Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/6d9ce2-6d88-4977-ae06-c1e941e59c14/1/wbfK6HzzruqoUT9z74uapKVk4Io.roa
File: wbfK6HzzruqoUT9z74uapKVk4Io.roa (raw, json)
Hash identifier: Qvs49GJgcEu2Y7qOBmyh1ZW9l+tutLEy4lnl+JB00D0=
Subject key identifier: C1:B7:CA:E8:7C:F3:AE:EA:A8:51:3F:73:EF:8B:9A:A4:A5:64:E0:8A
Certificate issuer: /CN=4f123e248e6ec0368e0712345f726d71f60f826b
Certificate serial: 0D1EDD1D
Authority key identifier: 4F:12:3E:24:8E:6E:C0:36:8E:07:12:34:5F:72:6D:71:F6:0F:82:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxI-JI5uwDaOBxI0X3JtcfYPgms.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/6d9ce2-6d88-4977-ae06-c1e941e59c14/1/wbfK6HzzruqoUT9z74uapKVk4Io.roa
Signing time: Fri 11 Feb 2022 11:52:23 +0000
ROA not before: Fri 11 Feb 2022 11:52:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201597
IP address blocks: 185.66.92.0/22 maxlen: 22
185.232.252.0/22 maxlen: 22
185.232.254.0/24 maxlen: 24
2a05:687:ffff::/48 maxlen: 48
2a05:680::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 220126493 (0xd1edd1d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f123e248e6ec0368e0712345f726d71f60f826b
Validity
Not Before: Feb 11 11:52:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c1b7cae87cf3aeeaa8513f73ef8b9aa4a564e08a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:38:65:d2:58:f9:68:40:66:17:02:92:f1:55:
4e:ea:13:16:d6:1b:21:32:b5:28:f4:85:e2:a9:82:
ad:51:ff:5e:75:4a:42:65:61:58:7b:6d:68:fd:c2:
0f:19:62:4d:24:b5:89:11:4e:90:08:7e:16:c6:61:
e5:58:78:76:39:d8:e1:96:37:3c:cc:d5:b0:a9:f1:
53:a0:54:de:f6:c3:b1:65:d4:b5:a2:59:f6:14:6a:
51:bb:39:2f:a1:98:34:74:99:77:ab:2a:e4:32:13:
1b:bc:4f:a0:ae:27:6c:df:ab:1e:1a:8a:25:b1:93:
93:a0:e1:79:e2:bb:6b:f0:2a:d9:e5:8a:41:54:f0:
32:ea:0b:6a:f0:a4:18:ad:b9:df:a0:c2:be:7e:1b:
26:f9:42:a8:bc:51:be:ae:48:e0:ec:cb:30:69:f6:
85:a7:3c:33:48:ab:62:68:4f:01:3e:23:1a:ea:be:
cd:df:b3:ec:a9:43:46:e6:8e:82:7e:aa:2a:fa:0a:
5e:b9:49:e8:d8:b8:b9:79:a5:78:47:b1:83:80:52:
d3:27:f7:d2:3a:46:0e:4d:82:91:78:e7:3a:5d:f4:
be:46:29:f8:4f:be:7b:ac:7f:2a:7b:e1:03:bf:de:
c4:26:6b:82:9c:da:d8:a6:fa:52:c0:b6:be:68:4e:
7d:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:B7:CA:E8:7C:F3:AE:EA:A8:51:3F:73:EF:8B:9A:A4:A5:64:E0:8A
X509v3 Authority Key Identifier:
keyid:4F:12:3E:24:8E:6E:C0:36:8E:07:12:34:5F:72:6D:71:F6:0F:82:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxI-JI5uwDaOBxI0X3JtcfYPgms.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/6d9ce2-6d88-4977-ae06-c1e941e59c14/1/wbfK6HzzruqoUT9z74uapKVk4Io.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/6d9ce2-6d88-4977-ae06-c1e941e59c14/1/TxI-JI5uwDaOBxI0X3JtcfYPgms.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.66.92.0/22
185.232.252.0/22
IPv6:
2a05:680::/29
Signature Algorithm: sha256WithRSAEncryption
a4:4b:a8:12:85:a9:aa:b1:b3:99:40:cc:1c:c8:9d:86:8e:e5:
e4:e5:5e:f4:56:58:cf:49:73:d9:4c:b1:9c:25:a0:3b:c3:34:
b3:e8:93:d6:6b:8b:28:1a:6f:c7:c7:35:09:67:99:b1:05:a6:
2d:08:3b:2a:80:e9:83:b5:a7:6e:c1:db:37:51:5f:3d:8e:60:
75:4f:bd:ac:40:38:4b:9d:df:b9:ec:8a:a8:c6:b4:3f:8a:7f:
a5:35:de:54:dd:37:b4:ed:2d:b8:4d:ac:b9:68:3d:b3:70:63:
c2:e3:d1:f9:b0:a4:4b:67:7f:66:58:57:9e:be:58:ca:62:8b:
f1:2c:26:df:45:4b:3b:22:91:e7:d6:80:0c:e5:5a:aa:cc:7b:
ce:0a:ba:dc:3e:ca:8c:46:14:62:97:6a:3d:30:e5:2b:0d:7c:
dc:b8:03:04:ff:60:4f:27:42:5b:a8:c4:da:a1:58:76:d1:85:
aa:f2:fd:d1:66:df:3a:b4:50:74:bd:b1:63:1e:d1:78:b2:26:
44:16:20:77:20:9b:fa:9a:6c:de:d0:78:24:7f:ea:77:b3:5a:
85:48:eb:30:7b:c1:9c:07:e8:a8:3b:23:31:f1:05:2a:44:6f:
05:dd:d4:88:c7:07:3b:b9:7c:fe:91:9e:64:3f:f9:4d:08:8b:
9e:31:4d:c6
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEDR7dHTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
ZjEyM2UyNDhlNmVjMDM2OGUwNzEyMzQ1ZjcyNmQ3MWY2MGY4MjZiMB4XDTIyMDIx
MTExNTIyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzFiN2NhZTg3Y2Yz
YWVlYWE4NTEzZjczZWY4YjlhYTRhNTY0ZTA4YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKY4ZdJY+WhAZhcCkvFVTuoTFtYbITK1KPSF4qmCrVH/XnVK
QmVhWHttaP3CDxliTSS1iRFOkAh+FsZh5Vh4djnY4ZY3PMzVsKnxU6BU3vbDsWXU
taJZ9hRqUbs5L6GYNHSZd6sq5DITG7xPoK4nbN+rHhqKJbGTk6DheeK7a/Aq2eWK
QVTwMuoLavCkGK2536DCvn4bJvlCqLxRvq5I4OzLMGn2hac8M0irYmhPAT4jGuq+
zd+z7KlDRuaOgn6qKvoKXrlJ6Ni4uXmleEexg4BS0yf30jpGDk2CkXjnOl30vkYp
+E++e6x/KnvhA7/exCZrgpza2Kb6UsC2vmhOfYkCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBTBt8rofPOu6qhRP3Pvi5qkpWTgijAfBgNVHSMEGDAWgBRPEj4kjm7ANo4H
EjRfcm1x9g+CazAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1R4SS1KSTV1d0RhT0J4STBYM0p0Y2ZZUGdtcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTkvNmQ5Y2UyLTZkODgtNDk3Ny1hZTA2LWMxZTk0MWU1OWMxNC8x
L3diZks2SHp6cnVxb1VUOXo3NHVhcEtWazRJby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTkv
NmQ5Y2UyLTZkODgtNDk3Ny1hZTA2LWMxZTk0MWU1OWMxNC8xL1R4SS1KSTV1d0Rh
T0J4STBYM0p0Y2ZZUGdtcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEArlCXAMEArno/DANBAIAAjAHAwUD
KgUGgDANBgkqhkiG9w0BAQsFAAOCAQEApEuoEoWpqrGzmUDMHMidho7l5OVe9FZY
z0lz2UyxnCWgO8M0s+iT1muLKBpvx8c1CWeZsQWmLQg7KoDpg7WnbsHbN1FfPY5g
dU+9rEA4S53fueyKqMa0P4p/pTXeVN03tO0tuE2suWg9s3BjwuPR+bCkS2d/ZlhX
nr5YymKL8Swm30VLOyKR59aADOVaqsx7zgq63D7KjEYUYpdqPTDlKw183LgDBP9g
TydCW6jE2qFYdtGFqvL90WbfOrRQdL2xYx7ReLImRBYgdyCb+pps3tB4JH/qd7Na
hUjrMHvBnAfoqDsjMfEFKkRvBd3UiMcHO7l8/pGeZD/5TQiLnjFNxg==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:07 2023 by rpki-client on console.sobornost.net