Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/PQ6ztsi9bycRzZka4zOvkcGgWYs.roa
File: PQ6ztsi9bycRzZka4zOvkcGgWYs.roa (raw, json)
Hash identifier: m+aKzwrRCtIh84Nozg6ft1IHXHI7SsB9bDsGwyp6oDI=
Subject key identifier: 3D:0E:B3:B6:C8:BD:6F:27:11:CD:99:1A:E3:33:AF:91:C1:A0:59:8B
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 01856ED4DC956CD8B85083CD60C02A1992EB
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/PQ6ztsi9bycRzZka4zOvkcGgWYs.roa
Signing time: Sun 01 Jan 2023 19:35:21 +0000
ROA not before: Sun 01 Jan 2023 19:35:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6850
IP address blocks: 212.109.173.0/24 maxlen: 24
212.109.174.0/24 maxlen: 24
195.191.19.0/24 maxlen: 24
195.191.18.0/24 maxlen: 24
212.109.169.0/24 maxlen: 24
212.109.170.0/24 maxlen: 24
212.109.171.0/24 maxlen: 24
212.109.172.0/24 maxlen: 24
212.109.168.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:d4:dc:95:6c:d8:b8:50:83:cd:60:c0:2a:19:92:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Jan 1 19:35:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3d0eb3b6c8bd6f2711cd991ae333af91c1a0598b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:be:4e:40:0c:2e:83:e4:ce:af:8f:6b:4e:14:
6f:a3:88:14:1f:a8:18:60:72:16:46:72:8c:fb:0d:
1a:87:c2:6c:4d:60:b1:37:7f:c2:6e:ac:61:56:4c:
ba:f0:c6:5f:18:8b:38:0b:09:cd:fd:b0:30:df:f8:
04:5e:e5:64:08:72:ad:a9:64:3b:2c:d2:c9:c6:99:
3a:0e:cc:e3:30:49:a6:36:ea:3c:0e:0d:20:03:6f:
8c:0c:a2:64:04:9b:bf:d0:4a:9b:15:7d:3a:2b:6c:
1d:0f:b5:01:c2:9a:7f:49:cf:2e:d7:7d:e7:ef:1a:
be:19:b4:0c:89:46:98:4d:f0:97:e7:3e:df:80:e2:
a2:34:d5:9b:37:47:f9:1d:71:2b:ed:69:a5:fc:2d:
6c:e7:fc:82:c9:cb:28:23:7e:b3:be:f0:55:a3:83:
54:f1:cf:0a:e8:01:8e:13:96:00:11:e5:59:35:18:
20:79:99:36:b4:fe:af:da:c8:ab:92:0f:6b:9a:ff:
14:7d:be:49:26:7e:a0:9d:44:bf:2f:97:39:4a:65:
d4:48:b7:7f:e5:7d:6e:59:ba:7b:19:3d:ec:88:3a:
b4:2d:a3:07:4e:68:6c:d2:b0:10:27:aa:6a:f4:fe:
2e:90:8b:40:61:44:42:4b:97:77:64:02:d4:b8:82:
67:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:0E:B3:B6:C8:BD:6F:27:11:CD:99:1A:E3:33:AF:91:C1:A0:59:8B
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/PQ6ztsi9bycRzZka4zOvkcGgWYs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.191.18.0/23
212.109.168.0-212.109.174.255
Signature Algorithm: sha256WithRSAEncryption
09:15:d3:e8:25:25:5c:ae:08:8f:b6:66:f9:f6:8c:32:15:c0:
1a:e8:64:b7:a4:1c:1c:e1:b2:14:48:6d:c9:4c:c5:45:62:ba:
b6:32:70:62:7c:54:07:5a:18:85:f6:73:30:10:23:23:7d:f9:
dc:ea:43:a0:cb:3e:e9:95:99:9e:fd:6f:0b:a8:6f:a4:af:9f:
d5:61:3b:f1:4a:c5:e5:17:35:46:0d:2d:c2:6d:cb:05:73:3e:
9a:40:b4:b8:9e:af:ee:6c:74:6e:81:e8:38:2c:3c:85:6f:42:
33:9d:b3:3d:1f:2e:9f:3d:cd:47:a6:a0:89:ac:81:d8:9f:39:
16:f3:e3:ee:9b:ec:71:47:cb:f7:89:98:75:35:ac:97:9b:32:
f2:b1:85:61:6f:89:af:e9:35:17:3d:b0:55:59:37:82:fa:5a:
85:3a:a8:ac:f7:3c:d7:ac:8b:bd:e0:cd:76:03:28:a6:af:0a:
63:8a:40:4d:ca:0b:83:e7:79:37:41:7a:a8:48:39:88:86:aa:
ce:2d:74:e9:d2:18:4b:c2:2b:02:85:fb:e5:70:9a:04:5d:52:
f7:f9:f7:cc:39:c0:c0:63:15:6c:e1:72:02:0a:8e:c4:5b:c1:
ed:81:c1:09:c7:41:cf:85:f9:15:48:35:1c:d0:50:e3:81:17:
12:90:95:b9
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVu1NyVbNi4UIPNYMAqGZLrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjMwMTAxMTkzNTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDBlYjNiNmM4YmQ2ZjI3MTFjZDk5MWFlMzMzYWY5MWMxYTA1OThiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkr5OQAwug+TOr49rThRvo4gUH6gY
YHIWRnKM+w0ah8JsTWCxN3/CbqxhVky68MZfGIs4CwnN/bAw3/gEXuVkCHKtqWQ7
LNLJxpk6DszjMEmmNuo8Dg0gA2+MDKJkBJu/0EqbFX06K2wdD7UBwpp/Sc8u133n
7xq+GbQMiUaYTfCX5z7fgOKiNNWbN0f5HXEr7Wml/C1s5/yCycsoI36zvvBVo4NU
8c8K6AGOE5YAEeVZNRggeZk2tP6v2sirkg9rmv8Ufb5JJn6gnUS/L5c5SmXUSLd/
5X1uWbp7GT3siDq0LaMHTmhs0rAQJ6pq9P4ukItAYURCS5d3ZALUuIJnYQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFD0Os7bIvW8nEc2ZGuMzr5HBoFmLMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvUFE2enRzaTlieWNSelprYTR6T3ZrY0dnV1lzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQBw78SMAwD
BAPUbagDBADUba4wDQYJKoZIhvcNAQELBQADggEBAAkV0+glJVyuCI+2Zvn2jDIV
wBroZLekHBzhshRIbclMxUViurYycGJ8VAdaGIX2czAQIyN9+dzqQ6DLPumVmZ79
bwuob6Svn9VhO/FKxeUXNUYNLcJtywVzPppAtLier+5sdG6B6DgsPIVvQjOdsz0f
Lp89zUemoImsgdifORbz4+6b7HFHy/eJmHU1rJebMvKxhWFvia/pNRc9sFVZN4L6
WoU6qKz3PNesi73gzXYDKKavCmOKQE3KC4PneTdBeqhIOYiGqs4tdOnSGEvCKwKF
++VwmgRdUvf598w5wMBjFWzhcgIKjsRbwe2BwQnHQc+F+RVINRzQUOOBFxKQlbk=
-----END CERTIFICATE-----
Generated at Tue Apr 8 04:33:49 2025 by rpki-client