Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/1-woUV_ymtvoyqt2_IOL783ETkiI.roa
File: 1-woUV_ymtvoyqt2_IOL783ETkiI.roa (raw, json)
Hash identifier: qxO363W7BPpEG+a/AnK/ZJkls1aL944Br1XL1q8eHGU=
Subject key identifier: FB:0A:14:57:FC:A6:B6:FA:32:AA:DD:BF:20:E2:FB:F3:71:13:92:22
Certificate issuer: /CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Certificate serial: 0999373C
Authority key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/1-woUV_ymtvoyqt2_IOL783ETkiI.roa
Signing time: Sat 01 Jan 2022 05:04:09 +0000
ROA not before: Sat 01 Jan 2022 05:04:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 199952
IP address blocks: 94.76.154.0/24 maxlen: 24
5.154.19.0/24 maxlen: 24
84.232.18.0/23 maxlen: 23
178.156.86.0/24 maxlen: 24
178.156.91.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 161036092 (0x999373c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Validity
Not Before: Jan 1 05:04:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fb0a1457fca6b6fa32aaddbf20e2fbf371139222
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:23:0d:6d:fa:61:5d:85:2b:41:80:fc:3f:64:
6c:3d:a2:13:30:d2:0f:68:31:2c:58:a1:ce:6f:2e:
e4:16:36:94:82:f6:b5:27:0a:d1:27:1e:67:7e:dd:
16:60:62:dd:83:c5:b1:a6:be:99:ce:9d:a7:8c:57:
8a:95:54:12:9f:3d:a7:cc:8c:16:d5:f4:f3:2a:42:
66:e6:31:6a:0c:00:bf:aa:7e:a8:42:00:d1:11:cb:
ef:04:50:a6:23:82:2c:f4:80:d5:c9:8f:e2:18:90:
03:df:8c:0d:ba:00:38:bc:2c:0a:16:53:9b:8d:ae:
da:17:f6:b2:98:d0:ef:a5:bd:02:31:c5:de:68:f1:
0b:e4:23:85:14:10:b1:3a:df:01:5f:60:63:89:b1:
bf:fc:d7:0e:b6:1a:05:be:71:b0:b4:53:43:e9:52:
ef:de:5e:bb:61:da:1c:3a:59:ff:83:ca:59:4e:54:
c8:ec:75:13:e6:07:55:57:ee:1d:7f:ab:b4:d8:e4:
3e:4d:31:19:b3:59:83:4b:3c:b1:c1:ab:1e:7a:67:
fd:7c:c2:02:ad:c8:e0:71:85:11:48:4f:ef:29:49:
c9:80:60:f8:7a:60:7a:49:e0:11:3d:43:c4:c1:b1:
25:c7:9f:06:4b:18:a1:78:39:24:5c:67:64:92:76:
a1:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:0A:14:57:FC:A6:B6:FA:32:AA:DD:BF:20:E2:FB:F3:71:13:92:22
X509v3 Authority Key Identifier:
keyid:DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/1-woUV_ymtvoyqt2_IOL783ETkiI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.154.19.0/24
84.232.18.0/23
94.76.154.0/24
178.156.86.0/24
178.156.91.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:5e:93:1b:a4:62:82:f2:84:10:10:2e:0c:60:42:42:0f:4f:
0b:80:da:db:e2:6f:d7:e5:d4:a8:7c:aa:db:2d:85:13:2f:d0:
5a:ea:2d:35:9a:67:36:8b:04:04:83:cb:ac:96:8c:35:37:08:
85:93:ac:10:79:23:d8:56:7e:a2:b7:4e:40:64:a5:8c:c2:5e:
2e:aa:f7:b9:90:af:e0:60:60:43:50:8f:3c:6c:c3:87:c6:fb:
22:fe:79:5d:c3:e5:1e:c2:8b:b0:52:ef:49:50:37:23:7b:2a:
56:18:84:e2:41:6d:ed:f0:04:f2:8e:72:b6:16:84:08:c8:3b:
7e:c7:09:88:34:a3:6d:ee:f0:73:18:25:e7:72:c9:b3:18:0d:
0a:05:4f:f7:bf:75:59:e7:0c:e7:ef:76:a4:ce:41:62:6e:c0:
1e:30:c4:7a:e0:fa:ae:ae:2f:8b:76:e5:c8:6f:1c:8e:f9:92:
2e:82:d6:0a:4e:f0:da:c8:39:16:31:6e:6f:11:85:55:2b:02:
4f:2c:5b:fa:bb:34:98:16:e6:be:b6:03:6b:2a:c7:eb:e1:99:
e3:5e:b3:af:a0:68:b3:46:3c:4d:cd:d7:a3:c6:a9:e3:be:2d:
82:16:48:8a:9c:a8:99:d1:79:1c:ee:82:60:c8:63:79:d0:ee:
5d:77:b8:9f
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgIECZk3PDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
YWFmMTdiMDAxNWRiYjdjZDk5MmYyNmNkZmYwMWM0ZTI2MjBiNzNlMB4XDTIyMDEw
MTA1MDQwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmIwYTE0NTdmY2E2
YjZmYTMyYWFkZGJmMjBlMmZiZjM3MTEzOTIyMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJgjDW36YV2FK0GA/D9kbD2iEzDSD2gxLFihzm8u5BY2lIL2
tScK0SceZ37dFmBi3YPFsaa+mc6dp4xXipVUEp89p8yMFtX08ypCZuYxagwAv6p+
qEIA0RHL7wRQpiOCLPSA1cmP4hiQA9+MDboAOLwsChZTm42u2hf2spjQ76W9AjHF
3mjxC+QjhRQQsTrfAV9gY4mxv/zXDrYaBb5xsLRTQ+lS795eu2HaHDpZ/4PKWU5U
yOx1E+YHVVfuHX+rtNjkPk0xGbNZg0s8scGrHnpn/XzCAq3I4HGFEUhP7ylJyYBg
+HpgekngET1DxMGxJcefBksYoXg5JFxnZJJ2oXUCAwEAAaOCAiIwggIeMB0GA1Ud
DgQWBBT7ChRX/Ka2+jKq3b8g4vvzcROSIjAfBgNVHSMEGDAWgBTarxewAV27fNmS
8mzf8BxOJiC3PjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzJxOFhzQUZkdTN6Wmt2SnMzX0FjVGlZZ3R6NC5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDUvYzg5NzNjLTNjZmEtNDYwNC04MTEwLWNmMDZkMTk4M2JhMS8x
LzEtd29VVl95bXR2b3lxdDJfSU9MNzgzRVRraUkucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzQ1
L2M4OTczYy0zY2ZhLTQ2MDQtODExMC1jZjA2ZDE5ODNiYTEvMS8ycThYc0FGZHUz
elprdkpzM19BY1RpWWd0ejQuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
NwYIKwYBBQUHAQcBAf8EKDAmMCQEAgABMB4DBAAFmhMDBAFU6BIDBABeTJoDBACy
nFYDBACynFswDQYJKoZIhvcNAQELBQADggEBAG5ekxukYoLyhBAQLgxgQkIPTwuA
2tvib9fl1Kh8qtsthRMv0FrqLTWaZzaLBASDy6yWjDU3CIWTrBB5I9hWfqK3TkBk
pYzCXi6q97mQr+BgYENQjzxsw4fG+yL+eV3D5R7Ci7BS70lQNyN7KlYYhOJBbe3w
BPKOcrYWhAjIO37HCYg0o23u8HMYJedyybMYDQoFT/e/dVnnDOfvdqTOQWJuwB4w
xHrg+q6uL4t25chvHI75ki6C1gpO8NrIORYxbm8RhVUrAk8sW/q7NJgW5r62A2sq
x+vhmeNes6+gaLNGPE3N16PGqeO+LYIWSIqcqJnReRzugmDIY3nQ7l13uJ8=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:07 2023 by rpki-client on console.sobornost.net