Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/b8d400-e6e8-41ef-ad24-55c3a28e62c3/1/kOCtCfbzYnrahYbFzepmhKUufBc.roa
File: kOCtCfbzYnrahYbFzepmhKUufBc.roa (raw, json)
Hash identifier: gBgooIZPF7g36HBTWsFV7MM62zIK6yqU2qbU+lZV6aM=
Subject key identifier: 90:E0:AD:09:F6:F3:62:7A:DA:85:86:C5:CD:EA:66:84:A5:2E:7C:17
Certificate issuer: /CN=660c32996ae12461897222e2d9cc093930927ddd
Certificate serial: 350A579E
Authority key identifier: 66:0C:32:99:6A:E1:24:61:89:72:22:E2:D9:CC:09:39:30:92:7D:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZgwymWrhJGGJciLi2cwJOTCSfd0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/b8d400-e6e8-41ef-ad24-55c3a28e62c3/1/kOCtCfbzYnrahYbFzepmhKUufBc.roa
Signing time: Sat 01 Jan 2022 04:53:20 +0000
ROA not before: Sat 01 Jan 2022 04:53:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198325
IP address blocks: 89.145.185.0/24 maxlen: 24
89.145.184.0/24 maxlen: 24
89.145.186.0/24 maxlen: 24
89.145.189.0/24 maxlen: 24
89.145.188.0/24 maxlen: 24
89.145.190.0/24 maxlen: 24
89.145.191.0/24 maxlen: 24
89.145.187.0/24 maxlen: 24
185.251.35.0/24 maxlen: 24
185.251.34.0/24 maxlen: 24
185.251.33.0/24 maxlen: 24
185.251.32.0/24 maxlen: 24
2a04:6680::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 889870238 (0x350a579e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=660c32996ae12461897222e2d9cc093930927ddd
Validity
Not Before: Jan 1 04:53:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=90e0ad09f6f3627ada8586c5cdea6684a52e7c17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:01:a5:77:29:3b:13:8f:e4:1c:c4:3c:a7:18:
b4:6c:b3:0f:89:c6:f3:61:b8:b5:55:b5:51:0d:2e:
e9:d1:55:79:e3:37:61:51:63:96:2e:61:39:85:c3:
1a:df:15:58:83:9b:15:70:90:51:ec:2a:a6:a6:e1:
51:8d:2a:f7:be:77:a6:ab:17:3c:a7:bd:c5:af:ce:
f3:6f:df:8b:16:11:40:b7:fb:26:d2:0a:d0:5f:55:
da:e6:f4:a3:84:37:61:fc:7e:46:16:89:a1:2d:5d:
ce:05:6b:6a:08:01:5f:e9:56:29:83:18:e4:47:89:
e7:ce:70:11:1f:f7:89:36:1c:20:6f:a7:50:6d:19:
cf:f9:51:b7:01:0c:f3:45:05:f5:69:e3:51:ba:c3:
3e:da:8e:cd:09:63:56:1c:f4:38:ba:a2:1a:b1:19:
ff:11:5e:94:ea:83:76:47:31:3e:07:0f:72:dc:fd:
03:d8:f4:87:d3:6b:04:f0:15:c5:03:2f:5a:eb:6c:
f2:5a:d1:82:6f:3a:d2:7a:a0:58:b0:a5:98:97:ef:
dd:cc:68:6c:90:9f:79:c6:f9:ab:d5:d7:07:9a:e1:
92:e5:57:c8:bd:1f:f0:66:c2:f4:6b:cc:af:d4:a5:
8f:4b:bf:f1:f3:b0:f9:d6:38:2c:bc:72:6c:15:c3:
dd:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:E0:AD:09:F6:F3:62:7A:DA:85:86:C5:CD:EA:66:84:A5:2E:7C:17
X509v3 Authority Key Identifier:
keyid:66:0C:32:99:6A:E1:24:61:89:72:22:E2:D9:CC:09:39:30:92:7D:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZgwymWrhJGGJciLi2cwJOTCSfd0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/b8d400-e6e8-41ef-ad24-55c3a28e62c3/1/kOCtCfbzYnrahYbFzepmhKUufBc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/b8d400-e6e8-41ef-ad24-55c3a28e62c3/1/ZgwymWrhJGGJciLi2cwJOTCSfd0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.145.184.0/21
185.251.32.0/22
IPv6:
2a04:6680::/48
Signature Algorithm: sha256WithRSAEncryption
c1:82:be:05:5a:ad:57:b6:22:74:b8:a5:51:79:56:30:ad:bc:
d3:4e:5a:56:6a:ff:53:b7:60:a2:7c:1f:48:37:39:aa:28:09:
a7:a2:79:97:e0:ec:7f:9a:75:23:1a:d4:4f:93:16:dd:94:eb:
1e:65:32:86:e4:09:30:59:1b:73:9c:0c:89:27:f5:e0:ee:4b:
f6:4c:f5:76:2c:53:24:31:37:0d:25:d8:74:af:84:b5:bc:6b:
1f:63:ac:a0:d5:c3:b7:45:21:db:a7:26:be:ee:b3:ba:6f:7f:
d0:af:fb:0f:43:af:65:25:1b:8d:24:89:21:8a:0a:ef:72:93:
8a:c0:4b:e5:84:ef:44:89:5d:9b:2f:96:ac:63:62:64:a6:9a:
08:6c:af:0e:87:df:9e:47:ba:e1:3d:0d:bc:75:76:9e:de:de:
c3:74:02:1f:b9:74:53:ed:9f:38:56:32:66:74:42:d6:64:45:
ca:c7:26:5d:d6:cb:e5:39:1b:39:4b:e2:c3:3a:2e:d7:d1:42:
75:f9:0b:6f:f4:a6:0d:fe:04:28:30:3b:d8:22:3d:d1:d5:9a:
4c:c9:0b:4e:a6:36:c2:73:1f:c8:25:db:53:d9:d1:c2:c1:98:
da:b7:0b:69:a4:09:0e:0a:5f:7e:e8:d4:4c:6f:10:18:ad:34:
cf:d1:a1:d3
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIENQpXnjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
NjBjMzI5OTZhZTEyNDYxODk3MjIyZTJkOWNjMDkzOTMwOTI3ZGRkMB4XDTIyMDEw
MTA0NTMyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTBlMGFkMDlmNmYz
NjI3YWRhODU4NmM1Y2RlYTY2ODRhNTJlN2MxNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMcBpXcpOxOP5BzEPKcYtGyzD4nG82G4tVW1UQ0u6dFVeeM3
YVFjli5hOYXDGt8VWIObFXCQUewqpqbhUY0q9753pqsXPKe9xa/O82/fixYRQLf7
JtIK0F9V2ub0o4Q3Yfx+RhaJoS1dzgVraggBX+lWKYMY5EeJ585wER/3iTYcIG+n
UG0Zz/lRtwEM80UF9WnjUbrDPtqOzQljVhz0OLqiGrEZ/xFelOqDdkcxPgcPctz9
A9j0h9NrBPAVxQMvWuts8lrRgm860nqgWLClmJfv3cxobJCfecb5q9XXB5rhkuVX
yL0f8GbC9GvMr9Slj0u/8fOw+dY4LLxybBXD3ZcCAwEAAaOCAiAwggIcMB0GA1Ud
DgQWBBSQ4K0J9vNietqFhsXN6maEpS58FzAfBgNVHSMEGDAWgBRmDDKZauEkYYly
IuLZzAk5MJJ93TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1pnd3ltV3JoSkdHSmNpTGkyY3dKT1RDU2ZkMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTkvYjhkNDAwLWU2ZTgtNDFlZi1hZDI0LTU1YzNhMjhlNjJjMy8x
L2tPQ3RDZmJ6WW5yYWhZYkZ6ZXBtaEtVdWZCYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTkv
YjhkNDAwLWU2ZTgtNDFlZi1hZDI0LTU1YzNhMjhlNjJjMy8xL1pnd3ltV3JoSkdH
SmNpTGkyY3dKT1RDU2ZkMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA2
BggrBgEFBQcBBwEB/wQnMCUwEgQCAAEwDAMEA1mRuAMEArn7IDAPBAIAAjAJAwcA
KgRmgAAAMA0GCSqGSIb3DQEBCwUAA4IBAQDBgr4FWq1XtiJ0uKVReVYwrbzTTlpW
av9Tt2CifB9INzmqKAmnonmX4Ox/mnUjGtRPkxbdlOseZTKG5AkwWRtznAyJJ/Xg
7kv2TPV2LFMkMTcNJdh0r4S1vGsfY6yg1cO3RSHbpya+7rO6b3/Qr/sPQ69lJRuN
JIkhigrvcpOKwEvlhO9EiV2bL5asY2JkppoIbK8Oh9+eR7rhPQ28dXae3t7DdAIf
uXRT7Z84VjJmdELWZEXKxyZd1svlORs5S+LDOi7X0UJ1+Qtv9KYN/gQoMDvYIj3R
1ZpMyQtOpjbCcx/IJdtT2dHCwZjatwtppAkOCl9+6NRMbxAYrTTP0aHT
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:09 2023 by rpki-client on console.sobornost.net