Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/56d267-1c43-47c8-afb2-64d29c86bf3e/1/QDS2mrxM27k-x63QpxU3str-jhY.roa
File: QDS2mrxM27k-x63QpxU3str-jhY.roa (raw, json)
Hash identifier: OtL1Q/cqvq2MsZAnxLxj8L0SGdBZEh7wOv1sAvQ9Yzc=
Subject key identifier: 40:34:B6:9A:BC:4C:DB:B9:3E:C7:AD:D0:A7:15:37:B2:DA:FE:8E:16
Certificate issuer: /CN=ac1f721b7b7e6d049fbfe520e1ca89c1ca256813
Certificate serial: 0184A9F5D4B31DA3CA0841AFBC3FDFD51492
Authority key identifier: AC:1F:72:1B:7B:7E:6D:04:9F:BF:E5:20:E1:CA:89:C1:CA:25:68:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rB9yG3t-bQSfv-Ug4cqJwcolaBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/56d267-1c43-47c8-afb2-64d29c86bf3e/1/QDS2mrxM27k-x63QpxU3str-jhY.roa
Signing time: Thu 24 Nov 2022 14:06:11 +0000
ROA not before: Thu 24 Nov 2022 14:06:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39251
IP address blocks: 213.232.88.0/22 maxlen: 24
185.225.84.0/22 maxlen: 24
91.223.66.0/24 maxlen: 24
185.163.140.0/22 maxlen: 24
2a0b:f800::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:a9:f5:d4:b3:1d:a3:ca:08:41:af:bc:3f:df:d5:14:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac1f721b7b7e6d049fbfe520e1ca89c1ca256813
Validity
Not Before: Nov 24 14:06:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4034b69abc4cdbb93ec7add0a71537b2dafe8e16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:27:fe:80:e8:1d:37:9c:ca:9a:98:6f:f7:61:
d8:72:45:da:03:3d:67:35:81:70:3e:d1:33:12:9f:
98:6f:01:8e:44:8e:e5:c4:0a:ef:65:fd:98:ae:64:
83:71:e4:fe:c5:cf:49:fa:e3:a5:e9:c5:3c:81:47:
66:e5:08:2f:8a:42:1c:f5:7a:0d:90:3b:1d:1e:ab:
16:0c:18:2c:03:89:69:5b:f8:36:0e:9c:90:46:1f:
9c:02:76:f5:0d:91:05:77:5f:7d:b3:ff:72:8a:c3:
25:05:f7:8f:69:79:1a:90:d8:18:c6:85:cd:d0:d9:
4e:1b:65:9f:d0:48:5b:43:e7:06:d0:10:1d:d4:fc:
c6:ef:61:3b:5c:e0:c7:36:0d:74:26:76:53:c7:c2:
56:96:94:3e:25:cf:c7:90:da:97:38:60:52:d3:af:
ad:f5:8f:fe:14:36:28:b1:89:b6:4c:7f:82:50:ce:
a0:60:26:0a:98:13:d7:fb:d5:9d:a9:e3:14:c1:e7:
b2:4d:5b:2b:e7:aa:a1:0f:ee:6a:46:bf:b3:72:d8:
e0:92:72:ba:9c:28:c1:d2:da:4b:5b:09:42:d8:bf:
b1:04:29:01:cd:0a:59:00:93:69:89:58:56:fc:b8:
d6:38:87:94:c5:e2:35:e5:75:57:a1:6e:6c:82:36:
3a:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:34:B6:9A:BC:4C:DB:B9:3E:C7:AD:D0:A7:15:37:B2:DA:FE:8E:16
X509v3 Authority Key Identifier:
keyid:AC:1F:72:1B:7B:7E:6D:04:9F:BF:E5:20:E1:CA:89:C1:CA:25:68:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rB9yG3t-bQSfv-Ug4cqJwcolaBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/56d267-1c43-47c8-afb2-64d29c86bf3e/1/QDS2mrxM27k-x63QpxU3str-jhY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/56d267-1c43-47c8-afb2-64d29c86bf3e/1/rB9yG3t-bQSfv-Ug4cqJwcolaBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.223.66.0/24
185.163.140.0/22
185.225.84.0/22
213.232.88.0/22
IPv6:
2a0b:f800::/32
Signature Algorithm: sha256WithRSAEncryption
7b:24:1d:88:8e:69:f1:6b:3e:01:61:55:fe:20:d5:fc:44:86:
9d:18:71:2d:08:57:a7:1e:f7:5b:3c:69:87:c7:d5:9a:2a:b7:
56:56:ef:97:7a:14:50:b7:23:91:5f:e2:38:27:40:0d:9d:7e:
11:5f:b3:5b:92:51:b1:3f:ac:68:8e:74:a0:d8:a2:51:57:88:
ac:57:2a:5a:40:f9:b8:5a:58:fc:90:b9:7e:b8:41:5c:28:a5:
27:3f:1b:ae:26:5e:ef:76:c3:9c:d8:b5:25:20:37:b7:c7:0c:
2e:84:5a:c7:1c:d5:cd:93:d2:21:5b:fb:f8:32:a3:24:3f:a0:
4f:68:9e:4d:6c:31:a7:c0:9a:3c:62:e9:11:2d:9a:9e:16:1c:
37:a3:39:c7:25:15:0c:dd:5c:54:44:d3:35:ca:50:62:6a:c3:
91:1d:77:36:56:2b:68:98:4f:9c:ce:3b:6d:de:fe:23:b2:f8:
5e:62:de:59:a2:18:00:e6:eb:f6:a0:c7:22:9d:f1:57:0f:59:
46:b5:71:14:76:0c:62:f1:5b:74:4d:ac:29:08:ad:7f:07:fc:
96:da:b2:62:39:01:43:f9:1d:85:76:df:03:e4:d2:0b:0b:aa:
f9:d8:22:37:39:e7:52:6c:7c:c6:39:26:c1:cb:7e:06:1a:ef:
45:44:98:4e
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYSp9dSzHaPKCEGvvD/f1RSSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjMWY3MjFiN2I3ZTZkMDQ5ZmJmZTUyMGUxY2E4OWMxY2Ey
NTY4MTMwHhcNMjIxMTI0MTQwNjExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDM0YjY5YWJjNGNkYmI5M2VjN2FkZDBhNzE1MzdiMmRhZmU4ZTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkif+gOgdN5zKmphv92HYckXaAz1n
NYFwPtEzEp+YbwGORI7lxArvZf2YrmSDceT+xc9J+uOl6cU8gUdm5QgvikIc9XoN
kDsdHqsWDBgsA4lpW/g2DpyQRh+cAnb1DZEFd199s/9yisMlBfePaXkakNgYxoXN
0NlOG2Wf0EhbQ+cG0BAd1PzG72E7XODHNg10JnZTx8JWlpQ+Jc/HkNqXOGBS06+t
9Y/+FDYosYm2TH+CUM6gYCYKmBPX+9WdqeMUweeyTVsr56qhD+5qRr+zctjgknK6
nCjB0tpLWwlC2L+xBCkBzQpZAJNpiVhW/LjWOIeUxeI15XVXoW5sgjY6fQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFEA0tpq8TNu5Pset0KcVN7La/o4WMB8GA1UdIwQY
MBaAFKwfcht7fm0En7/lIOHKicHKJWgTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckI5eUczdC1iUVNmdi1VZzRjcUp3Y29sYUJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC81NmQyNjctMWM0My00N2M4LWFmYjIt
NjRkMjljODZiZjNlLzEvUURTMm1yeE0yN2steDYzUXB4VTNzdHItamhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC81NmQyNjctMWM0My00N2M4LWFmYjItNjRkMjljODZiZjNl
LzEvckI5eUczdC1iUVNmdi1VZzRjcUp3Y29sYUJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAW99CAwQC
uaOMAwQCueFUAwQC1ehYMA0EAgACMAcDBQAqC/gAMA0GCSqGSIb3DQEBCwUAA4IB
AQB7JB2Ijmnxaz4BYVX+INX8RIadGHEtCFenHvdbPGmHx9WaKrdWVu+XehRQtyOR
X+I4J0ANnX4RX7NbklGxP6xojnSg2KJRV4isVypaQPm4Wlj8kLl+uEFcKKUnPxuu
Jl7vdsOc2LUlIDe3xwwuhFrHHNXNk9IhW/v4MqMkP6BPaJ5NbDGnwJo8YukRLZqe
Fhw3oznHJRUM3VxURNM1ylBiasORHXc2VitomE+czjtt3v4jsvheYt5ZohgA5uv2
oMcinfFXD1lGtXEUdgxi8Vt0TawpCK1/B/yW2rJiOQFD+R2Fdt8D5NILC6r52CI3
OedSbHzGOSbBy34GGu9FRJhO
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:47 2023 by rpki-client on console.sobornost.net