Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/b403cc-4e6c-4fe9-83a1-7550529d847a/1/T2XH-Il0o0YyjE_nOT2FloxpqYo.roa
File: T2XH-Il0o0YyjE_nOT2FloxpqYo.roa (raw, json)
Hash identifier: VhQorjP8KmCNDNaOKaIYNR8FtHv6jBz42rjCDTV7muw=
Subject key identifier: 4F:65:C7:F8:89:74:A3:46:32:8C:4F:E7:39:3D:85:96:8C:69:A9:8A
Certificate issuer: /CN=6f5c5712fbbcd832419d4c5884ae3bc3c4a16e7b
Certificate serial: 0EB9C008
Authority key identifier: 6F:5C:57:12:FB:BC:D8:32:41:9D:4C:58:84:AE:3B:C3:C4:A1:6E:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b1xXEvu82DJBnUxYhK47w8Shbns.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/b403cc-4e6c-4fe9-83a1-7550529d847a/1/T2XH-Il0o0YyjE_nOT2FloxpqYo.roa
Signing time: Sat 01 Jan 2022 01:55:05 +0000
ROA not before: Sat 01 Jan 2022 01:55:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198541
IP address blocks: 91.233.28.0/22 maxlen: 24
176.110.160.0/19 maxlen: 24
81.162.0.0/20 maxlen: 24
188.0.192.0/19 maxlen: 24
91.219.72.0/22 maxlen: 24
81.162.16.0/21 maxlen: 24
176.110.192.0/20 maxlen: 24
91.236.60.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 247054344 (0xeb9c008)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f5c5712fbbcd832419d4c5884ae3bc3c4a16e7b
Validity
Not Before: Jan 1 01:55:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4f65c7f88974a346328c4fe7393d85968c69a98a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:f5:fe:06:1e:c1:79:c7:cb:9a:03:58:e6:5f:
31:47:b3:c2:2e:58:0c:13:f2:3c:b2:23:dc:09:aa:
30:0b:9f:97:be:6f:38:7d:d2:1c:dc:c8:35:82:02:
de:bb:d8:f9:e0:34:07:fa:ef:ef:fa:aa:e2:40:b0:
3c:c4:cd:ee:ab:70:26:32:04:f5:26:34:27:c7:c9:
02:49:47:23:4c:cc:e8:97:00:ab:d4:0a:3d:43:64:
77:9d:cd:c9:39:d7:67:f6:b9:77:97:3d:c4:cc:54:
67:75:09:66:9b:53:1d:d8:cb:be:48:8f:a0:79:13:
2c:12:e0:3c:08:24:cd:67:43:d2:b6:5c:74:58:d4:
91:4a:54:25:7f:5c:30:ab:17:a1:e8:51:92:db:b6:
67:81:c4:17:1d:5a:ce:f9:84:24:52:38:c7:89:02:
54:f0:d0:19:dc:e7:35:89:ae:b5:83:c3:e3:65:b5:
14:0d:85:f9:c5:ff:ef:1f:13:8a:bc:3a:c6:42:ef:
54:58:b2:f6:21:ee:07:87:d9:3e:be:14:97:02:e1:
ab:c8:f0:28:a4:a0:5f:32:73:4d:fe:f7:70:02:1c:
4e:4a:82:a6:a5:ff:1f:e6:8e:55:66:d8:ec:e0:dc:
a2:eb:57:38:10:bb:d9:af:25:26:ba:13:ed:23:36:
61:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:65:C7:F8:89:74:A3:46:32:8C:4F:E7:39:3D:85:96:8C:69:A9:8A
X509v3 Authority Key Identifier:
keyid:6F:5C:57:12:FB:BC:D8:32:41:9D:4C:58:84:AE:3B:C3:C4:A1:6E:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1xXEvu82DJBnUxYhK47w8Shbns.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/b403cc-4e6c-4fe9-83a1-7550529d847a/1/T2XH-Il0o0YyjE_nOT2FloxpqYo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/b403cc-4e6c-4fe9-83a1-7550529d847a/1/b1xXEvu82DJBnUxYhK47w8Shbns.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.162.0.0-81.162.23.255
91.219.72.0/22
91.233.28.0/22
91.236.60.0/22
176.110.160.0-176.110.207.255
188.0.192.0/19
Signature Algorithm: sha256WithRSAEncryption
69:b2:f8:9a:6f:57:a7:67:ee:f9:74:05:75:37:ce:d4:c0:59:
e3:0e:c3:50:a1:b8:f4:3a:17:fd:cc:30:de:c8:38:cc:40:48:
ea:d9:ce:2c:a7:bc:07:27:ae:46:9c:6e:54:af:ea:f4:2e:79:
d2:ed:a9:21:43:30:a3:74:02:cf:19:33:53:76:95:09:5f:00:
07:02:d2:2b:4c:92:57:54:24:9b:07:6b:63:0a:c3:9f:93:0d:
f8:a5:a0:61:b6:a8:4a:83:db:d8:de:35:fe:39:0d:a0:07:4d:
25:7a:bc:37:4f:ef:4f:d6:cd:d2:fc:f8:ab:13:d1:48:fe:57:
da:44:da:f4:12:66:d8:a1:00:4e:03:c3:5c:ed:95:56:31:62:
34:fd:4d:f1:ef:1e:b5:ff:bc:e8:95:ab:60:e3:6c:e8:7b:c9:
95:71:0c:3f:a8:ef:eb:67:60:40:bb:0a:c6:72:9e:7b:91:dc:
a0:4f:a3:36:66:26:af:6a:8d:0e:20:64:a0:c7:40:a7:1d:12:
55:92:b0:46:2d:58:52:bd:11:f8:b1:00:b6:3a:bb:36:b0:0e:
24:c0:72:a5:c9:ef:8e:c4:25:e9:63:ab:06:cb:7e:db:b9:cb:
da:e5:00:ab:d3:56:cb:20:fb:d0:38:89:3e:6d:54:05:cd:16:
55:ac:e0:ec
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgIEDrnACDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
ZjVjNTcxMmZiYmNkODMyNDE5ZDRjNTg4NGFlM2JjM2M0YTE2ZTdiMB4XDTIyMDEw
MTAxNTUwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGY2NWM3Zjg4OTc0
YTM0NjMyOGM0ZmU3MzkzZDg1OTY4YzY5YTk4YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALL1/gYewXnHy5oDWOZfMUezwi5YDBPyPLIj3AmqMAufl75v
OH3SHNzINYIC3rvY+eA0B/rv7/qq4kCwPMTN7qtwJjIE9SY0J8fJAklHI0zM6JcA
q9QKPUNkd53NyTnXZ/a5d5c9xMxUZ3UJZptTHdjLvkiPoHkTLBLgPAgkzWdD0rZc
dFjUkUpUJX9cMKsXoehRktu2Z4HEFx1azvmEJFI4x4kCVPDQGdznNYmutYPD42W1
FA2F+cX/7x8Tirw6xkLvVFiy9iHuB4fZPr4UlwLhq8jwKKSgXzJzTf73cAIcTkqC
pqX/H+aOVWbY7ODcoutXOBC72a8lJroT7SM2YdUCAwEAAaOCAjYwggIyMB0GA1Ud
DgQWBBRPZcf4iXSjRjKMT+c5PYWWjGmpijAfBgNVHSMEGDAWgBRvXFcS+7zYMkGd
TFiErjvDxKFuezAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2IxeFhFdnU4MkRKQm5VeFloSzQ3dzhTaGJucy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDkvYjQwM2NjLTRlNmMtNGZlOS04M2ExLTc1NTA1MjlkODQ3YS8x
L1QyWEgtSWwwbzBZeWpFX25PVDJGbG94cHFZby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDkv
YjQwM2NjLTRlNmMtNGZlOS04M2ExLTc1NTA1MjlkODQ3YS8xL2IxeFhFdnU4MkRK
Qm5VeFloSzQ3dzhTaGJucy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBM
BggrBgEFBQcBBwEB/wQ9MDswOQQCAAEwMzALAwMBUaIDBANRohADBAJb20gDBAJb
6RwDBAJb7DwwDAMEBbBuoAMEBLBuwAMEBbwAwDANBgkqhkiG9w0BAQsFAAOCAQEA
abL4mm9Xp2fu+XQFdTfO1MBZ4w7DUKG49DoX/cww3sg4zEBI6tnOLKe8ByeuRpxu
VK/q9C550u2pIUMwo3QCzxkzU3aVCV8ABwLSK0ySV1QkmwdrYwrDn5MN+KWgYbao
SoPb2N41/jkNoAdNJXq8N0/vT9bN0vz4qxPRSP5X2kTa9BJm2KEATgPDXO2VVjFi
NP1N8e8etf+86JWrYONs6HvJlXEMP6jv62dgQLsKxnKee5HcoE+jNmYmr2qNDiBk
oMdApx0SVZKwRi1YUr0R+LEAtjq7NrAOJMBypcnvjsQl6WOrBst+27nL2uUAq9NW
yyD70DiJPm1UBc0WVazg7A==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:58 2023 by rpki-client on console.sobornost.net