Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/8b906b-9c1d-45d9-86ba-c7fe62227df3/1/hdCDU3iN36U_DfGV_CMXbRyCzLs.roa
File: hdCDU3iN36U_DfGV_CMXbRyCzLs.roa (raw, json)
Hash identifier: rWXNs0cFSTpZRO/kr+pLx02iOqN9C7Xpf9CA9DU14Uw=
Subject key identifier: 85:D0:83:53:78:8D:DF:A5:3F:0D:F1:95:FC:23:17:6D:1C:82:CC:BB
Certificate issuer: /CN=985ae6c59c35e460387daebcfb866f8a1ebb3686
Certificate serial: 01843D0B1FCCC2CC850FB8A0FF6EF17C7738
Authority key identifier: 98:5A:E6:C5:9C:35:E4:60:38:7D:AE:BC:FB:86:6F:8A:1E:BB:36:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mFrmxZw15GA4fa68-4Zvih67NoY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/8b906b-9c1d-45d9-86ba-c7fe62227df3/1/hdCDU3iN36U_DfGV_CMXbRyCzLs.roa
Signing time: Thu 03 Nov 2022 10:30:49 +0000
ROA not before: Thu 03 Nov 2022 10:30:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50818
IP address blocks: 185.9.21.0/24 maxlen: 24
82.196.16.0/22 maxlen: 24
82.196.20.0/24 maxlen: 24
82.196.20.0/22 maxlen: 22
185.20.42.0/24 maxlen: 24
2a03:42c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:3d:0b:1f:cc:c2:cc:85:0f:b8:a0:ff:6e:f1:7c:77:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=985ae6c59c35e460387daebcfb866f8a1ebb3686
Validity
Not Before: Nov 3 10:30:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=85d08353788ddfa53f0df195fc23176d1c82ccbb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:58:50:ae:6f:8d:08:5f:68:59:db:87:de:06:
c5:e1:ef:4a:e3:25:c0:9e:59:82:c6:2f:cc:86:5d:
28:9d:51:75:46:90:c3:e2:30:89:3a:ee:44:87:79:
8e:f7:2b:52:da:72:00:0f:19:c0:53:24:c2:53:fc:
06:e0:bd:5f:d7:03:3a:6c:3b:2c:b6:a0:f0:94:57:
2a:98:ce:08:8f:52:cb:f2:11:b8:ab:1a:2d:0d:3f:
48:44:07:0f:3a:83:57:d5:08:08:c9:fd:4c:08:48:
34:f8:83:47:4c:8b:dc:12:78:b1:25:86:2f:25:26:
ed:75:8e:82:63:a6:13:eb:d3:7e:9d:aa:ab:d4:13:
90:13:72:81:fd:50:db:de:49:39:bd:11:fd:10:c0:
82:72:f3:5f:a0:d5:60:bf:e2:2f:26:b4:ed:fc:c9:
5f:ac:59:a2:6e:87:fb:2f:d4:f7:df:24:b3:0c:5f:
fe:d7:96:32:cb:70:8e:7b:72:e8:7c:c7:75:b9:b9:
1f:57:1c:0e:64:40:c7:c6:5f:ca:85:b4:6d:6f:31:
d3:03:39:11:38:4d:91:08:c9:a3:6d:b9:ec:e1:2c:
48:8e:48:2b:30:b8:e4:40:de:c2:9b:a5:3c:2c:5f:
0e:68:4c:5c:77:ac:8e:72:3f:7b:32:8e:97:49:7a:
a5:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:D0:83:53:78:8D:DF:A5:3F:0D:F1:95:FC:23:17:6D:1C:82:CC:BB
X509v3 Authority Key Identifier:
keyid:98:5A:E6:C5:9C:35:E4:60:38:7D:AE:BC:FB:86:6F:8A:1E:BB:36:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mFrmxZw15GA4fa68-4Zvih67NoY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/8b906b-9c1d-45d9-86ba-c7fe62227df3/1/hdCDU3iN36U_DfGV_CMXbRyCzLs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/8b906b-9c1d-45d9-86ba-c7fe62227df3/1/mFrmxZw15GA4fa68-4Zvih67NoY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.196.16.0/21
185.9.21.0/24
185.20.42.0/24
IPv6:
2a03:42c0::/32
Signature Algorithm: sha256WithRSAEncryption
ab:91:96:bc:0d:cd:d7:2e:62:99:f1:1c:3e:6e:22:c9:8f:99:
7a:7e:b3:66:fd:40:c1:a1:30:2f:a4:07:73:0a:f9:d1:7a:2f:
60:9c:f2:28:07:be:46:20:08:58:71:31:c3:51:36:7e:7b:3c:
46:84:24:3c:22:2a:49:34:dd:49:44:57:e3:45:2c:14:0b:4f:
fd:f1:74:c9:5d:43:07:db:27:5b:7a:59:6c:4a:37:26:83:33:
1a:d4:6e:ec:7c:4d:c3:ce:de:e7:ed:20:5f:ed:99:b4:bb:9e:
59:db:fd:ec:87:d8:03:90:09:44:50:84:3d:df:d4:0c:42:8c:
68:f1:90:0c:f1:b1:89:76:b0:43:cd:15:c0:6d:81:e3:44:92:
96:63:9a:53:3e:bb:64:e3:e7:67:fd:34:57:7f:35:77:fd:dc:
f3:a1:03:d5:ad:da:b9:49:84:47:17:05:31:bb:e2:dd:17:03:
08:3c:4d:3b:ea:58:5f:47:4f:b3:a8:fb:d6:1c:7e:55:aa:e2:
c4:1f:06:4f:bc:76:e0:5b:87:47:2b:95:22:03:90:14:9f:4f:
7e:e8:8d:10:32:fa:83:0a:07:7a:19:cf:71:8e:0b:a6:f5:fc:
fc:46:a3:1f:43:c3:2b:a0:d3:19:3a:cf:6f:3c:42:ea:db:46:
e4:ad:fd:b8
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYQ9Cx/MwsyFD7ig/27xfHc4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4NWFlNmM1OWMzNWU0NjAzODdkYWViY2ZiODY2ZjhhMWVi
YjM2ODYwHhcNMjIxMTAzMTAzMDQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWQwODM1Mzc4OGRkZmE1M2YwZGYxOTVmYzIzMTc2ZDFjODJjY2JiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArlhQrm+NCF9oWduH3gbF4e9K4yXA
nlmCxi/Mhl0onVF1RpDD4jCJOu5Eh3mO9ytS2nIADxnAUyTCU/wG4L1f1wM6bDss
tqDwlFcqmM4Ij1LL8hG4qxotDT9IRAcPOoNX1QgIyf1MCEg0+INHTIvcEnixJYYv
JSbtdY6CY6YT69N+naqr1BOQE3KB/VDb3kk5vRH9EMCCcvNfoNVgv+IvJrTt/Mlf
rFmibof7L9T33ySzDF/+15Yyy3COe3LofMd1ubkfVxwOZEDHxl/KhbRtbzHTAzkR
OE2RCMmjbbns4SxIjkgrMLjkQN7Cm6U8LF8OaExcd6yOcj97Mo6XSXqlpQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFIXQg1N4jd+lPw3xlfwjF20cgsy7MB8GA1UdIwQY
MBaAFJha5sWcNeRgOH2uvPuGb4oeuzaGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUZybXhadzE1R0E0ZmE2OC00WnZpaDY3Tm9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS84YjkwNmItOWMxZC00NWQ5LTg2YmEt
YzdmZTYyMjI3ZGYzLzEvaGRDRFUzaU4zNlVfRGZHVl9DTVhiUnlDekxzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS84YjkwNmItOWMxZC00NWQ5LTg2YmEtYzdmZTYyMjI3ZGYz
LzEvbUZybXhadzE1R0E0ZmE2OC00WnZpaDY3Tm9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDUsQQAwQA
uQkVAwQAuRQqMA0EAgACMAcDBQAqA0LAMA0GCSqGSIb3DQEBCwUAA4IBAQCrkZa8
Dc3XLmKZ8Rw+biLJj5l6frNm/UDBoTAvpAdzCvnRei9gnPIoB75GIAhYcTHDUTZ+
ezxGhCQ8IipJNN1JRFfjRSwUC0/98XTJXUMH2ydbellsSjcmgzMa1G7sfE3Dzt7n
7SBf7Zm0u55Z2/3sh9gDkAlEUIQ939QMQoxo8ZAM8bGJdrBDzRXAbYHjRJKWY5pT
Prtk4+dn/TRXfzV3/dzzoQPVrdq5SYRHFwUxu+LdFwMIPE076lhfR0+zqPvWHH5V
quLEHwZPvHbgW4dHK5UiA5AUn09+6I0QMvqDCgd6Gc9xjgum9fz8RqMfQ8MroNMZ
Os9vPELq20bkrf24
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:24 2023 by rpki-client on console.sobornost.net