Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/2391ed-f285-4286-af2f-d2551cdde4af/1/sySV0jlz4xqV9n4HPsmlpCRkzWk.roa
File: sySV0jlz4xqV9n4HPsmlpCRkzWk.roa (raw, json)
Hash identifier: XWxk1RT7wO+YngCfLqbgGNRqC92qOYlAYLe9Q/NlDeQ=
Subject key identifier: B3:24:95:D2:39:73:E3:1A:95:F6:7E:07:3E:C9:A5:A4:24:64:CD:69
Certificate issuer: /CN=18e2aed9af3a4be560aa19b92846c5fbe11c9b19
Certificate serial: 0182FE234CF6616A1EB0121F14AA66AA71B0
Authority key identifier: 18:E2:AE:D9:AF:3A:4B:E5:60:AA:19:B9:28:46:C5:FB:E1:1C:9B:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GOKu2a86S-Vgqhm5KEbF--Ecmxk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/2391ed-f285-4286-af2f-d2551cdde4af/1/sySV0jlz4xqV9n4HPsmlpCRkzWk.roa
Signing time: Fri 02 Sep 2022 12:18:22 +0000
ROA not before: Fri 02 Sep 2022 12:18:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41230
IP address blocks: 78.109.176.0/20 maxlen: 20
31.205.64.0/18 maxlen: 18
213.143.0.0/19 maxlen: 19
31.205.192.0/18 maxlen: 18
31.205.0.0/18 maxlen: 18
31.205.0.0/16 maxlen: 16
81.23.48.0/20 maxlen: 20
31.205.128.0/18 maxlen: 18
185.198.228.0/22 maxlen: 23
2a00:1a10::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:fe:23:4c:f6:61:6a:1e:b0:12:1f:14:aa:66:aa:71:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=18e2aed9af3a4be560aa19b92846c5fbe11c9b19
Validity
Not Before: Sep 2 12:18:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b32495d23973e31a95f67e073ec9a5a42464cd69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:4a:eb:af:65:b1:51:23:50:1b:4b:f7:a2:40:
32:64:13:31:de:11:0d:66:ed:a2:da:7f:db:71:6e:
c8:21:a5:b5:f9:2e:44:85:b7:e4:fc:4f:eb:c2:5a:
8a:b0:3e:5d:a0:69:c0:44:d6:7a:f6:dc:76:28:ed:
d2:94:78:99:36:29:c7:57:ab:08:c7:da:58:cb:05:
b9:31:f8:a0:a2:91:e4:d4:93:87:d9:27:eb:51:e2:
13:99:cd:d7:84:83:5e:66:14:36:5e:44:5c:95:26:
61:b4:ab:2c:16:a4:ae:b7:17:b3:2c:0d:95:cb:64:
28:66:e5:db:a3:d7:a6:a2:c1:24:96:23:ac:62:21:
5c:79:22:3b:02:34:ec:c1:51:59:93:5d:50:57:c0:
a2:e2:2f:d6:c2:04:61:48:16:47:f4:2e:82:48:95:
9a:44:d1:c3:af:63:0a:03:01:09:10:01:32:bc:2d:
3a:c1:9f:01:e3:e6:00:e7:0c:41:fd:53:b8:0f:a8:
df:76:28:cb:04:02:cb:0b:df:14:e3:4d:cb:d6:3d:
8d:be:4f:2f:bf:9e:be:a7:77:80:f9:21:dc:21:de:
29:51:57:38:1e:f4:cc:88:1c:1e:c2:30:25:1d:c0:
88:7a:49:2c:c4:f6:af:b3:1b:1d:8f:53:e0:97:d3:
b6:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:24:95:D2:39:73:E3:1A:95:F6:7E:07:3E:C9:A5:A4:24:64:CD:69
X509v3 Authority Key Identifier:
keyid:18:E2:AE:D9:AF:3A:4B:E5:60:AA:19:B9:28:46:C5:FB:E1:1C:9B:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GOKu2a86S-Vgqhm5KEbF--Ecmxk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/2391ed-f285-4286-af2f-d2551cdde4af/1/sySV0jlz4xqV9n4HPsmlpCRkzWk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/2391ed-f285-4286-af2f-d2551cdde4af/1/GOKu2a86S-Vgqhm5KEbF--Ecmxk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.205.0.0/16
78.109.176.0/20
81.23.48.0/20
185.198.228.0/22
213.143.0.0/19
IPv6:
2a00:1a10::/29
Signature Algorithm: sha256WithRSAEncryption
a3:56:4f:9e:ee:ac:c6:43:ff:5f:f6:58:f9:21:6f:87:72:23:
fd:5f:9c:fc:2c:89:87:a0:5e:de:bc:ef:3f:67:a0:bf:1e:54:
2e:3c:c2:41:67:96:79:ef:bf:26:e1:cd:e9:8b:d8:ae:6f:2c:
97:48:49:a0:5f:5f:a1:ca:b1:af:07:c4:82:9f:5c:49:51:86:
75:e2:03:b2:69:3c:3d:84:62:18:99:e9:2c:93:56:c7:f3:c1:
9c:45:1a:82:fd:13:11:b1:01:0d:a0:68:42:f4:b4:bc:42:aa:
62:e4:ae:26:fd:b3:f7:61:d5:fb:89:1f:67:12:7a:73:1d:0c:
10:9c:c4:fe:5b:ae:e0:37:18:39:69:4f:84:26:e7:64:3f:09:
ab:06:76:c1:6d:66:15:f8:3a:87:c7:26:5a:52:5e:de:e2:1b:
67:5a:28:00:a7:2d:23:0f:85:04:56:0c:36:25:bf:d9:f4:d4:
0a:b8:f4:74:04:ed:78:07:f8:94:9c:3d:2d:46:66:a8:46:88:
d7:b4:85:f6:3a:92:d6:60:ef:a1:fc:b0:f3:9e:35:27:86:04:
18:af:84:a6:bc:52:a2:c7:a3:83:3f:e6:31:40:44:10:0d:64:
cb:70:fe:11:b3:73:07:53:c0:79:03:fe:32:06:07:0a:7a:b8:
7d:62:5e:8b
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYL+I0z2YWoesBIfFKpmqnGwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4ZTJhZWQ5YWYzYTRiZTU2MGFhMTliOTI4NDZjNWZiZTEx
YzliMTkwHhcNMjIwOTAyMTIxODIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzI0OTVkMjM5NzNlMzFhOTVmNjdlMDczZWM5YTVhNDI0NjRjZDY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Errr2WxUSNQG0v3okAyZBMx3hEN
Zu2i2n/bcW7IIaW1+S5Ehbfk/E/rwlqKsD5doGnARNZ69tx2KO3SlHiZNinHV6sI
x9pYywW5MfigopHk1JOH2SfrUeITmc3XhINeZhQ2XkRclSZhtKssFqSutxezLA2V
y2QoZuXbo9emosEkliOsYiFceSI7AjTswVFZk11QV8Ci4i/WwgRhSBZH9C6CSJWa
RNHDr2MKAwEJEAEyvC06wZ8B4+YA5wxB/VO4D6jfdijLBALLC98U403L1j2Nvk8v
v56+p3eA+SHcId4pUVc4HvTMiBwewjAlHcCIekksxPavsxsdj1Pgl9O2LQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFLMkldI5c+MalfZ+Bz7JpaQkZM1pMB8GA1UdIwQY
MBaAFBjirtmvOkvlYKoZuShGxfvhHJsZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR09LdTJhODZTLVZncWhtNUtFYkYtLUVjbXhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi8yMzkxZWQtZjI4NS00Mjg2LWFmMmYt
ZDI1NTFjZGRlNGFmLzEvc3lTVjBqbHo0eHFWOW40SFBzbWxwQ1JreldrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi8yMzkxZWQtZjI4NS00Mjg2LWFmMmYtZDI1NTFjZGRlNGFm
LzEvR09LdTJhODZTLVZncWhtNUtFYkYtLUVjbXhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAjBAIAATAdAwMAH80DBARO
bbADBARRFzADBAK5xuQDBAXVjwAwDQQCAAIwBwMFAyoAGhAwDQYJKoZIhvcNAQEL
BQADggEBAKNWT57urMZD/1/2WPkhb4dyI/1fnPwsiYegXt687z9noL8eVC48wkFn
lnnvvybhzemL2K5vLJdISaBfX6HKsa8HxIKfXElRhnXiA7JpPD2EYhiZ6SyTVsfz
wZxFGoL9ExGxAQ2gaEL0tLxCqmLkrib9s/dh1fuJH2cSenMdDBCcxP5bruA3GDlp
T4Qm52Q/CasGdsFtZhX4OofHJlpSXt7iG2daKACnLSMPhQRWDDYlv9n01Aq49HQE
7XgH+JScPS1GZqhGiNe0hfY6ktZg76H8sPOeNSeGBBivhKa8UqLHo4M/5jFARBAN
ZMtw/hGzcwdTwHkD/jIGBwp6uH1iXos=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:34 2023 by rpki-client on console.sobornost.net