Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/731034-5fd5-492b-9daf-6f56e1fa0230/1/S7f3TxGZPxqZNopl-ccRh2iqAcw.roa
File: S7f3TxGZPxqZNopl-ccRh2iqAcw.roa (raw, json)
Hash identifier: L/lnvUcD9NG1+f+X57daaDgToelh2Wn9BuK6UNJ+ZJA=
Subject key identifier: 4B:B7:F7:4F:11:99:3F:1A:99:36:8A:65:F9:C7:11:87:68:AA:01:CC
Certificate issuer: /CN=6b71b34938a31a34bf5866a0f3dd78c38aac6119
Certificate serial: 01850AE49F56DF519191BACDEA93DD2DA4C6
Authority key identifier: 6B:71:B3:49:38:A3:1A:34:BF:58:66:A0:F3:DD:78:C3:8A:AC:61:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a3GzSTijGjS_WGag8914w4qsYRk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/731034-5fd5-492b-9daf-6f56e1fa0230/1/S7f3TxGZPxqZNopl-ccRh2iqAcw.roa
Signing time: Tue 13 Dec 2022 09:50:33 +0000
ROA not before: Tue 13 Dec 2022 09:50:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7138
IP address blocks: 185.14.85.0/24 maxlen: 24
185.14.84.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:0a:e4:9f:56:df:51:91:91:ba:cd:ea:93:dd:2d:a4:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b71b34938a31a34bf5866a0f3dd78c38aac6119
Validity
Not Before: Dec 13 09:50:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4bb7f74f11993f1a99368a65f9c7118768aa01cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:9f:04:e6:be:f8:1f:56:a0:b6:62:54:5b:83:
d9:90:d7:8d:8b:fc:63:82:91:0b:3a:f7:bb:f1:72:
fa:08:36:f6:dd:92:9c:13:68:64:bc:f9:1d:9d:d6:
c7:9e:04:23:ba:23:22:4c:12:16:a9:c9:8c:59:f2:
53:6f:63:84:99:3e:91:6e:5f:6e:8d:44:d0:29:c1:
c8:86:20:a5:6f:0f:00:2f:02:dd:ea:51:04:17:71:
45:f9:1a:3b:09:2e:6d:1c:9c:e5:e5:02:82:cb:c9:
83:96:3d:71:ee:39:25:c0:00:e3:7e:02:3f:00:00:
ae:ba:0d:51:ad:48:54:9d:bc:64:d0:3e:11:70:80:
ee:0f:99:a1:dc:0b:33:36:b0:28:c0:34:3f:42:f2:
c2:b0:0e:ef:81:2e:0a:16:55:e0:5a:5a:c6:c4:6e:
8a:84:d9:94:12:26:2d:ba:27:60:ad:1a:66:9a:99:
b7:69:75:de:14:24:0f:de:8d:1e:5a:fb:7f:e4:81:
74:75:69:d1:13:15:cc:8b:d4:dc:52:16:36:1a:93:
50:aa:50:6e:45:c2:1e:d3:56:70:c4:de:0e:56:fb:
30:8c:00:91:e4:18:00:4f:bb:60:c1:52:49:5b:a5:
4a:b5:43:4b:f5:8f:88:f4:22:89:ca:a6:1f:36:c5:
1d:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:B7:F7:4F:11:99:3F:1A:99:36:8A:65:F9:C7:11:87:68:AA:01:CC
X509v3 Authority Key Identifier:
keyid:6B:71:B3:49:38:A3:1A:34:BF:58:66:A0:F3:DD:78:C3:8A:AC:61:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3GzSTijGjS_WGag8914w4qsYRk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/731034-5fd5-492b-9daf-6f56e1fa0230/1/S7f3TxGZPxqZNopl-ccRh2iqAcw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/731034-5fd5-492b-9daf-6f56e1fa0230/1/a3GzSTijGjS_WGag8914w4qsYRk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.14.84.0/22
Signature Algorithm: sha256WithRSAEncryption
2f:92:de:e1:6e:f7:30:cd:ae:79:0c:5f:bb:1d:7c:28:59:a0:
eb:e9:91:42:96:30:67:d6:44:5f:a3:58:be:b8:63:68:85:0d:
22:9e:1f:35:6a:8a:e7:39:8a:c7:05:20:d7:91:78:ff:70:6f:
eb:4c:e7:78:e1:b9:97:4b:e8:c3:25:cd:50:81:78:4b:71:27:
29:20:84:a7:bb:99:be:aa:3f:d7:d7:c1:fb:33:5b:16:41:b2:
9f:1b:d1:e1:a8:05:89:94:9b:7c:56:a9:93:f0:74:e0:10:c4:
bf:8e:3c:12:da:93:0d:17:8c:bb:fb:56:c9:eb:d5:d1:ef:a1:
28:4f:3c:1d:8d:0e:94:9e:2e:0e:fa:13:d1:16:a7:c7:c0:8f:
94:94:84:2d:0b:c5:0f:61:43:24:c1:ed:c2:3c:d3:a6:80:50:
f2:2f:45:71:27:d3:c5:21:2f:e6:35:60:50:99:b1:20:f6:36:
72:4a:06:14:5c:ef:2a:67:f6:35:03:c1:9f:47:a4:6a:de:3e:
08:a6:10:b9:5b:c7:3b:7c:12:5a:22:fd:6a:20:38:27:2c:9f:
b5:0a:2a:2d:fd:ac:59:0b:2d:42:78:45:82:98:97:21:3d:ac:
a0:79:c7:73:cb:02:bf:4b:03:82:af:79:52:f1:f3:8e:3c:e2:
30:a1:04:a8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYUK5J9W31GRkbrN6pPdLaTGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNzFiMzQ5MzhhMzFhMzRiZjU4NjZhMGYzZGQ3OGMzOGFh
YzYxMTkwHhcNMjIxMjEzMDk1MDMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmI3Zjc0ZjExOTkzZjFhOTkzNjhhNjVmOWM3MTE4NzY4YWEwMWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApp8E5r74H1agtmJUW4PZkNeNi/xj
gpELOve78XL6CDb23ZKcE2hkvPkdndbHngQjuiMiTBIWqcmMWfJTb2OEmT6Rbl9u
jUTQKcHIhiClbw8ALwLd6lEEF3FF+Ro7CS5tHJzl5QKCy8mDlj1x7jklwADjfgI/
AACuug1RrUhUnbxk0D4RcIDuD5mh3AszNrAowDQ/QvLCsA7vgS4KFlXgWlrGxG6K
hNmUEiYtuidgrRpmmpm3aXXeFCQP3o0eWvt/5IF0dWnRExXMi9TcUhY2GpNQqlBu
RcIe01ZwxN4OVvswjACR5BgAT7tgwVJJW6VKtUNL9Y+I9CKJyqYfNsUdHQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEu3908RmT8amTaKZfnHEYdoqgHMMB8GA1UdIwQY
MBaAFGtxs0k4oxo0v1hmoPPdeMOKrGEZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTNHelNUaWpHalNfV0dhZzg5MTR3NHFzWVJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS83MzEwMzQtNWZkNS00OTJiLTlkYWYt
NmY1NmUxZmEwMjMwLzEvUzdmM1R4R1pQeHFaTm9wbC1jY1JoMmlxQWN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS83MzEwMzQtNWZkNS00OTJiLTlkYWYtNmY1NmUxZmEwMjMw
LzEvYTNHelNUaWpHalNfV0dhZzg5MTR3NHFzWVJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuQ5UMA0G
CSqGSIb3DQEBCwUAA4IBAQAvkt7hbvcwza55DF+7HXwoWaDr6ZFCljBn1kRfo1i+
uGNohQ0inh81aornOYrHBSDXkXj/cG/rTOd44bmXS+jDJc1QgXhLcScpIISnu5m+
qj/X18H7M1sWQbKfG9HhqAWJlJt8VqmT8HTgEMS/jjwS2pMNF4y7+1bJ69XR76Eo
TzwdjQ6Uni4O+hPRFqfHwI+UlIQtC8UPYUMkwe3CPNOmgFDyL0VxJ9PFIS/mNWBQ
mbEg9jZySgYUXO8qZ/Y1A8GfR6Rq3j4IphC5W8c7fBJaIv1qIDgnLJ+1Ciot/axZ
Cy1CeEWCmJchPaygecdzywK/SwOCr3lS8fOOPOIwoQSo
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:52 2023 by rpki-client on console.sobornost.net