Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/3af48a-0616-4c32-bb40-4b9ae41b3d2f/1/AY4BCypAvHfOVOeQRLbWnXlZPYA.roa
File: AY4BCypAvHfOVOeQRLbWnXlZPYA.roa (raw, json)
Hash identifier: hJ5HwIlEJ+hh+U8sHTshy75mHZzhf3PB9OAYJcbByLs=
Subject key identifier: 01:8E:01:0B:2A:40:BC:77:CE:54:E7:90:44:B6:D6:9D:79:59:3D:80
Certificate issuer: /CN=779df1de43acca61eec034cea268b4654cc15cac
Certificate serial: 3238C2C3
Authority key identifier: 77:9D:F1:DE:43:AC:CA:61:EE:C0:34:CE:A2:68:B4:65:4C:C1:5C:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d53x3kOsymHuwDTOomi0ZUzBXKw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/3af48a-0616-4c32-bb40-4b9ae41b3d2f/1/AY4BCypAvHfOVOeQRLbWnXlZPYA.roa
Signing time: Sat 01 Jan 2022 10:53:30 +0000
ROA not before: Sat 01 Jan 2022 10:53:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57067
IP address blocks: 176.62.144.0/21 maxlen: 21
176.62.144.0/24 maxlen: 24
176.62.145.0/24 maxlen: 24
176.62.149.0/24 maxlen: 24
176.62.150.0/24 maxlen: 24
176.62.146.0/24 maxlen: 24
176.62.151.0/24 maxlen: 24
176.62.147.0/24 maxlen: 24
176.62.148.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 842580675 (0x3238c2c3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=779df1de43acca61eec034cea268b4654cc15cac
Validity
Not Before: Jan 1 10:53:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=018e010b2a40bc77ce54e79044b6d69d79593d80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:5f:e1:27:7a:42:3e:44:70:50:ff:0e:ac:fb:
a9:29:b5:5a:a9:b1:76:37:37:69:f0:17:3c:68:7c:
7d:28:6a:45:dd:c0:57:bf:c3:6c:e1:06:98:ea:cf:
5a:6a:f7:86:ff:32:f2:53:21:3f:a8:f3:ec:7a:f6:
2b:78:dd:44:4b:f6:21:9a:03:6e:34:10:0a:2f:fc:
15:bf:05:bd:2d:53:03:8e:b6:da:bb:bb:74:5e:50:
ca:c0:e4:68:0a:92:fe:36:e3:eb:4e:7a:77:6d:99:
90:51:68:7b:f8:cd:fb:2c:ae:62:f8:7e:ea:f2:1f:
ff:cd:ff:59:90:ec:c6:fd:29:7b:ef:64:b2:e3:4f:
2f:66:df:b7:b6:62:af:47:4f:63:21:c3:0a:7a:3b:
19:db:63:1e:ef:cd:8a:a3:6d:d6:04:d9:99:e8:fd:
b7:e4:a5:e5:4d:c7:5f:88:fa:d6:c5:92:56:63:d7:
e1:d4:35:65:d0:24:cc:cd:28:a8:9c:6e:a9:3e:67:
af:77:52:ec:13:4d:8e:fc:0c:78:06:2d:ac:a2:41:
f1:86:59:c7:1b:6f:c5:52:12:c9:e2:ca:38:64:e9:
94:9e:2d:49:f4:1a:68:0c:64:66:78:e2:8a:e7:71:
02:21:25:0b:4e:92:1a:be:4f:86:14:f7:ca:7c:a1:
0b:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:8E:01:0B:2A:40:BC:77:CE:54:E7:90:44:B6:D6:9D:79:59:3D:80
X509v3 Authority Key Identifier:
keyid:77:9D:F1:DE:43:AC:CA:61:EE:C0:34:CE:A2:68:B4:65:4C:C1:5C:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d53x3kOsymHuwDTOomi0ZUzBXKw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/3af48a-0616-4c32-bb40-4b9ae41b3d2f/1/AY4BCypAvHfOVOeQRLbWnXlZPYA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/3af48a-0616-4c32-bb40-4b9ae41b3d2f/1/d53x3kOsymHuwDTOomi0ZUzBXKw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.62.144.0/21
Signature Algorithm: sha256WithRSAEncryption
7a:7b:a1:37:03:a5:62:92:f3:cc:24:0c:bd:21:9e:dd:9e:5b:
42:d0:39:c5:01:54:1a:a8:27:fd:4c:b5:95:4f:d8:88:a7:45:
bb:3e:47:91:f0:f2:34:76:66:05:9a:98:1d:8a:84:76:9d:6a:
89:d1:b5:2a:7e:78:cb:16:12:14:d8:be:2c:8a:14:01:21:e3:
6c:22:46:74:7f:06:7e:b4:1a:50:8a:b8:be:dc:11:f5:c8:16:
b4:09:e9:05:4e:23:4d:3a:4c:04:07:55:76:b0:08:0d:30:40:
6d:95:a8:3e:e8:8b:7f:4a:76:ba:8f:3b:30:de:a7:6e:e3:3a:
b8:73:85:e8:91:39:59:48:c6:35:82:3b:7e:b9:d7:c1:76:0d:
7f:7c:ed:87:28:9a:92:42:78:e5:06:87:a2:a9:e6:26:a9:a0:
97:ba:aa:44:77:97:10:c1:16:25:fa:15:6d:8b:f4:c7:54:a3:
d5:4d:ab:e6:2b:95:31:d7:15:fc:fe:86:af:e8:9a:c3:5d:82:
1f:7e:69:8d:a2:ea:7a:1a:03:51:b6:9d:0b:5d:4f:88:8f:f5:
3a:28:66:9a:10:eb:f8:5c:a3:cd:69:64:12:aa:29:89:4f:a9:
14:4c:65:18:20:a8:10:25:88:85:b4:8e:84:2a:92:6f:c1:2d:
3c:62:4e:a5
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEMjjCwzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NzlkZjFkZTQzYWNjYTYxZWVjMDM0Y2VhMjY4YjQ2NTRjYzE1Y2FjMB4XDTIyMDEw
MTEwNTMzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDE4ZTAxMGIyYTQw
YmM3N2NlNTRlNzkwNDRiNmQ2OWQ3OTU5M2Q4MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJRf4Sd6Qj5EcFD/Dqz7qSm1Wqmxdjc3afAXPGh8fShqRd3A
V7/DbOEGmOrPWmr3hv8y8lMhP6jz7Hr2K3jdREv2IZoDbjQQCi/8Fb8FvS1TA462
2ru7dF5QysDkaAqS/jbj6056d22ZkFFoe/jN+yyuYvh+6vIf/83/WZDsxv0pe+9k
suNPL2bft7Zir0dPYyHDCno7GdtjHu/NiqNt1gTZmej9t+Sl5U3HX4j61sWSVmPX
4dQ1ZdAkzM0oqJxuqT5nr3dS7BNNjvwMeAYtrKJB8YZZxxtvxVISyeLKOGTplJ4t
SfQaaAxkZnjiiudxAiElC06SGr5PhhT3ynyhC8UCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQBjgELKkC8d85U55BEttadeVk9gDAfBgNVHSMEGDAWgBR3nfHeQ6zKYe7A
NM6iaLRlTMFcrDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2Q1M3gza09zeW1IdXdEVE9vbWkwWlV6QlhLdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDUvM2FmNDhhLTA2MTYtNGMzMi1iYjQwLTRiOWFlNDFiM2QyZi8x
L0FZNEJDeXBBdkhmT1ZPZVFSTGJXblhsWlBZQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDUv
M2FmNDhhLTA2MTYtNGMzMi1iYjQwLTRiOWFlNDFiM2QyZi8xL2Q1M3gza09zeW1I
dXdEVE9vbWkwWlV6QlhLdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA7A+kDANBgkqhkiG9w0BAQsFAAOC
AQEAenuhNwOlYpLzzCQMvSGe3Z5bQtA5xQFUGqgn/Uy1lU/YiKdFuz5HkfDyNHZm
BZqYHYqEdp1qidG1Kn54yxYSFNi+LIoUASHjbCJGdH8GfrQaUIq4vtwR9cgWtAnp
BU4jTTpMBAdVdrAIDTBAbZWoPuiLf0p2uo87MN6nbuM6uHOF6JE5WUjGNYI7frnX
wXYNf3zthyiakkJ45QaHoqnmJqmgl7qqRHeXEMEWJfoVbYv0x1Sj1U2r5iuVMdcV
/P6Gr+iaw12CH35pjaLqehoDUbadC11PiI/1OihmmhDr+FyjzWlkEqopiU+pFExl
GCCoECWIhbSOhCqSb8EtPGJOpQ==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:01 2023 by rpki-client on console.sobornost.net