Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/c1ed2c-b41e-4ebd-aafb-f214f0cc262b/1/oaIL8TYYm41RZVYsCSSwFNblVbw.roa
File: oaIL8TYYm41RZVYsCSSwFNblVbw.roa (raw, json)
Hash identifier: PHWgR4iWwj5TkL7IPADn6gNRbWZfYMQG1QLCbNSFZD4=
Subject key identifier: A1:A2:0B:F1:36:18:9B:8D:51:65:56:2C:09:24:B0:14:D6:E5:55:BC
Certificate issuer: /CN=031187bb64c87dfdd2fa02f2d85d479ec2683e57
Certificate serial: 01009F30
Authority key identifier: 03:11:87:BB:64:C8:7D:FD:D2:FA:02:F2:D8:5D:47:9E:C2:68:3E:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AxGHu2TIff3S-gLy2F1HnsJoPlc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/c1ed2c-b41e-4ebd-aafb-f214f0cc262b/1/oaIL8TYYm41RZVYsCSSwFNblVbw.roa
Signing time: Wed 05 Jan 2022 13:47:08 +0000
ROA not before: Wed 05 Jan 2022 13:47:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41653
IP address blocks: 91.199.0.0/24 maxlen: 24
178.212.228.0/24 maxlen: 24
194.105.152.0/23 maxlen: 24
185.66.232.0/22 maxlen: 24
95.128.40.0/21 maxlen: 24
195.14.22.0/24 maxlen: 24
45.141.172.0/22 maxlen: 24
2a02:ec0::/32 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16817968 (0x1009f30)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=031187bb64c87dfdd2fa02f2d85d479ec2683e57
Validity
Not Before: Jan 5 13:47:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a1a20bf136189b8d5165562c0924b014d6e555bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:e3:0a:8e:75:8c:ce:63:d9:b5:03:f8:14:5c:
e1:e4:00:85:a2:25:a4:09:6c:05:ba:44:1f:b8:15:
81:ae:ce:3a:e2:d6:a6:11:08:63:b8:a6:89:1a:d7:
c6:b4:94:2d:97:3f:c7:98:40:a6:8a:7a:58:ab:a4:
4c:d0:51:ef:f6:b8:e9:6e:f7:2a:8b:1a:73:e1:47:
53:8f:0d:d1:b7:2d:5a:bf:2e:2f:85:10:b6:50:27:
28:79:b3:2b:3c:fa:e3:40:13:b7:53:15:ee:d2:ef:
1b:66:9a:9b:7d:3b:3e:94:b8:69:d0:88:6d:89:2e:
bd:6e:05:8b:de:79:43:6b:02:37:a2:9d:12:5f:a2:
95:53:96:8a:b3:79:4a:9d:c3:4d:95:8b:99:37:8f:
ef:f3:b1:2a:83:bc:70:33:c7:a9:ef:1e:7b:81:ef:
27:6a:cd:44:13:89:2a:b4:22:e6:45:fd:74:85:70:
23:17:92:d9:cd:0a:f0:c9:fd:ac:36:49:b3:0c:d7:
c7:f3:4f:cd:87:42:a8:a9:d4:cf:09:87:ba:52:62:
5c:c0:23:7c:fd:56:1f:94:a5:b3:c4:94:1e:5d:0d:
81:cc:2c:b5:4e:7a:40:da:0e:f1:68:31:36:c5:42:
ce:52:fe:f0:09:96:4d:fc:3a:86:e3:f3:3a:aa:6c:
b9:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:A2:0B:F1:36:18:9B:8D:51:65:56:2C:09:24:B0:14:D6:E5:55:BC
X509v3 Authority Key Identifier:
keyid:03:11:87:BB:64:C8:7D:FD:D2:FA:02:F2:D8:5D:47:9E:C2:68:3E:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AxGHu2TIff3S-gLy2F1HnsJoPlc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/c1ed2c-b41e-4ebd-aafb-f214f0cc262b/1/oaIL8TYYm41RZVYsCSSwFNblVbw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/c1ed2c-b41e-4ebd-aafb-f214f0cc262b/1/AxGHu2TIff3S-gLy2F1HnsJoPlc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.172.0/22
91.199.0.0/24
95.128.40.0/21
178.212.228.0/24
185.66.232.0/22
194.105.152.0/23
195.14.22.0/24
IPv6:
2a02:ec0::/32
Signature Algorithm: sha256WithRSAEncryption
2a:f7:7c:7e:03:52:8c:3c:33:2a:2b:64:46:91:ca:69:a5:3f:
db:cb:14:0b:fe:7f:40:85:f5:ad:43:0e:cf:ef:b4:89:96:46:
11:a3:de:01:77:bb:16:91:9a:19:12:12:9c:0c:47:13:bc:93:
82:6d:84:bf:57:75:32:48:18:33:c7:09:81:86:12:16:06:5d:
7a:1b:b9:11:7a:5b:15:0d:21:67:d3:d8:21:e9:e4:ff:e7:e0:
85:7e:12:21:35:45:67:7f:47:ed:b7:93:15:8d:4a:26:d9:c9:
9c:2f:ae:4c:09:2d:ec:64:d8:38:33:80:55:f3:b5:d9:a5:5e:
e4:fe:04:9d:2c:89:d5:3c:c2:d9:76:99:67:0b:13:56:d3:3e:
05:36:81:69:3c:a3:20:53:c9:b0:f2:74:68:cd:92:67:c7:6c:
70:b9:da:fe:f5:86:77:e3:79:e7:30:28:36:eb:85:f9:b9:96:
98:58:9c:d3:b6:74:12:0e:d2:7f:0e:fb:14:e3:9d:82:c9:97:
3c:df:61:81:c6:2d:5a:8a:8b:34:6c:20:f5:70:91:6f:2d:e3:
ed:fc:dc:1b:5c:31:e4:fb:ed:c8:b3:76:7f:77:7d:d1:ea:1d:
65:89:29:6d:59:a7:44:73:ae:63:9f:a8:c6:57:b1:63:de:e9:
a8:34:72:0a
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgIEAQCfMDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
MzExODdiYjY0Yzg3ZGZkZDJmYTAyZjJkODVkNDc5ZWMyNjgzZTU3MB4XDTIyMDEw
NTEzNDcwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTFhMjBiZjEzNjE4
OWI4ZDUxNjU1NjJjMDkyNGIwMTRkNmU1NTViYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANzjCo51jM5j2bUD+BRc4eQAhaIlpAlsBbpEH7gVga7OOuLW
phEIY7imiRrXxrSULZc/x5hApop6WKukTNBR7/a46W73Kosac+FHU48N0bctWr8u
L4UQtlAnKHmzKzz640ATt1MV7tLvG2aam307PpS4adCIbYkuvW4Fi955Q2sCN6Kd
El+ilVOWirN5Sp3DTZWLmTeP7/OxKoO8cDPHqe8ee4HvJ2rNRBOJKrQi5kX9dIVw
IxeS2c0K8Mn9rDZJswzXx/NPzYdCqKnUzwmHulJiXMAjfP1WH5Sls8SUHl0Ngcws
tU56QNoO8WgxNsVCzlL+8AmWTfw6huPzOqpsuQUCAwEAAaOCAjwwggI4MB0GA1Ud
DgQWBBShogvxNhibjVFlViwJJLAU1uVVvDAfBgNVHSMEGDAWgBQDEYe7ZMh9/dL6
AvLYXUeewmg+VzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0F4R0h1MlRJZmYzUy1nTHkyRjFIbnNKb1BsYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWIvYzFlZDJjLWI0MWUtNGViZC1hYWZiLWYyMTRmMGNjMjYyYi8x
L29hSUw4VFlZbTQxUlpWWXNDU1N3Rk5ibFZidy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWIv
YzFlZDJjLWI0MWUtNGViZC1hYWZiLWYyMTRmMGNjMjYyYi8xL0F4R0h1MlRJZmYz
Uy1nTHkyRjFIbnNKb1BsYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBS
BggrBgEFBQcBBwEB/wRDMEEwMAQCAAEwKgMEAi2NrAMEAFvHAAMEA1+AKAMEALLU
5AMEArlC6AMEAcJpmAMEAMMOFjANBAIAAjAHAwUAKgIOwDANBgkqhkiG9w0BAQsF
AAOCAQEAKvd8fgNSjDwzKitkRpHKaaU/28sUC/5/QIX1rUMOz++0iZZGEaPeAXe7
FpGaGRISnAxHE7yTgm2Ev1d1MkgYM8cJgYYSFgZdehu5EXpbFQ0hZ9PYIenk/+fg
hX4SITVFZ39H7beTFY1KJtnJnC+uTAkt7GTYODOAVfO12aVe5P4EnSyJ1TzC2XaZ
ZwsTVtM+BTaBaTyjIFPJsPJ0aM2SZ8dscLna/vWGd+N55zAoNuuF+bmWmFic07Z0
Eg7Sfw77FOOdgsmXPN9hgcYtWoqLNGwg9XCRby3j7fzcG1wx5PvtyLN2f3d90eod
ZYkpbVmnRHOuY5+oxlexY97pqDRyCg==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:57 2023 by rpki-client on console.sobornost.net