Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/3a39e9-3d40-46f8-bb0f-5ba43b118f75/1/vUn8nT2bAAAjFb3d3X-9XXO2KB4.roa
File: vUn8nT2bAAAjFb3d3X-9XXO2KB4.roa (raw, json)
Hash identifier: tIjdAayNQPt5nBGU5pItF9E4Y8ZuUtYSM+rBC9lNUNA=
Subject key identifier: BD:49:FC:9D:3D:9B:00:00:23:15:BD:DD:DD:7F:BD:5D:73:B6:28:1E
Certificate issuer: /CN=0a2a157f00515f95b6df5dc0d52eb1b5d43fde5c
Certificate serial: 01824A8E1B72428222BCBEC67D505115AE4A
Authority key identifier: 0A:2A:15:7F:00:51:5F:95:B6:DF:5D:C0:D5:2E:B1:B5:D4:3F:DE:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CioVfwBRX5W2313A1S6xtdQ_3lw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/3a39e9-3d40-46f8-bb0f-5ba43b118f75/1/vUn8nT2bAAAjFb3d3X-9XXO2KB4.roa
Signing time: Fri 29 Jul 2022 15:23:23 +0000
ROA not before: Fri 29 Jul 2022 15:23:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47406
IP address blocks: 185.154.88.0/22 maxlen: 24
185.176.200.0/22 maxlen: 24
185.118.72.0/22 maxlen: 24
160.202.28.0/22 maxlen: 24
185.211.15.0/24 maxlen: 24
185.123.36.0/22 maxlen: 24
2a06:9240::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:4a:8e:1b:72:42:82:22:bc:be:c6:7d:50:51:15:ae:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a2a157f00515f95b6df5dc0d52eb1b5d43fde5c
Validity
Not Before: Jul 29 15:23:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bd49fc9d3d9b00002315bddddd7fbd5d73b6281e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:ff:ec:79:44:1f:07:bc:22:4f:46:20:b7:5b:
56:ef:d1:39:ad:df:99:52:3d:fc:4f:35:60:b3:01:
c2:0f:30:26:6d:eb:af:52:af:7a:24:2c:af:6f:26:
31:b4:6a:92:f4:e3:31:e2:49:04:bc:9d:77:1f:dc:
06:aa:6f:b0:f9:49:9a:06:d8:3e:3b:7b:86:f8:fb:
2f:2d:f8:d4:fe:9c:45:0c:fc:15:63:39:6b:d9:bb:
6b:4d:5f:48:9e:00:71:01:2e:4a:18:d3:cb:44:f9:
4b:f4:3a:e3:95:fc:e2:89:c1:20:99:41:33:8f:be:
e9:86:c9:6f:d1:d7:84:1f:c3:ed:1e:ee:5f:1a:82:
ea:d8:dc:6f:ea:8d:fd:2c:ba:97:99:82:37:fd:ba:
6f:3b:f2:14:d5:e5:c7:05:36:9e:17:67:f1:67:c0:
9f:79:ff:b0:b2:04:72:8b:f8:69:6e:88:48:14:19:
8b:80:ce:65:1e:a5:ab:b6:99:5e:ae:43:f0:cf:88:
31:b6:35:3e:d0:44:22:a4:aa:87:12:65:98:69:64:
7d:a3:93:48:ed:3f:36:e2:ff:28:5e:65:70:cd:73:
48:1c:1a:40:aa:fd:1f:91:6d:67:da:a0:80:cd:51:
19:6b:38:c5:74:84:a5:86:4f:b4:9d:d2:76:80:1d:
ba:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:49:FC:9D:3D:9B:00:00:23:15:BD:DD:DD:7F:BD:5D:73:B6:28:1E
X509v3 Authority Key Identifier:
keyid:0A:2A:15:7F:00:51:5F:95:B6:DF:5D:C0:D5:2E:B1:B5:D4:3F:DE:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CioVfwBRX5W2313A1S6xtdQ_3lw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/3a39e9-3d40-46f8-bb0f-5ba43b118f75/1/vUn8nT2bAAAjFb3d3X-9XXO2KB4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/3a39e9-3d40-46f8-bb0f-5ba43b118f75/1/CioVfwBRX5W2313A1S6xtdQ_3lw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
160.202.28.0/22
185.118.72.0/22
185.123.36.0/22
185.154.88.0/22
185.176.200.0/22
185.211.15.0/24
IPv6:
2a06:9240::/29
Signature Algorithm: sha256WithRSAEncryption
59:5e:96:6f:a5:94:a1:2e:d9:37:61:2c:89:c9:3c:c0:14:99:
72:a8:59:7d:eb:9b:98:ee:93:94:2f:65:05:8e:6d:68:b0:77:
3d:9c:90:ca:f5:4e:ab:13:e1:89:fb:6d:de:d6:f7:33:08:5c:
21:30:0c:0f:b6:72:c6:19:1b:c2:73:ef:a6:08:9b:01:66:e3:
15:9d:7e:53:e2:84:1d:d6:c7:27:29:0f:42:c0:6a:4c:db:b7:
e3:45:af:9a:3f:3e:ac:c2:f9:56:49:e4:45:ac:19:68:3f:ec:
31:df:8e:9d:ad:30:8b:2c:30:05:18:93:dc:73:72:96:95:00:
ea:c5:50:f0:3a:cb:c6:94:26:fd:76:67:2b:5b:56:52:52:4e:
4e:44:be:e2:04:ba:81:ea:76:4b:7e:f3:0c:f5:d5:ee:95:52:
20:05:eb:95:84:7e:da:cd:ed:da:29:89:25:8a:9c:6f:88:74:
67:07:4c:d7:b8:5b:3f:f1:c8:97:9b:9b:e4:8b:4b:ce:d0:21:
e7:24:26:c2:e2:b5:3d:8a:7f:50:f3:19:b7:cb:bf:6d:c7:56:
98:1c:06:91:d8:f1:48:1a:02:86:05:0a:6b:1a:f8:0c:94:fb:
7e:32:a3:df:3d:a0:20:57:72:19:e8:76:a4:58:aa:cc:01:a1:
a0:90:d8:04
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYJKjhtyQoIivL7GfVBRFa5KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhMmExNTdmMDA1MTVmOTViNmRmNWRjMGQ1MmViMWI1ZDQz
ZmRlNWMwHhcNMjIwNzI5MTUyMzIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDQ5ZmM5ZDNkOWIwMDAwMjMxNWJkZGRkZDdmYmQ1ZDczYjYyODFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7P/seUQfB7wiT0Ygt1tW79E5rd+Z
Uj38TzVgswHCDzAmbeuvUq96JCyvbyYxtGqS9OMx4kkEvJ13H9wGqm+w+UmaBtg+
O3uG+PsvLfjU/pxFDPwVYzlr2btrTV9IngBxAS5KGNPLRPlL9DrjlfziicEgmUEz
j77phslv0deEH8PtHu5fGoLq2Nxv6o39LLqXmYI3/bpvO/IU1eXHBTaeF2fxZ8Cf
ef+wsgRyi/hpbohIFBmLgM5lHqWrtplerkPwz4gxtjU+0EQipKqHEmWYaWR9o5NI
7T824v8oXmVwzXNIHBpAqv0fkW1n2qCAzVEZazjFdISlhk+0ndJ2gB26MQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFL1J/J09mwAAIxW93d1/vV1ztigeMB8GA1UdIwQY
MBaAFAoqFX8AUV+Vtt9dwNUusbXUP95cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2lvVmZ3QlJYNVcyMzEzQTFTNnh0ZFFfM2x3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS8zYTM5ZTktM2Q0MC00NmY4LWJiMGYt
NWJhNDNiMTE4Zjc1LzEvdlVuOG5UMmJBQUFqRmIzZDNYLTlYWE8yS0I0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS8zYTM5ZTktM2Q0MC00NmY4LWJiMGYtNWJhNDNiMTE4Zjc1
LzEvQ2lvVmZ3QlJYNVcyMzEzQTFTNnh0ZFFfM2x3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQCoMocAwQC
uXZIAwQCuXskAwQCuZpYAwQCubDIAwQAudMPMA0EAgACMAcDBQMqBpJAMA0GCSqG
SIb3DQEBCwUAA4IBAQBZXpZvpZShLtk3YSyJyTzAFJlyqFl965uY7pOUL2UFjm1o
sHc9nJDK9U6rE+GJ+23e1vczCFwhMAwPtnLGGRvCc++mCJsBZuMVnX5T4oQd1scn
KQ9CwGpM27fjRa+aPz6swvlWSeRFrBloP+wx346drTCLLDAFGJPcc3KWlQDqxVDw
OsvGlCb9dmcrW1ZSUk5ORL7iBLqB6nZLfvMM9dXulVIgBeuVhH7aze3aKYklipxv
iHRnB0zXuFs/8ciXm5vki0vO0CHnJCbC4rU9in9Q8xm3y79tx1aYHAaR2PFIGgKG
BQprGvgMlPt+MqPfPaAgV3IZ6HakWKrMAaGgkNgE
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:07 2023 by rpki-client on console.sobornost.net