Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/2391ed-f285-4286-af2f-d2551cdde4af/1/RTdiz_oLFhxvg3EkdMYruWSXo80.roa
File: RTdiz_oLFhxvg3EkdMYruWSXo80.roa (raw, json)
Hash identifier: nbhnusHQ1xpWs3f747hWoJQbmNY/pnWAGfAh84e0EuU=
Subject key identifier: 45:37:62:CF:FA:0B:16:1C:6F:83:71:24:74:C6:2B:B9:64:97:A3:CD
Certificate issuer: /CN=18e2aed9af3a4be560aa19b92846c5fbe11c9b19
Certificate serial: 0A4595C0
Authority key identifier: 18:E2:AE:D9:AF:3A:4B:E5:60:AA:19:B9:28:46:C5:FB:E1:1C:9B:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GOKu2a86S-Vgqhm5KEbF--Ecmxk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/2391ed-f285-4286-af2f-d2551cdde4af/1/RTdiz_oLFhxvg3EkdMYruWSXo80.roa
Signing time: Tue 14 Jun 2022 07:43:44 +0000
ROA not before: Tue 14 Jun 2022 07:43:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41230
IP address blocks: 78.109.176.0/20 maxlen: 20
31.205.64.0/18 maxlen: 18
213.143.0.0/19 maxlen: 19
31.205.192.0/18 maxlen: 18
31.205.0.0/18 maxlen: 18
31.205.0.0/16 maxlen: 16
81.23.48.0/20 maxlen: 20
31.205.128.0/18 maxlen: 18
185.198.228.0/22 maxlen: 22
2a00:1a10::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 172332480 (0xa4595c0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=18e2aed9af3a4be560aa19b92846c5fbe11c9b19
Validity
Not Before: Jun 14 07:43:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=453762cffa0b161c6f83712474c62bb96497a3cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:79:3b:e3:5f:a4:79:68:13:92:c4:b1:75:1e:
7b:ee:de:0d:2d:87:ab:aa:43:e4:91:fc:65:71:7c:
a1:b1:59:00:52:8b:6d:ea:c1:d0:f6:b2:85:7e:77:
12:cf:86:45:4a:63:bb:d5:64:c9:9b:7b:ef:c7:13:
fa:0a:bd:19:59:3b:c6:b1:9a:63:a7:d6:ec:ae:08:
a8:f7:23:dd:ac:bd:37:82:3b:5c:26:a0:b2:b5:45:
a8:be:2c:94:d0:d5:f0:8a:3d:66:d8:f3:e1:63:32:
ca:48:bc:ea:68:e2:f4:fb:d3:5a:f3:55:99:1a:85:
c6:95:0a:fd:da:b1:73:6a:f2:c5:6b:27:ff:14:1c:
b0:f6:32:d5:f5:53:25:d9:a8:2f:23:71:7b:a5:2b:
99:b7:2a:f4:32:bd:dc:67:0f:9c:09:f5:ea:a6:8a:
8d:a2:00:27:de:46:0e:6c:9f:94:87:49:43:ee:65:
eb:84:67:9e:87:ee:f2:3e:89:b5:94:1a:e5:1c:39:
5f:96:ba:3b:fd:b9:90:af:87:ac:99:16:3b:9b:2e:
1f:10:2d:5e:cb:05:1d:3f:c5:b2:3e:9d:8c:c8:5b:
4a:a5:3d:4e:76:1d:9e:04:8b:81:fb:81:dd:53:56:
db:4c:74:18:20:14:18:0b:63:4a:9d:c7:4f:18:78:
ea:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:37:62:CF:FA:0B:16:1C:6F:83:71:24:74:C6:2B:B9:64:97:A3:CD
X509v3 Authority Key Identifier:
keyid:18:E2:AE:D9:AF:3A:4B:E5:60:AA:19:B9:28:46:C5:FB:E1:1C:9B:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GOKu2a86S-Vgqhm5KEbF--Ecmxk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/2391ed-f285-4286-af2f-d2551cdde4af/1/RTdiz_oLFhxvg3EkdMYruWSXo80.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/2391ed-f285-4286-af2f-d2551cdde4af/1/GOKu2a86S-Vgqhm5KEbF--Ecmxk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.205.0.0/16
78.109.176.0/20
81.23.48.0/20
185.198.228.0/22
213.143.0.0/19
IPv6:
2a00:1a10::/29
Signature Algorithm: sha256WithRSAEncryption
63:52:91:4e:c0:6a:0d:47:57:1f:2c:a2:1a:e1:3b:54:ba:d6:
1a:da:44:e0:5e:37:f6:cb:cb:66:97:df:33:8c:67:19:be:0e:
78:a1:b6:de:3d:e0:9b:f6:51:cb:85:22:bc:ea:21:28:5c:6b:
98:03:cd:2b:0a:7f:d0:3c:8f:64:9c:24:10:43:b3:64:c7:07:
f8:7d:92:ec:2b:9c:1a:1b:f2:4c:f6:cb:d0:f5:69:0c:bc:76:
a6:7e:4a:19:b9:43:26:a2:f5:5f:fa:c7:24:bd:7a:9e:92:65:
22:7c:63:a2:4f:8c:34:12:dc:51:12:ae:cd:6f:22:a9:b2:c2:
ec:9f:a2:06:e1:02:4c:db:be:40:f0:d6:ed:c6:b0:49:18:21:
09:de:0d:4c:93:9d:2d:60:9d:a4:cb:29:5f:be:30:72:55:09:
53:c8:2d:c8:2a:e7:6a:83:dc:dd:81:4f:d7:56:af:9a:cd:72:
17:04:3f:0e:be:a2:0e:86:ef:ef:db:c4:73:2f:90:60:c2:c4:
75:e0:d6:5b:7c:20:60:01:0f:f0:45:77:bb:dc:70:d4:e2:be:
f2:1f:8f:80:56:d2:26:4c:6a:a2:94:7e:f0:75:40:b1:5f:12:
35:ee:64:29:a9:66:9b:eb:e4:38:86:a5:24:41:f9:8e:27:f2:
3f:0d:a6:bf
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgIECkWVwDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
OGUyYWVkOWFmM2E0YmU1NjBhYTE5YjkyODQ2YzVmYmUxMWM5YjE5MB4XDTIyMDYx
NDA3NDM0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDUzNzYyY2ZmYTBi
MTYxYzZmODM3MTI0NzRjNjJiYjk2NDk3YTNjZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMR5O+NfpHloE5LEsXUee+7eDS2Hq6pD5JH8ZXF8obFZAFKL
berB0PayhX53Es+GRUpju9VkyZt778cT+gq9GVk7xrGaY6fW7K4IqPcj3ay9N4I7
XCagsrVFqL4slNDV8Io9Ztjz4WMyyki86mji9PvTWvNVmRqFxpUK/dqxc2ryxWsn
/xQcsPYy1fVTJdmoLyNxe6Urmbcq9DK93GcPnAn16qaKjaIAJ95GDmyflIdJQ+5l
64Rnnofu8j6JtZQa5Rw5X5a6O/25kK+HrJkWO5suHxAtXssFHT/Fsj6djMhbSqU9
TnYdngSLgfuB3VNW20x0GCAUGAtjSp3HTxh46oMCAwEAAaOCAi8wggIrMB0GA1Ud
DgQWBBRFN2LP+gsWHG+DcSR0xiu5ZJejzTAfBgNVHSMEGDAWgBQY4q7ZrzpL5WCq
GbkoRsX74RybGTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0dPS3UyYTg2Uy1WZ3FobTVLRWJGLS1FY214ay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzIvMjM5MWVkLWYyODUtNDI4Ni1hZjJmLWQyNTUxY2RkZTRhZi8x
L1JUZGl6X29MRmh4dmczRWtkTVlydVdTWG84MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzIv
MjM5MWVkLWYyODUtNDI4Ni1hZjJmLWQyNTUxY2RkZTRhZi8xL0dPS3UyYTg2Uy1W
Z3FobTVLRWJGLS1FY214ay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBF
BggrBgEFBQcBBwEB/wQ2MDQwIwQCAAEwHQMDAB/NAwQETm2wAwQEURcwAwQCucbk
AwQF1Y8AMA0EAgACMAcDBQMqABoQMA0GCSqGSIb3DQEBCwUAA4IBAQBjUpFOwGoN
R1cfLKIa4TtUutYa2kTgXjf2y8tml98zjGcZvg54obbePeCb9lHLhSK86iEoXGuY
A80rCn/QPI9knCQQQ7Nkxwf4fZLsK5waG/JM9svQ9WkMvHamfkoZuUMmovVf+sck
vXqekmUifGOiT4w0EtxREq7NbyKpssLsn6IG4QJM275A8NbtxrBJGCEJ3g1Mk50t
YJ2kyylfvjByVQlTyC3IKudqg9zdgU/XVq+azXIXBD8OvqIOhu/v28RzL5BgwsR1
4NZbfCBgAQ/wRXe73HDU4r7yH4+AVtImTGqilH7wdUCxXxI17mQpqWab6+Q4hqUk
QfmOJ/I/Daa/
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:34 2023 by rpki-client on console.sobornost.net