Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/fb7864-5795-4208-abe0-08542454d16b/1/pW0-HRhUAYaj_oTyssVgYS9wSdg.roa
File: pW0-HRhUAYaj_oTyssVgYS9wSdg.roa (raw, json)
Hash identifier: SRHSQ/u8mwW2DkanjakvcIbcUn7JHCukF8B+4gWXxaA=
Subject key identifier: A5:6D:3E:1D:18:54:01:86:A3:FE:84:F2:B2:C5:60:61:2F:70:49:D8
Certificate issuer: /CN=9e505f2e67a1e604b3f963ce4c367d1958bd4b78
Certificate serial: 084FE6EF
Authority key identifier: 9E:50:5F:2E:67:A1:E6:04:B3:F9:63:CE:4C:36:7D:19:58:BD:4B:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nlBfLmeh5gSz-WPOTDZ9GVi9S3g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/fb7864-5795-4208-abe0-08542454d16b/1/pW0-HRhUAYaj_oTyssVgYS9wSdg.roa
Signing time: Sat 01 Jan 2022 16:05:12 +0000
ROA not before: Sat 01 Jan 2022 16:05:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50030
IP address blocks: 193.111.212.0/22 maxlen: 24
2001:678:9b0::/48 maxlen: 48
2001:678:9c0::/48 maxlen: 48
2001:67c:2878::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 139454191 (0x84fe6ef)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e505f2e67a1e604b3f963ce4c367d1958bd4b78
Validity
Not Before: Jan 1 16:05:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a56d3e1d18540186a3fe84f2b2c560612f7049d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:ec:02:58:03:de:78:b2:ba:f2:8c:68:a8:67:
98:14:fb:6b:17:7f:9c:5f:c3:37:23:d5:79:df:4b:
d8:e5:43:a3:ed:79:74:4b:5e:90:1e:e4:ae:e6:66:
2f:08:da:c5:b5:9e:2e:1a:b6:2e:da:7c:86:ed:fc:
a2:06:a0:e5:43:a4:27:53:15:e3:34:07:65:bf:ce:
59:29:c2:7e:a9:46:fe:5a:92:13:95:01:9c:1f:5d:
d5:44:64:04:3e:d3:47:01:f0:bb:7b:02:fc:ed:80:
ea:55:eb:70:54:08:24:7b:f0:27:8f:ce:b2:ce:2a:
f1:0c:08:92:89:69:5e:84:95:a9:04:61:ef:0d:21:
38:df:9e:2a:75:35:70:5b:b1:cc:bb:92:d9:4f:8d:
97:b6:95:d5:68:56:c0:46:ab:fe:2b:54:3f:77:72:
35:a4:f0:c5:a6:33:dc:d4:49:34:a0:69:77:81:6b:
0d:d0:e0:49:7a:53:f2:23:19:d0:c5:d1:37:33:b5:
1f:cc:15:0f:61:50:9c:76:4c:be:0e:cb:b5:e8:a0:
fb:15:d0:4b:ec:36:9b:71:68:76:8b:72:8c:04:bd:
0c:94:78:d0:91:53:cd:d1:ad:db:38:e1:89:7a:58:
09:63:18:f2:6d:c8:3b:ad:a2:40:5c:7b:50:5b:93:
63:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:6D:3E:1D:18:54:01:86:A3:FE:84:F2:B2:C5:60:61:2F:70:49:D8
X509v3 Authority Key Identifier:
keyid:9E:50:5F:2E:67:A1:E6:04:B3:F9:63:CE:4C:36:7D:19:58:BD:4B:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nlBfLmeh5gSz-WPOTDZ9GVi9S3g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/fb7864-5795-4208-abe0-08542454d16b/1/pW0-HRhUAYaj_oTyssVgYS9wSdg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/fb7864-5795-4208-abe0-08542454d16b/1/nlBfLmeh5gSz-WPOTDZ9GVi9S3g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.111.212.0/22
IPv6:
2001:678:9b0::/48
2001:678:9c0::/48
2001:67c:2878::/48
Signature Algorithm: sha256WithRSAEncryption
5f:2f:54:f0:07:60:6e:21:71:7e:1c:19:2a:a8:4f:9e:11:e0:
61:8f:56:61:b7:a2:8c:e0:bb:89:fc:bc:ba:49:42:8b:c6:8d:
f1:9f:76:81:d6:de:c1:82:de:a7:70:30:bb:61:e7:3d:a4:10:
6a:0f:05:f1:40:c3:b1:f2:63:a9:89:51:ec:3e:6b:6a:d5:1c:
c5:f2:5c:4d:1f:08:07:91:d8:fb:aa:4c:cf:34:33:26:11:e8:
65:d2:b9:2a:a0:d1:77:f1:7f:f2:79:30:ef:b5:44:7e:7a:91:
c9:bc:56:c3:97:9e:7a:08:e0:b1:e1:f2:a0:eb:49:d4:23:2f:
51:e8:8a:14:72:d6:c5:d9:8e:85:86:fa:23:f3:e3:ee:a1:0e:
c5:39:96:30:ae:2d:f0:be:04:f4:18:2e:20:d3:58:fd:fd:d6:
b3:94:d9:b2:98:48:bb:19:cf:41:3e:30:f5:d0:f6:c0:75:82:
15:33:c0:c2:74:a6:e8:07:43:53:ed:82:20:0e:ac:e8:d9:50:
2a:a3:2e:18:f4:7b:1e:1e:e9:39:10:81:54:c7:1d:56:fb:f8:
ca:42:7f:4b:e6:38:a2:66:aa:55:5c:cf:97:0e:29:94:d0:eb:
d1:44:70:49:9f:80:18:22:9c:8c:b4:12:56:29:1a:25:51:40:
ea:44:c4:22
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIECE/m7zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ZTUwNWYyZTY3YTFlNjA0YjNmOTYzY2U0YzM2N2QxOTU4YmQ0Yjc4MB4XDTIyMDEw
MTE2MDUxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTU2ZDNlMWQxODU0
MDE4NmEzZmU4NGYyYjJjNTYwNjEyZjcwNDlkODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPTsAlgD3niyuvKMaKhnmBT7axd/nF/DNyPVed9L2OVDo+15
dEtekB7kruZmLwjaxbWeLhq2Ltp8hu38ogag5UOkJ1MV4zQHZb/OWSnCfqlG/lqS
E5UBnB9d1URkBD7TRwHwu3sC/O2A6lXrcFQIJHvwJ4/Oss4q8QwIkolpXoSVqQRh
7w0hON+eKnU1cFuxzLuS2U+Nl7aV1WhWwEar/itUP3dyNaTwxaYz3NRJNKBpd4Fr
DdDgSXpT8iMZ0MXRNzO1H8wVD2FQnHZMvg7Lteig+xXQS+w2m3FodotyjAS9DJR4
0JFTzdGt2zjhiXpYCWMY8m3IO62iQFx7UFuTYxUCAwEAAaOCAiwwggIoMB0GA1Ud
DgQWBBSlbT4dGFQBhqP+hPKyxWBhL3BJ2DAfBgNVHSMEGDAWgBSeUF8uZ6HmBLP5
Y85MNn0ZWL1LeDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L25sQmZMbWVoNWdTei1XUE9URFo5R1ZpOVMzZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDgvZmI3ODY0LTU3OTUtNDIwOC1hYmUwLTA4NTQyNDU0ZDE2Yi8x
L3BXMC1IUmhVQVlhal9vVHlzc1ZnWVM5d1NkZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDgv
ZmI3ODY0LTU3OTUtNDIwOC1hYmUwLTA4NTQyNDU0ZDE2Yi8xL25sQmZMbWVoNWdT
ei1XUE9URFo5R1ZpOVMzZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBC
BggrBgEFBQcBBwEB/wQzMDEwDAQCAAEwBgMEAsFv1DAhBAIAAjAbAwcAIAEGeAmw
AwcAIAEGeAnAAwcAIAEGfCh4MA0GCSqGSIb3DQEBCwUAA4IBAQBfL1TwB2BuIXF+
HBkqqE+eEeBhj1Zht6KM4LuJ/Ly6SUKLxo3xn3aB1t7Bgt6ncDC7Yec9pBBqDwXx
QMOx8mOpiVHsPmtq1RzF8lxNHwgHkdj7qkzPNDMmEehl0rkqoNF38X/yeTDvtUR+
epHJvFbDl556COCx4fKg60nUIy9R6IoUctbF2Y6Fhvoj8+PuoQ7FOZYwri3wvgT0
GC4g01j9/dazlNmymEi7Gc9BPjD10PbAdYIVM8DCdKboB0NT7YIgDqzo2VAqoy4Y
9HseHuk5EIFUxx1W+/jKQn9L5jiiZqpVXM+XDimU0OvRRHBJn4AYIpyMtBJWKRol
UUDqRMQi
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:57 2023 by rpki-client on console.sobornost.net