Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/cea581-5cde-4574-ba0a-2c62de7b3e45/1/6s8_q-u3Sql4RmQcvrxMq899l-0.roa
File: 6s8_q-u3Sql4RmQcvrxMq899l-0.roa (raw, json)
Hash identifier: EmsHlHsOxNwSHJ3/mm+B1YUStPjGKpTdOLRL3x3t3Qc=
Subject key identifier: EA:CF:3F:AB:EB:B7:4A:A9:78:46:64:1C:BE:BC:4C:AB:CF:7D:97:ED
Certificate issuer: /CN=af73ff1ec55f49296dd734039fa0284cc400eb26
Certificate serial: 143D3A11
Authority key identifier: AF:73:FF:1E:C5:5F:49:29:6D:D7:34:03:9F:A0:28:4C:C4:00:EB:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r3P_HsVfSSlt1zQDn6AoTMQA6yY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/cea581-5cde-4574-ba0a-2c62de7b3e45/1/6s8_q-u3Sql4RmQcvrxMq899l-0.roa
Signing time: Sat 01 Jan 2022 06:57:11 +0000
ROA not before: Sat 01 Jan 2022 06:57:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 24864
IP address blocks: 193.110.28.0/22 maxlen: 24
217.13.176.0/20 maxlen: 24
89.188.64.0/21 maxlen: 24
185.159.56.0/22 maxlen: 24
195.234.157.0/24 maxlen: 24
2a02:7c8::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 339556881 (0x143d3a11)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af73ff1ec55f49296dd734039fa0284cc400eb26
Validity
Not Before: Jan 1 06:57:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=eacf3fabebb74aa97846641cbebc4cabcf7d97ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:fe:2c:ea:6d:3b:96:d7:0b:ca:ea:ec:6e:b9:
82:f1:05:14:df:d3:77:0e:72:d6:eb:b0:e4:23:3c:
5a:b0:31:aa:3d:9d:d4:a0:ad:7a:06:0f:50:7d:dd:
b0:72:c5:eb:d3:e3:43:21:b1:0b:c5:80:30:17:8c:
ae:36:17:29:02:25:28:b6:86:39:5a:b4:a9:a1:75:
fb:79:4a:4b:94:0e:e3:0c:ea:03:bf:3c:6f:37:38:
82:3a:c8:0e:c7:4a:b2:d6:f2:05:f6:d3:c3:3f:04:
fd:96:3d:1d:96:8b:ba:9d:79:45:3b:b6:9e:6f:b2:
89:d1:d0:fd:34:c6:a4:82:eb:f3:53:a7:47:fc:8b:
84:cf:70:5f:c9:d8:cb:a3:90:d8:4d:49:7e:e7:50:
17:43:e8:9f:4f:8a:69:46:87:17:2e:c4:ff:cd:8f:
68:e4:f0:0b:7a:f5:a5:76:5a:e0:68:70:90:88:5a:
1c:24:cc:fc:61:f2:a3:92:4c:d1:b5:7f:29:13:92:
e8:a9:d2:e0:ca:64:52:d6:e6:ae:69:5f:ce:5d:d9:
54:67:1c:72:57:be:17:f4:b6:fe:b3:86:f7:0f:6f:
3a:74:f0:23:06:65:54:04:ff:9d:bb:ef:26:51:90:
9a:f8:53:f9:5f:d5:15:d6:92:bf:de:f6:76:c8:3e:
de:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:CF:3F:AB:EB:B7:4A:A9:78:46:64:1C:BE:BC:4C:AB:CF:7D:97:ED
X509v3 Authority Key Identifier:
keyid:AF:73:FF:1E:C5:5F:49:29:6D:D7:34:03:9F:A0:28:4C:C4:00:EB:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r3P_HsVfSSlt1zQDn6AoTMQA6yY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/cea581-5cde-4574-ba0a-2c62de7b3e45/1/6s8_q-u3Sql4RmQcvrxMq899l-0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/cea581-5cde-4574-ba0a-2c62de7b3e45/1/r3P_HsVfSSlt1zQDn6AoTMQA6yY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.188.64.0/21
185.159.56.0/22
193.110.28.0/22
195.234.157.0/24
217.13.176.0/20
IPv6:
2a02:7c8::/32
Signature Algorithm: sha256WithRSAEncryption
ae:64:9d:79:69:30:3b:e0:14:e7:03:8d:b8:62:61:97:7b:bb:
79:1e:96:9e:3b:87:01:61:71:f9:67:44:4d:de:f7:a8:44:b2:
0b:ba:12:42:bc:1e:b4:f6:1c:13:42:ba:01:30:0d:36:86:0a:
3d:9e:e2:50:4f:24:57:97:da:91:96:72:74:85:45:d2:1c:34:
34:cc:6d:16:e5:89:17:db:29:ee:12:8c:68:20:69:fc:21:5d:
56:38:22:fa:8a:fb:98:a4:b9:6d:23:b7:75:16:bc:67:70:01:
04:49:37:30:86:b7:e0:d9:f8:f4:08:64:41:58:78:6f:ce:c1:
45:fd:93:b3:57:2f:6e:9b:79:e9:8f:1c:a0:6b:0e:2c:7e:cc:
0b:b4:08:75:6f:87:48:02:27:0d:5c:54:44:de:ec:e0:42:ab:
8d:4d:bc:3f:d7:8d:2b:b9:7b:7a:4d:9f:0f:d7:6a:6c:66:2a:
fe:c1:7c:78:fc:f2:7c:4c:d6:bd:af:87:e2:53:76:c4:bf:26:
5f:d3:b5:f3:a3:80:1a:96:e0:9a:4f:fc:60:71:55:0e:b5:45:
7d:4b:55:41:1d:78:13:42:bc:5f:e0:f2:37:bd:31:13:a7:9d:
99:56:f7:bd:25:5a:22:34:21:1d:51:03:20:65:9b:5b:4e:1b:
5e:c1:3b:a2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIEFD06ETANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ZjczZmYxZWM1NWY0OTI5NmRkNzM0MDM5ZmEwMjg0Y2M0MDBlYjI2MB4XDTIyMDEw
MTA2NTcxMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWFjZjNmYWJlYmI3
NGFhOTc4NDY2NDFjYmViYzRjYWJjZjdkOTdlZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMD+LOptO5bXC8rq7G65gvEFFN/Tdw5y1uuw5CM8WrAxqj2d
1KCtegYPUH3dsHLF69PjQyGxC8WAMBeMrjYXKQIlKLaGOVq0qaF1+3lKS5QO4wzq
A788bzc4gjrIDsdKstbyBfbTwz8E/ZY9HZaLup15RTu2nm+yidHQ/TTGpILr81On
R/yLhM9wX8nYy6OQ2E1JfudQF0Pon0+KaUaHFy7E/82PaOTwC3r1pXZa4GhwkIha
HCTM/GHyo5JM0bV/KROS6KnS4MpkUtbmrmlfzl3ZVGcccle+F/S2/rOG9w9vOnTw
IwZlVAT/nbvvJlGQmvhT+V/VFdaSv972dsg+3o0CAwEAAaOCAjAwggIsMB0GA1Ud
DgQWBBTqzz+r67dKqXhGZBy+vEyrz32X7TAfBgNVHSMEGDAWgBSvc/8exV9JKW3X
NAOfoChMxADrJjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3IzUF9Ic1ZmU1NsdDF6UURuNkFvVE1RQTZ5WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDAvY2VhNTgxLTVjZGUtNDU3NC1iYTBhLTJjNjJkZTdiM2U0NS8x
LzZzOF9xLXUzU3FsNFJtUWN2cnhNcTg5OWwtMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDAv
Y2VhNTgxLTVjZGUtNDU3NC1iYTBhLTJjNjJkZTdiM2U0NS8xL3IzUF9Ic1ZmU1Ns
dDF6UURuNkFvVE1RQTZ5WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBG
BggrBgEFBQcBBwEB/wQ3MDUwJAQCAAEwHgMEA1m8QAMEArmfOAMEAsFuHAMEAMPq
nQMEBNkNsDANBAIAAjAHAwUAKgIHyDANBgkqhkiG9w0BAQsFAAOCAQEArmSdeWkw
O+AU5wONuGJhl3u7eR6WnjuHAWFx+WdETd73qESyC7oSQrwetPYcE0K6ATANNoYK
PZ7iUE8kV5fakZZydIVF0hw0NMxtFuWJF9sp7hKMaCBp/CFdVjgi+or7mKS5bSO3
dRa8Z3ABBEk3MIa34Nn49AhkQVh4b87BRf2Ts1cvbpt56Y8coGsOLH7MC7QIdW+H
SAInDVxURN7s4EKrjU28P9eNK7l7ek2fD9dqbGYq/sF8ePzyfEzWva+H4lN2xL8m
X9O186OAGpbgmk/8YHFVDrVFfUtVQR14E0K8X+DyN70xE6edmVb3vSVaIjQhHVED
IGWbW04bXsE7og==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:31 2023 by rpki-client on console.sobornost.net