Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/QBdtU2loo9E_13B-djSKK7NIsiM.roa
File: QBdtU2loo9E_13B-djSKK7NIsiM.roa (raw, json)
Hash identifier: gwLzg0IR0nq+mjEcroBvY8yYNXpfeCmU3zzWnNIoK0A=
Subject key identifier: 40:17:6D:53:69:68:A3:D1:3F:D7:70:7E:76:34:8A:2B:B3:48:B2:23
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 0184A96AC23C5E7EA7C3FF3E69966DAC92B3
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/QBdtU2loo9E_13B-djSKK7NIsiM.roa
Signing time: Thu 24 Nov 2022 11:34:16 +0000
ROA not before: Thu 24 Nov 2022 11:34:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6850
IP address blocks: 212.109.174.0/24 maxlen: 24
212.109.173.0/24 maxlen: 24
195.191.18.0/24 maxlen: 24
195.191.19.0/24 maxlen: 24
212.109.169.0/24 maxlen: 24
212.109.171.0/24 maxlen: 24
212.109.168.0/24 maxlen: 24
212.109.170.0/24 maxlen: 24
212.109.172.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:a9:6a:c2:3c:5e:7e:a7:c3:ff:3e:69:96:6d:ac:92:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Nov 24 11:34:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=40176d536968a3d13fd7707e76348a2bb348b223
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:3f:34:9b:89:33:f1:f2:ec:e9:cb:12:01:3e:
f0:6c:ac:ed:14:d0:d3:11:a0:bd:90:4b:67:cd:6f:
b7:b5:51:e0:cb:b8:29:e2:0e:e0:4c:ff:39:89:ed:
bc:f9:aa:29:42:7b:b2:25:14:32:9a:05:24:5c:38:
af:e7:8e:50:cd:30:34:93:de:87:31:9a:db:f3:68:
3e:3d:3b:4a:85:94:60:06:32:e4:76:fb:3c:bc:06:
22:a6:8e:99:74:27:95:32:bd:35:b9:df:0c:eb:c6:
ad:6b:c3:a9:30:17:a6:12:7c:bc:80:cf:9a:76:6e:
1c:cd:04:28:b2:64:49:5e:91:89:3e:f1:1f:62:ba:
d1:1c:db:6a:e3:07:93:ad:55:b5:91:6a:ef:4d:95:
d0:17:bd:b9:93:04:fb:e3:32:71:24:da:81:ab:5a:
3b:3e:09:f1:b6:b4:88:b1:80:1a:ae:dc:0f:7e:3b:
92:c0:51:68:21:42:5c:3f:56:53:05:9f:19:25:ef:
06:eb:f0:33:6e:6f:ef:89:8c:7c:52:43:8e:2f:5c:
64:3d:eb:fb:f2:d6:82:e4:3d:5d:81:6b:21:8a:14:
67:21:ae:06:e5:f6:f2:8a:42:d0:6b:8e:06:6b:83:
65:cd:f3:3b:d7:7e:64:be:32:83:23:be:d5:12:5e:
46:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:17:6D:53:69:68:A3:D1:3F:D7:70:7E:76:34:8A:2B:B3:48:B2:23
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/QBdtU2loo9E_13B-djSKK7NIsiM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.191.18.0/23
212.109.168.0-212.109.174.255
Signature Algorithm: sha256WithRSAEncryption
a3:a9:e9:4a:d0:25:14:0a:13:62:2b:a3:9e:a8:43:6b:db:39:
cc:83:2a:fe:4e:f9:a8:49:bc:74:16:74:ba:6e:68:05:89:72:
b2:6f:ed:aa:c1:c8:c0:a4:57:b7:ef:a8:85:7b:d5:35:2f:d4:
83:9c:55:77:1a:d8:f9:5e:a0:91:0a:f2:e5:fd:a1:1d:ff:19:
dd:f6:61:e0:b8:1a:1b:77:c8:d9:e4:52:4a:ae:06:ef:23:51:
91:c6:e4:bf:57:be:47:d9:2b:14:1a:61:03:90:3e:ad:c5:4d:
b9:e9:54:f1:dc:26:91:df:e5:42:d4:8e:9d:ac:4a:77:c2:4f:
90:a9:50:04:92:0f:29:02:2a:2e:31:c0:7d:6e:8d:c4:47:2e:
8e:08:c0:b1:e2:9a:5b:b3:cd:e2:c2:96:8d:20:04:08:4a:2f:
d3:c9:1a:1d:f3:f8:41:7b:2e:ec:d8:19:c5:29:99:b5:c2:3f:
db:a9:c6:cf:36:0b:ff:47:fe:81:cb:93:c3:41:c7:de:8a:73:
0a:c6:a1:60:71:74:d5:98:2b:4e:34:13:97:0c:ad:ee:8b:40:
0f:ea:c2:62:d2:a8:0e:0f:04:b2:e5:cf:66:e1:d9:95:98:63:
ad:08:20:64:87:61:00:38:f3:2f:5e:d6:e6:a3:6a:da:7a:af:
00:fe:72:95
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYSpasI8Xn6nw/8+aZZtrJKzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMTI0MTEzNDE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDE3NmQ1MzY5NjhhM2QxM2ZkNzcwN2U3NjM0OGEyYmIzNDhiMjIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmD80m4kz8fLs6csSAT7wbKztFNDT
EaC9kEtnzW+3tVHgy7gp4g7gTP85ie28+aopQnuyJRQymgUkXDiv545QzTA0k96H
MZrb82g+PTtKhZRgBjLkdvs8vAYipo6ZdCeVMr01ud8M68ata8OpMBemEny8gM+a
dm4czQQosmRJXpGJPvEfYrrRHNtq4weTrVW1kWrvTZXQF725kwT74zJxJNqBq1o7
PgnxtrSIsYAartwPfjuSwFFoIUJcP1ZTBZ8ZJe8G6/Azbm/viYx8UkOOL1xkPev7
8taC5D1dgWshihRnIa4G5fbyikLQa44Ga4NlzfM7135kvjKDI77VEl5GUwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFEAXbVNpaKPRP9dwfnY0iiuzSLIjMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvUUJkdFUybG9vOUVfMTNCLWRqU0tLN05Jc2lNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQBw78SMAwD
BAPUbagDBADUba4wDQYJKoZIhvcNAQELBQADggEBAKOp6UrQJRQKE2Iro56oQ2vb
OcyDKv5O+ahJvHQWdLpuaAWJcrJv7arByMCkV7fvqIV71TUv1IOcVXca2PleoJEK
8uX9oR3/Gd32YeC4Ght3yNnkUkquBu8jUZHG5L9XvkfZKxQaYQOQPq3FTbnpVPHc
JpHf5ULUjp2sSnfCT5CpUASSDykCKi4xwH1ujcRHLo4IwLHimluzzeLClo0gBAhK
L9PJGh3z+EF7LuzYGcUpmbXCP9upxs82C/9H/oHLk8NBx96KcwrGoWBxdNWYK040
E5cMre6LQA/qwmLSqA4PBLLlz2bh2ZWYY60IIGSHYQA48y9e1uajatp6rwD+cpU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:25 2024 by rpki-client on console-fra.rpki-client.org