Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/4e897f-e435-4715-a3c5-85be425d3199/1/wRvtNhkcNPLuTQy82a7BvQEdwyI.roa
File: wRvtNhkcNPLuTQy82a7BvQEdwyI.roa (raw, json)
Hash identifier: hNqOWxU+y/0ok8pTcymwvC8i8rZNQd8pL/BUHCwR1fw=
Subject key identifier: C1:1B:ED:36:19:1C:34:F2:EE:4D:0C:BC:D9:AE:C1:BD:01:1D:C3:22
Certificate issuer: /CN=b6cf4e57cbc15ce4ecef44f50e5b8592fbeeeea0
Certificate serial: 0C84E5
Authority key identifier: B6:CF:4E:57:CB:C1:5C:E4:EC:EF:44:F5:0E:5B:85:92:FB:EE:EE:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ts9OV8vBXOTs70T1DluFkvvu7qA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/4e897f-e435-4715-a3c5-85be425d3199/1/wRvtNhkcNPLuTQy82a7BvQEdwyI.roa
Signing time: Wed 16 Feb 2022 09:11:47 +0000
ROA not before: Wed 16 Feb 2022 09:11:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6453
IP address blocks: 85.158.134.0/24 maxlen: 24
85.158.133.0/24 maxlen: 24
85.158.135.0/24 maxlen: 24
85.158.129.0/24 maxlen: 24
85.158.128.0/21 maxlen: 21
85.158.128.0/24 maxlen: 24
85.158.130.0/24 maxlen: 24
85.158.132.0/24 maxlen: 24
85.158.131.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 820453 (0xc84e5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b6cf4e57cbc15ce4ecef44f50e5b8592fbeeeea0
Validity
Not Before: Feb 16 09:11:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c11bed36191c34f2ee4d0cbcd9aec1bd011dc322
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:15:40:42:db:99:a0:d9:01:13:72:16:31:30:
a6:35:d5:99:d5:ce:87:db:28:fd:d7:5a:63:06:2c:
26:3c:5b:a7:0f:2a:bf:c8:71:b4:e7:43:3e:0f:05:
1a:ca:85:4a:91:ba:da:66:ee:16:d3:82:9b:f3:49:
b0:5b:a8:7f:cb:98:b3:98:be:c9:4e:cf:6d:50:b9:
fa:74:04:68:a6:65:e2:40:38:26:8b:cb:6a:f1:b6:
fc:25:ec:2f:4a:eb:61:01:0a:68:93:f5:6c:1d:af:
ee:58:69:1d:36:7e:04:f2:70:b6:11:d1:a6:6b:55:
24:9a:8a:59:50:c8:94:e5:98:db:46:df:f7:8a:5a:
e4:bc:89:16:2e:04:c5:c3:84:0d:32:eb:67:fd:ab:
2f:f1:63:fc:92:42:a2:ab:a4:25:65:94:25:7e:31:
57:85:40:70:6e:71:6f:75:25:27:80:f5:a0:6f:58:
b3:18:69:61:7b:51:0d:7e:e4:54:dd:9e:d2:32:7a:
2d:58:dd:1c:d8:7e:6f:d2:30:58:9f:a8:ae:7d:8f:
48:61:b7:5a:8c:eb:d1:1d:01:8e:e3:4e:18:79:1d:
54:97:9c:84:d9:1c:41:e2:0e:28:d7:40:a4:7a:dc:
42:f3:73:a5:4a:ec:d7:ce:af:4b:9a:52:08:bf:2a:
70:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:1B:ED:36:19:1C:34:F2:EE:4D:0C:BC:D9:AE:C1:BD:01:1D:C3:22
X509v3 Authority Key Identifier:
keyid:B6:CF:4E:57:CB:C1:5C:E4:EC:EF:44:F5:0E:5B:85:92:FB:EE:EE:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ts9OV8vBXOTs70T1DluFkvvu7qA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/4e897f-e435-4715-a3c5-85be425d3199/1/wRvtNhkcNPLuTQy82a7BvQEdwyI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/4e897f-e435-4715-a3c5-85be425d3199/1/ts9OV8vBXOTs70T1DluFkvvu7qA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.158.128.0/21
Signature Algorithm: sha256WithRSAEncryption
0c:72:b8:8d:b1:32:db:c9:83:f6:b5:98:63:9b:30:42:75:d2:
53:5a:4b:35:76:fe:18:ee:9f:31:9c:07:13:8b:89:44:1e:38:
e8:f7:5c:6e:ab:aa:ac:d6:d9:7c:69:ec:c5:ec:55:f4:45:d5:
f6:21:87:88:3a:08:2a:4a:4e:49:58:e8:a0:f9:ff:84:55:17:
40:98:ad:ec:93:69:b8:e9:9c:69:cd:8d:83:64:eb:6c:59:a1:
09:2e:3d:d1:a6:cf:71:fd:de:73:26:b7:5c:19:57:a9:41:88:
8b:0c:c1:e3:b8:f7:72:ee:9c:5f:28:a6:c0:6f:69:e8:df:0c:
bc:45:ff:b9:da:3f:3d:33:05:14:7e:2c:07:85:41:39:e8:c0:
05:b3:1f:ef:9d:90:a1:cc:f2:da:be:cd:fa:73:bf:ef:4d:a3:
ae:ce:eb:ea:41:af:8f:d4:88:05:04:63:2f:f8:d9:ce:f7:0e:
72:d6:aa:13:43:08:57:99:28:b5:56:22:be:a7:15:f6:2e:68:
1c:be:77:9d:40:0e:9b:1d:07:01:5f:c7:ee:94:e0:2a:6f:76:
52:e7:27:71:c4:1d:d4:b5:0c:61:d3:fb:eb:04:13:f6:1f:00:
ff:7e:e9:97:08:ac:0e:a5:01:5d:f7:9b:d6:88:1f:f9:fb:03:
e4:74:aa:92
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDDITlMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGI2
Y2Y0ZTU3Y2JjMTVjZTRlY2VmNDRmNTBlNWI4NTkyZmJlZWVlYTAwHhcNMjIwMjE2
MDkxMTQ3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhjMTFiZWQzNjE5MWMz
NGYyZWU0ZDBjYmNkOWFlYzFiZDAxMWRjMzIyMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAjxVAQtuZoNkBE3IWMTCmNdWZ1c6H2yj911pjBiwmPFunDyq/
yHG050M+DwUayoVKkbraZu4W04Kb80mwW6h/y5izmL7JTs9tULn6dARopmXiQDgm
i8tq8bb8JewvSuthAQpok/VsHa/uWGkdNn4E8nC2EdGma1UkmopZUMiU5ZjbRt/3
ilrkvIkWLgTFw4QNMutn/asv8WP8kkKiq6QlZZQlfjFXhUBwbnFvdSUngPWgb1iz
GGlhe1ENfuRU3Z7SMnotWN0c2H5v0jBYn6iufY9IYbdajOvRHQGO404YeR1Ul5yE
2RxB4g4o10CketxC83OlSuzXzq9LmlIIvypwQQIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFMEb7TYZHDTy7k0MvNmuwb0BHcMiMB8GA1UdIwQYMBaAFLbPTlfLwVzk7O9E
9Q5bhZL77u6gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
dHM5T1Y4dkJYT1RzNzBUMURsdUZrdnZ1N3FBLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8wNy80ZTg5N2YtZTQzNS00NzE1LWEzYzUtODViZTQyNWQzMTk5LzEv
d1J2dE5oa2NOUEx1VFF5ODJhN0J2UUVkd3lJLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy80
ZTg5N2YtZTQzNS00NzE1LWEzYzUtODViZTQyNWQzMTk5LzEvdHM5T1Y4dkJYT1Rz
NzBUMURsdUZrdnZ1N3FBLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDVZ6AMA0GCSqGSIb3DQEBCwUAA4IB
AQAMcriNsTLbyYP2tZhjmzBCddJTWks1dv4Y7p8xnAcTi4lEHjjo91xuq6qs1tl8
aezF7FX0RdX2IYeIOggqSk5JWOig+f+EVRdAmK3sk2m46ZxpzY2DZOtsWaEJLj3R
ps9x/d5zJrdcGVepQYiLDMHjuPdy7pxfKKbAb2no3wy8Rf+52j89MwUUfiwHhUE5
6MAFsx/vnZChzPLavs36c7/vTaOuzuvqQa+P1IgFBGMv+NnO9w5y1qoTQwhXmSi1
ViK+pxX2LmgcvnedQA6bHQcBX8fulOAqb3ZS5ydxxB3UtQxh0/vrBBP2HwD/fumX
CKwOpQFd95vWiB/5+wPkdKqS
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:33 2023 by rpki-client on console.sobornost.net