Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/1f5e07-32b6-4114-8b0d-d3b58f698148/1/CqskoyYzD5XVxmhnmNg4flxM3t0.roa
File: CqskoyYzD5XVxmhnmNg4flxM3t0.roa (raw, json)
Hash identifier: 6QVpXZLndcJJJknaJt8vmDsVjdoG1RaZINv5Y1Bw/Gg=
Subject key identifier: 0A:AB:24:A3:26:33:0F:95:D5:C6:68:67:98:D8:38:7E:5C:4C:DE:DD
Certificate issuer: /CN=acf910f36291c3c224ddb596d956543197f163de
Certificate serial: 069476D7
Authority key identifier: AC:F9:10:F3:62:91:C3:C2:24:DD:B5:96:D9:56:54:31:97:F1:63:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rPkQ82KRw8Ik3bWW2VZUMZfxY94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/1f5e07-32b6-4114-8b0d-d3b58f698148/1/CqskoyYzD5XVxmhnmNg4flxM3t0.roa
Signing time: Wed 23 Mar 2022 11:57:53 +0000
ROA not before: Wed 23 Mar 2022 11:57:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201071
IP address blocks: 217.147.125.0/24 maxlen: 24
217.147.124.0/22 maxlen: 22
217.147.124.0/24 maxlen: 24
217.147.121.0/24 maxlen: 24
217.147.120.0/24 maxlen: 24
217.147.127.0/24 maxlen: 24
217.147.126.0/24 maxlen: 24
92.249.5.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 110393047 (0x69476d7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=acf910f36291c3c224ddb596d956543197f163de
Validity
Not Before: Mar 23 11:57:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0aab24a326330f95d5c6686798d8387e5c4cdedd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:45:d9:21:6d:78:71:13:16:eb:28:59:53:fc:
bb:20:ea:5f:4f:2c:64:ad:b3:2a:86:1a:5a:d8:e6:
1c:42:5e:72:51:59:07:80:61:24:e6:17:29:97:6d:
65:99:68:0b:38:68:bc:9a:a1:99:56:fb:37:35:7b:
83:79:6d:ba:92:1b:73:02:ad:8f:19:76:78:53:40:
65:7d:6b:36:c6:6b:31:e7:fe:fd:98:3d:94:47:0a:
11:01:46:4a:38:d8:51:34:ca:84:52:01:aa:fc:d6:
e1:18:eb:54:5b:0b:3e:e7:7a:2d:3d:15:e8:e0:f4:
f9:29:9f:b2:82:4f:08:90:f5:8f:05:dc:93:d4:37:
9e:b8:d0:b4:13:63:a0:b0:5a:00:48:0c:88:6f:c3:
bf:b6:eb:a4:bd:4c:07:cc:70:b6:d1:ed:9d:b4:7b:
2a:16:37:05:49:95:c7:b5:66:3e:70:d4:68:55:41:
ef:06:f2:6f:0b:35:c4:84:5f:12:1d:aa:86:18:60:
03:19:ce:31:53:1c:d1:78:fc:2c:9d:8f:b4:b3:57:
c0:84:80:a2:d9:83:fb:d6:ed:70:12:0c:e9:f6:1e:
e1:07:71:e3:75:56:80:b3:5e:c1:19:3d:da:62:fd:
c9:31:03:d8:49:dd:52:00:01:c2:20:75:a3:65:0b:
43:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:AB:24:A3:26:33:0F:95:D5:C6:68:67:98:D8:38:7E:5C:4C:DE:DD
X509v3 Authority Key Identifier:
keyid:AC:F9:10:F3:62:91:C3:C2:24:DD:B5:96:D9:56:54:31:97:F1:63:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rPkQ82KRw8Ik3bWW2VZUMZfxY94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/1f5e07-32b6-4114-8b0d-d3b58f698148/1/CqskoyYzD5XVxmhnmNg4flxM3t0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/1f5e07-32b6-4114-8b0d-d3b58f698148/1/rPkQ82KRw8Ik3bWW2VZUMZfxY94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.249.5.0/24
217.147.120.0/23
217.147.124.0/22
Signature Algorithm: sha256WithRSAEncryption
5a:a6:20:b2:37:eb:dd:2a:df:ec:3a:8e:8e:54:88:89:0a:24:
04:ae:4e:94:6e:4a:6c:84:cc:eb:21:2e:ff:13:0c:53:80:8e:
d6:ca:17:87:4a:e1:ad:c4:e7:a5:71:a2:2d:1f:32:1a:2d:ee:
31:7c:e8:87:24:93:14:d8:72:0f:46:62:1a:c6:81:5a:db:2a:
b9:60:6a:b6:15:fe:7e:44:99:0b:39:c1:12:8a:f7:e1:64:dd:
37:c8:ac:3f:50:54:46:1d:e1:d9:2e:e6:74:13:42:4c:cd:46:
7e:b9:06:d5:09:7b:45:63:e9:86:84:72:42:bb:e6:8c:39:21:
4e:90:97:af:d8:01:60:d7:79:a1:54:d9:f0:5b:93:fe:58:9e:
19:42:c9:6d:43:e1:65:53:7d:93:ac:9f:76:65:42:55:7f:41:
e1:24:6b:88:88:c5:44:32:ae:57:f4:2b:9e:32:56:61:33:74:
8a:88:02:7c:b3:79:88:90:27:e8:17:d2:69:9c:6f:42:a9:a3:
ff:42:7a:a8:e1:bb:fe:75:eb:a5:de:f0:7d:91:f7:de:ad:3a:
cf:e7:1b:5c:b7:01:cb:cd:66:6c:56:3b:d5:1c:fa:71:f1:ec:
35:b1:d0:2e:bb:24:6f:d2:97:e2:81:39:7b:bb:89:58:b1:8e:
fc:af:a1:68
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEBpR21zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
Y2Y5MTBmMzYyOTFjM2MyMjRkZGI1OTZkOTU2NTQzMTk3ZjE2M2RlMB4XDTIyMDMy
MzExNTc1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGFhYjI0YTMyNjMz
MGY5NWQ1YzY2ODY3OThkODM4N2U1YzRjZGVkZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAO1F2SFteHETFusoWVP8uyDqX08sZK2zKoYaWtjmHEJeclFZ
B4BhJOYXKZdtZZloCzhovJqhmVb7NzV7g3ltupIbcwKtjxl2eFNAZX1rNsZrMef+
/Zg9lEcKEQFGSjjYUTTKhFIBqvzW4RjrVFsLPud6LT0V6OD0+SmfsoJPCJD1jwXc
k9Q3nrjQtBNjoLBaAEgMiG/Dv7brpL1MB8xwttHtnbR7KhY3BUmVx7VmPnDUaFVB
7wbybws1xIRfEh2qhhhgAxnOMVMc0Xj8LJ2PtLNXwISAotmD+9btcBIM6fYe4Qdx
43VWgLNewRk92mL9yTED2EndUgABwiB1o2ULQ38CAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBQKqySjJjMPldXGaGeY2Dh+XEze3TAfBgNVHSMEGDAWgBSs+RDzYpHDwiTd
tZbZVlQxl/Fj3jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3JQa1E4MktSdzhJazNiV1cyVlpVTVpmeFk5NC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGUvMWY1ZTA3LTMyYjYtNDExNC04YjBkLWQzYjU4ZjY5ODE0OC8x
L0Nxc2tveVl6RDVYVnhtaG5tTmc0Zmx4TTN0MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGUv
MWY1ZTA3LTMyYjYtNDExNC04YjBkLWQzYjU4ZjY5ODE0OC8xL3JQa1E4MktSdzhJ
azNiV1cyVlpVTVpmeFk5NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAFz5BQMEAdmTeAMEAtmTfDANBgkq
hkiG9w0BAQsFAAOCAQEAWqYgsjfr3Srf7DqOjlSIiQokBK5OlG5KbITM6yEu/xMM
U4CO1soXh0rhrcTnpXGiLR8yGi3uMXzohySTFNhyD0ZiGsaBWtsquWBqthX+fkSZ
CznBEor34WTdN8isP1BURh3h2S7mdBNCTM1GfrkG1Ql7RWPphoRyQrvmjDkhTpCX
r9gBYNd5oVTZ8FuT/lieGULJbUPhZVN9k6yfdmVCVX9B4SRriIjFRDKuV/QrnjJW
YTN0iogCfLN5iJAn6BfSaZxvQqmj/0J6qOG7/nXrpd7wfZH33q06z+cbXLcBy81m
bFY71Rz6cfHsNbHQLrskb9KX4oE5e7uJWLGO/K+haA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:53 2024 by rpki-client on console-fra.rpki-client.org