Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/h_pCN6ID9ys228B1qLDUzWOXaC4.roa
File: h_pCN6ID9ys228B1qLDUzWOXaC4.roa (raw, json)
Hash identifier: Qp//Bk26C0VXbgVAhlsWGVPmZwavgijKlC8ghevBBKI=
Subject key identifier: 87:FA:42:37:A2:03:F7:2B:36:DB:C0:75:A8:B0:D4:CD:63:97:68:2E
Certificate issuer: /CN=21021b252222997bfe33b7e4b315ac8d5e067954
Certificate serial: 04D0DEFF
Authority key identifier: 21:02:1B:25:22:22:99:7B:FE:33:B7:E4:B3:15:AC:8D:5E:06:79:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/h_pCN6ID9ys228B1qLDUzWOXaC4.roa
Signing time: Fri 29 Apr 2022 10:41:35 +0000
ROA not before: Fri 29 Apr 2022 10:41:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203061
IP address blocks: 193.84.183.0/24 maxlen: 24
185.145.216.0/22 maxlen: 22
2a0d:3900::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 80797439 (0x4d0deff)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21021b252222997bfe33b7e4b315ac8d5e067954
Validity
Not Before: Apr 29 10:41:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=87fa4237a203f72b36dbc075a8b0d4cd6397682e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:1d:de:84:2a:7f:62:d1:b9:ae:a0:8d:d3:3d:
4f:f5:11:86:9c:09:fa:7a:aa:e7:60:aa:e1:13:dc:
99:92:49:2d:72:e0:7d:72:c7:3a:d4:b5:6f:ff:cb:
a5:07:22:74:e1:43:37:37:1b:96:1d:24:30:ba:19:
2d:eb:c0:40:74:2c:94:78:6b:b9:e6:2c:8b:60:d2:
9b:b6:bf:e7:ae:09:c4:25:3b:ee:28:08:63:f1:6b:
3c:21:10:a1:25:97:72:74:eb:4b:03:8d:fa:8e:03:
51:0c:37:cd:51:46:90:fb:e3:cd:2e:c3:bb:ab:b7:
ad:4b:f9:89:c3:22:3d:c9:dd:3f:d4:fc:a1:8a:93:
45:14:7c:68:b3:f9:65:2f:7b:5c:bf:99:e1:27:ee:
92:9b:4c:d7:af:f3:0e:96:a3:3c:9a:c2:5b:b5:d8:
03:b6:00:c1:bb:7c:3b:df:2d:c9:22:87:6c:e6:0a:
1d:f7:b4:2a:7d:14:11:00:09:b5:fb:8f:8f:0b:be:
ca:4f:1c:87:7e:2c:20:ed:94:02:cf:82:8b:60:d0:
7f:cc:44:12:08:c8:ec:e0:62:b3:3b:2f:34:af:3e:
1f:39:ac:cc:b4:dd:9f:22:75:fb:c4:8b:e1:81:c0:
b7:47:92:19:6b:15:ac:0a:09:66:da:f7:dd:04:77:
a6:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:FA:42:37:A2:03:F7:2B:36:DB:C0:75:A8:B0:D4:CD:63:97:68:2E
X509v3 Authority Key Identifier:
keyid:21:02:1B:25:22:22:99:7B:FE:33:B7:E4:B3:15:AC:8D:5E:06:79:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/h_pCN6ID9ys228B1qLDUzWOXaC4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.145.216.0/22
193.84.183.0/24
IPv6:
2a0d:3900::/29
Signature Algorithm: sha256WithRSAEncryption
48:4f:cc:e5:d1:2a:b4:bc:cb:23:ff:4e:74:e5:4e:aa:3f:68:
ec:f1:29:bf:02:7b:61:e0:42:8e:6a:58:90:07:9e:2d:1c:05:
8a:68:89:09:7b:95:57:f7:cd:c3:d2:97:4b:30:25:93:0b:bf:
67:41:70:a3:d1:fb:99:8c:cf:e3:96:dc:4d:82:87:66:bc:0c:
7f:50:ac:bd:4a:b2:8b:43:c0:0b:2c:9e:7d:49:db:7e:d2:bd:
69:36:3b:59:35:97:54:aa:f6:5e:c3:87:2f:31:91:4b:d0:e7:
1d:4a:08:7b:60:52:7b:14:49:0f:b1:57:7c:ee:cd:9b:b9:f6:
cb:5f:90:05:38:6b:8e:c4:8e:ce:e7:da:03:d1:7a:45:67:5b:
ef:4a:95:96:b8:30:47:f0:8e:fe:8c:4e:4c:df:cd:be:30:97:
99:91:cf:a4:a8:68:88:ff:83:5e:f2:aa:3b:5e:5f:cc:ef:bd:
17:e5:20:87:c9:10:66:4c:5d:26:52:df:eb:d3:b2:c1:87:3c:
90:c4:f2:f7:f7:aa:9f:37:a2:59:48:5b:09:e7:bb:db:e0:4e:
e9:3a:9b:b7:40:a2:39:da:97:7f:8c:c7:37:7b:f5:d9:3a:fe:
16:49:31:61:39:d5:5d:54:0a:53:ee:72:93:db:40:76:f9:67:
3e:4a:de:46
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEBNDe/zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MTAyMWIyNTIyMjI5OTdiZmUzM2I3ZTRiMzE1YWM4ZDVlMDY3OTU0MB4XDTIyMDQy
OTEwNDEzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODdmYTQyMzdhMjAz
ZjcyYjM2ZGJjMDc1YThiMGQ0Y2Q2Mzk3NjgyZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM8d3oQqf2LRua6gjdM9T/URhpwJ+nqq52Cq4RPcmZJJLXLg
fXLHOtS1b//LpQcidOFDNzcblh0kMLoZLevAQHQslHhrueYsi2DSm7a/564JxCU7
7igIY/FrPCEQoSWXcnTrSwON+o4DUQw3zVFGkPvjzS7Du6u3rUv5icMiPcndP9T8
oYqTRRR8aLP5ZS97XL+Z4SfukptM16/zDpajPJrCW7XYA7YAwbt8O98tySKHbOYK
Hfe0Kn0UEQAJtfuPjwu+yk8ch34sIO2UAs+Ci2DQf8xEEgjI7OBiszsvNK8+Hzms
zLTdnyJ1+8SL4YHAt0eSGWsVrAoJZtr33QR3plsCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBSH+kI3ogP3KzbbwHWosNTNY5doLjAfBgNVHSMEGDAWgBQhAhslIiKZe/4z
t+SzFayNXgZ5VDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lRSWJKU0lpbVh2LU03ZmtzeFdzalY0R2VWUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWQvNTkyOTRjLTBmMjQtNDBjNS1iNWMzLTZlYWM2MmU2MGRmNy8x
L2hfcENONklEOXlzMjI4QjFxTERVeldPWGFDNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWQv
NTkyOTRjLTBmMjQtNDBjNS1iNWMzLTZlYWM2MmU2MGRmNy8xL0lRSWJKU0lpbVh2
LU03ZmtzeFdzalY0R2VWUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEArmR2AMEAMFUtzANBAIAAjAHAwUD
Kg05ADANBgkqhkiG9w0BAQsFAAOCAQEASE/M5dEqtLzLI/9OdOVOqj9o7PEpvwJ7
YeBCjmpYkAeeLRwFimiJCXuVV/fNw9KXSzAlkwu/Z0Fwo9H7mYzP45bcTYKHZrwM
f1CsvUqyi0PACyyefUnbftK9aTY7WTWXVKr2XsOHLzGRS9DnHUoIe2BSexRJD7FX
fO7Nm7n2y1+QBThrjsSOzufaA9F6RWdb70qVlrgwR/CO/oxOTN/NvjCXmZHPpKho
iP+DXvKqO15fzO+9F+Ugh8kQZkxdJlLf69OywYc8kMTy9/eqnzeiWUhbCee72+BO
6Tqbt0CiOdqXf4zHN3v12Tr+FkkxYTnVXVQKU+5yk9tAdvlnPkreRg==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:03 2023 by rpki-client on console.sobornost.net