Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/d4d2f8-8dc1-4070-977e-a6cec04595f8/1/q2yr2sq2C-iuDePituhojLiF3u4.roa
File: q2yr2sq2C-iuDePituhojLiF3u4.roa (raw, json)
Hash identifier: s3IlHj7IyV0CmCzTGN6nLbtNOA9sHkmWWB6SmBlvZ+w=
Subject key identifier: AB:6C:AB:DA:CA:B6:0B:E8:AE:0D:E3:E2:B6:E8:68:8C:B8:85:DE:EE
Certificate issuer: /CN=83e2340ef5c4a4952eb413d288c29d9378342232
Certificate serial: 01856B00AF9A88205D02774BB2BC548F407D
Authority key identifier: 83:E2:34:0E:F5:C4:A4:95:2E:B4:13:D2:88:C2:9D:93:78:34:22:32
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g-I0DvXEpJUutBPSiMKdk3g0IjI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/d4d2f8-8dc1-4070-977e-a6cec04595f8/1/q2yr2sq2C-iuDePituhojLiF3u4.roa
Signing time: Sun 01 Jan 2023 01:44:44 +0000
ROA not before: Sun 01 Jan 2023 01:44:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60022
IP address blocks: 178.212.231.0/24 maxlen: 24
2a11:e680::/32 maxlen: 48
2a11:e686::/32 maxlen: 48
2a11:e685::/32 maxlen: 48
2a11:e682::/32 maxlen: 48
2a11:e681::/32 maxlen: 48
2a11:e683::/32 maxlen: 48
2a11:e684::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:00:af:9a:88:20:5d:02:77:4b:b2:bc:54:8f:40:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=83e2340ef5c4a4952eb413d288c29d9378342232
Validity
Not Before: Jan 1 01:44:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ab6cabdacab60be8ae0de3e2b6e8688cb885deee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:17:c7:9f:18:5b:0e:93:cf:6e:bc:6c:10:b4:
65:99:59:49:a6:c6:99:16:c8:87:51:08:99:87:a6:
86:0b:98:ff:35:2e:58:f4:1e:06:4a:05:fd:4c:e4:
4f:9c:d8:4f:15:10:0d:4e:7d:3e:f4:36:50:69:6c:
1c:c1:b0:a0:b9:59:b4:49:b2:1a:a6:17:30:7a:50:
4d:b6:5d:39:5c:90:45:7e:a1:87:17:09:7a:ce:a2:
e4:9c:39:52:02:f2:6a:97:86:5c:3e:20:ef:c3:14:
2d:b9:d6:31:78:3e:e7:c4:6a:05:72:64:61:fc:79:
c3:95:a8:82:41:b5:50:f3:63:1f:5f:4c:1f:b1:a3:
fb:d0:5f:42:a8:00:f4:49:a4:e5:b2:85:e8:65:58:
e3:f6:96:65:e7:ce:5c:85:c6:52:70:6b:fa:63:a7:
bc:f2:7d:1c:27:56:92:44:a8:99:cd:5c:2f:f9:70:
9b:2d:14:68:9c:dd:e0:8d:ab:fb:4c:b2:59:f9:13:
f2:87:9e:c0:f6:92:6f:0b:34:c3:7d:4b:8f:df:95:
6c:4d:b7:1a:ea:a6:d0:a7:b2:ed:5e:d3:f5:11:bc:
35:ec:96:15:b9:11:bd:a2:e9:fe:65:a5:b1:6a:17:
50:7f:fc:26:3b:f3:66:5e:54:9b:f4:09:e0:38:9e:
f6:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:6C:AB:DA:CA:B6:0B:E8:AE:0D:E3:E2:B6:E8:68:8C:B8:85:DE:EE
X509v3 Authority Key Identifier:
keyid:83:E2:34:0E:F5:C4:A4:95:2E:B4:13:D2:88:C2:9D:93:78:34:22:32
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g-I0DvXEpJUutBPSiMKdk3g0IjI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/d4d2f8-8dc1-4070-977e-a6cec04595f8/1/q2yr2sq2C-iuDePituhojLiF3u4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/d4d2f8-8dc1-4070-977e-a6cec04595f8/1/g-I0DvXEpJUutBPSiMKdk3g0IjI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.212.231.0/24
IPv6:
2a11:e680::-2a11:e686:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
a1:98:b5:4d:ef:56:10:3b:ac:8c:b1:2b:84:ac:7d:f6:60:e4:
cc:94:93:20:2d:8d:fe:7c:af:57:f7:f3:95:f1:ee:96:e7:44:
c2:09:ba:07:2b:18:97:cc:29:f8:00:c2:82:f3:5c:f3:9e:c5:
f6:5c:0c:ae:7e:29:16:65:87:da:cb:d2:69:f9:2e:ac:d8:a9:
f7:da:43:a8:43:47:e1:6b:01:12:f0:ac:34:ca:b5:47:81:bd:
7d:0f:66:cd:d4:eb:b7:eb:8e:b5:04:b8:61:b5:49:8d:36:e8:
54:3c:aa:64:b6:4a:18:59:46:3e:25:cb:ff:07:62:51:75:78:
54:5b:9d:8c:1d:a4:eb:b3:26:d8:b3:f1:aa:25:42:41:f2:e9:
c9:d1:c8:e4:ea:b1:fc:09:3b:24:21:c5:6c:48:91:ab:3b:1f:
0f:5a:e3:95:d8:9e:1a:84:41:82:fa:c6:25:0e:ce:bf:c1:d1:
0d:e1:a8:1f:c5:96:aa:be:0c:10:4d:f3:b2:18:eb:38:f2:ba:
fa:d1:0b:07:bf:f7:5d:47:c3:b3:1a:95:e0:da:fb:01:ad:00:
a9:8b:da:78:33:a2:d0:fb:01:20:3e:de:03:b4:c0:98:82:c1:
d3:02:29:a4:62:99:b0:e0:b4:8a:cd:d7:c5:d0:43:33:02:86:
6d:6e:7f:9a
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVrAK+aiCBdAndLsrxUj0B9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzZTIzNDBlZjVjNGE0OTUyZWI0MTNkMjg4YzI5ZDkzNzgz
NDIyMzIwHhcNMjMwMTAxMDE0NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjZjYWJkYWNhYjYwYmU4YWUwZGUzZTJiNmU4Njg4Y2I4ODVkZWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwBfHnxhbDpPPbrxsELRlmVlJpsaZ
FsiHUQiZh6aGC5j/NS5Y9B4GSgX9TORPnNhPFRANTn0+9DZQaWwcwbCguVm0SbIa
phcwelBNtl05XJBFfqGHFwl6zqLknDlSAvJql4ZcPiDvwxQtudYxeD7nxGoFcmRh
/HnDlaiCQbVQ82MfX0wfsaP70F9CqAD0SaTlsoXoZVjj9pZl585chcZScGv6Y6e8
8n0cJ1aSRKiZzVwv+XCbLRRonN3gjav7TLJZ+RPyh57A9pJvCzTDfUuP35VsTbca
6qbQp7LtXtP1Ebw17JYVuRG9oun+ZaWxahdQf/wmO/NmXlSb9AngOJ72/wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFKtsq9rKtgvorg3j4rboaIy4hd7uMB8GA1UdIwQY
MBaAFIPiNA71xKSVLrQT0ojCnZN4NCIyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZy1JMER2WEVwSlV1dEJQU2lNS2RrM2cwSWpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9kNGQyZjgtOGRjMS00MDcwLTk3N2Ut
YTZjZWMwNDU5NWY4LzEvcTJ5cjJzcTJDLWl1RGVQaXR1aG9qTGlGM3U0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9kNGQyZjgtOGRjMS00MDcwLTk3N2UtYTZjZWMwNDU5NWY4
LzEvZy1JMER2WEVwSlV1dEJQU2lNS2RrM2cwSWpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAMBAIAATAGAwQAstTnMBYE
AgACMBAwDgMFByoR5oADBQAqEeaGMA0GCSqGSIb3DQEBCwUAA4IBAQChmLVN71YQ
O6yMsSuErH32YOTMlJMgLY3+fK9X9/OV8e6W50TCCboHKxiXzCn4AMKC81zznsX2
XAyufikWZYfay9Jp+S6s2Kn32kOoQ0fhawES8Kw0yrVHgb19D2bN1Ou36461BLhh
tUmNNuhUPKpktkoYWUY+Jcv/B2JRdXhUW52MHaTrsybYs/GqJUJB8unJ0cjk6rH8
CTskIcVsSJGrOx8PWuOV2J4ahEGC+sYlDs6/wdEN4agfxZaqvgwQTfOyGOs48rr6
0QsHv/ddR8OzGpXg2vsBrQCpi9p4M6LQ+wEgPt4DtMCYgsHTAimkYpmw4LSKzdfF
0EMzAoZtbn+a
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:57:30 2025 by rpki-client