Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/768aa2-0b44-4cf4-b984-924cdf276d8d/1/MryR6koZylK0K_FMpDGDRTUt3Aw.roa
File: MryR6koZylK0K_FMpDGDRTUt3Aw.roa (raw, json)
Hash identifier: VYAg/apAnvhlAbcRj9ru925D2mFv1cvqhRcDxXFh/TY=
Subject key identifier: 32:BC:91:EA:4A:19:CA:52:B4:2B:F1:4C:A4:31:83:45:35:2D:DC:0C
Certificate issuer: /CN=90a065eef40dc016a1be7f28d6e66ca7a87e7fe5
Certificate serial: 091780A3
Authority key identifier: 90:A0:65:EE:F4:0D:C0:16:A1:BE:7F:28:D6:E6:6C:A7:A8:7E:7F:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kKBl7vQNwBahvn8o1uZsp6h-f-U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/768aa2-0b44-4cf4-b984-924cdf276d8d/1/MryR6koZylK0K_FMpDGDRTUt3Aw.roa
Signing time: Sat 01 Jan 2022 08:53:11 +0000
ROA not before: Sat 01 Jan 2022 08:53:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60157
IP address blocks: 185.54.171.0/24 maxlen: 24
185.54.168.0/24 maxlen: 24
185.54.168.0/22 maxlen: 22
185.54.168.0/23 maxlen: 23
185.54.170.0/24 maxlen: 24
185.54.169.0/24 maxlen: 24
2a02:4560::/32 maxlen: 32
2a02:4560::/48 maxlen: 48
2a02:4560:3::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 152535203 (0x91780a3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90a065eef40dc016a1be7f28d6e66ca7a87e7fe5
Validity
Not Before: Jan 1 08:53:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=32bc91ea4a19ca52b42bf14ca4318345352ddc0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:56:4e:24:c3:be:25:7e:37:61:9e:1a:21:a4:
34:0b:14:a4:50:8e:42:3d:eb:ef:de:c2:d6:2a:72:
20:eb:12:4b:3f:94:61:d0:27:eb:46:46:84:b9:53:
b4:fc:8d:2c:7f:af:27:d2:23:b3:e9:5b:ac:bf:bc:
5d:81:28:e1:9b:fe:64:f2:f6:e7:c1:96:f7:89:00:
d4:a1:ea:66:a2:1d:6b:31:45:34:57:c4:f2:20:77:
bc:62:fa:9c:c2:7e:4d:57:a0:df:51:33:53:31:d8:
66:ba:d8:44:ad:24:4d:39:4c:e7:86:5d:e8:45:a6:
28:66:76:9c:89:44:76:f1:c4:41:d9:86:d2:97:41:
c2:e0:0f:c2:e4:f1:33:f0:8f:ed:14:f7:4e:75:15:
43:0c:84:68:b4:24:8a:6f:af:28:ef:c2:99:d2:7b:
8b:a3:78:40:68:38:93:57:b6:71:c9:f1:1a:ea:6f:
ae:a8:3f:0f:84:ec:32:9c:18:c3:f8:e5:bd:19:04:
96:c1:c1:44:8b:a8:e6:f5:7b:55:fd:b0:20:9e:5f:
54:0e:a3:d6:0d:96:cb:47:58:f1:26:c5:0a:f4:40:
3c:bb:a1:12:19:61:3a:d9:a9:de:57:35:7d:ab:0e:
46:77:fd:54:a1:8f:bb:2a:77:5b:9e:1f:c4:da:98:
ec:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:BC:91:EA:4A:19:CA:52:B4:2B:F1:4C:A4:31:83:45:35:2D:DC:0C
X509v3 Authority Key Identifier:
keyid:90:A0:65:EE:F4:0D:C0:16:A1:BE:7F:28:D6:E6:6C:A7:A8:7E:7F:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kKBl7vQNwBahvn8o1uZsp6h-f-U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/768aa2-0b44-4cf4-b984-924cdf276d8d/1/MryR6koZylK0K_FMpDGDRTUt3Aw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/768aa2-0b44-4cf4-b984-924cdf276d8d/1/kKBl7vQNwBahvn8o1uZsp6h-f-U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.54.168.0/22
IPv6:
2a02:4560::/32
Signature Algorithm: sha256WithRSAEncryption
9b:02:02:30:86:a9:2f:ad:8f:b8:97:f4:85:b4:47:83:25:bd:
a7:92:60:e9:cd:e7:0d:7c:db:da:34:1b:de:8b:69:ed:02:af:
91:53:f2:8e:0d:d1:4d:7e:f8:d0:28:10:af:d8:32:e9:1b:c3:
c3:ab:13:17:99:7b:88:bd:58:39:0c:81:e2:77:a1:bc:57:5b:
22:fa:80:b4:11:81:df:bb:20:cb:8b:64:3c:39:37:f0:61:de:
e3:42:82:87:c0:1d:34:f7:d8:14:08:5a:bf:96:24:41:81:b9:
94:df:65:38:ee:90:65:6c:fc:fd:0e:56:d7:1c:92:b4:28:b9:
94:b6:30:e9:7a:fa:35:e3:35:25:8f:ea:75:9d:4a:96:ad:4f:
2b:38:9b:6f:52:e8:26:e7:0b:e5:9c:fc:e7:a4:c5:68:b5:03:
7d:c1:86:74:57:a0:da:13:a4:d0:88:f7:a8:3e:90:d3:74:84:
f6:d7:78:58:f9:24:94:4f:d5:f6:7d:02:d0:27:22:06:2b:2e:
b7:f4:0d:b8:58:c5:02:cf:1c:9e:57:32:f5:7a:ed:3a:1d:66:
e5:7a:20:38:02:38:83:02:82:b1:35:2f:84:f8:d0:ab:08:39:
3e:d2:6a:83:27:15:8b:8e:c8:a4:81:47:17:da:8b:3a:1e:31:
b0:e3:ec:5d
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIECReAozANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MGEwNjVlZWY0MGRjMDE2YTFiZTdmMjhkNmU2NmNhN2E4N2U3ZmU1MB4XDTIyMDEw
MTA4NTMxMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzJiYzkxZWE0YTE5
Y2E1MmI0MmJmMTRjYTQzMTgzNDUzNTJkZGMwYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJpWTiTDviV+N2GeGiGkNAsUpFCOQj3r797C1ipyIOsSSz+U
YdAn60ZGhLlTtPyNLH+vJ9Ijs+lbrL+8XYEo4Zv+ZPL258GW94kA1KHqZqIdazFF
NFfE8iB3vGL6nMJ+TVeg31EzUzHYZrrYRK0kTTlM54Zd6EWmKGZ2nIlEdvHEQdmG
0pdBwuAPwuTxM/CP7RT3TnUVQwyEaLQkim+vKO/CmdJ7i6N4QGg4k1e2ccnxGupv
rqg/D4TsMpwYw/jlvRkElsHBRIuo5vV7Vf2wIJ5fVA6j1g2Wy0dY8SbFCvRAPLuh
EhlhOtmp3lc1fasORnf9VKGPuyp3W54fxNqY7DkCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBQyvJHqShnKUrQr8UykMYNFNS3cDDAfBgNVHSMEGDAWgBSQoGXu9A3AFqG+
fyjW5mynqH5/5TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2tLQmw3dlFOd0JhaHZuOG8xdVpzcDZoLWYtVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDUvNzY4YWEyLTBiNDQtNGNmNC1iOTg0LTkyNGNkZjI3NmQ4ZC8x
L01yeVI2a29aeWxLMEtfRk1wREdEUlRVdDNBdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDUv
NzY4YWEyLTBiNDQtNGNmNC1iOTg0LTkyNGNkZjI3NmQ4ZC8xL2tLQmw3dlFOd0Jh
aHZuOG8xdVpzcDZoLWYtVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArk2qDANBAIAAjAHAwUAKgJFYDAN
BgkqhkiG9w0BAQsFAAOCAQEAmwICMIapL62PuJf0hbRHgyW9p5Jg6c3nDXzb2jQb
3otp7QKvkVPyjg3RTX740CgQr9gy6RvDw6sTF5l7iL1YOQyB4nehvFdbIvqAtBGB
37sgy4tkPDk38GHe40KCh8AdNPfYFAhav5YkQYG5lN9lOO6QZWz8/Q5W1xyStCi5
lLYw6Xr6NeM1JY/qdZ1Klq1PKzibb1LoJucL5Zz856TFaLUDfcGGdFeg2hOk0Ij3
qD6Q03SE9td4WPkklE/V9n0C0CciBisut/QNuFjFAs8cnlcy9XrtOh1m5XogOAI4
gwKCsTUvhPjQqwg5PtJqgycVi47IpIFHF9qLOh4xsOPsXQ==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:02 2023 by rpki-client on console.sobornost.net