Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/9e847f-4146-4566-8c3e-1ba543eeaed7/1/mlJFRfe9ZUYaufcwiadHOJFZcIk.roa
File: mlJFRfe9ZUYaufcwiadHOJFZcIk.roa (raw, json)
Hash identifier: UeMpOFDM9WttiiP/I3YFbd0aqBjNR/aAuLna+l4v7Ys=
Subject key identifier: 9A:52:45:45:F7:BD:65:46:1A:B9:F7:30:89:A7:47:38:91:59:70:89
Certificate issuer: /CN=5da432a4ec3b0ac4ca4e4ecec0e9f4d46b497af0
Certificate serial: 10FD8FBA
Authority key identifier: 5D:A4:32:A4:EC:3B:0A:C4:CA:4E:4E:CE:C0:E9:F4:D4:6B:49:7A:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaQypOw7CsTKTk7OwOn01GtJevA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/9e847f-4146-4566-8c3e-1ba543eeaed7/1/mlJFRfe9ZUYaufcwiadHOJFZcIk.roa
Signing time: Thu 03 Feb 2022 18:02:59 +0000
ROA not before: Thu 03 Feb 2022 18:02:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61400
IP address blocks: 62.76.112.0/22 maxlen: 32
185.111.219.0/24 maxlen: 24
185.111.218.0/24 maxlen: 24
185.111.216.0/23 maxlen: 23
91.107.84.0/24 maxlen: 24
91.107.86.0/23 maxlen: 23
185.126.92.0/22 maxlen: 24
185.62.103.0/24 maxlen: 24
89.248.236.0/24 maxlen: 24
185.40.28.0/22 maxlen: 22
91.227.34.0/23 maxlen: 23
2a03:220::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 285052858 (0x10fd8fba)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da432a4ec3b0ac4ca4e4ecec0e9f4d46b497af0
Validity
Not Before: Feb 3 18:02:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9a524545f7bd65461ab9f73089a7473891597089
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:d9:86:c0:02:71:22:86:81:9a:d8:54:4a:94:
64:2c:2f:97:2c:18:31:c5:0a:7c:93:2e:4d:a3:fc:
be:6e:fb:3c:17:17:ca:1c:31:2a:ef:27:26:37:b4:
c0:25:2e:d7:0f:4d:56:03:f0:2b:b5:9f:3a:38:b2:
7e:e8:91:f8:7c:2b:71:76:e9:2f:0c:77:85:d1:28:
1b:9e:15:10:55:60:b3:bc:6d:35:69:c4:0e:62:d6:
d9:bc:92:85:84:96:d0:97:d9:ef:32:59:e9:0e:b7:
b2:a0:fe:6f:77:7a:4b:70:84:ff:08:7e:ee:31:90:
90:7a:08:81:65:93:8f:0f:e0:49:28:a6:06:01:ac:
44:00:94:da:35:3f:68:a0:dd:f4:c0:51:c7:51:5b:
26:91:3a:d1:68:8a:34:ec:ac:52:ca:a1:b5:58:05:
23:2b:9b:3f:ff:b6:d1:33:8f:3e:e9:41:63:b2:4e:
8a:58:16:4e:53:cf:84:af:6a:ed:9d:e5:50:42:bf:
76:5b:a3:e4:c8:ff:e4:2f:13:4d:c7:e9:8c:d8:ba:
14:67:7d:d2:fd:4f:39:d1:89:db:35:d1:10:30:ae:
25:4e:02:df:80:da:14:bc:e2:f7:fb:51:b0:38:f6:
2b:66:76:d7:05:c5:77:4c:13:4e:b4:59:ff:1d:90:
c5:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:52:45:45:F7:BD:65:46:1A:B9:F7:30:89:A7:47:38:91:59:70:89
X509v3 Authority Key Identifier:
keyid:5D:A4:32:A4:EC:3B:0A:C4:CA:4E:4E:CE:C0:E9:F4:D4:6B:49:7A:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaQypOw7CsTKTk7OwOn01GtJevA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/9e847f-4146-4566-8c3e-1ba543eeaed7/1/mlJFRfe9ZUYaufcwiadHOJFZcIk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/9e847f-4146-4566-8c3e-1ba543eeaed7/1/XaQypOw7CsTKTk7OwOn01GtJevA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.112.0/22
89.248.236.0/24
91.107.84.0/24
91.107.86.0/23
91.227.34.0/23
185.40.28.0/22
185.62.103.0/24
185.111.216.0/22
185.126.92.0/22
IPv6:
2a03:220::/32
Signature Algorithm: sha256WithRSAEncryption
35:e9:24:87:1a:2d:a9:91:72:43:ab:c7:59:4d:9d:78:a2:ef:
9e:74:65:a5:cc:c9:85:d5:c6:eb:62:91:3f:d4:a3:d1:4d:37:
df:f3:5a:1f:8d:66:6d:d0:54:dd:84:f4:f9:47:26:38:78:c3:
ec:f6:fc:4f:38:4f:a7:64:a9:d2:2a:e4:4e:53:e1:88:0e:0a:
5a:d0:08:6c:e6:65:13:b4:e8:fe:6d:65:dd:9a:e0:75:31:11:
25:71:ca:b5:94:57:13:38:ca:b2:17:b8:5c:fa:27:ca:10:32:
43:ff:76:4c:d9:3d:38:2d:74:a5:dc:b1:2e:d0:d7:80:13:f0:
e5:f7:4e:c7:00:74:e4:a1:ef:f7:89:5e:96:96:03:e8:dc:44:
28:91:32:c4:5d:e5:0a:fb:b4:a3:f6:b3:9b:a3:77:23:91:ae:
cb:fe:f6:16:6c:c3:7b:e5:24:1c:ad:e2:c9:a6:b9:0e:ac:5e:
87:d7:97:c6:e4:5a:e5:38:c4:2c:f1:99:0c:2e:dd:66:5c:c5:
22:67:6f:2e:6e:97:24:c1:f4:45:20:56:1f:67:29:a4:75:be:
90:15:c2:2e:16:9f:43:fa:00:0a:64:31:33:4c:e6:82:94:54:
d2:7f:15:6f:ba:5d:20:83:27:c2:c9:35:52:3c:8f:10:12:0c:
ca:e0:1d:6f
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgIEEP2PujANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
ZGE0MzJhNGVjM2IwYWM0Y2E0ZTRlY2VjMGU5ZjRkNDZiNDk3YWYwMB4XDTIyMDIw
MzE4MDI1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWE1MjQ1NDVmN2Jk
NjU0NjFhYjlmNzMwODlhNzQ3Mzg5MTU5NzA4OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL7ZhsACcSKGgZrYVEqUZCwvlywYMcUKfJMuTaP8vm77PBcX
yhwxKu8nJje0wCUu1w9NVgPwK7WfOjiyfuiR+HwrcXbpLwx3hdEoG54VEFVgs7xt
NWnEDmLW2byShYSW0JfZ7zJZ6Q63sqD+b3d6S3CE/wh+7jGQkHoIgWWTjw/gSSim
BgGsRACU2jU/aKDd9MBRx1FbJpE60WiKNOysUsqhtVgFIyubP/+20TOPPulBY7JO
ilgWTlPPhK9q7Z3lUEK/dluj5Mj/5C8TTcfpjNi6FGd90v1POdGJ2zXREDCuJU4C
34DaFLzi9/tRsDj2K2Z21wXFd0wTTrRZ/x2QxW0CAwEAAaOCAkgwggJEMB0GA1Ud
DgQWBBSaUkVF971lRhq59zCJp0c4kVlwiTAfBgNVHSMEGDAWgBRdpDKk7DsKxMpO
Ts7A6fTUa0l68DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1hhUXlwT3c3Q3NUS1RrN093T24wMUd0SmV2QS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDMvOWU4NDdmLTQxNDYtNDU2Ni04YzNlLTFiYTU0M2VlYWVkNy8x
L21sSkZSZmU5WlVZYXVmY3dpYWRIT0pGWmNJay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDMv
OWU4NDdmLTQxNDYtNDU2Ni04YzNlLTFiYTU0M2VlYWVkNy8xL1hhUXlwT3c3Q3NU
S1RrN093T24wMUd0SmV2QS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBe
BggrBgEFBQcBBwEB/wRPME0wPAQCAAEwNgMEAj5McAMEAFn47AMEAFtrVAMEAVtr
VgMEAVvjIgMEArkoHAMEALk+ZwMEArlv2AMEArl+XDANBAIAAjAHAwUAKgMCIDAN
BgkqhkiG9w0BAQsFAAOCAQEANekkhxotqZFyQ6vHWU2deKLvnnRlpczJhdXG62KR
P9Sj0U033/NaH41mbdBU3YT0+UcmOHjD7Pb8TzhPp2Sp0irkTlPhiA4KWtAIbOZl
E7To/m1l3ZrgdTERJXHKtZRXEzjKshe4XPonyhAyQ/92TNk9OC10pdyxLtDXgBPw
5fdOxwB05KHv94lelpYD6NxEKJEyxF3lCvu0o/azm6N3I5Guy/72FmzDe+UkHK3i
yaa5Dqxeh9eXxuRa5TjELPGZDC7dZlzFImdvLm6XJMH0RSBWH2cppHW+kBXCLhaf
Q/oACmQxM0zmgpRU0n8Vb7pdIIMnwsk1UjyPEBIMyuAdbw==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:21 2023 by rpki-client on console.sobornost.net