Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/beac09-c49f-4c70-9818-431c39bb7b38/1/K3A2s2NlgHZftxwxbcH_6ak3jNA.roa
File: K3A2s2NlgHZftxwxbcH_6ak3jNA.roa (raw, json)
Hash identifier: mxFjD4W/RLcany6jGg8pbQe0tMa3CdsKWTQ9Qhtt+ZE=
Subject key identifier: 2B:70:36:B3:63:65:80:76:5F:B7:1C:31:6D:C1:FF:E9:A9:37:8C:D0
Certificate issuer: /CN=528d5814c7156420dec3a3f7e526ef0f8333eef6
Certificate serial: 04E0A1D6
Authority key identifier: 52:8D:58:14:C7:15:64:20:DE:C3:A3:F7:E5:26:EF:0F:83:33:EE:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Uo1YFMcVZCDew6P35SbvD4Mz7vY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/beac09-c49f-4c70-9818-431c39bb7b38/1/K3A2s2NlgHZftxwxbcH_6ak3jNA.roa
Signing time: Sat 01 Jan 2022 09:56:15 +0000
ROA not before: Sat 01 Jan 2022 09:56:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39602
IP address blocks: 195.210.38.0/24 maxlen: 24
195.210.39.0/24 maxlen: 24
109.71.76.0/24 maxlen: 24
2a0c:3340:1::/48 maxlen: 48
2001:678:900::/48 maxlen: 48
2a0c:3340::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 81830358 (0x4e0a1d6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=528d5814c7156420dec3a3f7e526ef0f8333eef6
Validity
Not Before: Jan 1 09:56:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2b7036b3636580765fb71c316dc1ffe9a9378cd0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:db:27:30:35:f1:8d:b5:a2:83:92:37:c5:aa:
08:d4:c8:e6:3b:52:23:f4:d9:42:fb:4c:c0:e4:93:
c5:89:b1:1f:9d:bf:56:74:6b:12:51:ba:9a:af:d4:
23:d4:ac:53:df:cc:d5:bb:9f:2f:a6:6e:24:e4:99:
d3:cb:89:a1:56:22:a8:a7:bf:a5:bb:a1:37:0a:c3:
fa:c5:8d:40:c6:57:9d:94:cb:b8:3b:84:58:96:7b:
a9:a0:04:89:54:51:fe:b7:36:d3:02:82:2d:8c:56:
97:73:2f:b3:c1:3d:17:70:08:9f:cc:c7:89:5f:cc:
37:01:9b:6e:d2:14:1f:e6:42:e1:70:47:4c:47:20:
7d:a8:eb:41:39:f5:b5:03:2a:8d:e4:b3:0d:4a:a9:
ac:a4:8f:8e:30:70:16:b0:9c:22:3a:eb:21:2c:c5:
5c:e6:5b:59:14:89:d2:85:0a:e0:56:ed:1f:e3:3e:
aa:62:8e:b2:16:0b:e7:d1:e5:8d:0a:79:88:05:21:
ac:15:54:4d:e1:db:fc:97:84:96:03:3f:55:3b:4c:
36:fa:f9:73:c7:be:20:80:cc:4c:04:43:6f:dd:0c:
52:ee:ef:a6:ac:da:5e:99:7c:27:ab:53:9d:c4:ef:
e4:1c:1c:18:58:9d:00:ed:37:7a:98:b1:17:de:75:
a3:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:70:36:B3:63:65:80:76:5F:B7:1C:31:6D:C1:FF:E9:A9:37:8C:D0
X509v3 Authority Key Identifier:
keyid:52:8D:58:14:C7:15:64:20:DE:C3:A3:F7:E5:26:EF:0F:83:33:EE:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Uo1YFMcVZCDew6P35SbvD4Mz7vY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/beac09-c49f-4c70-9818-431c39bb7b38/1/K3A2s2NlgHZftxwxbcH_6ak3jNA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/beac09-c49f-4c70-9818-431c39bb7b38/1/Uo1YFMcVZCDew6P35SbvD4Mz7vY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.71.76.0/24
195.210.38.0/23
IPv6:
2001:678:900::/48
2a0c:3340::/29
Signature Algorithm: sha256WithRSAEncryption
9a:84:a8:3e:af:4f:fe:63:9d:2a:4e:aa:20:c9:f1:bf:18:97:
ae:5a:da:a0:95:67:3f:47:6a:70:41:c9:f0:35:7d:44:a2:49:
3e:8c:2b:99:7d:5b:f9:74:64:54:a7:67:3a:30:4b:ae:7f:0c:
2e:a0:bf:97:96:45:67:cc:f4:b0:a4:55:7a:30:4a:e6:02:b7:
65:e6:62:22:96:0a:e0:49:f0:ab:1e:b9:9a:fa:7f:32:61:0e:
26:4e:18:5d:4d:81:86:e6:9c:a7:4b:15:c2:c3:6d:14:3c:5d:
b1:ed:83:5a:d6:d7:da:44:09:5e:cc:ff:2c:27:26:d6:9a:1b:
60:43:87:06:83:77:14:8c:90:12:55:62:c9:2c:c9:71:ee:f1:
fa:ed:6e:53:33:c4:19:90:5a:8d:b1:b9:15:36:1c:9a:f7:d8:
17:81:a4:78:01:f7:d6:de:e5:9a:6d:f3:f0:33:9c:af:96:35:
94:e6:be:4d:89:52:15:0e:d9:55:1b:f4:30:fa:1d:6e:f1:ee:
5b:eb:0c:ce:ec:06:99:6b:0e:cf:2c:1a:20:99:85:71:e4:f2:
91:24:19:71:19:0f:43:14:29:d3:0b:4b:99:eb:73:f5:cf:38:
3f:41:07:bb:e0:59:c4:83:57:ff:8b:4e:3b:73:9b:0d:ec:3c:
ec:1c:fe:69
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIEBOCh1jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
MjhkNTgxNGM3MTU2NDIwZGVjM2EzZjdlNTI2ZWYwZjgzMzNlZWY2MB4XDTIyMDEw
MTA5NTYxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmI3MDM2YjM2MzY1
ODA3NjVmYjcxYzMxNmRjMWZmZTlhOTM3OGNkMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKrbJzA18Y21ooOSN8WqCNTI5jtSI/TZQvtMwOSTxYmxH52/
VnRrElG6mq/UI9SsU9/M1bufL6ZuJOSZ08uJoVYiqKe/pbuhNwrD+sWNQMZXnZTL
uDuEWJZ7qaAEiVRR/rc20wKCLYxWl3Mvs8E9F3AIn8zHiV/MNwGbbtIUH+ZC4XBH
TEcgfajrQTn1tQMqjeSzDUqprKSPjjBwFrCcIjrrISzFXOZbWRSJ0oUK4FbtH+M+
qmKOshYL59HljQp5iAUhrBVUTeHb/JeElgM/VTtMNvr5c8e+IIDMTARDb90MUu7v
pqzaXpl8J6tTncTv5BwcGFidAO03epixF951owUCAwEAAaOCAicwggIjMB0GA1Ud
DgQWBBQrcDazY2WAdl+3HDFtwf/pqTeM0DAfBgNVHSMEGDAWgBRSjVgUxxVkIN7D
o/flJu8PgzPu9jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1VvMVlGTWNWWkNEZXc2UDM1U2J2RDRNejd2WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjcvYmVhYzA5LWM0OWYtNGM3MC05ODE4LTQzMWMzOWJiN2IzOC8x
L0szQTJzMk5sZ0haZnR4d3hiY0hfNmFrM2pOQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjcv
YmVhYzA5LWM0OWYtNGM3MC05ODE4LTQzMWMzOWJiN2IzOC8xL1VvMVlGTWNWWkNE
ZXc2UDM1U2J2RDRNejd2WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA9
BggrBgEFBQcBBwEB/wQuMCwwEgQCAAEwDAMEAG1HTAMEAcPSJjAWBAIAAjAQAwcA
IAEGeAkAAwUDKgwzQDANBgkqhkiG9w0BAQsFAAOCAQEAmoSoPq9P/mOdKk6qIMnx
vxiXrlraoJVnP0dqcEHJ8DV9RKJJPowrmX1b+XRkVKdnOjBLrn8MLqC/l5ZFZ8z0
sKRVejBK5gK3ZeZiIpYK4Enwqx65mvp/MmEOJk4YXU2Bhuacp0sVwsNtFDxdse2D
WtbX2kQJXsz/LCcm1pobYEOHBoN3FIyQElViySzJce7x+u1uUzPEGZBajbG5FTYc
mvfYF4GkeAH31t7lmm3z8DOcr5Y1lOa+TYlSFQ7ZVRv0MPodbvHuW+sMzuwGmWsO
zywaIJmFceTykSQZcRkPQxQp0wtLmetz9c84P0EHu+BZxINX/4tOO3ObDew87Bz+
aQ==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:20 2023 by rpki-client on console.sobornost.net