Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/75148a-e40e-409f-8a0b-da851a715fa4/1/qNV6USskZaCmFuzf96Km63c-EK0.roa
File: qNV6USskZaCmFuzf96Km63c-EK0.roa (raw, json)
Hash identifier: iunGCuGRKdd1tHAW17oAutvZLvNiwM9GA+zbDZh4P7Q=
Subject key identifier: A8:D5:7A:51:2B:24:65:A0:A6:16:EC:DF:F7:A2:A6:EB:77:3E:10:AD
Certificate issuer: /CN=10771dd7dea22e35fdaf19b51b839f43721270ba
Certificate serial: 01838D848E6A5DD8B64FB45B59F60EA08F2A
Authority key identifier: 10:77:1D:D7:DE:A2:2E:35:FD:AF:19:B5:1B:83:9F:43:72:12:70:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EHcd196iLjX9rxm1G4OfQ3IScLo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/75148a-e40e-409f-8a0b-da851a715fa4/1/qNV6USskZaCmFuzf96Km63c-EK0.roa
Signing time: Fri 30 Sep 2022 08:30:18 +0000
ROA not before: Fri 30 Sep 2022 08:30:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15656
IP address blocks: 212.146.129.0/24 maxlen: 24
212.146.132.0/24 maxlen: 24
212.146.128.0/24 maxlen: 24
212.146.131.0/24 maxlen: 24
212.146.130.0/24 maxlen: 24
212.146.135.0/24 maxlen: 24
212.146.134.0/24 maxlen: 24
212.146.133.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:8d:84:8e:6a:5d:d8:b6:4f:b4:5b:59:f6:0e:a0:8f:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=10771dd7dea22e35fdaf19b51b839f43721270ba
Validity
Not Before: Sep 30 08:30:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a8d57a512b2465a0a616ecdff7a2a6eb773e10ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:7e:f9:b4:28:3a:09:1e:9f:cc:f3:af:f2:97:
dc:97:ec:5f:7a:8d:ae:c2:d5:fa:c8:6b:bd:ac:cc:
e6:6b:1c:84:d4:0c:a9:d2:10:a0:af:a1:48:71:25:
54:65:a6:54:36:ca:35:48:89:bc:5b:38:ef:6d:a5:
c1:4a:21:c8:01:87:14:55:a0:72:f4:36:bd:a0:6e:
ad:b2:43:23:8b:b9:7a:1c:8f:be:74:d8:9f:93:1a:
76:e1:a5:3b:53:6c:04:6a:3a:cf:6c:df:f7:37:0c:
98:83:61:2b:5f:39:6f:79:8f:54:27:29:dc:0a:93:
87:b1:c7:99:50:e7:fc:07:60:4f:cc:4f:9f:e9:ee:
f4:38:ce:d2:04:ba:3c:d9:39:da:38:86:5c:1b:55:
77:16:56:d2:3a:56:04:47:bb:ea:cc:38:a1:82:64:
98:4b:3c:96:a3:b2:47:c5:ec:ee:7e:b2:dc:58:15:
bd:83:eb:a5:ae:7b:b9:9c:76:61:bb:9a:88:e7:c5:
8e:17:a8:f1:45:5f:3d:aa:e6:f3:95:83:c5:f7:ec:
31:cb:e4:14:56:90:34:66:c5:4d:7c:86:cb:2a:aa:
c6:dd:31:ae:a0:fb:86:8d:d3:63:1d:4a:10:ac:f6:
3b:b0:57:ec:0b:34:79:2b:11:1f:fd:2a:a2:d8:e3:
80:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:D5:7A:51:2B:24:65:A0:A6:16:EC:DF:F7:A2:A6:EB:77:3E:10:AD
X509v3 Authority Key Identifier:
keyid:10:77:1D:D7:DE:A2:2E:35:FD:AF:19:B5:1B:83:9F:43:72:12:70:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EHcd196iLjX9rxm1G4OfQ3IScLo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/75148a-e40e-409f-8a0b-da851a715fa4/1/qNV6USskZaCmFuzf96Km63c-EK0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/75148a-e40e-409f-8a0b-da851a715fa4/1/EHcd196iLjX9rxm1G4OfQ3IScLo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.146.128.0/21
Signature Algorithm: sha256WithRSAEncryption
87:eb:68:b9:d3:98:a3:e8:9a:32:0c:86:8e:b0:df:12:16:c0:
3d:6d:98:14:95:12:10:44:6b:a9:c0:61:a0:39:86:f1:91:28:
82:10:44:57:33:dd:dd:4f:49:91:25:46:c8:77:9a:f5:ac:7e:
1b:49:93:b5:2d:12:ba:32:a7:81:87:9e:5d:08:d1:4b:98:a3:
34:cf:55:f2:94:86:37:a1:39:f7:40:81:e4:20:f0:35:04:a0:
5b:b1:f3:2b:5f:b9:f3:50:84:ef:f8:3f:b2:4e:76:fc:d4:dd:
09:ae:fd:50:cf:17:73:4b:1b:bd:aa:43:45:18:da:b5:f5:31:
02:dc:82:d9:96:10:db:c2:4c:30:09:27:43:09:87:be:89:95:
51:11:1d:27:13:e0:13:4e:52:ba:14:39:79:a5:4e:a8:29:60:
ca:02:7e:d9:41:38:c4:16:18:d0:2a:9a:23:f7:7d:d5:9d:38:
6b:4b:71:a9:4a:3c:1f:c2:f1:94:36:43:51:62:c7:c3:83:a4:
21:4b:af:e0:a5:c4:26:1c:a0:bd:91:0f:c3:36:13:1d:af:0c:
aa:40:55:92:cf:6e:56:3f:62:1b:69:ad:d3:b9:d1:fc:78:df:
be:4f:f8:14:f8:ff:05:77:e3:9c:6b:f2:39:3a:3b:82:14:6c:
fb:30:91:3b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYONhI5qXdi2T7RbWfYOoI8qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwNzcxZGQ3ZGVhMjJlMzVmZGFmMTliNTFiODM5ZjQzNzIx
MjcwYmEwHhcNMjIwOTMwMDgzMDE4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGQ1N2E1MTJiMjQ2NWEwYTYxNmVjZGZmN2EyYTZlYjc3M2UxMGFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuX75tCg6CR6fzPOv8pfcl+xfeo2u
wtX6yGu9rMzmaxyE1Ayp0hCgr6FIcSVUZaZUNso1SIm8WzjvbaXBSiHIAYcUVaBy
9Da9oG6tskMji7l6HI++dNifkxp24aU7U2wEajrPbN/3NwyYg2ErXzlveY9UJync
CpOHsceZUOf8B2BPzE+f6e70OM7SBLo82TnaOIZcG1V3FlbSOlYER7vqzDihgmSY
SzyWo7JHxezufrLcWBW9g+ulrnu5nHZhu5qI58WOF6jxRV89qubzlYPF9+wxy+QU
VpA0ZsVNfIbLKqrG3TGuoPuGjdNjHUoQrPY7sFfsCzR5KxEf/Sqi2OOA4wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKjVelErJGWgphbs3/eiput3PhCtMB8GA1UdIwQY
MBaAFBB3Hdfeoi41/a8ZtRuDn0NyEnC6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUhjZDE5NmlMalg5cnhtMUc0T2ZRM0lTY0xvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy83NTE0OGEtZTQwZS00MDlmLThhMGIt
ZGE4NTFhNzE1ZmE0LzEvcU5WNlVTc2taYUNtRnV6Zjk2S202M2MtRUswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy83NTE0OGEtZTQwZS00MDlmLThhMGItZGE4NTFhNzE1ZmE0
LzEvRUhjZDE5NmlMalg5cnhtMUc0T2ZRM0lTY0xvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQD1JKAMA0G
CSqGSIb3DQEBCwUAA4IBAQCH62i505ij6JoyDIaOsN8SFsA9bZgUlRIQRGupwGGg
OYbxkSiCEERXM93dT0mRJUbId5r1rH4bSZO1LRK6MqeBh55dCNFLmKM0z1XylIY3
oTn3QIHkIPA1BKBbsfMrX7nzUITv+D+yTnb81N0Jrv1QzxdzSxu9qkNFGNq19TEC
3ILZlhDbwkwwCSdDCYe+iZVRER0nE+ATTlK6FDl5pU6oKWDKAn7ZQTjEFhjQKpoj
933VnThrS3GpSjwfwvGUNkNRYsfDg6QhS6/gpcQmHKC9kQ/DNhMdrwyqQFWSz25W
P2Ibaa3TudH8eN++T/gU+P8Fd+Oca/I5OjuCFGz7MJE7
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:30 2023 by rpki-client on console-fra.rpki-client.org