Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/2a942a-f1bf-43e2-b92a-1dec40584806/1/4L2HWEj030m9IITOSFT2XXHshXs.roa
File: 4L2HWEj030m9IITOSFT2XXHshXs.roa (raw, json)
Hash identifier: PxL7jjnP6XB2m2OPEZP7sN8HexJ4TkbutEDZLCVIx6o=
Subject key identifier: E0:BD:87:58:48:F4:DF:49:BD:20:84:CE:48:54:F6:5D:71:EC:85:7B
Certificate issuer: /CN=3691d2950145dceac00c0ca4eb536d92867b38d3
Certificate serial: 0182CC0414BD739A9D6CD0A74436081152F2
Authority key identifier: 36:91:D2:95:01:45:DC:EA:C0:0C:0C:A4:EB:53:6D:92:86:7B:38:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NpHSlQFF3OrADAyk61NtkoZ7ONM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/2a942a-f1bf-43e2-b92a-1dec40584806/1/4L2HWEj030m9IITOSFT2XXHshXs.roa
Signing time: Tue 23 Aug 2022 18:43:15 +0000
ROA not before: Tue 23 Aug 2022 18:43:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206924
IP address blocks: 185.230.223.0/24 maxlen: 24
2a0c:2f07:d::/48 maxlen: 48
2a0c:2f07:1337::/48 maxlen: 64
2a0c:2f07:f::/48 maxlen: 48
2a0c:2f07:384::/48 maxlen: 48
2a0c:2f07:29::/48 maxlen: 48
2a0c:2f07:9459::/48 maxlen: 48
2a0c:2f07:ac1::/48 maxlen: 48
2a0c:2f07:4896::/48 maxlen: 48
2a0c:2f07:4663::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:cc:04:14:bd:73:9a:9d:6c:d0:a7:44:36:08:11:52:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3691d2950145dceac00c0ca4eb536d92867b38d3
Validity
Not Before: Aug 23 18:43:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e0bd875848f4df49bd2084ce4854f65d71ec857b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:f2:e4:26:9b:0f:19:93:c6:20:54:87:17:58:
19:41:ed:4f:b1:53:10:fb:01:9e:51:16:54:e2:82:
83:44:95:1e:dc:ac:d1:56:9e:32:69:bf:5f:44:77:
6d:5b:96:b7:9e:a4:d5:e0:f6:07:b0:80:b9:f2:d8:
9e:8b:ec:30:9d:e8:69:40:44:61:48:ed:10:fa:5a:
5b:44:6d:e8:aa:be:e1:b4:7d:ba:db:9c:9e:0f:db:
dc:e9:fe:a5:00:92:eb:41:93:be:7c:f8:8b:0c:82:
8c:a1:2d:5e:1d:7a:29:3a:6c:a5:ff:10:87:b5:01:
1d:fe:f2:23:a3:4c:a7:f7:b8:f3:73:4f:c5:ee:f0:
6e:bf:dc:04:93:24:fe:b4:28:14:d8:e7:b4:c8:bf:
52:77:af:a9:bf:f7:79:39:dc:56:a2:dc:c8:f0:5f:
9a:73:29:7a:7a:ac:7d:67:19:68:21:3e:bd:8e:53:
5b:3c:39:9c:56:62:d9:04:5a:29:72:bb:cb:e5:96:
70:7d:80:85:3e:80:0c:16:20:c1:72:a9:b7:f7:19:
ee:63:a8:ee:f8:0f:ea:a8:d0:f3:9a:3b:ff:f5:e0:
15:0b:08:e6:72:ba:49:b9:85:5b:c3:4d:62:96:36:
35:59:c0:3a:45:de:87:40:cc:c5:38:33:10:53:2a:
ac:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:BD:87:58:48:F4:DF:49:BD:20:84:CE:48:54:F6:5D:71:EC:85:7B
X509v3 Authority Key Identifier:
keyid:36:91:D2:95:01:45:DC:EA:C0:0C:0C:A4:EB:53:6D:92:86:7B:38:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NpHSlQFF3OrADAyk61NtkoZ7ONM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/2a942a-f1bf-43e2-b92a-1dec40584806/1/4L2HWEj030m9IITOSFT2XXHshXs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/2a942a-f1bf-43e2-b92a-1dec40584806/1/NpHSlQFF3OrADAyk61NtkoZ7ONM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.230.223.0/24
IPv6:
2a0c:2f07:d::/48
2a0c:2f07:f::/48
2a0c:2f07:29::/48
2a0c:2f07:384::/48
2a0c:2f07:ac1::/48
2a0c:2f07:1337::/48
2a0c:2f07:4663::/48
2a0c:2f07:4896::/48
2a0c:2f07:9459::/48
Signature Algorithm: sha256WithRSAEncryption
9d:af:71:24:c1:b0:33:da:01:ac:13:30:a8:1d:03:1a:77:71:
18:cd:5c:c0:3e:0a:c8:bd:91:7d:3d:35:87:77:94:e4:0a:f5:
cc:f3:f2:a2:1f:ff:c4:94:94:0c:d6:26:82:d7:ef:ec:a0:5d:
5d:9d:4c:04:cd:e8:0e:ef:c0:13:b9:a4:66:39:01:24:b0:d9:
b8:21:d5:3e:38:6f:96:50:9e:65:6f:dd:1c:6d:f3:4c:ec:48:
a0:67:6a:98:d9:67:0e:38:d1:91:51:79:a1:93:c5:b5:3c:6b:
00:11:ce:24:8d:db:9d:65:da:bc:48:95:c3:f5:bc:24:de:36:
b9:21:5a:97:be:74:63:5f:f7:32:0b:f7:09:24:8b:74:ec:f5:
ab:59:b8:24:f5:28:1a:64:31:59:8f:9f:b1:9d:4e:6a:47:af:
36:02:be:1c:a3:ee:c0:65:d3:5b:06:4c:88:1b:7c:ee:b1:53:
cd:42:27:07:3c:01:64:8a:e3:86:c0:30:e4:10:f8:15:44:f1:
54:23:f0:a8:6f:31:cf:1f:d0:5e:12:fe:40:fa:47:00:4b:9f:
c8:e4:d6:37:f1:95:0c:03:bb:93:59:a4:bd:95:f7:49:d6:91:
55:21:6d:1f:c2:f5:4d:b4:ad:10:0d:23:2f:ab:0a:8e:02:82:
d5:af:52:11
-----BEGIN CERTIFICATE-----
MIIFVjCCBD6gAwIBAgISAYLMBBS9c5qdbNCnRDYIEVLyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OTFkMjk1MDE0NWRjZWFjMDBjMGNhNGViNTM2ZDkyODY3
YjM4ZDMwHhcNMjIwODIzMTg0MzE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGJkODc1ODQ4ZjRkZjQ5YmQyMDg0Y2U0ODU0ZjY1ZDcxZWM4NTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1PLkJpsPGZPGIFSHF1gZQe1PsVMQ
+wGeURZU4oKDRJUe3KzRVp4yab9fRHdtW5a3nqTV4PYHsIC58tiei+wwnehpQERh
SO0Q+lpbRG3oqr7htH2625yeD9vc6f6lAJLrQZO+fPiLDIKMoS1eHXopOmyl/xCH
tQEd/vIjo0yn97jzc0/F7vBuv9wEkyT+tCgU2Oe0yL9Sd6+pv/d5OdxWotzI8F+a
cyl6eqx9ZxloIT69jlNbPDmcVmLZBFopcrvL5ZZwfYCFPoAMFiDBcqm39xnuY6ju
+A/qqNDzmjv/9eAVCwjmcrpJuYVbw01iljY1WcA6Rd6HQMzFODMQUyqsrwIDAQAB
o4ICYjCCAl4wHQYDVR0OBBYEFOC9h1hI9N9JvSCEzkhU9l1x7IV7MB8GA1UdIwQY
MBaAFDaR0pUBRdzqwAwMpOtTbZKGezjTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnBIU2xRRkYzT3JBREF5azYxTnRrb1o3T05NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi8yYTk0MmEtZjFiZi00M2UyLWI5MmEt
MWRlYzQwNTg0ODA2LzEvNEwySFdFajAzMG05SUlUT1NGVDJYWEhzaFhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi8yYTk0MmEtZjFiZi00M2UyLWI5MmEtMWRlYzQwNTg0ODA2
LzEvTnBIU2xRRkYzT3JBREF5azYxTnRrb1o3T05NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHgGCCsGAQUFBwEHAQH/BGkwZzAMBAIAATAGAwQAuebfMFcE
AgACMFEDBwAqDC8HAA0DBwAqDC8HAA8DBwAqDC8HACkDBwAqDC8HA4QDBwAqDC8H
CsEDBwAqDC8HEzcDBwAqDC8HRmMDBwAqDC8HSJYDBwAqDC8HlFkwDQYJKoZIhvcN
AQELBQADggEBAJ2vcSTBsDPaAawTMKgdAxp3cRjNXMA+Csi9kX09NYd3lOQK9czz
8qIf/8SUlAzWJoLX7+ygXV2dTATN6A7vwBO5pGY5ASSw2bgh1T44b5ZQnmVv3Rxt
80zsSKBnapjZZw440ZFReaGTxbU8awARziSN251l2rxIlcP1vCTeNrkhWpe+dGNf
9zIL9wkki3Ts9atZuCT1KBpkMVmPn7GdTmpHrzYCvhyj7sBl01sGTIgbfO6xU81C
Jwc8AWSK44bAMOQQ+BVE8VQj8KhvMc8f0F4S/kD6RwBLn8jk1jfxlQwDu5NZpL2V
90nWkVUhbR/C9U20rRANIy+rCo4CgtWvUhE=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:35 2023 by rpki-client on console.sobornost.net