Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/4748c7-cd9e-401e-a8a4-0d48e6895f12/1/C1hhBUCIlqX2Vb18AssRDC4Rl-Q.roa
File: C1hhBUCIlqX2Vb18AssRDC4Rl-Q.roa (raw, json)
Hash identifier: /Akp7Rr6TCvc0dn9ezfJRPvnNLcMtqhtUhhAZo2AIC4=
Subject key identifier: 0B:58:61:05:40:88:96:A5:F6:55:BD:7C:02:CB:11:0C:2E:11:97:E4
Certificate issuer: /CN=b630b73b51cbc5380dd4adb3d5aaff4d7a334c5e
Certificate serial: 09AB21CA
Authority key identifier: B6:30:B7:3B:51:CB:C5:38:0D:D4:AD:B3:D5:AA:FF:4D:7A:33:4C:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tjC3O1HLxTgN1K2z1ar_TXozTF4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/4748c7-cd9e-401e-a8a4-0d48e6895f12/1/C1hhBUCIlqX2Vb18AssRDC4Rl-Q.roa
Signing time: Thu 10 Feb 2022 07:29:20 +0000
ROA not before: Thu 10 Feb 2022 07:29:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47952
IP address blocks: 91.194.52.0/24 maxlen: 24
91.194.54.0/24 maxlen: 24
185.201.213.0/24 maxlen: 24
185.201.212.0/24 maxlen: 24
185.201.214.0/24 maxlen: 24
185.201.215.0/24 maxlen: 24
2a0a:c4c0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 162210250 (0x9ab21ca)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b630b73b51cbc5380dd4adb3d5aaff4d7a334c5e
Validity
Not Before: Feb 10 07:29:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0b586105408896a5f655bd7c02cb110c2e1197e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:27:e5:35:64:68:97:17:12:96:4e:08:3d:c8:
23:11:db:89:86:54:1a:41:02:01:17:27:bb:db:3b:
46:df:75:48:10:0d:df:c7:95:e6:d5:a0:18:b7:98:
00:ec:54:17:2c:f5:aa:e8:a6:0e:bb:20:ee:d2:de:
e2:b3:82:2c:41:f9:75:7e:88:d5:09:54:d6:3f:8c:
26:48:fd:51:63:3b:e5:46:7a:58:86:02:fe:4b:99:
ce:d7:27:e6:16:ff:98:07:2c:09:be:ab:b2:c8:f1:
2d:f2:3b:ee:23:b7:9f:cb:cc:2c:a3:5b:e0:fb:6b:
f1:15:3e:f2:14:d8:a4:49:83:53:cc:14:2e:f1:b3:
fa:9f:a6:a1:12:3d:f2:f7:e7:1f:f3:99:6c:2c:3e:
7e:fc:36:07:7f:7e:f7:4b:05:c5:a8:ff:bd:b1:93:
c9:19:55:90:5f:84:46:7d:86:c3:d0:05:1d:04:bc:
a2:4a:59:0e:f4:6c:30:50:a5:0d:cf:0f:e0:6f:94:
7d:49:4d:25:db:4a:8c:ea:e1:29:f4:14:03:16:bf:
f0:2f:e0:76:0f:19:03:11:bc:c8:03:61:8f:db:68:
6f:92:30:c9:67:10:7b:30:8d:55:d4:85:db:14:c4:
e4:41:c5:ba:47:d2:30:79:30:c2:df:22:98:00:63:
0d:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:58:61:05:40:88:96:A5:F6:55:BD:7C:02:CB:11:0C:2E:11:97:E4
X509v3 Authority Key Identifier:
keyid:B6:30:B7:3B:51:CB:C5:38:0D:D4:AD:B3:D5:AA:FF:4D:7A:33:4C:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tjC3O1HLxTgN1K2z1ar_TXozTF4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/4748c7-cd9e-401e-a8a4-0d48e6895f12/1/C1hhBUCIlqX2Vb18AssRDC4Rl-Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/4748c7-cd9e-401e-a8a4-0d48e6895f12/1/tjC3O1HLxTgN1K2z1ar_TXozTF4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.52.0/24
91.194.54.0/24
185.201.212.0/22
IPv6:
2a0a:c4c0::/48
Signature Algorithm: sha256WithRSAEncryption
8c:01:a6:d3:2b:b4:70:58:f2:d7:2a:f4:c2:ae:be:9d:d5:51:
d5:8d:d3:59:e2:0d:a5:da:68:20:00:ac:6a:5e:4a:35:ac:3d:
73:f4:35:67:10:a8:73:52:c9:3b:2b:81:83:69:9b:00:c2:d4:
6d:70:16:dc:28:d5:1f:d5:b5:ec:e6:28:49:84:09:be:eb:7b:
80:75:88:39:37:f3:2d:01:0e:ed:d0:30:74:92:c8:a5:ce:e7:
e7:1d:0e:9a:90:10:ab:44:be:e8:62:03:d7:1a:28:98:a7:66:
fe:45:c7:ce:00:d1:d9:6a:99:77:ad:47:55:e1:3d:22:41:21:
36:20:74:63:6c:af:17:1f:59:f6:09:55:58:f0:ba:e8:b3:3a:
f0:cf:4c:38:28:29:cb:88:bc:25:fc:76:b0:ca:bd:80:97:b4:
d3:7e:37:b9:42:34:c8:1f:a6:be:12:31:ea:f0:b9:c9:46:bb:
98:bf:88:92:a6:11:3f:20:26:04:23:f4:56:87:6c:08:e4:7c:
6f:4a:eb:54:41:8d:dc:83:92:35:30:8a:1d:c2:b5:8a:31:e7:
a6:e5:89:bb:ba:8c:b4:db:b1:29:71:ed:1e:b0:c3:bd:f0:30:
8b:48:14:3c:ed:aa:a3:24:b8:29:56:e5:4f:b2:73:72:92:f2:
97:a9:e2:07
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIECashyjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NjMwYjczYjUxY2JjNTM4MGRkNGFkYjNkNWFhZmY0ZDdhMzM0YzVlMB4XDTIyMDIx
MDA3MjkyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGI1ODYxMDU0MDg4
OTZhNWY2NTViZDdjMDJjYjExMGMyZTExOTdlNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKIn5TVkaJcXEpZOCD3IIxHbiYZUGkECARcnu9s7Rt91SBAN
38eV5tWgGLeYAOxUFyz1quimDrsg7tLe4rOCLEH5dX6I1QlU1j+MJkj9UWM75UZ6
WIYC/kuZztcn5hb/mAcsCb6rssjxLfI77iO3n8vMLKNb4Ptr8RU+8hTYpEmDU8wU
LvGz+p+moRI98vfnH/OZbCw+fvw2B39+90sFxaj/vbGTyRlVkF+ERn2Gw9AFHQS8
okpZDvRsMFClDc8P4G+UfUlNJdtKjOrhKfQUAxa/8C/gdg8ZAxG8yANhj9tob5Iw
yWcQezCNVdSF2xTE5EHFukfSMHkwwt8imABjDUUCAwEAAaOCAiYwggIiMB0GA1Ud
DgQWBBQLWGEFQIiWpfZVvXwCyxEMLhGX5DAfBgNVHSMEGDAWgBS2MLc7UcvFOA3U
rbPVqv9NejNMXjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RqQzNPMUhMeFRnTjFLMnoxYXJfVFhvelRGNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2QvNDc0OGM3LWNkOWUtNDAxZS1hOGE0LTBkNDhlNjg5NWYxMi8x
L0MxaGhCVUNJbHFYMlZiMThBc3NSREM0UmwtUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Qv
NDc0OGM3LWNkOWUtNDAxZS1hOGE0LTBkNDhlNjg5NWYxMi8xL3RqQzNPMUhMeFRn
TjFLMnoxYXJfVFhvelRGNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA8
BggrBgEFBQcBBwEB/wQtMCswGAQCAAEwEgMEAFvCNAMEAFvCNgMEArnJ1DAPBAIA
AjAJAwcAKgrEwAAAMA0GCSqGSIb3DQEBCwUAA4IBAQCMAabTK7RwWPLXKvTCrr6d
1VHVjdNZ4g2l2mggAKxqXko1rD1z9DVnEKhzUsk7K4GDaZsAwtRtcBbcKNUf1bXs
5ihJhAm+63uAdYg5N/MtAQ7t0DB0ksilzufnHQ6akBCrRL7oYgPXGiiYp2b+RcfO
ANHZapl3rUdV4T0iQSE2IHRjbK8XH1n2CVVY8Lroszrwz0w4KCnLiLwl/Hawyr2A
l7TTfje5QjTIH6a+EjHq8LnJRruYv4iSphE/ICYEI/RWh2wI5HxvSutUQY3cg5I1
MIodwrWKMeem5Ym7uoy027Epce0esMO98DCLSBQ87aqjJLgpVuVPsnNykvKXqeIH
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:28 2023 by rpki-client on console.sobornost.net