Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/c12395-c0f8-4e05-8cb1-73a3d07d2c31/1/geEVr_v67nu3_8uF4SFWq9ImcMw.roa
File: geEVr_v67nu3_8uF4SFWq9ImcMw.roa (raw, json)
Hash identifier: l25m3rYRqNyAbi6BBUBJ7SrRvZ/TVN/V8wrljBdG0hI=
Subject key identifier: 81:E1:15:AF:FB:FA:EE:7B:B7:FF:CB:85:E1:21:56:AB:D2:26:70:CC
Certificate issuer: /CN=5b7a905e25a4d5cccb2eebe4e2d5c3920819758e
Certificate serial: 0182C98E3BF6BC2A94896BD74530E0C3DC54
Authority key identifier: 5B:7A:90:5E:25:A4:D5:CC:CB:2E:EB:E4:E2:D5:C3:92:08:19:75:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W3qQXiWk1czLLuvk4tXDkggZdY4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/c12395-c0f8-4e05-8cb1-73a3d07d2c31/1/geEVr_v67nu3_8uF4SFWq9ImcMw.roa
Signing time: Tue 23 Aug 2022 07:15:18 +0000
ROA not before: Tue 23 Aug 2022 07:15:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62250
IP address blocks: 185.119.165.0/24 maxlen: 24
185.119.164.0/22 maxlen: 22
185.119.166.0/24 maxlen: 24
185.119.164.0/24 maxlen: 24
185.119.167.0/24 maxlen: 24
185.119.166.0/23 maxlen: 23
185.110.252.0/22 maxlen: 22
185.110.253.0/24 maxlen: 24
185.110.252.0/24 maxlen: 24
185.110.254.0/24 maxlen: 24
185.118.152.0/22 maxlen: 22
185.110.255.0/24 maxlen: 24
185.118.152.0/24 maxlen: 24
185.118.153.0/24 maxlen: 24
185.118.154.0/24 maxlen: 24
185.118.155.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:c9:8e:3b:f6:bc:2a:94:89:6b:d7:45:30:e0:c3:dc:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b7a905e25a4d5cccb2eebe4e2d5c3920819758e
Validity
Not Before: Aug 23 07:15:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=81e115affbfaee7bb7ffcb85e12156abd22670cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:86:a3:14:13:14:84:30:f0:17:47:b8:81:24:
a7:a6:ce:21:7e:0c:68:53:4a:41:59:13:85:7d:16:
65:e7:7a:36:61:6c:b6:78:89:60:97:ec:a6:5e:d7:
48:19:02:e8:17:a7:57:7a:b4:24:26:f2:3a:0b:c4:
f7:c6:b1:32:fa:54:15:e6:d6:0a:60:fe:9b:7f:51:
bf:61:e2:f0:70:58:5b:2a:38:9a:15:7f:a1:29:30:
70:b8:0d:06:8f:75:84:98:8c:23:ee:aa:37:52:4c:
e5:ef:94:e6:6c:80:c1:b3:df:3b:31:88:b2:8f:dd:
85:1e:ca:24:52:0a:1e:f2:27:e7:4d:bf:a8:5c:d2:
f5:59:36:bd:a6:4a:64:29:10:56:cb:2e:20:7f:0a:
67:99:5e:e0:22:77:74:88:d4:cd:1b:15:4e:5c:ef:
eb:ba:a9:23:cc:a2:1d:79:63:b4:56:f1:2e:23:4e:
d6:d4:e2:09:27:1d:74:ac:45:d1:2f:3e:1d:16:1a:
18:b6:60:60:04:1d:e0:27:78:a7:58:ec:a5:cf:62:
85:8f:24:9e:ef:79:26:48:81:c8:12:5a:4d:4d:40:
13:44:32:f1:19:3e:de:de:50:74:2c:ad:bd:41:97:
fb:e5:75:0f:cf:9f:6b:13:89:21:ec:43:1c:2e:0b:
90:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:E1:15:AF:FB:FA:EE:7B:B7:FF:CB:85:E1:21:56:AB:D2:26:70:CC
X509v3 Authority Key Identifier:
keyid:5B:7A:90:5E:25:A4:D5:CC:CB:2E:EB:E4:E2:D5:C3:92:08:19:75:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W3qQXiWk1czLLuvk4tXDkggZdY4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/c12395-c0f8-4e05-8cb1-73a3d07d2c31/1/geEVr_v67nu3_8uF4SFWq9ImcMw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/c12395-c0f8-4e05-8cb1-73a3d07d2c31/1/W3qQXiWk1czLLuvk4tXDkggZdY4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.110.252.0/22
185.118.152.0/22
185.119.164.0/22
Signature Algorithm: sha256WithRSAEncryption
97:90:04:3a:0a:55:37:44:28:79:a5:06:67:09:61:d6:9c:02:
0c:91:e5:f4:a7:c6:bb:51:23:d9:40:c0:2f:98:d0:0a:72:5d:
a8:11:31:33:a8:4d:43:8c:80:54:5c:76:17:85:b9:19:d6:1e:
a1:e0:fe:2b:d2:7d:e9:5d:76:a5:e9:f7:30:88:6d:5f:fa:bd:
cb:a0:e0:68:cb:90:e2:98:1e:d4:f1:76:ac:6f:a1:b4:65:bc:
b3:2a:4c:f4:a6:7a:62:de:f5:91:58:a3:8e:48:05:ea:87:be:
a0:6d:25:28:93:f2:b0:8e:9d:70:5e:4a:22:d3:13:ee:6d:72:
64:70:87:ad:75:37:e8:61:a0:71:ca:01:fe:a1:51:3a:95:aa:
bc:63:aa:45:b2:43:2e:0b:c4:2c:46:a6:55:13:ae:06:ce:21:
c9:c2:88:02:97:02:b0:14:22:9f:6a:14:14:f0:e0:75:fb:cc:
f9:1c:1d:5c:6a:e8:4b:e1:f0:f5:f4:7b:4c:31:54:5f:80:e2:
35:b8:0b:e3:3b:f5:f8:18:0d:7b:9c:a3:24:f2:26:4a:2f:c3:
62:31:67:96:b6:d7:2b:e5:5c:61:c7:e4:40:92:b7:7a:7e:9f:
6e:a5:ab:dd:65:be:af:4c:8c:a2:c5:29:f0:79:f8:a4:1c:82:
94:6b:fb:6f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYLJjjv2vCqUiWvXRTDgw9xUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViN2E5MDVlMjVhNGQ1Y2NjYjJlZWJlNGUyZDVjMzkyMDgx
OTc1OGUwHhcNMjIwODIzMDcxNTE4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWUxMTVhZmZiZmFlZTdiYjdmZmNiODVlMTIxNTZhYmQyMjY3MGNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzYajFBMUhDDwF0e4gSSnps4hfgxo
U0pBWROFfRZl53o2YWy2eIlgl+ymXtdIGQLoF6dXerQkJvI6C8T3xrEy+lQV5tYK
YP6bf1G/YeLwcFhbKjiaFX+hKTBwuA0Gj3WEmIwj7qo3Ukzl75TmbIDBs987MYiy
j92FHsokUgoe8ifnTb+oXNL1WTa9pkpkKRBWyy4gfwpnmV7gInd0iNTNGxVOXO/r
uqkjzKIdeWO0VvEuI07W1OIJJx10rEXRLz4dFhoYtmBgBB3gJ3inWOylz2KFjySe
73kmSIHIElpNTUATRDLxGT7e3lB0LK29QZf75XUPz59rE4kh7EMcLguQowIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIHhFa/7+u57t//LheEhVqvSJnDMMB8GA1UdIwQY
MBaAFFt6kF4lpNXMyy7r5OLVw5IIGXWOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzNxUVhpV2sxY3pMTHV2azR0WERrZ2daZFk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi9jMTIzOTUtYzBmOC00ZTA1LThjYjEt
NzNhM2QwN2QyYzMxLzEvZ2VFVnJfdjY3bnUzXzh1RjRTRldxOUltY013LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi9jMTIzOTUtYzBmOC00ZTA1LThjYjEtNzNhM2QwN2QyYzMx
LzEvVzNxUVhpV2sxY3pMTHV2azR0WERrZ2daZFk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCuW78AwQC
uXaYAwQCuXekMA0GCSqGSIb3DQEBCwUAA4IBAQCXkAQ6ClU3RCh5pQZnCWHWnAIM
keX0p8a7USPZQMAvmNAKcl2oETEzqE1DjIBUXHYXhbkZ1h6h4P4r0n3pXXal6fcw
iG1f+r3LoOBoy5DimB7U8Xasb6G0ZbyzKkz0pnpi3vWRWKOOSAXqh76gbSUok/Kw
jp1wXkoi0xPubXJkcIetdTfoYaBxygH+oVE6laq8Y6pFskMuC8QsRqZVE64GziHJ
wogClwKwFCKfahQU8OB1+8z5HB1cauhL4fD19HtMMVRfgOI1uAvjO/X4GA17nKMk
8iZKL8NiMWeWttcr5Vxhx+RAkrd6fp9upavdZb6vTIyixSnwefikHIKUa/tv
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:31 2023 by rpki-client on console.sobornost.net