Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/c12395-c0f8-4e05-8cb1-73a3d07d2c31/1/AAgfZrheopyFPXStoydKOjtk-Sc.roa
File: AAgfZrheopyFPXStoydKOjtk-Sc.roa (raw, json)
Hash identifier: qn6El7XYHBOHqBpIbZtg+2sq8NQnIVeRaWK3ATTqND4=
Subject key identifier: 00:08:1F:66:B8:5E:A2:9C:85:3D:74:AD:A3:27:4A:3A:3B:64:F9:27
Certificate issuer: /CN=5b7a905e25a4d5cccb2eebe4e2d5c3920819758e
Certificate serial: 0644A110
Authority key identifier: 5B:7A:90:5E:25:A4:D5:CC:CB:2E:EB:E4:E2:D5:C3:92:08:19:75:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W3qQXiWk1czLLuvk4tXDkggZdY4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/c12395-c0f8-4e05-8cb1-73a3d07d2c31/1/AAgfZrheopyFPXStoydKOjtk-Sc.roa
Signing time: Tue 10 May 2022 10:17:01 +0000
ROA not before: Tue 10 May 2022 10:17:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62250
IP address blocks: 185.119.165.0/24 maxlen: 24
185.119.164.0/22 maxlen: 22
185.119.166.0/24 maxlen: 24
185.119.167.0/24 maxlen: 24
185.119.166.0/23 maxlen: 23
185.110.252.0/22 maxlen: 22
185.110.253.0/24 maxlen: 24
185.110.252.0/24 maxlen: 24
185.110.254.0/24 maxlen: 24
185.118.152.0/22 maxlen: 22
185.110.255.0/24 maxlen: 24
185.118.152.0/24 maxlen: 24
185.118.153.0/24 maxlen: 24
185.118.154.0/24 maxlen: 24
185.118.155.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 105160976 (0x644a110)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b7a905e25a4d5cccb2eebe4e2d5c3920819758e
Validity
Not Before: May 10 10:17:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=00081f66b85ea29c853d74ada3274a3a3b64f927
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:60:26:bc:58:b0:db:b5:00:39:b2:8f:f9:12:
d5:e5:77:46:2c:d0:b1:d8:8d:6b:0f:43:80:06:6d:
20:a2:09:e8:a5:89:0b:a9:db:23:79:86:f8:ba:a4:
3f:49:63:a5:08:cb:1f:d1:64:4f:8b:4e:06:2b:61:
9f:c3:7e:34:f8:cd:27:db:65:07:79:aa:4f:ff:55:
ab:e8:21:5b:3d:1e:b6:89:67:3d:74:15:65:f2:cd:
25:8f:56:7a:ed:1c:01:bf:71:c4:68:80:6e:f8:85:
54:fc:03:b9:07:63:8f:63:37:fd:d1:e9:5a:52:f1:
a9:f1:32:5d:3a:f9:3c:a9:80:16:0d:a5:21:09:9a:
71:8b:8c:5a:40:e2:c5:24:db:72:4f:fa:b9:7d:8b:
ea:af:db:55:fd:5d:07:f3:54:e2:9e:f7:d5:f5:fd:
52:7b:f9:cf:d0:2a:fc:9a:12:17:6a:0f:05:e8:0a:
f5:2b:79:fb:4c:0e:c5:3f:fb:2b:cb:99:65:18:ba:
a8:f2:34:75:0b:d2:10:ae:71:e3:9d:f6:44:bf:51:
f2:3f:4e:00:2c:d0:a7:9f:66:55:24:2f:48:87:94:
ad:fa:97:e7:a5:ea:61:b2:10:f4:c8:6b:84:09:67:
53:16:bc:cf:5f:40:99:22:11:ab:d5:52:09:79:b5:
ac:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:08:1F:66:B8:5E:A2:9C:85:3D:74:AD:A3:27:4A:3A:3B:64:F9:27
X509v3 Authority Key Identifier:
keyid:5B:7A:90:5E:25:A4:D5:CC:CB:2E:EB:E4:E2:D5:C3:92:08:19:75:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W3qQXiWk1czLLuvk4tXDkggZdY4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/c12395-c0f8-4e05-8cb1-73a3d07d2c31/1/AAgfZrheopyFPXStoydKOjtk-Sc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/c12395-c0f8-4e05-8cb1-73a3d07d2c31/1/W3qQXiWk1czLLuvk4tXDkggZdY4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.110.252.0/22
185.118.152.0/22
185.119.164.0/22
Signature Algorithm: sha256WithRSAEncryption
9e:77:ce:4b:43:10:3f:f6:25:55:fd:dc:49:9f:ce:c5:73:6a:
c2:2b:51:a7:09:f2:f8:44:8a:a2:34:c1:43:9b:d4:40:72:cc:
6b:63:66:70:c2:12:c9:13:fb:74:06:b0:98:b7:b1:8b:d4:ac:
5d:ee:62:b0:bc:55:11:a9:98:c5:6b:af:c1:27:be:84:d3:35:
ca:09:bb:6d:5a:c0:4e:4f:d1:01:c5:a2:2f:a1:67:af:c5:2e:
c7:40:0c:9d:e2:e3:1e:47:90:2e:09:ee:27:d6:9d:c4:a5:5c:
96:b9:bd:a1:d2:10:b9:e4:c2:47:2a:4d:22:5f:68:f8:44:9b:
a6:bc:89:de:da:79:24:17:ec:b7:b5:41:68:50:8f:1a:4f:c2:
ae:3b:3e:1e:20:49:52:30:cd:2d:ef:73:bf:d4:87:86:1c:2e:
81:55:6f:5e:81:c4:02:9e:8f:b7:18:89:c6:f1:05:84:31:0a:
b2:90:a7:dc:bc:f0:5c:c3:c1:95:a1:b4:eb:7a:b1:b2:9b:b3:
a2:93:40:c0:73:56:2a:8d:1f:c2:ea:2d:fc:55:07:b3:b7:f4:
15:39:d5:87:24:92:72:6a:96:cc:00:80:f7:d1:89:cf:2c:ee:
d8:55:c5:b5:1c:ad:9f:28:00:e1:ca:aa:2a:be:d8:72:02:df:
84:b3:52:77
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEBkShEDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
YjdhOTA1ZTI1YTRkNWNjY2IyZWViZTRlMmQ1YzM5MjA4MTk3NThlMB4XDTIyMDUx
MDEwMTcwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDAwODFmNjZiODVl
YTI5Yzg1M2Q3NGFkYTMyNzRhM2EzYjY0ZjkyNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANxgJrxYsNu1ADmyj/kS1eV3RizQsdiNaw9DgAZtIKIJ6KWJ
C6nbI3mG+LqkP0ljpQjLH9FkT4tOBithn8N+NPjNJ9tlB3mqT/9Vq+ghWz0etoln
PXQVZfLNJY9Weu0cAb9xxGiAbviFVPwDuQdjj2M3/dHpWlLxqfEyXTr5PKmAFg2l
IQmacYuMWkDixSTbck/6uX2L6q/bVf1dB/NU4p731fX9Unv5z9Aq/JoSF2oPBegK
9St5+0wOxT/7K8uZZRi6qPI0dQvSEK5x4532RL9R8j9OACzQp59mVSQvSIeUrfqX
56XqYbIQ9MhrhAlnUxa8z19AmSIRq9VSCXm1rK0CAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBQACB9muF6inIU9dK2jJ0o6O2T5JzAfBgNVHSMEGDAWgBRbepBeJaTVzMsu
6+Ti1cOSCBl1jjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1czcVFYaVdrMWN6TEx1dms0dFhEa2dnWmRZNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDYvYzEyMzk1LWMwZjgtNGUwNS04Y2IxLTczYTNkMDdkMmMzMS8x
L0FBZ2Zacmhlb3B5RlBYU3RveWRLT2p0ay1TYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDYv
YzEyMzk1LWMwZjgtNGUwNS04Y2IxLTczYTNkMDdkMmMzMS8xL1czcVFYaVdrMWN6
TEx1dms0dFhEa2dnWmRZNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEArlu/AMEArl2mAMEArl3pDANBgkq
hkiG9w0BAQsFAAOCAQEAnnfOS0MQP/YlVf3cSZ/OxXNqwitRpwny+ESKojTBQ5vU
QHLMa2NmcMISyRP7dAawmLexi9SsXe5isLxVEamYxWuvwSe+hNM1ygm7bVrATk/R
AcWiL6Fnr8Uux0AMneLjHkeQLgnuJ9adxKVclrm9odIQueTCRypNIl9o+ESbpryJ
3tp5JBfst7VBaFCPGk/Crjs+HiBJUjDNLe9zv9SHhhwugVVvXoHEAp6PtxiJxvEF
hDEKspCn3LzwXMPBlaG063qxspuzopNAwHNWKo0fwuot/FUHs7f0FTnVhySScmqW
zACA99GJzyzu2FXFtRytnygA4cqqKr7YcgLfhLNSdw==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:31 2023 by rpki-client on console.sobornost.net