Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/2a942a-f1bf-43e2-b92a-1dec40584806/1/jrZkwbHKLMHxVk8QVpLpMWWu8Pg.roa
File: jrZkwbHKLMHxVk8QVpLpMWWu8Pg.roa (raw, json)
Hash identifier: DWozGObz8nbR4k/Xz50ZBHrN6dZoCR77iDIMmD0A+ec=
Subject key identifier: 8E:B6:64:C1:B1:CA:2C:C1:F1:56:4F:10:56:92:E9:31:65:AE:F0:F8
Certificate issuer: /CN=3691d2950145dceac00c0ca4eb536d92867b38d3
Certificate serial: 0213FF
Authority key identifier: 36:91:D2:95:01:45:DC:EA:C0:0C:0C:A4:EB:53:6D:92:86:7B:38:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NpHSlQFF3OrADAyk61NtkoZ7ONM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/2a942a-f1bf-43e2-b92a-1dec40584806/1/jrZkwbHKLMHxVk8QVpLpMWWu8Pg.roa
Signing time: Tue 21 Jun 2022 13:23:44 +0000
ROA not before: Tue 21 Jun 2022 13:23:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206924
IP address blocks: 185.230.223.0/24 maxlen: 24
2a0c:2f07:d::/48 maxlen: 48
2a0c:2f07:f::/48 maxlen: 48
2a0c:2f07:384::/48 maxlen: 48
2a0c:2f07:29::/48 maxlen: 48
2a0c:2f07:9459::/48 maxlen: 48
2a0c:2f07:ac1::/48 maxlen: 48
2a0c:2f07:4896::/48 maxlen: 48
2a0c:2f07:4663::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 136191 (0x213ff)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3691d2950145dceac00c0ca4eb536d92867b38d3
Validity
Not Before: Jun 21 13:23:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8eb664c1b1ca2cc1f1564f105692e93165aef0f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:d7:8f:77:c2:85:0f:96:a5:e0:c9:7d:43:fb:
e3:c4:7c:a7:95:9c:90:28:30:2e:ad:24:be:15:5b:
2c:54:8e:99:31:1d:35:ac:ec:cb:71:f2:64:e4:03:
67:79:53:dd:77:22:69:57:da:ee:e6:e6:e8:8c:2a:
fd:75:5e:54:26:55:d1:04:06:df:8d:c7:b7:af:d7:
c5:a1:de:aa:51:b2:99:fe:6e:bd:d8:56:60:59:64:
ad:84:3c:82:4c:b0:49:b9:5a:49:7c:97:b0:cd:b6:
ee:d2:93:bf:70:d7:b8:78:b0:5d:94:65:5f:e3:18:
a4:0c:0d:5d:ba:21:0b:1f:92:60:48:4e:94:83:b7:
4d:51:ef:19:85:12:eb:e1:65:18:16:1a:29:4a:bc:
e3:3f:9a:50:19:9b:6d:4a:a7:12:4e:a6:17:b2:7b:
a1:97:c0:0d:50:37:ef:3f:87:74:a3:53:77:c2:43:
3b:21:b0:cb:0e:72:ab:85:37:0c:46:62:e8:91:b9:
e4:48:5d:c8:87:4c:81:0e:e1:7b:fc:42:3b:25:c6:
c2:f0:06:14:65:b6:e9:68:a0:3b:9c:a1:a4:10:5e:
fb:80:f5:f5:f6:f9:5f:9e:60:18:2c:cb:1f:9b:ef:
10:db:59:6f:f4:2a:30:90:4e:bd:b1:7d:2f:2e:73:
6d:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:B6:64:C1:B1:CA:2C:C1:F1:56:4F:10:56:92:E9:31:65:AE:F0:F8
X509v3 Authority Key Identifier:
keyid:36:91:D2:95:01:45:DC:EA:C0:0C:0C:A4:EB:53:6D:92:86:7B:38:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NpHSlQFF3OrADAyk61NtkoZ7ONM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/2a942a-f1bf-43e2-b92a-1dec40584806/1/jrZkwbHKLMHxVk8QVpLpMWWu8Pg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/2a942a-f1bf-43e2-b92a-1dec40584806/1/NpHSlQFF3OrADAyk61NtkoZ7ONM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.230.223.0/24
IPv6:
2a0c:2f07:d::/48
2a0c:2f07:f::/48
2a0c:2f07:29::/48
2a0c:2f07:384::/48
2a0c:2f07:ac1::/48
2a0c:2f07:4663::/48
2a0c:2f07:4896::/48
2a0c:2f07:9459::/48
Signature Algorithm: sha256WithRSAEncryption
1e:03:a6:61:28:a0:42:1f:c3:5f:85:1d:66:d3:18:69:40:c0:
bf:83:e2:48:41:91:9d:f9:7e:e1:ee:61:38:d1:c7:59:d8:2c:
a7:63:90:2e:08:5c:6c:5d:97:cb:13:bd:29:51:f1:ff:ff:3c:
0a:c0:bf:2f:66:0b:27:47:6b:0f:9b:53:f8:85:88:8a:04:61:
e2:8e:fc:4e:98:22:0c:b4:8f:0a:f9:62:87:cc:08:c7:50:5a:
7e:30:99:30:3f:dd:71:87:2d:76:c1:ee:86:1c:f7:7f:21:c3:
c1:aa:90:c8:67:4d:46:1f:b8:ae:20:09:78:36:1e:98:98:d4:
ee:13:be:96:8c:a6:93:61:5a:4a:c4:a8:18:15:04:91:b1:d4:
91:28:eb:7d:74:39:46:1f:f5:33:d7:1c:91:65:99:f6:c6:d0:
44:34:d2:ae:4c:1f:4e:2a:7c:66:73:fb:ff:1c:1c:9e:5a:7a:
0d:51:ae:b9:a0:d4:ce:74:36:e6:df:1e:73:8a:9f:04:9a:00:
a4:aa:0e:55:e4:43:b7:3c:80:ee:49:f7:f1:d0:86:c8:e2:29:
fc:d2:39:87:22:01:50:77:16:e7:73:38:3b:aa:be:6e:08:55:
e4:df:47:f1:f8:bd:3c:d2:72:0a:10:a4:87:4b:b2:41:db:bc:
da:31:63:09
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgIDAhP/MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDM2
OTFkMjk1MDE0NWRjZWFjMDBjMGNhNGViNTM2ZDkyODY3YjM4ZDMwHhcNMjIwNjIx
MTMyMzQ0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg4ZWI2NjRjMWIxY2Ey
Y2MxZjE1NjRmMTA1NjkyZTkzMTY1YWVmMGY4MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA0NePd8KFD5al4Ml9Q/vjxHynlZyQKDAurSS+FVssVI6ZMR01
rOzLcfJk5ANneVPddyJpV9ru5ubojCr9dV5UJlXRBAbfjce3r9fFod6qUbKZ/m69
2FZgWWSthDyCTLBJuVpJfJewzbbu0pO/cNe4eLBdlGVf4xikDA1duiELH5JgSE6U
g7dNUe8ZhRLr4WUYFhopSrzjP5pQGZttSqcSTqYXsnuhl8ANUDfvP4d0o1N3wkM7
IbDLDnKrhTcMRmLokbnkSF3Ih0yBDuF7/EI7JcbC8AYUZbbpaKA7nKGkEF77gPX1
9vlfnmAYLMsfm+8Q21lv9CowkE69sX0vLnNt2QIDAQABo4ICWTCCAlUwHQYDVR0O
BBYEFI62ZMGxyizB8VZPEFaS6TFlrvD4MB8GA1UdIwQYMBaAFDaR0pUBRdzqwAwM
pOtTbZKGezjTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
TnBIU2xRRkYzT3JBREF5azYxTnRrb1o3T05NLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC83Mi8yYTk0MmEtZjFiZi00M2UyLWI5MmEtMWRlYzQwNTg0ODA2LzEv
anJaa3diSEtMTUh4Vms4UVZwTHBNV1d1OFBnLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi8y
YTk0MmEtZjFiZi00M2UyLWI5MmEtMWRlYzQwNTg0ODA2LzEvTnBIU2xRRkYzT3JB
REF5azYxTnRrb1o3T05NLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMG8G
CCsGAQUFBwEHAQH/BGAwXjAMBAIAATAGAwQAuebfME4EAgACMEgDBwAqDC8HAA0D
BwAqDC8HAA8DBwAqDC8HACkDBwAqDC8HA4QDBwAqDC8HCsEDBwAqDC8HRmMDBwAq
DC8HSJYDBwAqDC8HlFkwDQYJKoZIhvcNAQELBQADggEBAB4DpmEooEIfw1+FHWbT
GGlAwL+D4khBkZ35fuHuYTjRx1nYLKdjkC4IXGxdl8sTvSlR8f//PArAvy9mCydH
aw+bU/iFiIoEYeKO/E6YIgy0jwr5YofMCMdQWn4wmTA/3XGHLXbB7oYc938hw8Gq
kMhnTUYfuK4gCXg2HpiY1O4TvpaMppNhWkrEqBgVBJGx1JEo6310OUYf9TPXHJFl
mfbG0EQ00q5MH04qfGZz+/8cHJ5aeg1Rrrmg1M50NubfHnOKnwSaAKSqDlXkQ7c8
gO5J9/HQhsjiKfzSOYciAVB3FudzODuqvm4IVeTfR/H4vTzScgoQpIdLskHbvNox
Ywk=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:35 2023 by rpki-client on console.sobornost.net