Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/XqtPcUR1-L2HUhHcLPxI39IYxXU.roa
File: XqtPcUR1-L2HUhHcLPxI39IYxXU.roa (raw, json)
Hash identifier: 0AJDzAUF03/phbOU7BlGcqXO/f+enGbfc7kxVUua8PI=
Subject key identifier: 5E:AB:4F:71:44:75:F8:BD:87:52:11:DC:2C:FC:48:DF:D2:18:C5:75
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 0181D787CF183836E913F4923C6C44051139
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/XqtPcUR1-L2HUhHcLPxI39IYxXU.roa
Signing time: Thu 07 Jul 2022 07:20:10 +0000
ROA not before: Thu 07 Jul 2022 07:20:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6850
IP address blocks: 212.109.173.0/24 maxlen: 24
212.109.174.0/24 maxlen: 24
79.171.208.0/24 maxlen: 24
212.109.169.0/24 maxlen: 24
212.109.170.0/24 maxlen: 24
212.109.171.0/24 maxlen: 24
212.109.172.0/24 maxlen: 24
212.109.168.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:d7:87:cf:18:38:36:e9:13:f4:92:3c:6c:44:05:11:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Jul 7 07:20:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5eab4f714475f8bd875211dc2cfc48dfd218c575
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:65:8f:ec:82:14:25:1c:14:9e:e7:95:04:19:
af:b5:49:6b:70:bb:f2:af:b6:74:27:c0:6f:1c:29:
07:e7:db:57:53:20:4e:26:98:1c:00:61:dc:e7:39:
8d:3d:b0:34:d4:fa:c0:da:d3:d8:14:b6:4a:a3:a7:
37:54:62:4a:1c:c0:b1:23:37:08:51:0c:bd:18:7a:
18:44:e7:ad:67:bc:d3:9b:16:ee:e7:e7:47:4e:2f:
5c:61:97:77:17:e4:9d:fa:35:ca:77:53:6c:35:64:
95:28:41:79:7a:2b:77:1c:ca:0a:4c:83:e0:7e:f7:
e1:81:d2:5e:33:66:37:e9:1c:d7:4b:96:b0:69:a7:
d3:06:b9:9f:52:4f:bd:7e:0e:ee:1a:b4:d6:c4:92:
5f:b8:c5:cf:8f:36:1d:27:0f:c3:40:49:04:49:03:
b5:2f:18:02:ff:9c:81:7e:38:0b:b3:f3:11:be:fa:
00:95:2e:54:56:20:84:30:4f:f1:54:4f:cf:d3:2d:
62:c2:65:e2:a3:b1:33:f3:83:26:ef:5e:e0:4d:e3:
a7:70:cb:d0:6c:92:d6:0d:21:38:92:6d:dc:9d:82:
1b:7a:89:61:0e:06:5c:8e:28:8d:fb:31:8c:f5:91:
f7:5f:e0:95:0d:dd:6f:8a:aa:e0:26:b5:f8:1f:6f:
68:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:AB:4F:71:44:75:F8:BD:87:52:11:DC:2C:FC:48:DF:D2:18:C5:75
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/XqtPcUR1-L2HUhHcLPxI39IYxXU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.171.208.0/24
212.109.168.0-212.109.174.255
Signature Algorithm: sha256WithRSAEncryption
33:c4:70:22:76:38:0a:3f:24:7f:3c:ff:d4:7b:05:89:e8:88:
45:80:db:a2:26:78:c8:71:8b:10:98:b8:50:54:8d:62:65:e5:
ea:c8:27:e3:3f:1e:2c:9d:32:79:c1:d5:2b:e7:a9:b1:32:ca:
36:98:ea:17:ae:38:31:8c:9c:20:78:e2:38:7c:89:5e:21:8e:
93:d2:2f:1a:b9:b9:69:00:ee:4a:de:30:ad:90:c1:6c:b2:a9:
d8:b0:ca:f4:45:ea:c7:4d:6a:f6:97:d2:93:75:a8:79:e0:60:
10:0a:c1:6d:2c:60:35:4b:70:91:54:2a:d0:f7:bf:97:a6:f9:
6e:81:db:5b:96:ef:61:91:fc:93:f4:e2:2f:d7:aa:97:0a:2f:
bf:97:6f:cd:b9:e2:62:ae:4c:59:d7:33:05:64:6b:ab:84:84:
d8:6e:0a:ff:cc:19:05:1c:5c:01:ea:52:63:ed:7f:30:92:a5:
c9:92:77:41:e6:7e:98:27:22:3b:6a:06:80:d7:35:ad:c7:f0:
2d:48:0f:8c:cc:ce:6f:d9:8d:2d:1e:81:a8:62:1c:48:3b:c6:
05:52:f4:9d:6f:97:1d:05:38:7a:81:e4:7d:dd:f2:e7:13:c3:
e6:2b:1c:73:8e:c7:83:9b:75:76:4f:0f:b5:5a:45:41:82:e9:
b1:f0:6f:72
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYHXh88YODbpE/SSPGxEBRE5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIwNzA3MDcyMDEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWFiNGY3MTQ0NzVmOGJkODc1MjExZGMyY2ZjNDhkZmQyMThjNTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0GWP7IIUJRwUnueVBBmvtUlrcLvy
r7Z0J8BvHCkH59tXUyBOJpgcAGHc5zmNPbA01PrA2tPYFLZKo6c3VGJKHMCxIzcI
UQy9GHoYROetZ7zTmxbu5+dHTi9cYZd3F+Sd+jXKd1NsNWSVKEF5eit3HMoKTIPg
fvfhgdJeM2Y36RzXS5awaafTBrmfUk+9fg7uGrTWxJJfuMXPjzYdJw/DQEkESQO1
LxgC/5yBfjgLs/MRvvoAlS5UViCEME/xVE/P0y1iwmXio7Ez84Mm717gTeOncMvQ
bJLWDSE4km3cnYIbeolhDgZcjiiN+zGM9ZH3X+CVDd1viqrgJrX4H29odQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFF6rT3FEdfi9h1IR3Cz8SN/SGMV1MB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvWHF0UGNVUjEtTDJIVWhIY0xQeEkzOUlZeFhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAT6vQMAwD
BAPUbagDBADUba4wDQYJKoZIhvcNAQELBQADggEBADPEcCJ2OAo/JH88/9R7BYno
iEWA26ImeMhxixCYuFBUjWJl5erIJ+M/HiydMnnB1SvnqbEyyjaY6heuODGMnCB4
4jh8iV4hjpPSLxq5uWkA7kreMK2QwWyyqdiwyvRF6sdNavaX0pN1qHngYBAKwW0s
YDVLcJFUKtD3v5em+W6B21uW72GR/JP04i/XqpcKL7+Xb8254mKuTFnXMwVka6uE
hNhuCv/MGQUcXAHqUmPtfzCSpcmSd0HmfpgnIjtqBoDXNa3H8C1ID4zMzm/ZjS0e
gahiHEg7xgVS9J1vlx0FOHqB5H3d8ucTw+YrHHOOx4ObdXZPD7VaRUGC6bHwb3I=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:25 2024 by rpki-client on console-fra.rpki-client.org