2NzRi
MmRiMDI1NjMwYzQyNWZiZGJjOGMzY2FjMjQ0MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN7Ni7oWmiDI/kBmTkZawY2raLdRIeVvAHuUOb2fxL+AmuSQ
oTLC3o74NXPQ6mZoHDFjHipw3RGD6AzCqGkb5BOGP56VTx9afEV4K34SWh4uEyj7
UWe6y+LTJJJYnbMaGVKNzrHULaXdoPNpevR9OEeJ0ftynKgnQSHjUeO/BN+TnCRE
LMZhUZLzQPx4aFRY41mazh7ZMgw04otCCTJBkrFu8aKzWFG3sxLaJk4i7T7PAhaZ
8XLv1VTfe3VtxcRRpj26E6uEzMK32rBQM22IZ9+2dVZ5c7iPognqE3lTZjLL/HFA
FaIxkuOEI7j39NPuLOCSR8npFWBYRCTPYcP1ydMCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBSqeBMPZ0stsCVjDEJfvbyMPKwkQTAfBgNVHSMEGDAWgBSxcFDYyvCakdAP
HAkKC3Us0bPVfDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NYQlEyTXJ3bXBIUUR4d0pDZ3QxTE5HejFYdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTcvYTI3M2U4LTY3ZGMtNDc4Mi05YTM0LTRhZWI2YTc5NTUxMS8x
L3FuZ1REMmRMTGJBbFl3eENYNzI4akR5c0pFRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTcv
YTI3M2U4LTY3ZGMtNDc4Mi05YTM0LTRhZWI2YTc5NTUxMS8xL3NYQlEyTXJ3bXBI
UUR4d0pDZ3QxTE5HejFYdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArk1EDANBAIAAjAHAwUDKgTJgDAN
BgkqhkiG9w0BAQsFAAOCAQEALuZSkIBTADGloabr3Fuz82As2mn1HQp2jrdYpJHL
EXy64346fZ0L3EhyeyF2TQ8Y0LL+xrpknPyguNeLoDno6pbnnKxdJbU/n6vbdAQa
CbA6bXIbPe0Ivy9o6U1EYsarpNHGre73qOWEIqP9Os2wREcNTuRn2IlK2DmrDXVu
3difH8htG/6d8ohXPTgCcpdXjE8oUE2bvlMUDCqDY+lneO4zItf6M3uDLAtF3Q2C
z9n1DLtvur1aYog7ToGsRiTNDh+DSBFDF68s8tHea/W2pj4cT3I9vba3yRN5Id7P
O3xIAHUWcLQnA8XLO09YEJDpJkhfQR6bo2u6CV6X/7V70g==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:44 2023 by rpki-client on console-ams.rpki-client.org