Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/8b3822-6eaa-43a2-9a32-be308c12f7bc/1/zgHvT0TI0dKOVji3o7RWFysRfQw.roa
File: zgHvT0TI0dKOVji3o7RWFysRfQw.roa (raw, json)
Hash identifier: J7M7kX7rg0oJv+wdnB0w58v33tVHPvfZTUeZyaGh0PQ=
Subject key identifier: CE:01:EF:4F:44:C8:D1:D2:8E:56:38:B7:A3:B4:56:17:2B:11:7D:0C
Certificate issuer: /CN=36451a2ea40af1715e6313169468996aca71bb8a
Certificate serial: 01834689236D66672CCBD2138C694E30DEC6
Authority key identifier: 36:45:1A:2E:A4:0A:F1:71:5E:63:13:16:94:68:99:6A:CA:71:BB:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NkUaLqQK8XFeYxMWlGiZaspxu4o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/8b3822-6eaa-43a2-9a32-be308c12f7bc/1/zgHvT0TI0dKOVji3o7RWFysRfQw.roa
Signing time: Fri 16 Sep 2022 13:42:16 +0000
ROA not before: Fri 16 Sep 2022 13:42:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31383
IP address blocks: 83.137.16.0/21 maxlen: 21
78.41.72.0/21 maxlen: 21
2001:4038::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:46:89:23:6d:66:67:2c:cb:d2:13:8c:69:4e:30:de:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36451a2ea40af1715e6313169468996aca71bb8a
Validity
Not Before: Sep 16 13:42:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ce01ef4f44c8d1d28e5638b7a3b456172b117d0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:a6:df:fa:81:5b:01:e2:23:7e:2c:d2:8c:e6:
69:fe:b7:ed:e6:54:c8:c4:e0:fa:cb:63:ef:31:3a:
5a:7d:de:98:f1:f5:d2:99:11:aa:d1:d8:8b:45:40:
2c:6a:9f:e2:c9:6e:57:7e:77:cd:76:a4:e0:50:41:
82:6b:39:81:fa:ae:86:bb:e7:0e:1d:ad:c0:16:fc:
57:28:da:cc:0c:c5:d0:53:c1:0d:12:6a:54:7a:98:
34:71:59:42:07:86:43:98:59:5b:50:70:a3:ff:be:
6f:9f:2e:81:1f:fa:94:27:ac:e4:ac:7f:76:7f:50:
dd:f7:b1:ff:7e:12:b2:c4:ad:45:5c:fc:48:71:53:
af:68:c3:32:8b:0e:32:2e:b3:d9:4a:a5:00:1f:9b:
f2:e0:02:67:c2:ef:20:93:16:fd:31:58:3c:64:e0:
8d:93:ca:67:29:c8:c9:15:68:7e:e1:9d:10:4b:68:
50:99:fb:c6:90:a3:b0:d1:f1:cf:33:52:80:8c:04:
28:22:74:7c:77:53:6e:b2:73:d9:e4:eb:8c:62:32:
f2:33:a9:a9:82:1d:d6:6a:05:23:c3:63:8c:3d:8d:
82:aa:12:cb:7d:a7:1b:80:18:8f:80:d1:5f:13:70:
7e:09:a7:cd:0c:54:0c:20:a3:72:4e:6f:f7:1f:30:
7a:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:01:EF:4F:44:C8:D1:D2:8E:56:38:B7:A3:B4:56:17:2B:11:7D:0C
X509v3 Authority Key Identifier:
keyid:36:45:1A:2E:A4:0A:F1:71:5E:63:13:16:94:68:99:6A:CA:71:BB:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NkUaLqQK8XFeYxMWlGiZaspxu4o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/8b3822-6eaa-43a2-9a32-be308c12f7bc/1/zgHvT0TI0dKOVji3o7RWFysRfQw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/8b3822-6eaa-43a2-9a32-be308c12f7bc/1/NkUaLqQK8XFeYxMWlGiZaspxu4o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.41.72.0/21
83.137.16.0/21
IPv6:
2001:4038::/32
Signature Algorithm: sha256WithRSAEncryption
40:41:c0:a5:ad:5d:88:39:f6:e3:68:71:1c:c0:d5:e5:67:97:
87:0a:6d:b0:4b:1c:9e:b5:91:09:69:25:a2:08:9d:aa:73:4a:
2b:8f:5a:ee:b0:f5:61:7e:66:4c:38:cd:4b:ee:ee:48:58:00:
5e:0c:86:e5:8c:54:53:43:81:18:b6:99:08:4b:74:20:5f:a2:
fc:c4:c4:8c:5a:cc:bc:d0:27:4c:59:16:69:5f:80:68:93:fc:
60:b0:f7:ea:7c:c6:1e:7a:c2:b0:51:89:7a:f4:51:b1:22:e2:
94:74:bf:95:91:db:81:86:90:2a:a8:d0:56:95:50:b8:04:a6:
8f:84:ce:4e:0b:0b:b4:92:89:91:73:61:63:2e:0a:98:f5:0e:
0b:64:83:01:f0:07:eb:3d:ab:aa:3b:6b:51:e1:e3:c0:55:a4:
24:46:80:4a:e4:aa:b9:42:1a:c4:cd:4e:b5:c8:b2:15:4b:a6:
5a:16:d3:20:64:b1:08:62:17:2f:e4:39:d0:2c:3f:06:93:87:
27:66:dd:05:1d:e7:7e:54:82:dd:26:02:cc:a0:50:04:e7:af:
b4:1c:f4:8f:17:f1:15:ea:da:f6:9e:2f:35:c4:ff:8c:43:c6:
d5:bf:42:24:b7:3a:4b:6d:5a:22:e6:9b:0b:e6:52:f0:91:f4:
a4:1d:b0:c5
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYNGiSNtZmcsy9ITjGlOMN7GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2NDUxYTJlYTQwYWYxNzE1ZTYzMTMxNjk0Njg5OTZhY2E3
MWJiOGEwHhcNMjIwOTE2MTM0MjE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTAxZWY0ZjQ0YzhkMWQyOGU1NjM4YjdhM2I0NTYxNzJiMTE3ZDBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsqbf+oFbAeIjfizSjOZp/rft5lTI
xOD6y2PvMTpafd6Y8fXSmRGq0diLRUAsap/iyW5XfnfNdqTgUEGCazmB+q6Gu+cO
Ha3AFvxXKNrMDMXQU8ENEmpUepg0cVlCB4ZDmFlbUHCj/75vny6BH/qUJ6zkrH92
f1Dd97H/fhKyxK1FXPxIcVOvaMMyiw4yLrPZSqUAH5vy4AJnwu8gkxb9MVg8ZOCN
k8pnKcjJFWh+4Z0QS2hQmfvGkKOw0fHPM1KAjAQoInR8d1NusnPZ5OuMYjLyM6mp
gh3WagUjw2OMPY2CqhLLfacbgBiPgNFfE3B+CafNDFQMIKNyTm/3HzB6AwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFM4B709EyNHSjlY4t6O0VhcrEX0MMB8GA1UdIwQY
MBaAFDZFGi6kCvFxXmMTFpRomWrKcbuKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmtVYUxxUUs4WEZlWXhNV2xHaVphc3B4dTRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS84YjM4MjItNmVhYS00M2EyLTlhMzIt
YmUzMDhjMTJmN2JjLzEvemdIdlQwVEkwZEtPVmppM283UldGeXNSZlF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS84YjM4MjItNmVhYS00M2EyLTlhMzItYmUzMDhjMTJmN2Jj
LzEvTmtVYUxxUUs4WEZlWXhNV2xHaVphc3B4dTRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDTilIAwQD
U4kQMA0EAgACMAcDBQAgAUA4MA0GCSqGSIb3DQEBCwUAA4IBAQBAQcClrV2IOfbj
aHEcwNXlZ5eHCm2wSxyetZEJaSWiCJ2qc0orj1rusPVhfmZMOM1L7u5IWABeDIbl
jFRTQ4EYtpkIS3QgX6L8xMSMWsy80CdMWRZpX4Bok/xgsPfqfMYeesKwUYl69FGx
IuKUdL+VkduBhpAqqNBWlVC4BKaPhM5OCwu0komRc2FjLgqY9Q4LZIMB8AfrPauq
O2tR4ePAVaQkRoBK5Kq5QhrEzU61yLIVS6ZaFtMgZLEIYhcv5DnQLD8Gk4cnZt0F
Hed+VILdJgLMoFAE56+0HPSPF/EV6tr2ni81xP+MQ8bVv0IktzpLbVoi5psL5lLw
kfSkHbDF
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:52 2023 by rpki-client on console.sobornost.net