Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/3d4bc5-c363-415f-b3da-48e4cc6b33a3/1/Dm3ZH5NjSUhC0R9g1Tf2dqkHHf4.roa
File: Dm3ZH5NjSUhC0R9g1Tf2dqkHHf4.roa (raw, json)
Hash identifier: UDTr18csDw2ZIjduLCrm5hqtknHB9/2tIgLtHbY4Tsk=
Subject key identifier: 0E:6D:D9:1F:93:63:49:48:42:D1:1F:60:D5:37:F6:76:A9:07:1D:FE
Certificate issuer: /CN=5bf81435ed13789895f375dc34d04ce91aca4744
Certificate serial: 8F772E
Authority key identifier: 5B:F8:14:35:ED:13:78:98:95:F3:75:DC:34:D0:4C:E9:1A:CA:47:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W_gUNe0TeJiV83XcNNBM6RrKR0Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/3d4bc5-c363-415f-b3da-48e4cc6b33a3/1/Dm3ZH5NjSUhC0R9g1Tf2dqkHHf4.roa
Signing time: Sat 01 Jan 2022 01:55:10 +0000
ROA not before: Sat 01 Jan 2022 01:55:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201271
IP address blocks: 158.233.245.0/24 maxlen: 24
158.233.244.0/24 maxlen: 24
158.233.243.0/24 maxlen: 24
158.233.246.0/24 maxlen: 24
158.233.249.0/24 maxlen: 24
158.233.248.0/24 maxlen: 24
158.233.247.0/24 maxlen: 24
158.233.250.0/24 maxlen: 24
158.233.224.0/24 maxlen: 24
2001:67c:2af0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9402158 (0x8f772e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5bf81435ed13789895f375dc34d04ce91aca4744
Validity
Not Before: Jan 1 01:55:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0e6dd91f9363494842d11f60d537f676a9071dfe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:de:e3:05:e8:d9:d1:86:ee:1e:cd:61:d3:c6:
fd:c8:05:48:86:6b:8e:dc:e1:50:d6:a2:97:83:2c:
6d:91:d9:d6:c3:e6:93:ad:43:fb:18:ee:2d:85:bb:
c3:a0:19:59:ca:38:72:b1:1d:ba:1d:55:87:c8:92:
4d:3f:ff:14:c8:69:9a:a2:29:47:b8:7b:24:bf:38:
f4:a0:9e:45:76:66:d2:af:0a:ec:6e:1b:ac:21:4f:
c7:6a:25:1f:ab:2d:b3:73:4d:6c:5b:ed:96:71:77:
5e:36:24:5d:ff:2c:6e:14:94:5c:be:e2:20:42:84:
a6:2c:f6:6e:d0:f8:b9:78:83:7a:28:cc:29:a0:57:
6d:05:e6:96:75:dd:3e:4e:68:d7:cb:99:c2:c0:2b:
f2:b5:02:91:ed:de:f2:fa:6a:0d:2c:e8:bd:8a:9c:
6c:99:6e:34:cf:53:fe:4f:a1:97:f7:f5:19:2e:d3:
19:87:63:06:c7:ea:de:06:5c:16:ac:09:b1:87:88:
a5:84:39:06:71:4f:d0:ce:2e:a3:71:ba:91:6b:f2:
b7:5e:52:d4:0a:76:dd:6f:68:59:85:5d:4b:3d:6c:
e4:d7:f8:13:ea:55:37:86:54:6a:20:5b:46:44:ae:
ac:63:32:af:a3:44:35:77:d8:7b:e5:68:7a:16:7a:
73:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:6D:D9:1F:93:63:49:48:42:D1:1F:60:D5:37:F6:76:A9:07:1D:FE
X509v3 Authority Key Identifier:
keyid:5B:F8:14:35:ED:13:78:98:95:F3:75:DC:34:D0:4C:E9:1A:CA:47:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W_gUNe0TeJiV83XcNNBM6RrKR0Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/3d4bc5-c363-415f-b3da-48e4cc6b33a3/1/Dm3ZH5NjSUhC0R9g1Tf2dqkHHf4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/3d4bc5-c363-415f-b3da-48e4cc6b33a3/1/W_gUNe0TeJiV83XcNNBM6RrKR0Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.233.224.0/24
158.233.243.0-158.233.250.255
IPv6:
2001:67c:2af0::/48
Signature Algorithm: sha256WithRSAEncryption
25:c8:9d:af:c8:6d:fb:98:aa:bd:19:49:9e:73:40:2e:13:1c:
d7:80:28:10:bc:5f:c6:b5:95:8f:1e:bd:06:40:fc:0f:14:a7:
7f:aa:25:8e:ad:b5:e7:f7:d9:3c:d1:fc:af:ca:26:a9:42:f3:
63:f8:95:6e:8b:a8:14:28:6c:6e:e2:7a:5f:24:40:f3:c7:fc:
98:ad:2f:eb:ae:37:89:e1:e5:bc:b7:da:d3:cd:5c:2a:57:a6:
d0:66:fc:95:9d:c1:94:d1:43:0a:51:c2:8a:32:ed:d1:7a:85:
63:55:b1:9e:79:6b:66:b2:8d:b5:db:04:f3:91:f6:ea:7c:a8:
c1:8c:24:7d:96:fd:5a:a1:b4:72:49:32:f8:ca:49:22:57:68:
59:d5:e8:ce:8e:36:5e:9f:55:56:24:d5:40:51:1a:aa:ab:cd:
de:36:56:7a:5f:9b:70:57:d8:f9:4d:cf:85:31:bd:4c:fe:63:
45:79:d8:c7:b3:e6:18:29:dc:3d:2b:36:c1:6f:0f:32:5c:73:
f4:f6:c7:8e:ef:40:4b:f0:f0:a3:d7:ac:9b:c5:9f:53:39:0b:
1b:77:e4:61:61:9b:26:45:d8:fd:e6:da:6e:56:ec:a8:96:9b:
e2:e3:2d:7a:33:95:2c:f4:3d:06:5f:39:d4:38:83:29:25:21:
4c:02:9e:52
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgIEAI93LjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
YmY4MTQzNWVkMTM3ODk4OTVmMzc1ZGMzNGQwNGNlOTFhY2E0NzQ0MB4XDTIyMDEw
MTAxNTUxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGU2ZGQ5MWY5MzYz
NDk0ODQyZDExZjYwZDUzN2Y2NzZhOTA3MWRmZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK3e4wXo2dGG7h7NYdPG/cgFSIZrjtzhUNail4MsbZHZ1sPm
k61D+xjuLYW7w6AZWco4crEduh1Vh8iSTT//FMhpmqIpR7h7JL849KCeRXZm0q8K
7G4brCFPx2olH6sts3NNbFvtlnF3XjYkXf8sbhSUXL7iIEKEpiz2btD4uXiDeijM
KaBXbQXmlnXdPk5o18uZwsAr8rUCke3e8vpqDSzovYqcbJluNM9T/k+hl/f1GS7T
GYdjBsfq3gZcFqwJsYeIpYQ5BnFP0M4uo3G6kWvyt15S1Ap23W9oWYVdSz1s5Nf4
E+pVN4ZUaiBbRkSurGMyr6NENXfYe+VoehZ6cwcCAwEAAaOCAigwggIkMB0GA1Ud
DgQWBBQObdkfk2NJSELRH2DVN/Z2qQcd/jAfBgNVHSMEGDAWgBRb+BQ17RN4mJXz
ddw00EzpGspHRDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1dfZ1VOZTBUZUppVjgzWGNOTkJNNlJyS1IwUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWMvM2Q0YmM1LWMzNjMtNDE1Zi1iM2RhLTQ4ZTRjYzZiMzNhMy8x
L0RtM1pINU5qU1VoQzBSOWcxVGYyZHFrSEhmNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWMv
M2Q0YmM1LWMzNjMtNDE1Zi1iM2RhLTQ4ZTRjYzZiMzNhMy8xL1dfZ1VOZTBUZUpp
VjgzWGNOTkJNNlJyS1IwUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA+
BggrBgEFBQcBBwEB/wQvMC0wGgQCAAEwFAMEAJ7p4DAMAwQAnunzAwQAnun6MA8E
AgACMAkDBwAgAQZ8KvAwDQYJKoZIhvcNAQELBQADggEBACXIna/IbfuYqr0ZSZ5z
QC4THNeAKBC8X8a1lY8evQZA/A8Up3+qJY6ttef32TzR/K/KJqlC82P4lW6LqBQo
bG7iel8kQPPH/JitL+uuN4nh5by32tPNXCpXptBm/JWdwZTRQwpRwooy7dF6hWNV
sZ55a2ayjbXbBPOR9up8qMGMJH2W/VqhtHJJMvjKSSJXaFnV6M6ONl6fVVYk1UBR
Gqqrzd42Vnpfm3BX2PlNz4UxvUz+Y0V52Mez5hgp3D0rNsFvDzJcc/T2x47vQEvw
8KPXrJvFn1M5Cxt35GFhmyZF2P3m2m5W7KiWm+LjLXozlSz0PQZfOdQ4gyklIUwC
nlI=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:59 2023 by rpki-client on console.sobornost.net