Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/5qTj3jOrpiYcQJOrDvGWstCkI_k.roa
File: 5qTj3jOrpiYcQJOrDvGWstCkI_k.roa (raw, json)
Hash identifier: M0zDMhjPJDP64+xS8PamDKbidydryK1QO+CdYb5/2g8=
Subject key identifier: E6:A4:E3:DE:33:AB:A6:26:1C:40:93:AB:0E:F1:96:B2:D0:A4:23:F9
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 0184C8C762635BE54EB37236B745E344E83F
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/5qTj3jOrpiYcQJOrDvGWstCkI_k.roa
Signing time: Wed 30 Nov 2022 13:43:40 +0000
ROA not before: Wed 30 Nov 2022 13:43:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6850
IP address blocks: 212.109.174.0/24 maxlen: 24
212.109.173.0/24 maxlen: 24
195.191.18.0/24 maxlen: 24
195.191.19.0/24 maxlen: 24
212.109.169.0/24 maxlen: 24
212.109.171.0/24 maxlen: 24
212.109.168.0/24 maxlen: 24
212.109.170.0/24 maxlen: 24
212.109.172.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:c8:c7:62:63:5b:e5:4e:b3:72:36:b7:45:e3:44:e8:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Nov 30 13:43:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e6a4e3de33aba6261c4093ab0ef196b2d0a423f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:f4:ff:8b:ed:4a:b9:62:c3:c2:0e:90:2a:79:
98:dd:8a:3d:fb:ba:54:fb:93:e9:70:3d:6d:e0:3c:
2b:19:7a:d0:78:91:fb:19:c9:e3:b1:b1:51:6e:f5:
aa:18:80:62:41:ef:c0:5b:9a:e4:bb:26:70:70:93:
54:5d:be:e9:57:09:13:c7:02:5b:50:27:93:25:16:
d8:ae:31:e3:2f:dd:5d:07:75:32:4f:1a:e0:0e:a5:
fc:2e:b5:8e:6c:c8:fc:c5:32:7b:a4:79:03:59:43:
02:99:0f:ad:21:dd:99:ce:34:a5:c2:77:92:87:de:
1b:c5:45:9c:d9:a6:c2:d9:f0:1d:73:7b:70:42:9f:
53:91:14:b5:d0:90:6a:8e:d8:1d:b4:8f:30:53:10:
73:31:0e:7e:3c:cd:69:22:dc:7a:90:12:e6:14:55:
66:78:74:e5:ef:19:21:11:3b:81:cd:ef:d5:ce:42:
39:e6:56:fa:21:68:8a:bc:00:46:8a:99:64:a3:29:
72:7e:72:4b:bd:aa:55:f1:2e:cc:35:a0:05:3a:4e:
95:32:a8:e7:47:f5:a0:97:ba:31:77:9a:9e:b3:8b:
e8:7a:b3:ef:f8:1d:2c:b0:76:0e:35:bb:87:97:c4:
ee:5f:ee:a7:02:2a:eb:89:f5:17:85:d2:cc:14:3e:
cc:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:A4:E3:DE:33:AB:A6:26:1C:40:93:AB:0E:F1:96:B2:D0:A4:23:F9
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/5qTj3jOrpiYcQJOrDvGWstCkI_k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.191.18.0/23
212.109.168.0-212.109.174.255
Signature Algorithm: sha256WithRSAEncryption
73:47:e7:f0:b5:8e:8f:0f:4f:45:99:d7:b6:19:00:c4:38:69:
1d:16:4a:cb:09:d1:25:39:b5:c9:7f:76:8c:97:15:c8:58:75:
06:f9:04:0a:dd:49:f5:3a:8c:ff:2e:50:1a:94:71:01:3b:31:
3a:70:4c:69:0c:46:46:6f:93:aa:b9:77:0d:41:e9:13:89:c2:
80:32:b7:33:cc:7c:82:1b:9f:18:4f:3d:35:e4:df:e9:d6:e6:
30:e8:b6:90:83:f8:80:2d:9a:22:24:74:3c:c6:b0:c1:16:e7:
1a:a6:86:9c:1b:3f:fc:36:47:0b:3f:a6:4d:74:20:c1:17:43:
6b:1c:58:11:31:f4:a6:09:8c:0d:23:9a:19:44:1e:a1:13:bd:
98:b8:2c:d4:63:4d:5f:87:78:69:b9:b5:6c:97:a4:3a:ad:a6:
35:89:03:7a:2c:4c:f4:b9:ea:05:99:4c:27:67:97:5b:ca:6c:
45:2c:72:a2:56:af:27:d5:fa:4d:4f:8f:56:5a:be:9d:a5:b5:
a2:90:3b:f5:5f:1a:09:cd:9d:17:87:ad:79:64:6e:a5:f8:27:
ff:fa:b9:3a:78:1a:1c:08:01:4c:96:38:83:31:c7:bf:7c:0a:
3c:04:c0:b4:7e:29:67:19:32:c3:66:d9:f2:1e:8a:69:3e:b8:
b0:89:0e:2a
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYTIx2JjW+VOs3I2t0XjROg/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMTMwMTM0MzQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNmE0ZTNkZTMzYWJhNjI2MWM0MDkzYWIwZWYxOTZiMmQwYTQyM2Y5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxfT/i+1KuWLDwg6QKnmY3Yo9+7pU
+5PpcD1t4DwrGXrQeJH7GcnjsbFRbvWqGIBiQe/AW5rkuyZwcJNUXb7pVwkTxwJb
UCeTJRbYrjHjL91dB3UyTxrgDqX8LrWObMj8xTJ7pHkDWUMCmQ+tId2ZzjSlwneS
h94bxUWc2abC2fAdc3twQp9TkRS10JBqjtgdtI8wUxBzMQ5+PM1pItx6kBLmFFVm
eHTl7xkhETuBze/VzkI55lb6IWiKvABGiplkoylyfnJLvapV8S7MNaAFOk6VMqjn
R/Wgl7oxd5qes4voerPv+B0ssHYONbuHl8TuX+6nAirrifUXhdLMFD7MZwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFOak494zq6YmHECTqw7xlrLQpCP5MB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvNXFUajNqT3JwaVljUUpPckR2R1dzdENrSV9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQBw78SMAwD
BAPUbagDBADUba4wDQYJKoZIhvcNAQELBQADggEBAHNH5/C1jo8PT0WZ17YZAMQ4
aR0WSssJ0SU5tcl/doyXFchYdQb5BArdSfU6jP8uUBqUcQE7MTpwTGkMRkZvk6q5
dw1B6ROJwoAytzPMfIIbnxhPPTXk3+nW5jDotpCD+IAtmiIkdDzGsMEW5xqmhpwb
P/w2Rws/pk10IMEXQ2scWBEx9KYJjA0jmhlEHqETvZi4LNRjTV+HeGm5tWyXpDqt
pjWJA3osTPS56gWZTCdnl1vKbEUscqJWryfV+k1Pj1Zavp2ltaKQO/VfGgnNnReH
rXlkbqX4J//6uTp4GhwIAUyWOIMxx798CjwEwLR+KWcZMsNm2fIeimk+uLCJDio=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:24 2024 by rpki-client on console-fra.rpki-client.org