Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/90c403-e6e9-41e0-b157-781d8fb1d2fb/1/qCUhf_5DSVe6Mx_ruCwaAkcQFoc.roa
File: qCUhf_5DSVe6Mx_ruCwaAkcQFoc.roa (raw, json)
Hash identifier: H3tYY3tK+/XpcSsAQwcCqE9VbHgOrYQzJPyOwCZ+gA8=
Subject key identifier: A8:25:21:7F:FE:43:49:57:BA:33:1F:EB:B8:2C:1A:02:47:10:16:87
Certificate issuer: /CN=cb2cc7ce42e79c351ac7d28f645de7f5938acc9c
Certificate serial: 3769AE18
Authority key identifier: CB:2C:C7:CE:42:E7:9C:35:1A:C7:D2:8F:64:5D:E7:F5:93:8A:CC:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yyzHzkLnnDUax9KPZF3n9ZOKzJw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/90c403-e6e9-41e0-b157-781d8fb1d2fb/1/qCUhf_5DSVe6Mx_ruCwaAkcQFoc.roa
Signing time: Sat 01 Jan 2022 03:56:50 +0000
ROA not before: Sat 01 Jan 2022 03:56:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197064
IP address blocks: 151.248.56.0/21 maxlen: 21
178.23.104.0/21 maxlen: 21
185.24.196.0/22 maxlen: 22
2a02:2408::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 929672728 (0x3769ae18)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb2cc7ce42e79c351ac7d28f645de7f5938acc9c
Validity
Not Before: Jan 1 03:56:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a825217ffe434957ba331febb82c1a0247101687
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:76:c8:52:5c:a3:8e:b0:bc:be:ca:de:97:5b:
45:02:38:d8:61:51:cb:56:20:c4:a0:7b:e9:60:e9:
3f:c3:4f:56:9b:d2:00:7d:b4:db:20:ac:39:74:45:
cd:3e:0b:d4:f4:41:b5:ee:fc:7f:88:1a:fe:00:c8:
2b:54:cc:ac:02:a1:ab:b7:8f:52:a4:47:b7:8d:a8:
bf:15:5a:1e:b6:08:ed:af:aa:17:e2:df:f5:8f:aa:
07:b5:20:a8:1e:e6:e9:ae:63:23:b4:88:d9:4b:a1:
d8:62:19:a4:ad:70:0b:38:0f:b3:17:f4:24:a2:b4:
d4:da:16:02:ca:4a:17:d3:4e:30:5c:59:ed:86:2c:
a2:e5:68:0c:d0:db:44:d5:f6:df:bc:2c:4a:0d:1c:
fb:fd:51:96:ab:f2:20:02:df:1a:0d:ab:2e:c8:5c:
fd:a6:cf:6f:a2:f9:93:b4:32:9c:7c:21:9e:57:3d:
db:fe:5a:13:b4:31:7c:ce:8e:08:1d:fd:3b:2b:dd:
35:33:e5:69:4d:c3:67:de:63:e3:ba:5b:7f:8d:fa:
a1:14:95:21:3c:ed:9e:5d:7c:eb:85:c5:7e:2b:56:
ce:e4:4f:53:85:06:4e:8d:42:0a:5c:8a:e5:64:f6:
a2:e2:22:22:96:a0:e5:49:6b:f0:ca:b9:b1:eb:e7:
b5:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:25:21:7F:FE:43:49:57:BA:33:1F:EB:B8:2C:1A:02:47:10:16:87
X509v3 Authority Key Identifier:
keyid:CB:2C:C7:CE:42:E7:9C:35:1A:C7:D2:8F:64:5D:E7:F5:93:8A:CC:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yyzHzkLnnDUax9KPZF3n9ZOKzJw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/90c403-e6e9-41e0-b157-781d8fb1d2fb/1/qCUhf_5DSVe6Mx_ruCwaAkcQFoc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/90c403-e6e9-41e0-b157-781d8fb1d2fb/1/yyzHzkLnnDUax9KPZF3n9ZOKzJw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.248.56.0/21
178.23.104.0/21
185.24.196.0/22
IPv6:
2a02:2408::/32
Signature Algorithm: sha256WithRSAEncryption
af:72:ad:a4:6d:71:b0:d4:85:10:a5:9b:9b:cd:98:21:b1:65:
e5:62:58:e3:14:11:52:f9:99:0d:72:34:69:1d:cf:dc:d6:2c:
7f:61:73:6f:5d:52:60:70:90:df:0a:83:81:23:42:e8:c0:67:
02:46:5a:65:2b:bc:d5:c4:e4:78:7e:bc:a2:e0:71:d2:05:47:
e3:d2:bd:7f:e6:a3:85:c6:ce:58:9f:1c:fb:76:b8:d5:0b:a6:
15:e7:63:62:62:d2:ae:ce:34:93:90:b9:e4:1e:95:db:35:4e:
63:85:da:23:6b:cf:40:37:e5:4f:79:7e:79:06:98:0f:23:31:
00:f2:98:0c:d0:4e:4e:38:dd:da:17:67:08:6e:90:40:48:52:
56:69:38:d7:08:e7:39:cc:d7:5b:ab:00:ce:2d:7f:82:cd:f6:
f5:78:0a:65:e1:90:b0:d8:1e:54:06:0c:f7:7b:42:2a:25:ea:
f8:a7:11:89:c6:f5:af:18:dc:5f:cc:8a:0a:94:ec:e7:f1:91:
3d:97:10:f0:2b:76:1e:fd:7b:cf:7a:67:8a:bf:b2:e3:06:3b:
ab:a8:1e:4c:15:50:c9:f4:a2:12:3a:1b:bc:9c:a3:5a:63:b4:
46:2f:88:7c:b8:5f:1f:e7:fd:5f:d1:99:ba:fd:5c:ae:a1:15:
7f:7b:04:01
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEN2muGDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
YjJjYzdjZTQyZTc5YzM1MWFjN2QyOGY2NDVkZTdmNTkzOGFjYzljMB4XDTIyMDEw
MTAzNTY1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTgyNTIxN2ZmZTQz
NDk1N2JhMzMxZmViYjgyYzFhMDI0NzEwMTY4NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOB2yFJco46wvL7K3pdbRQI42GFRy1YgxKB76WDpP8NPVpvS
AH202yCsOXRFzT4L1PRBte78f4ga/gDIK1TMrAKhq7ePUqRHt42ovxVaHrYI7a+q
F+Lf9Y+qB7UgqB7m6a5jI7SI2Uuh2GIZpK1wCzgPsxf0JKK01NoWAspKF9NOMFxZ
7YYsouVoDNDbRNX237wsSg0c+/1RlqvyIALfGg2rLshc/abPb6L5k7QynHwhnlc9
2/5aE7QxfM6OCB39OyvdNTPlaU3DZ95j47pbf436oRSVITztnl1864XFfitWzuRP
U4UGTo1CClyK5WT2ouIiIpag5Ulr8Mq5sevntd8CAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBSoJSF//kNJV7ozH+u4LBoCRxAWhzAfBgNVHSMEGDAWgBTLLMfOQuecNRrH
0o9kXef1k4rMnDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3l5ekh6a0xubkRVYXg5S1BaRjNuOVpPS3pKdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjAvOTBjNDAzLWU2ZTktNDFlMC1iMTU3LTc4MWQ4ZmIxZDJmYi8x
L3FDVWhmXzVEU1ZlNk14X3J1Q3dhQWtjUUZvYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjAv
OTBjNDAzLWU2ZTktNDFlMC1iMTU3LTc4MWQ4ZmIxZDJmYi8xL3l5ekh6a0xubkRV
YXg5S1BaRjNuOVpPS3pKdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEA5f4OAMEA7IXaAMEArkYxDANBAIA
AjAHAwUAKgIkCDANBgkqhkiG9w0BAQsFAAOCAQEAr3KtpG1xsNSFEKWbm82YIbFl
5WJY4xQRUvmZDXI0aR3P3NYsf2Fzb11SYHCQ3wqDgSNC6MBnAkZaZSu81cTkeH68
ouBx0gVH49K9f+ajhcbOWJ8c+3a41QumFedjYmLSrs40k5C55B6V2zVOY4XaI2vP
QDflT3l+eQaYDyMxAPKYDNBOTjjd2hdnCG6QQEhSVmk41wjnOczXW6sAzi1/gs32
9XgKZeGQsNgeVAYM93tCKiXq+KcRicb1rxjcX8yKCpTs5/GRPZcQ8Ct2Hv17z3pn
ir+y4wY7q6geTBVQyfSiEjobvJyjWmO0Ri+IfLhfH+f9X9GZuv1crqEVf3sEAQ==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:05 2023 by rpki-client on console.sobornost.net