Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/edc238-4c0a-46ed-bc24-3b9e3c8a2fca/1/kxtiox8HxI4cFGu_jz9kEHyxGv4.roa
File: kxtiox8HxI4cFGu_jz9kEHyxGv4.roa (raw, json)
Hash identifier: /jIDPm1pZwVkWoN82F/tJ8cSBdpoQzKRciDVjnJpoQI=
Subject key identifier: 93:1B:62:A3:1F:07:C4:8E:1C:14:6B:BF:8F:3F:64:10:7C:B1:1A:FE
Certificate issuer: /CN=dd0b663c45d7bc2724d168485087581e14448fb6
Certificate serial: 307E736E
Authority key identifier: DD:0B:66:3C:45:D7:BC:27:24:D1:68:48:50:87:58:1E:14:44:8F:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3QtmPEXXvCck0WhIUIdYHhREj7Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/edc238-4c0a-46ed-bc24-3b9e3c8a2fca/1/kxtiox8HxI4cFGu_jz9kEHyxGv4.roa
Signing time: Sat 01 Jan 2022 05:56:49 +0000
ROA not before: Sat 01 Jan 2022 05:56:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 24634
IP address blocks: 82.112.160.0/21 maxlen: 24
193.227.160.0/19 maxlen: 24
37.209.248.0/21 maxlen: 24
213.175.160.0/19 maxlen: 24
185.124.212.0/22 maxlen: 24
2a06:b540::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 813593454 (0x307e736e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd0b663c45d7bc2724d168485087581e14448fb6
Validity
Not Before: Jan 1 05:56:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=931b62a31f07c48e1c146bbf8f3f64107cb11afe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:44:16:cf:71:57:99:5d:7a:de:8e:2c:7d:70:
48:fc:84:98:d0:ec:c5:43:a8:64:40:47:5b:4e:1e:
27:4a:c5:c7:e9:37:6e:a3:2c:04:e4:d6:3d:ef:70:
f3:2a:35:e6:41:58:98:01:5b:39:04:a7:4c:16:8a:
70:08:78:b1:a2:1a:48:bf:fe:d9:13:49:e5:9e:45:
c8:d2:9f:20:eb:7e:ef:7e:bd:87:4f:88:c6:d1:3d:
d7:63:38:fa:a2:3a:23:e7:31:ce:1c:41:02:02:db:
de:91:2a:06:5f:86:e0:97:59:6e:f8:3e:9e:3a:7e:
75:2b:83:b1:a7:2b:db:8e:f9:ab:50:ee:85:d2:32:
e1:ee:2f:22:29:0c:7d:cf:7b:7a:18:04:ab:03:63:
76:59:2a:b2:3a:6c:31:fa:99:a7:25:7a:08:db:b1:
87:2b:95:b5:ed:35:4a:ef:19:80:a4:a0:02:49:56:
45:fa:1e:ed:00:0f:1e:76:d4:95:10:31:b0:5a:73:
49:49:39:3c:bf:4a:c5:1d:2b:f3:1d:0b:64:3f:36:
ef:b1:72:e3:9f:a7:20:a8:fa:6e:b6:cf:4f:88:de:
c1:bd:5c:f6:db:96:9f:a3:79:f6:ca:13:b7:b1:75:
4b:e5:57:e6:90:e0:4a:d7:86:36:d4:81:5b:8c:6d:
04:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:1B:62:A3:1F:07:C4:8E:1C:14:6B:BF:8F:3F:64:10:7C:B1:1A:FE
X509v3 Authority Key Identifier:
keyid:DD:0B:66:3C:45:D7:BC:27:24:D1:68:48:50:87:58:1E:14:44:8F:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3QtmPEXXvCck0WhIUIdYHhREj7Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/edc238-4c0a-46ed-bc24-3b9e3c8a2fca/1/kxtiox8HxI4cFGu_jz9kEHyxGv4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/edc238-4c0a-46ed-bc24-3b9e3c8a2fca/1/3QtmPEXXvCck0WhIUIdYHhREj7Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.209.248.0/21
82.112.160.0/21
185.124.212.0/22
193.227.160.0/19
213.175.160.0/19
IPv6:
2a06:b540::/29
Signature Algorithm: sha256WithRSAEncryption
49:cb:28:69:8a:b2:0b:52:b8:cb:2f:61:3b:03:ca:dd:cd:9c:
a5:02:12:45:56:eb:9b:36:02:1a:ed:80:af:63:ac:6d:db:c9:
12:24:bd:7a:cd:46:b5:fe:d5:23:1f:86:1d:a0:12:63:78:d8:
35:cd:fc:86:35:ed:08:ab:1f:62:34:11:77:4c:c7:69:a9:e0:
ab:6c:bc:bb:dc:b7:10:7a:8e:32:33:70:a4:54:9c:bb:07:52:
81:9a:fe:00:53:57:54:d3:c5:ad:98:82:00:e0:a3:c1:21:3f:
36:2a:4d:b3:24:0e:c0:73:b0:27:c0:cc:95:7a:47:76:32:59:
ac:37:05:df:97:8b:6e:b4:b3:91:f5:cf:64:a6:c0:9e:9f:4d:
f3:af:04:f5:d7:93:8d:e7:4c:3c:3f:b3:da:af:97:ba:cd:bf:
52:da:83:4a:30:89:9c:04:60:e4:06:4b:e6:b3:61:86:97:57:
40:f5:ba:55:3d:b4:96:8e:48:29:70:c0:3b:a1:e9:4a:3f:03:
f9:6f:da:21:5b:ae:8c:cb:61:ec:28:26:72:04:35:cc:a0:1d:
ab:0e:5d:f0:99:32:67:30:c8:71:1f:6c:f2:e9:bb:4e:39:39:
d3:02:16:74:9f:e5:22:db:c3:d5:63:42:07:6d:85:90:19:82:
62:84:1a:e8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIEMH5zbjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
ZDBiNjYzYzQ1ZDdiYzI3MjRkMTY4NDg1MDg3NTgxZTE0NDQ4ZmI2MB4XDTIyMDEw
MTA1NTY0OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTMxYjYyYTMxZjA3
YzQ4ZTFjMTQ2YmJmOGYzZjY0MTA3Y2IxMWFmZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJpEFs9xV5ldet6OLH1wSPyEmNDsxUOoZEBHW04eJ0rFx+k3
bqMsBOTWPe9w8yo15kFYmAFbOQSnTBaKcAh4saIaSL/+2RNJ5Z5FyNKfIOt+7369
h0+IxtE912M4+qI6I+cxzhxBAgLb3pEqBl+G4JdZbvg+njp+dSuDsacr2475q1Du
hdIy4e4vIikMfc97ehgEqwNjdlkqsjpsMfqZpyV6CNuxhyuVte01Su8ZgKSgAklW
Rfoe7QAPHnbUlRAxsFpzSUk5PL9KxR0r8x0LZD8277Fy45+nIKj6brbPT4jewb1c
9tuWn6N59soTt7F1S+VX5pDgSteGNtSBW4xtBNkCAwEAAaOCAjAwggIsMB0GA1Ud
DgQWBBSTG2KjHwfEjhwUa7+PP2QQfLEa/jAfBgNVHSMEGDAWgBTdC2Y8Rde8JyTR
aEhQh1geFESPtjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzNRdG1QRVhYdkNjazBXaElVSWRZSGhSRWo3WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjgvZWRjMjM4LTRjMGEtNDZlZC1iYzI0LTNiOWUzYzhhMmZjYS8x
L2t4dGlveDhIeEk0Y0ZHdV9qejlrRUh5eEd2NC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjgv
ZWRjMjM4LTRjMGEtNDZlZC1iYzI0LTNiOWUzYzhhMmZjYS8xLzNRdG1QRVhYdkNj
azBXaElVSWRZSGhSRWo3WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBG
BggrBgEFBQcBBwEB/wQ3MDUwJAQCAAEwHgMEAyXR+AMEA1JwoAMEArl81AMEBcHj
oAMEBdWvoDANBAIAAjAHAwUDKga1QDANBgkqhkiG9w0BAQsFAAOCAQEAScsoaYqy
C1K4yy9hOwPK3c2cpQISRVbrmzYCGu2Ar2OsbdvJEiS9es1Gtf7VIx+GHaASY3jY
Nc38hjXtCKsfYjQRd0zHaangq2y8u9y3EHqOMjNwpFScuwdSgZr+AFNXVNPFrZiC
AOCjwSE/NipNsyQOwHOwJ8DMlXpHdjJZrDcF35eLbrSzkfXPZKbAnp9N868E9deT
jedMPD+z2q+Xus2/UtqDSjCJnARg5AZL5rNhhpdXQPW6VT20lo5IKXDAO6HpSj8D
+W/aIVuujMth7CgmcgQ1zKAdqw5d8JkyZzDIcR9s8um7Tjk50wIWdJ/lItvD1WNC
B22FkBmCYoQa6A==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:24 2023 by rpki-client on console.sobornost.net