Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/7c2a15-ac4d-464a-a77e-32f9a282f56c/1/otKeHkm-wLvVCkHIUYiujcYw_tQ.roa
File: otKeHkm-wLvVCkHIUYiujcYw_tQ.roa (raw, json)
Hash identifier: N/tjMt8cIKiFAg2m+cY5dem9IJZ4xjB+SW143JakNH8=
Subject key identifier: A2:D2:9E:1E:49:BE:C0:BB:D5:0A:41:C8:51:88:AE:8D:C6:30:FE:D4
Certificate issuer: /CN=373b47a3cee79982adb170341d02026027332023
Certificate serial: 197C6D6B
Authority key identifier: 37:3B:47:A3:CE:E7:99:82:AD:B1:70:34:1D:02:02:60:27:33:20:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NztHo87nmYKtsXA0HQICYCczICM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/7c2a15-ac4d-464a-a77e-32f9a282f56c/1/otKeHkm-wLvVCkHIUYiujcYw_tQ.roa
Signing time: Sat 01 Jan 2022 08:55:03 +0000
ROA not before: Sat 01 Jan 2022 08:55:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61167
IP address blocks: 5.159.20.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 427584875 (0x197c6d6b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=373b47a3cee79982adb170341d02026027332023
Validity
Not Before: Jan 1 08:55:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a2d29e1e49bec0bbd50a41c85188ae8dc630fed4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:48:5b:f8:7e:50:65:77:7d:6d:31:15:e3:87:
2d:0f:27:87:18:a7:77:a6:43:e0:ab:cf:18:df:38:
55:f2:53:67:45:6e:77:94:72:e1:3c:32:b9:65:8a:
17:91:63:e2:bd:7b:0b:0a:d9:5b:cd:58:3c:0f:51:
75:e1:b4:a5:6b:6b:01:2b:ad:b1:9f:a1:71:08:e0:
f2:2f:db:b1:1b:d8:4b:15:a1:88:6f:e4:d5:68:64:
d0:75:78:6e:8d:85:65:05:04:88:17:3d:eb:02:b1:
ff:a2:e3:5f:68:e0:c1:56:f3:98:08:a4:8c:b3:4f:
fb:1d:2e:fc:97:43:ae:ea:1d:a6:2c:34:a7:68:c7:
57:34:ab:ed:f3:72:0c:5d:3b:1f:96:ef:29:2f:ea:
d9:2b:08:9b:b0:2c:6e:c0:26:d2:a1:0f:37:63:ea:
2b:0c:bf:11:a4:f7:64:d4:9c:7d:79:98:de:de:93:
5c:fa:50:09:0c:e3:f2:79:cd:a8:87:0d:c0:de:3f:
d9:ff:22:e5:8a:a2:42:de:ec:e2:a8:4c:82:bd:8f:
56:f6:6e:d5:52:3a:f1:81:d4:10:db:a8:fc:32:2d:
bd:9c:d6:ea:58:83:ab:95:c6:c8:b5:e1:f7:7d:ca:
b3:0f:11:b4:b1:05:49:a1:86:ed:cd:ca:51:4b:79:
07:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:D2:9E:1E:49:BE:C0:BB:D5:0A:41:C8:51:88:AE:8D:C6:30:FE:D4
X509v3 Authority Key Identifier:
keyid:37:3B:47:A3:CE:E7:99:82:AD:B1:70:34:1D:02:02:60:27:33:20:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NztHo87nmYKtsXA0HQICYCczICM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/7c2a15-ac4d-464a-a77e-32f9a282f56c/1/otKeHkm-wLvVCkHIUYiujcYw_tQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/7c2a15-ac4d-464a-a77e-32f9a282f56c/1/NztHo87nmYKtsXA0HQICYCczICM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.159.20.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:b5:7d:f3:e9:c4:d8:f5:89:be:54:25:32:bd:c4:dc:ff:de:
6e:ba:2f:dc:46:2e:7e:f6:89:e4:e7:45:91:86:0a:c9:7c:3f:
d4:f9:b2:4c:f7:8e:70:34:f0:b8:2b:92:ef:a0:61:04:66:fd:
73:95:52:6f:e4:f2:05:0d:65:4f:ad:fd:40:cf:07:a9:84:8d:
75:9d:4c:64:86:37:04:d5:8b:a9:ec:78:92:42:99:c8:03:01:
fd:96:12:f6:8c:37:7a:4d:db:9c:94:70:da:31:6c:ad:0d:67:
9a:02:95:70:b6:dc:cd:fb:e4:64:3b:3e:e8:37:b0:20:86:a6:
6a:46:a1:ba:c1:4c:bc:77:b9:ac:29:d8:29:a9:d8:4b:58:89:
44:f9:99:03:fe:33:85:b3:03:e9:5c:75:76:8b:fd:47:a2:67:
6d:23:c3:ce:0b:48:7b:3c:8a:7c:fa:63:8f:ca:4d:7e:6c:dc:
83:64:96:f5:58:51:4a:91:9f:84:a3:8b:24:94:15:4e:91:6a:
a4:6c:f4:3e:79:01:3b:60:88:0e:d4:fd:5e:d0:e4:24:20:a1:
7a:18:6a:34:a5:27:20:6f:2f:51:b7:f3:f5:10:ee:e6:c4:e6:
75:38:b9:fe:26:89:09:df:bf:09:c8:1b:56:f4:bd:df:10:48:
6a:03:6d:22
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEGXxtazANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NzNiNDdhM2NlZTc5OTgyYWRiMTcwMzQxZDAyMDI2MDI3MzMyMDIzMB4XDTIyMDEw
MTA4NTUwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTJkMjllMWU0OWJl
YzBiYmQ1MGE0MWM4NTE4OGFlOGRjNjMwZmVkNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKhIW/h+UGV3fW0xFeOHLQ8nhxind6ZD4KvPGN84VfJTZ0Vu
d5Ry4TwyuWWKF5Fj4r17CwrZW81YPA9RdeG0pWtrASutsZ+hcQjg8i/bsRvYSxWh
iG/k1Whk0HV4bo2FZQUEiBc96wKx/6LjX2jgwVbzmAikjLNP+x0u/JdDruodpiw0
p2jHVzSr7fNyDF07H5bvKS/q2SsIm7AsbsAm0qEPN2PqKwy/EaT3ZNScfXmY3t6T
XPpQCQzj8nnNqIcNwN4/2f8i5YqiQt7s4qhMgr2PVvZu1VI68YHUENuo/DItvZzW
6liDq5XGyLXh933Ksw8RtLEFSaGG7c3KUUt5Bw0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSi0p4eSb7Au9UKQchRiK6NxjD+1DAfBgNVHSMEGDAWgBQ3O0ejzueZgq2x
cDQdAgJgJzMgIzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L056dEhvODdubVlLdHNYQTBIUUlDWUNjeklDTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDQvN2MyYTE1LWFjNGQtNDY0YS1hNzdlLTMyZjlhMjgyZjU2Yy8x
L290S2VIa20td0x2VkNrSElVWWl1amNZd190US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDQv
N2MyYTE1LWFjNGQtNDY0YS1hNzdlLTMyZjlhMjgyZjU2Yy8xL056dEhvODdubVlL
dHNYQTBIUUlDWUNjeklDTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAAWfFDANBgkqhkiG9w0BAQsFAAOC
AQEAHbV98+nE2PWJvlQlMr3E3P/ebrov3EYufvaJ5OdFkYYKyXw/1PmyTPeOcDTw
uCuS76BhBGb9c5VSb+TyBQ1lT639QM8HqYSNdZ1MZIY3BNWLqex4kkKZyAMB/ZYS
9ow3ek3bnJRw2jFsrQ1nmgKVcLbczfvkZDs+6DewIIamakahusFMvHe5rCnYKanY
S1iJRPmZA/4zhbMD6Vx1dov9R6JnbSPDzgtIezyKfPpjj8pNfmzcg2SW9VhRSpGf
hKOLJJQVTpFqpGz0PnkBO2CIDtT9XtDkJCChehhqNKUnIG8vUbfz9RDu5sTmdTi5
/iaJCd+/CcgbVvS93xBIagNtIg==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:24 2023 by rpki-client on console.sobornost.net