Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/62b15d-ee50-450b-8e2d-097b0510d3e2/1/imvcoLQPjBGYY7yYrtEzej175WE.roa
File: imvcoLQPjBGYY7yYrtEzej175WE.roa (raw, json)
Hash identifier: 9mCT5P2AIHu063V2v3QaZyicNYvgjAQ5zhpjKhToD3k=
Subject key identifier: 8A:6B:DC:A0:B4:0F:8C:11:98:63:BC:98:AE:D1:33:7A:3D:7B:E5:61
Certificate issuer: /CN=3bde638684c645fedd600ed3c50cdf310b116d3e
Certificate serial: 01848658E8F37B9C5232F7A0DE9C0D44E0A1
Authority key identifier: 3B:DE:63:86:84:C6:45:FE:DD:60:0E:D3:C5:0C:DF:31:0B:11:6D:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O95jhoTGRf7dYA7TxQzfMQsRbT4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/62b15d-ee50-450b-8e2d-097b0510d3e2/1/imvcoLQPjBGYY7yYrtEzej175WE.roa
Signing time: Thu 17 Nov 2022 16:08:04 +0000
ROA not before: Thu 17 Nov 2022 16:08:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209045
IP address blocks: 147.189.192.0/20 maxlen: 22
194.61.20.0/22 maxlen: 22
2a09:7001::/32 maxlen: 32
2a09:7000::/29 maxlen: 32
2a09:7000::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:86:58:e8:f3:7b:9c:52:32:f7:a0:de:9c:0d:44:e0:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3bde638684c645fedd600ed3c50cdf310b116d3e
Validity
Not Before: Nov 17 16:08:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8a6bdca0b40f8c119863bc98aed1337a3d7be561
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:f6:1e:88:2c:3c:ce:56:c5:28:99:86:d7:f4:
aa:52:66:c2:48:9b:ca:0c:4e:3d:5d:53:6e:ad:45:
09:55:3c:59:d0:02:44:49:d5:02:ee:44:a8:6b:cc:
61:87:34:34:50:4a:7d:75:24:bf:34:1a:b4:1b:ac:
76:ac:a8:e9:69:30:92:16:ec:da:12:80:f0:76:53:
21:d3:c1:85:e7:bf:6d:d5:10:4c:9f:13:fb:b7:c8:
46:f6:e6:b2:81:6f:a2:07:bd:f8:a7:ef:61:4f:a5:
37:21:be:12:d7:36:f3:d9:dd:e8:0b:d0:8a:22:df:
d8:83:1d:91:f2:f2:d3:16:d9:8b:b1:80:5c:ba:9d:
60:ab:ba:72:bf:00:e2:74:65:1c:60:6e:89:f7:e6:
58:9e:e6:83:60:81:1e:71:dd:ec:73:3c:38:83:c6:
cf:96:64:4c:dd:00:a6:18:c6:3b:8f:03:68:d0:f3:
76:5e:d2:7f:c3:e2:52:d5:1d:ea:93:3f:00:e4:53:
7b:36:42:81:a6:dc:47:09:c2:ee:7a:1d:ad:06:37:
c0:f1:6b:c9:60:d0:8c:b7:8e:b7:ae:d9:6b:d6:49:
f2:ac:4a:90:10:f9:65:d9:80:28:67:d5:d3:7d:8e:
ea:07:57:c6:e7:45:c5:1b:98:7a:b7:d3:cf:f4:23:
e1:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:6B:DC:A0:B4:0F:8C:11:98:63:BC:98:AE:D1:33:7A:3D:7B:E5:61
X509v3 Authority Key Identifier:
keyid:3B:DE:63:86:84:C6:45:FE:DD:60:0E:D3:C5:0C:DF:31:0B:11:6D:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O95jhoTGRf7dYA7TxQzfMQsRbT4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/62b15d-ee50-450b-8e2d-097b0510d3e2/1/imvcoLQPjBGYY7yYrtEzej175WE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/62b15d-ee50-450b-8e2d-097b0510d3e2/1/O95jhoTGRf7dYA7TxQzfMQsRbT4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.189.192.0/20
194.61.20.0/22
IPv6:
2a09:7000::/29
Signature Algorithm: sha256WithRSAEncryption
a0:27:5d:ca:b5:1f:19:7b:72:a6:71:d7:d6:99:03:4f:19:42:
aa:35:03:d3:97:28:41:b7:32:e0:6b:84:d4:b1:b6:53:d9:65:
df:d2:a3:ab:9f:00:85:1e:09:95:87:93:19:3d:0f:8e:72:73:
55:08:5c:d9:6c:63:c3:90:4e:a8:4d:d3:b4:d6:d0:62:39:6e:
3f:10:a2:97:24:3f:1e:fd:9e:25:0d:ac:26:cd:0f:8c:b6:be:
40:4d:12:36:6c:ed:68:20:ad:4b:d3:c4:ff:91:8a:c3:40:b0:
14:58:6d:13:a8:43:40:62:f3:1c:a0:29:a3:09:64:a1:c8:a1:
21:5a:36:62:16:cc:76:f5:c5:d3:5f:d2:c1:88:6a:2e:22:ee:
3e:7e:8c:53:42:6e:46:8b:56:3c:c4:4e:87:3f:c3:59:1e:91:
1a:73:1a:33:c5:05:e7:bd:f5:b1:b7:6a:12:7e:b5:aa:3f:d7:
76:17:5c:88:32:51:6a:65:03:e5:dd:73:e4:87:f6:be:0c:50:
79:53:a8:1a:a9:48:8c:01:36:68:25:16:f8:f3:e6:9b:a1:fa:
72:7a:8f:ff:cc:94:aa:d1:9f:26:4a:a4:98:a9:53:cb:ab:fc:
97:eb:16:d1:1e:c8:c3:37:42:31:11:4c:ac:52:9d:33:a1:ec:
f4:82:18:1e
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYSGWOjze5xSMveg3pwNROChMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiZGU2Mzg2ODRjNjQ1ZmVkZDYwMGVkM2M1MGNkZjMxMGIx
MTZkM2UwHhcNMjIxMTE3MTYwODA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTZiZGNhMGI0MGY4YzExOTg2M2JjOThhZWQxMzM3YTNkN2JlNTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhfYeiCw8zlbFKJmG1/SqUmbCSJvK
DE49XVNurUUJVTxZ0AJESdUC7kSoa8xhhzQ0UEp9dSS/NBq0G6x2rKjpaTCSFuza
EoDwdlMh08GF579t1RBMnxP7t8hG9uaygW+iB734p+9hT6U3Ib4S1zbz2d3oC9CK
It/Ygx2R8vLTFtmLsYBcup1gq7pyvwDidGUcYG6J9+ZYnuaDYIEecd3sczw4g8bP
lmRM3QCmGMY7jwNo0PN2XtJ/w+JS1R3qkz8A5FN7NkKBptxHCcLueh2tBjfA8WvJ
YNCMt463rtlr1knyrEqQEPll2YAoZ9XTfY7qB1fG50XFG5h6t9PP9CPheQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFIpr3KC0D4wRmGO8mK7RM3o9e+VhMB8GA1UdIwQY
MBaAFDveY4aExkX+3WAO08UM3zELEW0+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzk1amhvVEdSZjdkWUE3VHhRemZNUXNSYlQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS82MmIxNWQtZWU1MC00NTBiLThlMmQt
MDk3YjA1MTBkM2UyLzEvaW12Y29MUVBqQkdZWTd5WXJ0RXplajE3NVdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS82MmIxNWQtZWU1MC00NTBiLThlMmQtMDk3YjA1MTBkM2Uy
LzEvTzk1amhvVEdSZjdkWUE3VHhRemZNUXNSYlQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEk73AAwQC
wj0UMA0EAgACMAcDBQMqCXAAMA0GCSqGSIb3DQEBCwUAA4IBAQCgJ13KtR8Ze3Km
cdfWmQNPGUKqNQPTlyhBtzLga4TUsbZT2WXf0qOrnwCFHgmVh5MZPQ+OcnNVCFzZ
bGPDkE6oTdO01tBiOW4/EKKXJD8e/Z4lDawmzQ+Mtr5ATRI2bO1oIK1L08T/kYrD
QLAUWG0TqENAYvMcoCmjCWShyKEhWjZiFsx29cXTX9LBiGouIu4+foxTQm5Gi1Y8
xE6HP8NZHpEacxozxQXnvfWxt2oSfrWqP9d2F1yIMlFqZQPl3XPkh/a+DFB5U6ga
qUiMATZoJRb48+abofpyeo//zJSq0Z8mSqSYqVPLq/yX6xbRHsjDN0IxEUysUp0z
oez0ghge
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:26 2023 by rpki-client on console.sobornost.net