Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/f40387-2d84-4062-bec6-da513cc69839/1/_CTh6-DubnJYNvUU4bJJ_UFrDuU.roa
File: _CTh6-DubnJYNvUU4bJJ_UFrDuU.roa (raw, json)
Hash identifier: lCX1qxV3CZvN7hjz3KenFR6uU7FO5l3WbfYJUL7eTwc=
Subject key identifier: FC:24:E1:EB:E0:EE:6E:72:58:36:F5:14:E1:B2:49:FD:41:6B:0E:E5
Certificate issuer: /CN=a2e3c4ec7b36112fce521f5bef2873c7b4cc88d1
Certificate serial: 02FC169B
Authority key identifier: A2:E3:C4:EC:7B:36:11:2F:CE:52:1F:5B:EF:28:73:C7:B4:CC:88:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ouPE7Hs2ES_OUh9b7yhzx7TMiNE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/f40387-2d84-4062-bec6-da513cc69839/1/_CTh6-DubnJYNvUU4bJJ_UFrDuU.roa
Signing time: Sat 01 Jan 2022 11:55:51 +0000
ROA not before: Sat 01 Jan 2022 11:55:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200750
IP address blocks: 194.180.108.0/23 maxlen: 23
91.227.63.0/24 maxlen: 24
91.227.64.0/22 maxlen: 22
194.180.170.0/23 maxlen: 23
2a0f:4640::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 50075291 (0x2fc169b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a2e3c4ec7b36112fce521f5bef2873c7b4cc88d1
Validity
Not Before: Jan 1 11:55:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fc24e1ebe0ee6e725836f514e1b249fd416b0ee5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:58:81:ae:62:2d:bd:a4:4c:8f:d5:cd:42:69:
d2:a6:8d:b8:e8:46:db:f1:38:aa:3a:88:97:ab:5c:
5c:07:5c:a9:5b:91:77:f7:03:a5:e7:19:16:b6:76:
2a:d4:a0:a9:46:9d:89:58:ca:04:12:1b:5c:fb:fc:
5d:ac:13:d4:75:fa:04:2f:44:6d:78:28:fb:dd:d6:
e6:a2:e1:65:49:02:62:8b:c3:dd:a3:d7:16:b5:0e:
f9:e6:46:b2:be:a4:56:26:fc:d1:b9:4a:a1:99:46:
42:83:ea:81:a8:a5:c3:fb:4c:e1:b7:36:95:f0:c5:
fe:16:e0:de:39:6c:0b:92:32:90:e9:3d:ed:76:63:
c1:9e:84:91:c9:7a:76:22:6b:26:1d:e2:1d:44:73:
c9:9c:0e:ef:11:69:b1:ef:80:09:fe:0b:ee:1f:42:
45:c7:66:fb:8e:3c:07:25:72:69:f6:39:75:b0:1c:
f1:03:84:da:f1:43:e4:0f:db:74:e3:ee:05:65:7c:
bb:eb:78:5d:2b:2f:78:14:75:38:05:04:ae:c8:1f:
e3:ec:55:3a:64:e1:b5:4c:f0:12:ff:76:7a:6d:3f:
9e:56:3d:d5:f6:b0:ad:0f:38:49:40:b3:31:75:80:
2a:73:27:9b:9c:ea:fe:9c:17:64:70:db:ba:e1:5b:
ae:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:24:E1:EB:E0:EE:6E:72:58:36:F5:14:E1:B2:49:FD:41:6B:0E:E5
X509v3 Authority Key Identifier:
keyid:A2:E3:C4:EC:7B:36:11:2F:CE:52:1F:5B:EF:28:73:C7:B4:CC:88:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ouPE7Hs2ES_OUh9b7yhzx7TMiNE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/f40387-2d84-4062-bec6-da513cc69839/1/_CTh6-DubnJYNvUU4bJJ_UFrDuU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/f40387-2d84-4062-bec6-da513cc69839/1/ouPE7Hs2ES_OUh9b7yhzx7TMiNE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.227.63.0-91.227.67.255
194.180.108.0/23
194.180.170.0/23
IPv6:
2a0f:4640::/29
Signature Algorithm: sha256WithRSAEncryption
6c:85:df:46:e4:9e:79:b3:41:38:82:ed:d4:f5:4e:ec:84:80:
f6:cb:08:46:20:35:69:91:50:46:e5:33:c9:00:5e:28:d0:a9:
6b:72:ab:4b:5f:87:ef:1f:0f:e0:69:05:2e:c8:89:1e:3e:5b:
3d:39:6e:e6:52:87:4d:9e:fc:3d:f1:af:a7:77:4c:da:f2:fa:
a6:76:3d:89:bc:5e:86:15:45:f0:80:07:ab:56:3f:ad:7b:c4:
c1:68:d5:94:a9:4d:75:ef:05:b4:3c:5c:d5:6b:33:43:e2:01:
5e:d4:23:39:93:1d:05:eb:6d:4c:d9:fd:d1:59:2f:af:d0:68:
6a:22:06:54:11:b2:aa:07:87:90:62:23:d4:8a:0b:28:7f:3c:
b6:8d:05:39:00:aa:8b:98:22:8b:4b:5f:c8:e6:2b:9f:77:98:
20:bc:01:18:0f:87:bd:03:54:14:6d:c4:f6:eb:46:92:11:c4:
8b:50:99:3e:7e:26:43:54:02:4a:4e:ce:d8:3b:f6:32:55:40:
74:c9:3a:68:1d:9b:39:75:f3:37:30:07:5c:db:2b:33:eb:a4:
8a:9e:ca:1f:b9:f0:18:e4:d2:4f:26:ad:24:42:33:4c:df:2c:
cb:82:30:9f:9d:bc:09:df:e3:c1:bd:ef:49:c1:a8:2b:78:24:
bc:51:aa:43
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIEAvwWmzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
MmUzYzRlYzdiMzYxMTJmY2U1MjFmNWJlZjI4NzNjN2I0Y2M4OGQxMB4XDTIyMDEw
MTExNTU1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmMyNGUxZWJlMGVl
NmU3MjU4MzZmNTE0ZTFiMjQ5ZmQ0MTZiMGVlNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMhYga5iLb2kTI/VzUJp0qaNuOhG2/E4qjqIl6tcXAdcqVuR
d/cDpecZFrZ2KtSgqUadiVjKBBIbXPv8XawT1HX6BC9EbXgo+93W5qLhZUkCYovD
3aPXFrUO+eZGsr6kVib80blKoZlGQoPqgailw/tM4bc2lfDF/hbg3jlsC5IykOk9
7XZjwZ6Ekcl6diJrJh3iHURzyZwO7xFpse+ACf4L7h9CRcdm+448ByVyafY5dbAc
8QOE2vFD5A/bdOPuBWV8u+t4XSsveBR1OAUErsgf4+xVOmThtUzwEv92em0/nlY9
1fawrQ84SUCzMXWAKnMnm5zq/pwXZHDbuuFbrh8CAwEAAaOCAiwwggIoMB0GA1Ud
DgQWBBT8JOHr4O5uclg29RThskn9QWsO5TAfBgNVHSMEGDAWgBSi48TsezYRL85S
H1vvKHPHtMyI0TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L291UEU3SHMyRVNfT1VoOWI3eWh6eDdUTWlORS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDEvZjQwMzg3LTJkODQtNDA2Mi1iZWM2LWRhNTEzY2M2OTgzOS8x
L19DVGg2LUR1Ym5KWU52VVU0YkpKX1VGckR1VS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDEv
ZjQwMzg3LTJkODQtNDA2Mi1iZWM2LWRhNTEzY2M2OTgzOS8xL291UEU3SHMyRVNf
T1VoOWI3eWh6eDdUTWlORS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBC
BggrBgEFBQcBBwEB/wQzMDEwIAQCAAEwGjAMAwQAW+M/AwQCW+NAAwQBwrRsAwQB
wrSqMA0EAgACMAcDBQMqD0ZAMA0GCSqGSIb3DQEBCwUAA4IBAQBshd9G5J55s0E4
gu3U9U7shID2ywhGIDVpkVBG5TPJAF4o0KlrcqtLX4fvHw/gaQUuyIkePls9OW7m
UodNnvw98a+nd0za8vqmdj2JvF6GFUXwgAerVj+te8TBaNWUqU117wW0PFzVazND
4gFe1CM5kx0F621M2f3RWS+v0GhqIgZUEbKqB4eQYiPUigsofzy2jQU5AKqLmCKL
S1/I5iufd5ggvAEYD4e9A1QUbcT260aSEcSLUJk+fiZDVAJKTs7YO/YyVUB0yTpo
HZs5dfM3MAdc2ysz66SKnsofufAY5NJPJq0kQjNM3yzLgjCfnbwJ3+PBve9Jwagr
eCS8UapD
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:25 2023 by rpki-client on console.sobornost.net