Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/8b443e-f3c8-4ba0-9e96-86c541ca9d71/1/Xs5Le8icwrjQqdsZi0mc3LUuHug.roa
File: Xs5Le8icwrjQqdsZi0mc3LUuHug.roa (raw, json)
Hash identifier: I6IG8m4avBMQ+aDhh1grUM/TDJw+E/kF+OG8Q9k2piI=
Subject key identifier: 5E:CE:4B:7B:C8:9C:C2:B8:D0:A9:DB:19:8B:49:9C:DC:B5:2E:1E:E8
Certificate issuer: /CN=be1a887e7653a2de44f13163e187037326a29a03
Certificate serial: 2FF39E71
Authority key identifier: BE:1A:88:7E:76:53:A2:DE:44:F1:31:63:E1:87:03:73:26:A2:9A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vhqIfnZTot5E8TFj4YcDcyaimgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/8b443e-f3c8-4ba0-9e96-86c541ca9d71/1/Xs5Le8icwrjQqdsZi0mc3LUuHug.roa
Signing time: Sat 01 Jan 2022 09:00:39 +0000
ROA not before: Sat 01 Jan 2022 09:00:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39398
IP address blocks: 5.199.230.0/24 maxlen: 24
5.199.229.0/24 maxlen: 24
5.199.228.0/24 maxlen: 24
5.199.231.0/24 maxlen: 24
185.119.251.0/24 maxlen: 24
185.119.250.0/24 maxlen: 24
185.119.249.0/24 maxlen: 24
185.119.248.0/22 maxlen: 22
185.119.248.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 804494961 (0x2ff39e71)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be1a887e7653a2de44f13163e187037326a29a03
Validity
Not Before: Jan 1 09:00:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5ece4b7bc89cc2b8d0a9db198b499cdcb52e1ee8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:99:13:59:a5:58:c0:e2:b2:fd:3e:45:6d:7d:
f2:03:0a:16:fc:94:5e:51:f4:5e:1d:24:01:59:db:
e0:08:aa:a1:ba:bc:b3:5d:ca:ef:8b:1a:8c:43:e6:
7e:85:89:7b:bd:00:26:f7:b2:9c:8d:7b:e7:d0:1b:
f1:0d:4e:f7:6a:cf:f3:b2:66:50:53:04:39:48:4e:
7b:2b:f3:a8:51:16:a1:a7:72:a0:31:43:34:ea:2a:
4a:86:40:f3:11:3c:b8:fe:27:8c:cf:f7:97:33:9f:
7f:1d:d0:cc:1a:08:59:94:32:ac:cc:59:c2:30:f4:
bd:6d:16:19:fe:d3:bf:8e:27:c4:50:c8:e9:ab:1d:
7b:da:a2:28:5a:cd:8b:4f:df:49:89:ab:93:08:d7:
51:4c:85:56:0a:bc:85:16:b2:a6:34:11:28:92:9f:
e7:16:dd:a8:32:6a:5d:e5:da:a3:b5:19:c1:c0:c7:
0b:85:9a:13:1a:1c:5f:b1:5d:2c:5d:71:e5:dc:a7:
8a:f0:47:12:6d:ea:b5:fb:8b:60:02:5b:b5:31:fa:
de:33:fe:36:db:19:3c:91:9a:24:5b:82:bf:66:82:
36:0f:88:fa:29:a7:1b:c0:58:43:b0:e4:57:c0:80:
68:9f:f1:95:c1:84:76:60:d0:3b:c7:d4:d7:09:dd:
b0:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:CE:4B:7B:C8:9C:C2:B8:D0:A9:DB:19:8B:49:9C:DC:B5:2E:1E:E8
X509v3 Authority Key Identifier:
keyid:BE:1A:88:7E:76:53:A2:DE:44:F1:31:63:E1:87:03:73:26:A2:9A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vhqIfnZTot5E8TFj4YcDcyaimgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/8b443e-f3c8-4ba0-9e96-86c541ca9d71/1/Xs5Le8icwrjQqdsZi0mc3LUuHug.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/8b443e-f3c8-4ba0-9e96-86c541ca9d71/1/vhqIfnZTot5E8TFj4YcDcyaimgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.199.228.0/22
185.119.248.0/22
Signature Algorithm: sha256WithRSAEncryption
43:ab:2f:82:50:25:0a:26:e2:ff:36:8f:7c:4f:63:69:82:ae:
bf:ac:c6:20:5b:23:93:15:a0:62:85:10:43:58:05:d9:b1:2a:
34:f7:d6:7d:82:b7:c2:82:ae:47:e6:8f:c9:52:05:4b:b0:fb:
ac:57:bf:46:b4:ab:99:40:07:27:97:aa:86:c0:13:dc:47:69:
44:a2:3c:a1:ec:7a:63:02:69:7d:07:24:2a:61:c7:cc:96:a9:
5d:f5:eb:6c:6c:fb:b6:e6:92:32:29:80:1a:62:2b:e8:43:68:
60:f4:d4:e4:bc:ec:33:5f:5e:7b:04:81:54:1d:05:21:09:92:
ab:91:51:2b:0b:dd:53:08:f6:fe:8e:fa:f7:d9:f0:21:4b:bc:
7e:e4:6d:0f:c5:0e:25:12:4e:eb:8f:d9:62:f2:a8:b8:c9:7f:
a2:a4:b4:58:db:70:14:cf:51:6c:70:76:b6:81:2f:e0:c0:03:
ec:b0:c1:b4:d4:1e:11:aa:5b:c8:d9:af:2d:2d:ba:f6:d8:dd:
07:1d:e5:bf:de:c8:af:7f:87:bf:29:fc:32:f9:89:7e:36:97:
3b:d2:cd:fa:9a:17:60:b9:ee:d6:b4:40:36:3d:f4:e1:2a:0f:
92:ec:29:3b:32:b0:a0:59:a5:9b:ff:a8:2a:5e:54:b2:aa:b0:
0d:e9:4b:ab
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEL/OecTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
ZTFhODg3ZTc2NTNhMmRlNDRmMTMxNjNlMTg3MDM3MzI2YTI5YTAzMB4XDTIyMDEw
MTA5MDAzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWVjZTRiN2JjODlj
YzJiOGQwYTlkYjE5OGI0OTljZGNiNTJlMWVlODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJGZE1mlWMDisv0+RW198gMKFvyUXlH0Xh0kAVnb4Aiqobq8
s13K74sajEPmfoWJe70AJveynI1759Ab8Q1O92rP87JmUFMEOUhOeyvzqFEWoady
oDFDNOoqSoZA8xE8uP4njM/3lzOffx3QzBoIWZQyrMxZwjD0vW0WGf7Tv44nxFDI
6asde9qiKFrNi0/fSYmrkwjXUUyFVgq8hRaypjQRKJKf5xbdqDJqXeXao7UZwcDH
C4WaExocX7FdLF1x5dynivBHEm3qtfuLYAJbtTH63jP+NtsZPJGaJFuCv2aCNg+I
+imnG8BYQ7DkV8CAaJ/xlcGEdmDQO8fU1wndsNcCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBRezkt7yJzCuNCp2xmLSZzctS4e6DAfBgNVHSMEGDAWgBS+Goh+dlOi3kTx
MWPhhwNzJqKaAzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3ZocUlmblpUb3Q1RThURmo0WWNEY3lhaW1nTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzQvOGI0NDNlLWYzYzgtNGJhMC05ZTk2LTg2YzU0MWNhOWQ3MS8x
L1hzNUxlOGljd3JqUXFkc1ppMG1jM0xVdUh1Zy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQv
OGI0NDNlLWYzYzgtNGJhMC05ZTk2LTg2YzU0MWNhOWQ3MS8xL3ZocUlmblpUb3Q1
RThURmo0WWNEY3lhaW1nTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAgXH5AMEArl3+DANBgkqhkiG9w0B
AQsFAAOCAQEAQ6svglAlCibi/zaPfE9jaYKuv6zGIFsjkxWgYoUQQ1gF2bEqNPfW
fYK3woKuR+aPyVIFS7D7rFe/RrSrmUAHJ5eqhsAT3EdpRKI8oex6YwJpfQckKmHH
zJapXfXrbGz7tuaSMimAGmIr6ENoYPTU5LzsM19eewSBVB0FIQmSq5FRKwvdUwj2
/o7699nwIUu8fuRtD8UOJRJO64/ZYvKouMl/oqS0WNtwFM9RbHB2toEv4MAD7LDB
tNQeEapbyNmvLS269tjdBx3lv97Ir3+Hvyn8MvmJfjaXO9LN+poXYLnu1rRANj30
4SoPkuwpOzKwoFmlm/+oKl5UsqqwDelLqw==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:13 2023 by rpki-client on console.sobornost.net