Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/80b930-ad97-403a-9fdb-0156d00272b7/1/YWo6kMNyXi4tVD6q4WHDXRP6i1w.roa
File: YWo6kMNyXi4tVD6q4WHDXRP6i1w.roa (raw, json)
Hash identifier: 9HGvFLtq4h25MDP3DPLdLv8dnce4OeZ6l152x+DO/kM=
Subject key identifier: 61:6A:3A:90:C3:72:5E:2E:2D:54:3E:AA:E1:61:C3:5D:13:FA:8B:5C
Certificate issuer: /CN=75e8b2b28bba3dc4e861d5cbf5bc1cc98c89e576
Certificate serial: C2E819
Authority key identifier: 75:E8:B2:B2:8B:BA:3D:C4:E8:61:D5:CB:F5:BC:1C:C9:8C:89:E5:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/deiysou6PcToYdXL9bwcyYyJ5XY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/80b930-ad97-403a-9fdb-0156d00272b7/1/YWo6kMNyXi4tVD6q4WHDXRP6i1w.roa
Signing time: Sat 01 Jan 2022 00:56:12 +0000
ROA not before: Sat 01 Jan 2022 00:56:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7029
IP address blocks: 213.109.207.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 12773401 (0xc2e819)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75e8b2b28bba3dc4e861d5cbf5bc1cc98c89e576
Validity
Not Before: Jan 1 00:56:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=616a3a90c3725e2e2d543eaae161c35d13fa8b5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:f5:22:a3:e4:bc:0f:5b:2c:8c:2c:3f:0c:8c:
e5:26:5b:d7:8d:10:48:00:5e:3f:93:83:38:84:c2:
83:00:0e:d7:ac:bb:9d:b4:cb:a9:8c:fa:89:d1:11:
60:2a:04:61:0a:7b:c0:c5:d0:52:d8:94:44:cb:e1:
a6:f1:9a:fb:84:a4:12:9d:9b:bd:04:7a:d4:c1:1d:
11:16:2e:36:a4:f1:37:1c:2f:0d:e9:80:42:4f:36:
61:8e:27:28:94:3b:c4:cb:38:98:21:4f:ae:79:47:
8f:91:35:02:90:05:da:f9:c9:ae:e6:0d:1c:95:74:
16:48:53:24:c2:52:09:88:e8:f6:cf:55:f6:42:34:
f9:13:92:d1:bd:b1:d9:47:a9:89:4f:dc:88:4f:f0:
26:01:8b:6b:fc:b8:b9:ef:d3:d6:df:0b:66:ce:76:
5b:43:1a:5f:e5:12:07:4b:33:6a:8a:2c:7e:4a:af:
e8:1d:39:d4:56:e6:bf:41:6c:df:72:9d:bc:a7:2b:
c3:8d:33:50:0f:a1:e2:ea:02:7e:13:40:8d:20:50:
31:2c:06:49:5c:68:40:c4:8e:2e:e9:c4:80:1c:b8:
17:3d:db:97:f6:73:01:bc:2e:91:df:ba:3e:af:1c:
7f:e9:91:21:d4:81:cf:65:ad:bc:4d:05:ea:bf:96:
9e:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:6A:3A:90:C3:72:5E:2E:2D:54:3E:AA:E1:61:C3:5D:13:FA:8B:5C
X509v3 Authority Key Identifier:
keyid:75:E8:B2:B2:8B:BA:3D:C4:E8:61:D5:CB:F5:BC:1C:C9:8C:89:E5:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/deiysou6PcToYdXL9bwcyYyJ5XY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/80b930-ad97-403a-9fdb-0156d00272b7/1/YWo6kMNyXi4tVD6q4WHDXRP6i1w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/80b930-ad97-403a-9fdb-0156d00272b7/1/deiysou6PcToYdXL9bwcyYyJ5XY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.109.207.0/24
Signature Algorithm: sha256WithRSAEncryption
42:c5:f5:19:dd:52:c9:fd:c0:42:57:d4:b4:01:ff:f5:82:a1:
f9:17:71:d6:f8:ab:cc:f5:25:b9:7a:84:a0:79:a9:f7:0b:86:
0e:0a:47:ac:b6:ab:73:57:12:c2:ab:c4:e0:06:00:3d:6b:35:
dc:39:dd:d9:b6:f7:6e:2c:55:13:6b:39:ab:09:ec:f2:9a:5b:
60:b9:56:1f:9c:e3:ab:01:40:f8:72:cf:1d:bd:2e:28:eb:6f:
09:7f:39:74:87:52:85:83:94:08:56:a9:86:2d:b0:42:c7:93:
d8:67:8f:cc:bb:55:7a:77:9a:ef:08:07:34:82:1c:dc:64:a8:
80:5c:47:8b:33:3b:63:20:d3:88:47:e9:66:23:fe:ab:1d:dc:
6f:55:91:01:6a:14:d6:86:8b:08:c4:f0:90:77:95:58:3c:68:
f0:9c:ca:e0:79:42:b4:80:f9:15:07:8f:fb:0f:5f:1b:a3:1d:
80:b7:93:60:95:a3:71:c1:a5:85:a0:00:c2:69:6e:0b:ca:ca:
7d:15:9b:69:1d:d8:b2:9b:fc:1f:80:c5:81:23:22:5e:0a:2b:
c4:49:8f:ed:e2:eb:7e:bd:95:6a:7b:e3:1e:64:cb:25:f0:a2:
34:76:04:8b:79:7e:0f:63:6e:c3:3d:f1:bc:b3:02:7c:2e:ae:
cb:45:ab:22
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAMLoGTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NWU4YjJiMjhiYmEzZGM0ZTg2MWQ1Y2JmNWJjMWNjOThjODllNTc2MB4XDTIyMDEw
MTAwNTYxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjE2YTNhOTBjMzcy
NWUyZTJkNTQzZWFhZTE2MWMzNWQxM2ZhOGI1YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALv1IqPkvA9bLIwsPwyM5SZb140QSABeP5ODOITCgwAO16y7
nbTLqYz6idERYCoEYQp7wMXQUtiURMvhpvGa+4SkEp2bvQR61MEdERYuNqTxNxwv
DemAQk82YY4nKJQ7xMs4mCFPrnlHj5E1ApAF2vnJruYNHJV0FkhTJMJSCYjo9s9V
9kI0+ROS0b2x2UepiU/ciE/wJgGLa/y4ue/T1t8LZs52W0MaX+USB0szaoosfkqv
6B051Fbmv0Fs33KdvKcrw40zUA+h4uoCfhNAjSBQMSwGSVxoQMSOLunEgBy4Fz3b
l/ZzAbwukd+6Pq8cf+mRIdSBz2WtvE0F6r+WnusCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRhajqQw3JeLi1UPqrhYcNdE/qLXDAfBgNVHSMEGDAWgBR16LKyi7o9xOhh
1cv1vBzJjInldjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RlaXlzb3U2UGNUb1lkWEw5YndjeVl5SjVYWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTQvODBiOTMwLWFkOTctNDAzYS05ZmRiLTAxNTZkMDAyNzJiNy8x
L1lXbzZrTU55WGk0dFZENnE0V0hEWFJQNmkxdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTQv
ODBiOTMwLWFkOTctNDAzYS05ZmRiLTAxNTZkMDAyNzJiNy8xL2RlaXlzb3U2UGNU
b1lkWEw5YndjeVl5SjVYWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANVtzzANBgkqhkiG9w0BAQsFAAOC
AQEAQsX1Gd1Syf3AQlfUtAH/9YKh+Rdx1virzPUluXqEoHmp9wuGDgpHrLarc1cS
wqvE4AYAPWs13Dnd2bb3bixVE2s5qwns8ppbYLlWH5zjqwFA+HLPHb0uKOtvCX85
dIdShYOUCFaphi2wQseT2GePzLtVenea7wgHNIIc3GSogFxHizM7YyDTiEfpZiP+
qx3cb1WRAWoU1oaLCMTwkHeVWDxo8JzK4HlCtID5FQeP+w9fG6MdgLeTYJWjccGl
haAAwmluC8rKfRWbaR3Yspv8H4DFgSMiXgorxEmP7eLrfr2VanvjHmTLJfCiNHYE
i3l+D2Nuwz3xvLMCfC6uy0WrIg==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:21 2023 by rpki-client on console.sobornost.net