Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/07489a-805e-4339-b43a-539da69774c8/1/dC8RBfePmaI8gU-OLMszMBnmTmg.roa
File: dC8RBfePmaI8gU-OLMszMBnmTmg.roa (raw, json)
Hash identifier: zJK8ybdVEBasFEVmESxkkNQNgZulHI5NpgIivt23ZdA=
Subject key identifier: 74:2F:11:05:F7:8F:99:A2:3C:81:4F:8E:2C:CB:33:30:19:E6:4E:68
Certificate issuer: /CN=54f2b9a759357682ac419b5c0211cc0e420252ba
Certificate serial: 0183D5A7068C2A24A8A2E95AF351D12E713C
Authority key identifier: 54:F2:B9:A7:59:35:76:82:AC:41:9B:5C:02:11:CC:0E:42:02:52:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VPK5p1k1doKsQZtcAhHMDkICUro.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/07489a-805e-4339-b43a-539da69774c8/1/dC8RBfePmaI8gU-OLMszMBnmTmg.roa
Signing time: Fri 14 Oct 2022 08:40:36 +0000
ROA not before: Fri 14 Oct 2022 08:40:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 21034
IP address blocks: 212.43.96.0/19 maxlen: 20
185.179.103.0/24 maxlen: 24
185.2.146.0/23 maxlen: 23
212.43.112.0/20 maxlen: 20
2a00:1be0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:d5:a7:06:8c:2a:24:a8:a2:e9:5a:f3:51:d1:2e:71:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=54f2b9a759357682ac419b5c0211cc0e420252ba
Validity
Not Before: Oct 14 08:40:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=742f1105f78f99a23c814f8e2ccb333019e64e68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:33:ef:b8:2e:0c:48:64:a5:5c:bc:72:4f:51:
ca:f5:99:8f:3f:af:33:8f:bc:26:e7:8f:bf:ac:62:
9b:f6:89:1f:a5:d1:71:a9:31:6b:8a:fc:8f:7d:1c:
cf:42:4c:6b:4b:93:c7:c6:d2:02:1b:40:4a:e8:8c:
81:e5:1d:d6:01:fb:3e:e8:a4:23:45:26:55:20:41:
a4:75:6b:0a:f6:06:08:97:d4:bb:42:fb:6d:3c:55:
b5:51:c8:31:32:7c:21:71:b8:ff:88:1d:2a:e3:33:
13:59:95:4a:36:b5:cd:5d:c1:ed:d3:9b:93:69:e1:
c2:eb:01:84:c0:ab:71:a8:41:28:d6:fd:b2:2e:f2:
b8:cf:1a:48:6d:12:9f:77:43:1f:75:6f:b8:a4:28:
92:74:9f:6b:d3:a2:b2:bb:7a:af:b4:69:71:60:03:
3b:74:9b:5e:ac:e5:8b:b1:c9:8c:3a:01:48:3c:b4:
28:6e:d5:95:4e:06:bd:4d:4c:02:e0:dc:18:33:73:
97:e8:8f:5b:8d:14:c1:6a:72:5b:90:0e:23:12:e8:
5d:9d:45:e4:73:5a:e6:b5:96:dd:df:0c:a8:6e:0f:
97:91:fc:77:0c:ec:b1:3d:ea:10:e9:1b:f8:7f:c4:
e6:18:97:75:00:c2:8f:ac:b2:6b:6a:54:39:f8:79:
cd:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:2F:11:05:F7:8F:99:A2:3C:81:4F:8E:2C:CB:33:30:19:E6:4E:68
X509v3 Authority Key Identifier:
keyid:54:F2:B9:A7:59:35:76:82:AC:41:9B:5C:02:11:CC:0E:42:02:52:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VPK5p1k1doKsQZtcAhHMDkICUro.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/07489a-805e-4339-b43a-539da69774c8/1/dC8RBfePmaI8gU-OLMszMBnmTmg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/07489a-805e-4339-b43a-539da69774c8/1/VPK5p1k1doKsQZtcAhHMDkICUro.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.2.146.0/23
185.179.103.0/24
212.43.96.0/19
IPv6:
2a00:1be0::/32
Signature Algorithm: sha256WithRSAEncryption
64:d8:7f:55:d9:0c:57:fa:35:6a:8e:f0:0c:59:10:34:73:8a:
90:0b:73:13:51:72:fb:e3:4d:e6:a6:e6:37:ed:83:02:10:74:
47:70:c1:9c:43:e0:b0:b0:a6:68:69:2c:e7:e8:72:47:d6:a9:
e9:30:52:69:7b:e0:cc:2c:fa:b6:1f:b0:57:05:b6:98:79:09:
f3:32:e1:4e:68:d8:18:c2:eb:22:ec:0d:5d:db:67:f6:70:3e:
c9:c3:e9:71:87:4f:12:49:96:55:99:b9:a8:3b:f1:7f:72:90:
c6:bb:35:43:2b:78:01:97:84:3c:be:e7:82:6e:98:8e:54:75:
af:05:af:ed:0a:b7:ba:56:70:dc:9d:03:53:c2:4a:8b:00:8f:
08:cb:5e:0a:10:2a:91:34:21:d0:37:7d:2d:97:6b:37:cd:c7:
68:38:68:c2:4d:21:23:f6:41:b1:62:07:fe:19:8c:c3:c9:27:
8f:b7:2b:97:e0:4c:a8:ba:43:34:6d:8c:61:27:6a:91:08:5a:
8c:2c:75:36:1f:90:0f:67:75:ad:9d:f0:da:c6:e6:c1:5c:96:
06:6b:51:33:44:de:98:b0:a7:a7:7c:dd:32:9e:b1:f7:79:3e:
78:09:45:10:df:78:2f:56:78:50:d3:cf:4c:0c:43:12:16:e3:
75:71:b6:70
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYPVpwaMKiSooula81HRLnE8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0ZjJiOWE3NTkzNTc2ODJhYzQxOWI1YzAyMTFjYzBlNDIw
MjUyYmEwHhcNMjIxMDE0MDg0MDM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDJmMTEwNWY3OGY5OWEyM2M4MTRmOGUyY2NiMzMzMDE5ZTY0ZTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApzPvuC4MSGSlXLxyT1HK9ZmPP68z
j7wm54+/rGKb9okfpdFxqTFrivyPfRzPQkxrS5PHxtICG0BK6IyB5R3WAfs+6KQj
RSZVIEGkdWsK9gYIl9S7QvttPFW1UcgxMnwhcbj/iB0q4zMTWZVKNrXNXcHt05uT
aeHC6wGEwKtxqEEo1v2yLvK4zxpIbRKfd0MfdW+4pCiSdJ9r06Kyu3qvtGlxYAM7
dJterOWLscmMOgFIPLQobtWVTga9TUwC4NwYM3OX6I9bjRTBanJbkA4jEuhdnUXk
c1rmtZbd3wyobg+Xkfx3DOyxPeoQ6Rv4f8TmGJd1AMKPrLJralQ5+HnNdwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFHQvEQX3j5miPIFPjizLMzAZ5k5oMB8GA1UdIwQY
MBaAFFTyuadZNXaCrEGbXAIRzA5CAlK6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVlBLNXAxazFkb0tzUVp0Y0FoSE1Ea0lDVXJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8wNzQ4OWEtODA1ZS00MzM5LWI0M2Et
NTM5ZGE2OTc3NGM4LzEvZEM4UkJmZVBtYUk4Z1UtT0xNc3pNQm5tVG1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8wNzQ4OWEtODA1ZS00MzM5LWI0M2EtNTM5ZGE2OTc3NGM4
LzEvVlBLNXAxazFkb0tzUVp0Y0FoSE1Ea0lDVXJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQBuQKSAwQA
ubNnAwQF1CtgMA0EAgACMAcDBQAqABvgMA0GCSqGSIb3DQEBCwUAA4IBAQBk2H9V
2QxX+jVqjvAMWRA0c4qQC3MTUXL7403mpuY37YMCEHRHcMGcQ+CwsKZoaSzn6HJH
1qnpMFJpe+DMLPq2H7BXBbaYeQnzMuFOaNgYwusi7A1d22f2cD7Jw+lxh08SSZZV
mbmoO/F/cpDGuzVDK3gBl4Q8vueCbpiOVHWvBa/tCre6VnDcnQNTwkqLAI8Iy14K
ECqRNCHQN30tl2s3zcdoOGjCTSEj9kGxYgf+GYzDySePtyuX4EyoukM0bYxhJ2qR
CFqMLHU2H5APZ3WtnfDaxubBXJYGa1EzRN6YsKenfN0ynrH3eT54CUUQ33gvVnhQ
089MDEMSFuN1cbZw
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:04 2023 by rpki-client on console.sobornost.net