Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/9f88d8-8a6d-4c5c-b194-e155acc6b84e/1/bExsCU9WFtg7KZTagDOR0hSZfvU.roa
File: bExsCU9WFtg7KZTagDOR0hSZfvU.roa (raw, json)
Hash identifier: BFs++EhZ2QZEwSkOl5+IJP1lDCyl9fWuy/nKxJQMncA=
Subject key identifier: 6C:4C:6C:09:4F:56:16:D8:3B:29:94:DA:80:33:91:D2:14:99:7E:F5
Certificate issuer: /CN=3f47f75757413ccc172d3d1b826fae5ae9385a1b
Certificate serial: 0184CDB41155E5F4E439BB3B5F4424C77F9D
Authority key identifier: 3F:47:F7:57:57:41:3C:CC:17:2D:3D:1B:82:6F:AE:5A:E9:38:5A:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P0f3V1dBPMwXLT0bgm-uWuk4Whs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/9f88d8-8a6d-4c5c-b194-e155acc6b84e/1/bExsCU9WFtg7KZTagDOR0hSZfvU.roa
Signing time: Thu 01 Dec 2022 12:40:40 +0000
ROA not before: Thu 01 Dec 2022 12:40:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208684
IP address blocks: 91.230.168.0/24 maxlen: 24
91.230.188.0/24 maxlen: 24
91.231.47.0/24 maxlen: 24
45.89.112.0/22 maxlen: 22
91.231.89.0/24 maxlen: 24
2a0b:2640::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:cd:b4:11:55:e5:f4:e4:39:bb:3b:5f:44:24:c7:7f:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3f47f75757413ccc172d3d1b826fae5ae9385a1b
Validity
Not Before: Dec 1 12:40:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6c4c6c094f5616d83b2994da803391d214997ef5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:1e:8c:6f:03:f7:75:ce:ed:d7:05:98:c8:7d:
a4:c8:ff:ae:7c:50:dd:0e:4e:5d:5c:e0:82:20:1b:
dc:dc:69:03:a8:bc:69:98:b3:b9:bb:a4:f6:52:8d:
2b:0d:ad:51:42:85:dd:31:72:ab:ef:1a:e1:29:8d:
ea:a7:74:6a:2a:7a:26:58:37:f2:99:4d:e3:08:df:
cf:37:9d:53:f7:40:6c:a7:0c:cc:c7:bd:88:cf:db:
08:8b:85:39:19:13:a3:fc:74:6d:b4:b1:b1:c5:9b:
29:51:e4:33:18:d5:8e:8a:8e:70:a0:1d:7c:ee:15:
25:62:01:4f:5e:39:0d:46:33:66:1c:33:68:35:7f:
a3:0a:81:7a:0a:83:75:47:5f:dc:7a:4e:f3:04:0d:
fe:e3:1f:54:01:14:de:5f:c0:f7:84:3c:51:1e:38:
9d:36:0a:70:9c:18:de:8b:a8:28:49:d4:e3:d2:1d:
30:74:df:ae:84:81:34:0a:aa:65:45:0f:90:7d:5d:
1a:f6:c1:9f:63:34:76:ac:83:9e:14:68:6a:ae:2b:
24:16:f8:a5:e6:15:26:21:bf:a6:ca:4e:29:52:db:
48:4d:a4:53:c6:28:25:28:41:1e:1b:99:53:3f:3b:
7d:0e:8c:9a:89:8b:c2:33:be:79:3b:01:e7:49:41:
c9:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:4C:6C:09:4F:56:16:D8:3B:29:94:DA:80:33:91:D2:14:99:7E:F5
X509v3 Authority Key Identifier:
keyid:3F:47:F7:57:57:41:3C:CC:17:2D:3D:1B:82:6F:AE:5A:E9:38:5A:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P0f3V1dBPMwXLT0bgm-uWuk4Whs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/9f88d8-8a6d-4c5c-b194-e155acc6b84e/1/bExsCU9WFtg7KZTagDOR0hSZfvU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/9f88d8-8a6d-4c5c-b194-e155acc6b84e/1/P0f3V1dBPMwXLT0bgm-uWuk4Whs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.112.0/22
91.230.168.0/24
91.230.188.0/24
91.231.47.0/24
91.231.89.0/24
IPv6:
2a0b:2640::/29
Signature Algorithm: sha256WithRSAEncryption
6c:d5:c8:43:fc:af:57:93:77:27:4b:eb:49:7c:54:fe:31:ac:
fe:f1:f0:a1:a8:ca:b2:54:46:30:1c:40:d3:ec:bc:22:54:e4:
63:03:09:b0:4c:49:5b:3f:ed:31:1f:7a:11:52:fc:ad:2a:1e:
ea:7d:b7:96:b9:ec:49:06:43:d0:36:a7:00:af:25:36:7e:c1:
7f:d0:9c:04:e9:6d:0a:e3:a7:2b:4b:b5:49:34:2d:39:91:74:
77:e4:b0:3b:f2:3e:8d:7e:7b:08:d6:c9:3c:01:24:8a:39:ca:
f3:a3:5b:64:37:ee:82:21:3d:dd:ea:32:36:9c:0c:4f:65:bb:
f3:f0:ab:38:64:69:07:4d:b9:d8:70:82:e5:50:f6:15:a9:5e:
eb:73:05:18:e3:fa:2a:01:6b:39:9d:57:0d:98:9d:10:f2:2a:
60:41:a3:ca:8e:43:53:dc:ed:43:26:f2:2f:1c:d3:79:e7:a9:
85:fa:6e:06:b8:77:2a:ac:d8:f7:5b:5b:f8:b7:c6:b1:7d:4d:
e1:e2:96:75:e8:f7:bc:ea:0a:28:03:0b:10:c1:f7:89:ea:42:
57:54:4c:db:db:aa:96:26:65:dd:e6:b9:b6:d7:fb:f8:be:ae:
63:51:28:ee:36:e1:64:e0:f8:e0:2a:5a:37:38:78:ef:ad:c5:
96:5a:51:ac
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYTNtBFV5fTkObs7X0Qkx3+dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmNDdmNzU3NTc0MTNjY2MxNzJkM2QxYjgyNmZhZTVhZTkz
ODVhMWIwHhcNMjIxMjAxMTI0MDQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzRjNmMwOTRmNTYxNmQ4M2IyOTk0ZGE4MDMzOTFkMjE0OTk3ZWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhx6MbwP3dc7t1wWYyH2kyP+ufFDd
Dk5dXOCCIBvc3GkDqLxpmLO5u6T2Uo0rDa1RQoXdMXKr7xrhKY3qp3RqKnomWDfy
mU3jCN/PN51T90BspwzMx72Iz9sIi4U5GROj/HRttLGxxZspUeQzGNWOio5woB18
7hUlYgFPXjkNRjNmHDNoNX+jCoF6CoN1R1/cek7zBA3+4x9UARTeX8D3hDxRHjid
NgpwnBjei6goSdTj0h0wdN+uhIE0CqplRQ+QfV0a9sGfYzR2rIOeFGhqriskFvil
5hUmIb+myk4pUttITaRTxiglKEEeG5lTPzt9DoyaiYvCM755OwHnSUHJgwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFGxMbAlPVhbYOymU2oAzkdIUmX71MB8GA1UdIwQY
MBaAFD9H91dXQTzMFy09G4JvrlrpOFobMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDBmM1YxZEJQTXdYTFQwYmdtLXVXdWs0V2hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC85Zjg4ZDgtOGE2ZC00YzVjLWIxOTQt
ZTE1NWFjYzZiODRlLzEvYkV4c0NVOVdGdGc3S1pUYWdET1IwaFNaZnZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC85Zjg4ZDgtOGE2ZC00YzVjLWIxOTQtZTE1NWFjYzZiODRl
LzEvUDBmM1YxZEJQTXdYTFQwYmdtLXVXdWs0V2hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCLVlwAwQA
W+aoAwQAW+a8AwQAW+cvAwQAW+dZMA0EAgACMAcDBQMqCyZAMA0GCSqGSIb3DQEB
CwUAA4IBAQBs1chD/K9Xk3cnS+tJfFT+Maz+8fChqMqyVEYwHEDT7LwiVORjAwmw
TElbP+0xH3oRUvytKh7qfbeWuexJBkPQNqcAryU2fsF/0JwE6W0K46crS7VJNC05
kXR35LA78j6NfnsI1sk8ASSKOcrzo1tkN+6CIT3d6jI2nAxPZbvz8Ks4ZGkHTbnY
cILlUPYVqV7rcwUY4/oqAWs5nVcNmJ0Q8ipgQaPKjkNT3O1DJvIvHNN556mF+m4G
uHcqrNj3W1v4t8axfU3h4pZ16Pe86gooAwsQwfeJ6kJXVEzb26qWJmXd5rm21/v4
vq5jUSjuNuFk4PjgKlo3OHjvrcWWWlGs
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:48 2023 by rpki-client on console.sobornost.net