Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/af161b-ef51-44bd-8e0a-9eb3c682b009/1/1-uqyrVdftiR6iTW2eOqzAmsfeYo.roa
File: 1-uqyrVdftiR6iTW2eOqzAmsfeYo.roa (raw, json)
Hash identifier: oXMNCiLZdu0NwiwXyxxHI8q2nGvJUB5SEnd5hsUXDnI=
Subject key identifier: FA:EA:B2:AD:57:5F:B6:24:7A:89:35:B6:78:EA:B3:02:6B:1F:79:8A
Certificate issuer: /CN=287e1c97f71f355867e3fb877f21aa5130b6cf5d
Certificate serial: 0184FB2250A1A31AC957DF3A28C305EC2BF1
Authority key identifier: 28:7E:1C:97:F7:1F:35:58:67:E3:FB:87:7F:21:AA:51:30:B6:CF:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KH4cl_cfNVhn4_uHfyGqUTC2z10.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/af161b-ef51-44bd-8e0a-9eb3c682b009/1/1-uqyrVdftiR6iTW2eOqzAmsfeYo.roa
Signing time: Sat 10 Dec 2022 08:24:00 +0000
ROA not before: Sat 10 Dec 2022 08:24:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205110
IP address blocks: 185.226.88.0/24 maxlen: 24
185.226.91.0/24 maxlen: 24
185.226.90.0/24 maxlen: 24
185.226.90.0/23 maxlen: 23
185.226.89.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:fb:22:50:a1:a3:1a:c9:57:df:3a:28:c3:05:ec:2b:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=287e1c97f71f355867e3fb877f21aa5130b6cf5d
Validity
Not Before: Dec 10 08:24:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=faeab2ad575fb6247a8935b678eab3026b1f798a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:61:0d:b6:08:73:87:32:1b:3c:6e:fa:5e:60:
52:5f:09:04:4e:3f:cf:50:91:6c:f8:2e:5c:8c:0d:
4f:81:13:b2:a6:4c:12:f1:56:80:d8:b0:5d:20:a6:
21:31:7d:e6:44:b5:07:d3:c3:51:0a:85:7c:08:9c:
0b:cb:c8:21:44:b5:ef:9a:6c:60:34:32:4b:52:b6:
d9:69:63:0c:51:48:ec:85:b5:41:69:83:9e:70:88:
dc:bd:2c:29:c5:12:d8:93:84:44:44:77:bb:b0:27:
ea:c2:e9:51:d0:a6:a2:0d:8a:ee:af:59:56:74:d8:
32:0b:fa:2a:99:17:07:2d:f4:fd:3b:d2:a9:e2:25:
38:a6:34:00:dc:6c:24:e8:ea:55:98:df:3b:1e:73:
c3:7d:91:6c:40:8b:40:df:0e:95:1a:c7:c5:51:13:
30:20:d7:d6:0d:6c:b3:3a:81:6b:57:d4:ce:7d:51:
fd:2d:17:85:bf:68:12:98:be:95:e3:6e:d8:9d:cc:
fd:4b:38:9b:36:e4:dc:fe:7e:2f:32:ff:a7:2e:15:
6a:34:12:aa:84:c3:6c:d8:d8:ee:72:fc:63:4e:bb:
57:8a:d8:4c:61:c9:80:92:b3:d0:d2:a8:97:70:cc:
26:92:20:dd:0d:c5:9d:5b:25:d8:fd:3a:55:e3:42:
a6:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:EA:B2:AD:57:5F:B6:24:7A:89:35:B6:78:EA:B3:02:6B:1F:79:8A
X509v3 Authority Key Identifier:
keyid:28:7E:1C:97:F7:1F:35:58:67:E3:FB:87:7F:21:AA:51:30:B6:CF:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KH4cl_cfNVhn4_uHfyGqUTC2z10.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/af161b-ef51-44bd-8e0a-9eb3c682b009/1/1-uqyrVdftiR6iTW2eOqzAmsfeYo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/af161b-ef51-44bd-8e0a-9eb3c682b009/1/KH4cl_cfNVhn4_uHfyGqUTC2z10.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.226.88.0/22
Signature Algorithm: sha256WithRSAEncryption
1e:14:52:fd:25:e1:f5:29:fc:9a:0d:74:ac:1a:fb:9f:6c:60:
0b:03:7b:39:e6:b8:f6:e5:ea:0b:1b:a0:2a:01:53:41:bd:46:
e4:ea:b0:f3:92:de:0b:a9:45:2f:34:f1:4b:cb:91:bc:a0:ec:
57:26:c7:f8:76:a7:29:9d:fc:5d:35:70:c1:fa:6f:7b:83:41:
62:62:bd:b0:76:96:83:3a:ee:84:5f:a2:5d:06:36:a1:e0:d3:
69:bb:f9:68:ce:22:77:4e:d8:96:1c:78:9a:b3:36:b8:40:f5:
46:5a:4d:e8:54:8e:3e:f6:2b:41:b6:e3:bf:e7:c8:53:48:12:
b4:2b:8f:3b:f8:76:1b:29:87:49:22:95:07:0f:e1:e8:92:f0:
de:6c:75:d5:5c:84:a4:c2:87:d8:61:93:04:e1:0a:3f:a9:27:
d9:c7:5c:bc:92:d2:5a:9c:53:da:3d:d2:df:df:72:06:b2:04:
78:4f:61:68:04:43:b3:d0:6e:b5:3f:4c:92:02:99:be:6b:63:
2a:d7:02:b9:8a:7b:74:fc:ab:7e:6d:8d:6c:d1:82:03:5b:52:
ba:db:77:e2:80:f5:ff:6e:8f:9d:72:8b:f5:5d:7b:00:cd:2b:
3b:c7:d7:63:da:b3:a7:b8:6e:fa:65:a8:25:a6:ba:ab:b7:05:
3a:61:50:f7
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYT7IlChoxrJV986KMMF7CvxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4N2UxYzk3ZjcxZjM1NTg2N2UzZmI4NzdmMjFhYTUxMzBi
NmNmNWQwHhcNMjIxMjEwMDgyNDAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWVhYjJhZDU3NWZiNjI0N2E4OTM1YjY3OGVhYjMwMjZiMWY3OThhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr2ENtghzhzIbPG76XmBSXwkETj/P
UJFs+C5cjA1PgROypkwS8VaA2LBdIKYhMX3mRLUH08NRCoV8CJwLy8ghRLXvmmxg
NDJLUrbZaWMMUUjshbVBaYOecIjcvSwpxRLYk4RERHe7sCfqwulR0KaiDYrur1lW
dNgyC/oqmRcHLfT9O9Kp4iU4pjQA3Gwk6OpVmN87HnPDfZFsQItA3w6VGsfFURMw
INfWDWyzOoFrV9TOfVH9LReFv2gSmL6V427Yncz9SzibNuTc/n4vMv+nLhVqNBKq
hMNs2NjucvxjTrtXithMYcmAkrPQ0qiXcMwmkiDdDcWdWyXY/TpV40KmewIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPrqsq1XX7Ykeok1tnjqswJrH3mKMB8GA1UdIwQY
MBaAFCh+HJf3HzVYZ+P7h38hqlEwts9dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0g0Y2xfY2ZOVmhuNF91SGZ5R3FVVEMyejEwLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hZjE2MWItZWY1MS00NGJkLThlMGEt
OWViM2M2ODJiMDA5LzEvMS11cXlyVmRmdGlSNmlUVzJlT3F6QW1zZmVZby5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMzUvYWYxNjFiLWVmNTEtNDRiZC04ZTBhLTllYjNjNjgyYjAw
OS8xL0tINGNsX2NmTlZobjRfdUhmeUdxVVRDMnoxMC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArniWDAN
BgkqhkiG9w0BAQsFAAOCAQEAHhRS/SXh9Sn8mg10rBr7n2xgCwN7Oea49uXqCxug
KgFTQb1G5Oqw85LeC6lFLzTxS8uRvKDsVybH+HanKZ38XTVwwfpve4NBYmK9sHaW
gzruhF+iXQY2oeDTabv5aM4id07Ylhx4mrM2uED1RlpN6FSOPvYrQbbjv+fIU0gS
tCuPO/h2GymHSSKVBw/h6JLw3mx11VyEpMKH2GGTBOEKP6kn2cdcvJLSWpxT2j3S
399yBrIEeE9haARDs9ButT9MkgKZvmtjKtcCuYp7dPyrfm2NbNGCA1tSutt34oD1
/26PnXKL9V17AM0rO8fXY9qzp7hu+mWoJaa6q7cFOmFQ9w==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:52 2023 by rpki-client on console.sobornost.net