Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/DyEG9txYg5t7WkjaLaDdXzptp3w.roa
File: DyEG9txYg5t7WkjaLaDdXzptp3w.roa (raw, json)
Hash identifier: ogeTpCBvG4JsdgNZFOMkuAYkcLUOYdmVaCsbsGA11BI=
Subject key identifier: 0F:21:06:F6:DC:58:83:9B:7B:5A:48:DA:2D:A0:DD:5F:3A:6D:A7:7C
Certificate issuer: /CN=21bad74e7f6c0949a2736a57478496d7d8b450e6
Certificate serial: 01856DCE680AEDEF53BA05AF3012FB632F64
Authority key identifier: 21:BA:D7:4E:7F:6C:09:49:A2:73:6A:57:47:84:96:D7:D8:B4:50:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/DyEG9txYg5t7WkjaLaDdXzptp3w.roa
Signing time: Sun 01 Jan 2023 14:48:41 +0000
ROA not before: Sun 01 Jan 2023 14:48:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198949
IP address blocks: 147.234.89.0/24 maxlen: 24
147.234.88.0/24 maxlen: 24
62.90.135.0/24 maxlen: 24
147.234.75.0/24 maxlen: 24
147.234.74.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:ce:68:0a:ed:ef:53:ba:05:af:30:12:fb:63:2f:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21bad74e7f6c0949a2736a57478496d7d8b450e6
Validity
Not Before: Jan 1 14:48:41 2023 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0f2106f6dc58839b7b5a48da2da0dd5f3a6da77c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:32:98:c1:42:4a:52:56:a2:ce:71:64:d2:c3:
4b:af:ef:fc:47:69:7b:82:b8:f5:89:a5:7c:ef:03:
77:f3:2a:7c:81:e5:a1:6b:e4:7b:1a:b4:35:5b:2f:
b5:50:69:ed:59:31:36:c5:9f:40:7a:3a:74:21:11:
87:bf:9b:76:eb:1a:ee:b6:22:40:de:1a:38:ee:59:
d3:da:8d:df:47:3c:3c:d8:3f:c7:29:ab:29:a5:e8:
e5:10:4c:bc:d7:47:b9:7f:db:b5:d3:c4:71:37:9c:
c1:f9:6a:29:aa:03:31:d5:a4:c3:b1:8b:b8:c9:8d:
5e:18:78:39:d0:4a:4c:b9:01:c3:b4:ef:d1:a7:07:
90:f0:da:a4:ea:33:a5:6c:17:9e:d6:ad:1a:39:7d:
f3:42:82:21:e1:00:77:f5:61:c3:fc:0b:ea:06:90:
40:39:af:93:3d:98:bb:d8:1c:58:28:19:a2:15:7e:
2f:b2:55:62:54:cd:27:de:2e:73:c0:76:9d:4c:4f:
d6:95:88:08:dd:e5:0d:56:3c:88:92:3d:29:e6:ee:
6c:9f:2f:7b:84:f8:12:1c:3c:ac:b7:43:79:9b:e9:
38:0b:2f:25:1d:ce:31:ea:60:44:29:49:1f:93:db:
e7:3c:2c:4a:b3:dd:67:c0:db:9c:4c:a0:69:bc:c5:
ff:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:21:06:F6:DC:58:83:9B:7B:5A:48:DA:2D:A0:DD:5F:3A:6D:A7:7C
X509v3 Authority Key Identifier:
keyid:21:BA:D7:4E:7F:6C:09:49:A2:73:6A:57:47:84:96:D7:D8:B4:50:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/DyEG9txYg5t7WkjaLaDdXzptp3w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/IbrXTn9sCUmic2pXR4SW19i0UOY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.90.135.0/24
147.234.74.0/23
147.234.88.0/23
Signature Algorithm: sha256WithRSAEncryption
6b:84:94:b0:4b:8f:a4:23:a8:da:60:a8:94:47:6c:84:77:98:
c7:b8:ce:67:db:ad:fd:5e:da:97:ca:5e:5e:42:13:ee:a4:2f:
ee:df:c9:d5:a3:21:36:a2:01:3e:db:99:52:04:86:f8:bf:3e:
f8:66:34:e4:39:21:c8:a4:95:72:9f:35:3f:05:ab:7d:9c:d0:
c8:09:cb:75:4b:aa:b2:50:8f:41:f7:94:87:24:45:e0:1b:ab:
17:d3:93:73:7f:04:6b:e2:38:71:9f:35:a8:0b:67:8d:c1:ba:
52:89:10:c5:04:47:ef:44:88:e8:2c:e2:e6:3c:85:7a:7f:c3:
41:35:29:02:75:b4:b4:36:ab:15:09:4d:41:89:7f:65:d3:80:
ed:f9:d4:e6:8c:a6:a1:1a:cc:03:9c:2a:60:79:c7:bd:72:79:
0a:a6:62:27:fd:0e:2b:40:52:7d:ae:3c:82:26:1c:96:53:c4:
ca:ae:bf:f3:ee:13:69:29:2c:b9:81:f6:98:5b:15:b8:99:9e:
ef:cb:14:52:6b:44:1f:5d:65:4e:42:51:64:e2:28:b6:0d:43:
66:c3:a4:2d:63:c2:10:ab:f2:ad:cd:45:98:0b:96:c2:45:51:
13:ee:20:5c:b3:3a:e5:01:dd:de:e7:44:df:0d:a0:91:ea:f3:
6e:4f:cd:a9
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVtzmgK7e9TugWvMBL7Yy9kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxYmFkNzRlN2Y2YzA5NDlhMjczNmE1NzQ3ODQ5NmQ3ZDhi
NDUwZTYwHhcNMjMwMTAxMTQ0ODQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjIxMDZmNmRjNTg4MzliN2I1YTQ4ZGEyZGEwZGQ1ZjNhNmRhNzdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmzKYwUJKUlaiznFk0sNLr+/8R2l7
grj1iaV87wN38yp8geWha+R7GrQ1Wy+1UGntWTE2xZ9Aejp0IRGHv5t26xrutiJA
3ho47lnT2o3fRzw82D/HKasppejlEEy810e5f9u108RxN5zB+WopqgMx1aTDsYu4
yY1eGHg50EpMuQHDtO/RpweQ8Nqk6jOlbBee1q0aOX3zQoIh4QB39WHD/AvqBpBA
Oa+TPZi72BxYKBmiFX4vslViVM0n3i5zwHadTE/WlYgI3eUNVjyIkj0p5u5sny97
hPgSHDyst0N5m+k4Cy8lHc4x6mBEKUkfk9vnPCxKs91nwNucTKBpvMX/2QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFA8hBvbcWIObe1pI2i2g3V86bad8MB8GA1UdIwQY
MBaAFCG6105/bAlJonNqV0eEltfYtFDmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWJyWFRuOXNDVW1pYzJwWFI0U1cxOWkwVU9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC84ZGRjMzgtN2ExYS00OTA2LWE4ZWQt
NDQzMzIyOWE4NDczLzEvRHlFRzl0eFlnNXQ3V2tqYUxhRGRYenB0cDN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC84ZGRjMzgtN2ExYS00OTA2LWE4ZWQtNDQzMzIyOWE4NDcz
LzEvSWJyWFRuOXNDVW1pYzJwWFI0U1cxOWkwVU9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAPlqHAwQB
k+pKAwQBk+pYMA0GCSqGSIb3DQEBCwUAA4IBAQBrhJSwS4+kI6jaYKiUR2yEd5jH
uM5n2639XtqXyl5eQhPupC/u38nVoyE2ogE+25lSBIb4vz74ZjTkOSHIpJVynzU/
Bat9nNDICct1S6qyUI9B95SHJEXgG6sX05NzfwRr4jhxnzWoC2eNwbpSiRDFBEfv
RIjoLOLmPIV6f8NBNSkCdbS0NqsVCU1BiX9l04Dt+dTmjKahGswDnCpgece9cnkK
pmIn/Q4rQFJ9rjyCJhyWU8TKrr/z7hNpKSy5gfaYWxW4mZ7vyxRSa0QfXWVOQlFk
4ii2DUNmw6QtY8IQq/KtzUWYC5bCRVET7iBcszrlAd3e50TfDaCR6vNuT82p
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:31 2023 by rpki-client on console.sobornost.net