Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/ff3c79-d60f-4b12-8131-95d60b3e46cc/1/qVNS9MZfHOXNyuQDy3RIl31OFKs.roa
File: qVNS9MZfHOXNyuQDy3RIl31OFKs.roa (raw, json)
Hash identifier: v3ExQNbhwv4scZwd6gJz5buoVX8Me5cS2OBphyW4uEo=
Subject key identifier: A9:53:52:F4:C6:5F:1C:E5:CD:CA:E4:03:CB:74:48:97:7D:4E:14:AB
Certificate issuer: /CN=2f65436ac5038332e703adbbeff5814db82ab43f
Certificate serial: 01845153142DF45CCD837C762B20F1E7CA08
Authority key identifier: 2F:65:43:6A:C5:03:83:32:E7:03:AD:BB:EF:F5:81:4D:B8:2A:B4:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L2VDasUDgzLnA6277_WBTbgqtD8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/ff3c79-d60f-4b12-8131-95d60b3e46cc/1/qVNS9MZfHOXNyuQDy3RIl31OFKs.roa
Signing time: Mon 07 Nov 2022 09:01:49 +0000
ROA not before: Mon 07 Nov 2022 09:01:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212688
IP address blocks: 212.24.125.0/24 maxlen: 24
2a11:28c0:1::/48 maxlen: 48
2a11:28c0:2::/48 maxlen: 48
2a11:28c0::/32 maxlen: 48
2a11:28c0::/48 maxlen: 48
2001:67c:840::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:51:53:14:2d:f4:5c:cd:83:7c:76:2b:20:f1:e7:ca:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f65436ac5038332e703adbbeff5814db82ab43f
Validity
Not Before: Nov 7 09:01:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a95352f4c65f1ce5cdcae403cb7448977d4e14ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:0a:45:57:88:32:0d:98:22:ae:65:10:e5:86:
90:57:1e:de:01:0a:da:3b:1d:3e:bd:1f:42:78:6f:
05:ad:f3:ed:4b:3a:f9:62:07:8e:93:28:4b:74:8b:
27:e1:ef:13:47:98:34:fd:32:32:72:b1:20:63:66:
1d:36:11:6f:ed:34:e2:03:43:9a:8f:b7:53:21:cd:
24:7b:79:84:1b:07:f7:b8:56:73:2b:ff:48:25:3a:
da:25:d6:75:76:6e:4e:d5:30:0a:76:8f:55:50:b6:
8b:d1:07:7e:35:21:cb:7f:50:69:e8:5b:15:b1:2b:
84:20:0e:af:7e:4a:61:eb:b0:ee:53:67:04:37:bc:
c7:62:d2:26:bd:62:b4:eb:34:49:32:09:4b:cf:b2:
1e:07:18:28:fd:01:1c:2d:1e:09:58:fb:d8:89:d1:
a7:ca:34:53:c4:99:37:ed:14:34:7e:8f:51:8f:3b:
70:31:30:62:e7:20:25:c3:99:70:fc:7c:5c:f4:9e:
c1:27:3d:7e:76:d2:27:12:ed:f8:22:99:64:41:36:
86:8b:e8:53:6e:01:e1:1c:da:e2:ab:45:a8:92:ed:
70:64:16:d8:e6:3a:27:6f:de:c3:04:6a:52:f5:11:
c9:1d:b4:c7:6c:da:8e:d7:91:62:67:dd:92:d9:dc:
3e:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:53:52:F4:C6:5F:1C:E5:CD:CA:E4:03:CB:74:48:97:7D:4E:14:AB
X509v3 Authority Key Identifier:
keyid:2F:65:43:6A:C5:03:83:32:E7:03:AD:BB:EF:F5:81:4D:B8:2A:B4:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L2VDasUDgzLnA6277_WBTbgqtD8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/ff3c79-d60f-4b12-8131-95d60b3e46cc/1/qVNS9MZfHOXNyuQDy3RIl31OFKs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/ff3c79-d60f-4b12-8131-95d60b3e46cc/1/L2VDasUDgzLnA6277_WBTbgqtD8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.24.125.0/24
IPv6:
2001:67c:840::/48
2a11:28c0::/32
Signature Algorithm: sha256WithRSAEncryption
9c:19:41:10:f7:a7:7f:6e:71:29:fb:1f:ca:bc:24:df:b6:f7:
15:fe:35:52:e5:da:2e:93:a1:35:f2:50:17:b2:1a:d6:a8:5d:
4a:40:36:b4:e2:38:4a:7b:b9:c6:7e:ae:6b:43:a2:b0:d6:15:
2b:2c:c5:d4:66:84:10:0d:3a:3d:06:aa:42:1b:ba:8a:02:d4:
b8:2c:71:7c:c3:26:61:2a:70:38:c3:cf:a0:bc:4a:af:a9:41:
de:09:6b:2a:4d:82:47:75:62:e8:42:eb:c5:cc:79:c5:9d:4b:
6e:94:17:8b:15:a4:e9:21:ee:16:9f:ad:aa:1c:73:a9:dd:c4:
cf:9f:b4:60:e3:3b:ab:53:1c:46:af:09:43:65:f0:ad:1e:e5:
35:26:0c:b9:ac:18:4d:cd:07:f6:a6:f5:55:6f:12:06:44:c7:
b7:d6:4b:55:86:2b:70:11:77:d1:68:eb:1f:77:79:d8:71:13:
a0:f5:c3:b1:11:9f:77:55:73:9f:54:7b:e3:e6:e5:53:22:be:
cd:ca:f1:78:46:df:34:76:27:75:ff:ef:ff:56:fc:ff:59:c4:
ca:f9:5b:9b:ef:ca:a8:69:92:14:fb:a8:ed:83:fb:f0:a0:fb:
23:79:4c:7e:0c:26:3b:4e:06:1d:7d:f9:b6:99:a8:49:69:82:
fa:e5:a7:6c
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYRRUxQt9FzNg3x2KyDx58oIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmNjU0MzZhYzUwMzgzMzJlNzAzYWRiYmVmZjU4MTRkYjgy
YWI0M2YwHhcNMjIxMTA3MDkwMTQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTUzNTJmNGM2NWYxY2U1Y2RjYWU0MDNjYjc0NDg5NzdkNGUxNGFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwgpFV4gyDZgirmUQ5YaQVx7eAQra
Ox0+vR9CeG8FrfPtSzr5YgeOkyhLdIsn4e8TR5g0/TIycrEgY2YdNhFv7TTiA0Oa
j7dTIc0ke3mEGwf3uFZzK/9IJTraJdZ1dm5O1TAKdo9VULaL0Qd+NSHLf1Bp6FsV
sSuEIA6vfkph67DuU2cEN7zHYtImvWK06zRJMglLz7IeBxgo/QEcLR4JWPvYidGn
yjRTxJk37RQ0fo9RjztwMTBi5yAlw5lw/Hxc9J7BJz1+dtInEu34IplkQTaGi+hT
bgHhHNriq0Woku1wZBbY5jonb97DBGpS9RHJHbTHbNqO15FiZ92S2dw+WQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFKlTUvTGXxzlzcrkA8t0SJd9ThSrMB8GA1UdIwQY
MBaAFC9lQ2rFA4My5wOtu+/1gU24KrQ/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDJWRGFzVURnekxuQTYyNzdfV0JUYmdxdEQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9mZjNjNzktZDYwZi00YjEyLTgxMzEt
OTVkNjBiM2U0NmNjLzEvcVZOUzlNWmZIT1hOeXVRRHkzUklsMzFPRktzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS9mZjNjNzktZDYwZi00YjEyLTgxMzEtOTVkNjBiM2U0NmNj
LzEvTDJWRGFzVURnekxuQTYyNzdfV0JUYmdxdEQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAMBAIAATAGAwQA1Bh9MBYE
AgACMBADBwAgAQZ8CEADBQAqESjAMA0GCSqGSIb3DQEBCwUAA4IBAQCcGUEQ96d/
bnEp+x/KvCTftvcV/jVS5douk6E18lAXshrWqF1KQDa04jhKe7nGfq5rQ6Kw1hUr
LMXUZoQQDTo9BqpCG7qKAtS4LHF8wyZhKnA4w8+gvEqvqUHeCWsqTYJHdWLoQuvF
zHnFnUtulBeLFaTpIe4Wn62qHHOp3cTPn7Rg4zurUxxGrwlDZfCtHuU1Jgy5rBhN
zQf2pvVVbxIGRMe31ktVhitwEXfRaOsfd3nYcROg9cOxEZ93VXOfVHvj5uVTIr7N
yvF4Rt80did1/+//Vvz/WcTK+Vub78qoaZIU+6jtg/vwoPsjeUx+DCY7TgYdffm2
mahJaYL65ads
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:18 2023 by rpki-client on console-ams.rpki-client.org