Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/a8d38b-3176-4cc5-bb4f-c362d2a9e121/1/aT-uEH2kHaf5-aw41qwOKy6Q4ck.roa
File: aT-uEH2kHaf5-aw41qwOKy6Q4ck.roa (raw, json)
Hash identifier: wc3c2RR8us4GOvmNF/y46497Y+Z4HkO7OfvyXlkxO5I=
Subject key identifier: 69:3F:AE:10:7D:A4:1D:A7:F9:F9:AC:38:D6:AC:0E:2B:2E:90:E1:C9
Certificate issuer: /CN=324947c0aecefe87f9db96e5b45beb10aeb987a6
Certificate serial: 0184AB3BC79F7F02F8EAA8A115E69D49241D
Authority key identifier: 32:49:47:C0:AE:CE:FE:87:F9:DB:96:E5:B4:5B:EB:10:AE:B9:87:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MklHwK7O_of525bltFvrEK65h6Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/a8d38b-3176-4cc5-bb4f-c362d2a9e121/1/aT-uEH2kHaf5-aw41qwOKy6Q4ck.roa
Signing time: Thu 24 Nov 2022 20:02:12 +0000
ROA not before: Thu 24 Nov 2022 20:02:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49627
IP address blocks: 193.169.138.0/23 maxlen: 24
185.68.160.0/22 maxlen: 24
91.232.130.0/24 maxlen: 24
2a03:2c60::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:ab:3b:c7:9f:7f:02:f8:ea:a8:a1:15:e6:9d:49:24:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=324947c0aecefe87f9db96e5b45beb10aeb987a6
Validity
Not Before: Nov 24 20:02:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=693fae107da41da7f9f9ac38d6ac0e2b2e90e1c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:61:6a:a0:82:d2:73:1d:01:b0:2d:ee:f3:a1:
ba:f2:6a:0d:63:a0:da:21:b8:f7:87:38:f3:ea:bd:
87:8f:dc:64:3c:a4:2c:ce:ff:6b:52:88:2d:c6:aa:
98:40:e4:e0:a0:70:89:42:6a:c2:9e:db:f1:35:87:
1e:63:61:f4:73:95:65:05:8b:65:58:80:cf:d2:35:
d8:d7:6b:fa:41:60:08:e4:7a:19:aa:d1:26:dc:16:
8c:46:ca:9d:b4:ca:ca:c5:77:8e:c1:72:20:d4:bd:
94:89:c2:87:0e:11:e0:27:e2:fb:9a:cb:3a:ea:09:
9c:38:f5:fa:22:2b:4f:c8:07:42:e6:e9:7f:25:1a:
23:c9:c2:eb:09:77:71:42:14:3b:f7:5e:a6:30:6b:
2e:2d:3f:96:1e:92:8f:60:56:0d:05:41:ee:20:c2:
e6:ef:0e:d3:74:24:99:3f:db:06:cf:10:1d:ac:0b:
e3:31:f2:c6:8f:ae:21:02:d0:83:63:ac:c0:ef:1c:
87:21:0c:8f:11:23:5c:af:af:f1:0b:6d:02:cf:33:
e9:51:e2:03:b5:28:7d:e4:26:a3:28:74:69:15:cc:
1c:7a:ca:91:a8:90:4b:6a:f3:3e:58:d1:14:e9:e3:
0f:0e:b3:86:1e:43:26:96:a5:99:2c:ac:8c:8a:fd:
c5:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:3F:AE:10:7D:A4:1D:A7:F9:F9:AC:38:D6:AC:0E:2B:2E:90:E1:C9
X509v3 Authority Key Identifier:
keyid:32:49:47:C0:AE:CE:FE:87:F9:DB:96:E5:B4:5B:EB:10:AE:B9:87:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MklHwK7O_of525bltFvrEK65h6Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/a8d38b-3176-4cc5-bb4f-c362d2a9e121/1/aT-uEH2kHaf5-aw41qwOKy6Q4ck.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/a8d38b-3176-4cc5-bb4f-c362d2a9e121/1/MklHwK7O_of525bltFvrEK65h6Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.232.130.0/24
185.68.160.0/22
193.169.138.0/23
IPv6:
2a03:2c60::/32
Signature Algorithm: sha256WithRSAEncryption
76:db:1f:fa:71:ba:93:87:0e:86:81:2a:85:7e:39:78:12:29:
c9:89:0b:a0:1d:f6:d0:45:d3:fc:a0:0d:b7:ec:50:83:f8:f3:
34:de:6b:c3:7f:1f:6e:1b:c3:e6:f8:8c:fb:cf:e8:5a:d6:43:
87:71:81:c4:c6:15:dd:33:70:1b:0f:5e:43:79:eb:3a:5c:e4:
af:5e:ec:dc:08:8b:b8:65:30:fc:a4:33:15:1a:6d:58:47:88:
52:6b:5e:62:a3:23:38:3d:e4:bb:18:82:dc:5a:88:84:40:4d:
b4:56:63:0e:73:34:79:3a:e1:d1:02:12:72:2f:b1:c3:16:ff:
4b:63:9a:10:76:62:19:b4:db:7e:6c:a9:be:27:ff:c0:b1:cb:
c6:9b:86:e0:be:21:d8:67:e9:8c:78:dd:d0:1d:b0:3a:08:20:
16:74:7c:94:a2:50:47:73:2f:2e:14:34:db:05:6c:74:64:e2:
2b:01:86:dc:59:2b:21:12:b7:82:76:c4:6b:55:ff:30:aa:e3:
05:29:39:ba:20:e5:7f:a5:35:63:05:ac:2d:3c:90:53:f8:41:
5d:4e:14:93:7d:1f:a3:3b:d3:b6:f9:3b:1e:cd:c2:36:10:a3:
a4:dc:d2:a5:8d:22:b8:cf:bb:32:52:49:ca:f8:48:70:c0:7f:
9c:2e:8c:30
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYSrO8effwL46qihFeadSSQdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNDk0N2MwYWVjZWZlODdmOWRiOTZlNWI0NWJlYjEwYWVi
OTg3YTYwHhcNMjIxMTI0MjAwMjEyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTNmYWUxMDdkYTQxZGE3ZjlmOWFjMzhkNmFjMGUyYjJlOTBlMWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtWFqoILScx0BsC3u86G68moNY6Da
Ibj3hzjz6r2Hj9xkPKQszv9rUogtxqqYQOTgoHCJQmrCntvxNYceY2H0c5VlBYtl
WIDP0jXY12v6QWAI5HoZqtEm3BaMRsqdtMrKxXeOwXIg1L2UicKHDhHgJ+L7mss6
6gmcOPX6IitPyAdC5ul/JRojycLrCXdxQhQ7916mMGsuLT+WHpKPYFYNBUHuIMLm
7w7TdCSZP9sGzxAdrAvjMfLGj64hAtCDY6zA7xyHIQyPESNcr6/xC20CzzPpUeID
tSh95CajKHRpFcwcesqRqJBLavM+WNEU6eMPDrOGHkMmlqWZLKyMiv3FuQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFGk/rhB9pB2n+fmsONasDisukOHJMB8GA1UdIwQY
MBaAFDJJR8Cuzv6H+duW5bRb6xCuuYemMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWtsSHdLN09fb2Y1MjVibHRGdnJFSzY1aDZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9hOGQzOGItMzE3Ni00Y2M1LWJiNGYt
YzM2MmQyYTllMTIxLzEvYVQtdUVIMmtIYWY1LWF3NDFxd09LeTZRNGNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9hOGQzOGItMzE3Ni00Y2M1LWJiNGYtYzM2MmQyYTllMTIx
LzEvTWtsSHdLN09fb2Y1MjVibHRGdnJFSzY1aDZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAW+iCAwQC
uUSgAwQBwamKMA0EAgACMAcDBQAqAyxgMA0GCSqGSIb3DQEBCwUAA4IBAQB22x/6
cbqThw6GgSqFfjl4EinJiQugHfbQRdP8oA237FCD+PM03mvDfx9uG8Pm+Iz7z+ha
1kOHcYHExhXdM3AbD15Dees6XOSvXuzcCIu4ZTD8pDMVGm1YR4hSa15ioyM4PeS7
GILcWoiEQE20VmMOczR5OuHRAhJyL7HDFv9LY5oQdmIZtNt+bKm+J//AscvGm4bg
viHYZ+mMeN3QHbA6CCAWdHyUolBHcy8uFDTbBWx0ZOIrAYbcWSshEreCdsRrVf8w
quMFKTm6IOV/pTVjBawtPJBT+EFdThSTfR+jO9O2+TsezcI2EKOk3NKljSK4z7sy
UknK+EhwwH+cLoww
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:39 2023 by rpki-client on console.sobornost.net