Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/b66c2c-3d01-4bdb-8c4c-b2da977e407d/1/oCbq0UmugJ55NZgvutVGASS9exI.roa
File: oCbq0UmugJ55NZgvutVGASS9exI.roa (raw, json)
Hash identifier: HNnmw1tqIuhGcd2xh5Zu5TeiEcM0R7ul1EB9cTHcNJQ=
Subject key identifier: A0:26:EA:D1:49:AE:80:9E:79:35:98:2F:BA:D5:46:01:24:BD:7B:12
Certificate issuer: /CN=5289b6a8bfaac5c8c09a48c042819dfc5ea45104
Certificate serial: 0A2F0AAB
Authority key identifier: 52:89:B6:A8:BF:AA:C5:C8:C0:9A:48:C0:42:81:9D:FC:5E:A4:51:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Uom2qL-qxcjAmkjAQoGd_F6kUQQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/b66c2c-3d01-4bdb-8c4c-b2da977e407d/1/oCbq0UmugJ55NZgvutVGASS9exI.roa
Signing time: Sat 01 Jan 2022 14:05:14 +0000
ROA not before: Sat 01 Jan 2022 14:05:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47258
IP address blocks: 94.143.48.0/21 maxlen: 24
185.51.124.0/22 maxlen: 24
2a04:be20::/30 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 170855083 (0xa2f0aab)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5289b6a8bfaac5c8c09a48c042819dfc5ea45104
Validity
Not Before: Jan 1 14:05:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a026ead149ae809e7935982fbad5460124bd7b12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:a8:b1:b5:31:f6:33:bf:a5:30:39:51:ab:d6:
f1:08:69:30:3d:4c:41:57:e0:76:8e:2a:a8:d2:8f:
ce:04:8e:4a:03:b0:97:f1:6c:8c:2b:65:d8:b4:dc:
35:ba:1c:22:a6:6d:f7:eb:f5:4c:74:fe:87:96:0e:
88:2b:de:f5:e2:18:b8:20:f5:f2:64:9d:6a:51:d4:
6e:72:8b:f7:ab:7a:80:9c:61:73:d4:db:a4:a3:94:
d8:35:88:9d:b3:45:54:3a:cb:32:0a:cd:f1:c7:23:
24:2d:12:b6:c5:b3:50:57:88:94:c0:64:70:87:a1:
b1:1a:f8:c3:d5:fc:16:8b:1e:5d:8e:1a:4f:f2:55:
bd:e0:f0:62:12:e3:fc:2f:f9:88:8a:a0:c2:c5:07:
46:ef:2f:48:2f:62:33:41:18:a9:40:25:3e:58:d3:
37:95:bf:ef:ec:69:8d:2d:1b:6c:f0:44:6b:e9:9b:
b5:24:f0:91:a1:d1:f7:91:9c:88:fa:c7:38:b0:77:
35:98:3c:52:ab:52:9d:cc:71:e3:9a:ca:e6:8d:23:
18:08:14:83:b6:20:3e:ae:4d:b8:21:92:2b:67:db:
fc:6d:cb:ff:1f:6d:3f:ef:a1:2b:a8:07:4c:7e:71:
f7:3e:bc:6e:9e:a5:8b:58:e2:5a:e6:09:7a:e3:58:
fe:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:26:EA:D1:49:AE:80:9E:79:35:98:2F:BA:D5:46:01:24:BD:7B:12
X509v3 Authority Key Identifier:
keyid:52:89:B6:A8:BF:AA:C5:C8:C0:9A:48:C0:42:81:9D:FC:5E:A4:51:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Uom2qL-qxcjAmkjAQoGd_F6kUQQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/b66c2c-3d01-4bdb-8c4c-b2da977e407d/1/oCbq0UmugJ55NZgvutVGASS9exI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/b66c2c-3d01-4bdb-8c4c-b2da977e407d/1/Uom2qL-qxcjAmkjAQoGd_F6kUQQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.143.48.0/21
185.51.124.0/22
IPv6:
2a04:be20::/30
Signature Algorithm: sha256WithRSAEncryption
c2:b1:c8:ec:df:fa:df:60:ef:31:24:8f:70:f3:79:b9:87:44:
81:3c:81:9e:c6:b1:98:59:86:df:a9:81:ae:6c:4f:a0:00:f4:
51:c6:49:67:56:b8:20:5e:ae:88:a9:e2:5b:0a:86:f1:89:a2:
28:60:b4:dd:bd:a1:5d:ab:2f:28:48:06:86:b7:0e:3d:22:47:
ed:88:9c:17:d2:18:61:f7:46:ef:65:2c:b4:57:eb:3b:8f:bd:
e7:a3:be:58:f5:d0:25:b2:32:f1:19:9b:e8:0f:f8:5c:a4:07:
59:c7:a8:75:15:d8:22:3f:39:6d:d0:dd:6a:9f:6a:a7:69:25:
8a:29:e1:59:63:5f:2f:ea:84:46:ec:f4:8e:80:11:cf:9f:36:
51:68:47:22:20:3c:13:59:23:19:e3:56:b6:4b:4e:c6:90:a1:
a6:63:38:41:ba:67:37:23:5e:51:31:40:4f:ca:1d:85:09:e0:
42:84:72:af:50:1e:b6:02:3e:35:c0:c4:2b:ff:13:2b:b7:2e:
64:44:65:b5:08:8d:9d:75:9b:96:67:50:8b:42:ba:b9:d6:06:
e2:54:c2:2d:5b:3e:5e:b0:a6:7d:18:df:d8:49:2d:f2:df:ca:
e8:ff:a2:9f:d3:f8:fd:c8:16:ea:91:6b:47:35:59:f9:de:20:
81:4a:80:3c
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIECi8KqzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
Mjg5YjZhOGJmYWFjNWM4YzA5YTQ4YzA0MjgxOWRmYzVlYTQ1MTA0MB4XDTIyMDEw
MTE0MDUxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTAyNmVhZDE0OWFl
ODA5ZTc5MzU5ODJmYmFkNTQ2MDEyNGJkN2IxMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKWosbUx9jO/pTA5UavW8QhpMD1MQVfgdo4qqNKPzgSOSgOw
l/FsjCtl2LTcNbocIqZt9+v1THT+h5YOiCve9eIYuCD18mSdalHUbnKL96t6gJxh
c9TbpKOU2DWInbNFVDrLMgrN8ccjJC0StsWzUFeIlMBkcIehsRr4w9X8FoseXY4a
T/JVveDwYhLj/C/5iIqgwsUHRu8vSC9iM0EYqUAlPljTN5W/7+xpjS0bbPBEa+mb
tSTwkaHR95GciPrHOLB3NZg8UqtSncxx45rK5o0jGAgUg7YgPq5NuCGSK2fb/G3L
/x9tP++hK6gHTH5x9z68bp6li1jiWuYJeuNY/lECAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBSgJurRSa6Annk1mC+61UYBJL17EjAfBgNVHSMEGDAWgBRSibaov6rFyMCa
SMBCgZ38XqRRBDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1VvbTJxTC1xeGNqQW1rakFRb0dkX0Y2a1VRUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODEvYjY2YzJjLTNkMDEtNGJkYi04YzRjLWIyZGE5NzdlNDA3ZC8x
L29DYnEwVW11Z0o1NU5aZ3Z1dFZHQVNTOWV4SS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODEv
YjY2YzJjLTNkMDEtNGJkYi04YzRjLWIyZGE5NzdlNDA3ZC8xL1VvbTJxTC1xeGNq
QW1rakFRb0dkX0Y2a1VRUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEA16PMAMEArkzfDANBAIAAjAHAwUC
KgS+IDANBgkqhkiG9w0BAQsFAAOCAQEAwrHI7N/632DvMSSPcPN5uYdEgTyBnsax
mFmG36mBrmxPoAD0UcZJZ1a4IF6uiKniWwqG8YmiKGC03b2hXasvKEgGhrcOPSJH
7YicF9IYYfdG72UstFfrO4+956O+WPXQJbIy8Rmb6A/4XKQHWceodRXYIj85bdDd
ap9qp2kliinhWWNfL+qERuz0joARz582UWhHIiA8E1kjGeNWtktOxpChpmM4Qbpn
NyNeUTFAT8odhQngQoRyr1AetgI+NcDEK/8TK7cuZERltQiNnXWblmdQi0K6udYG
4lTCLVs+XrCmfRjf2Ekt8t/K6P+in9P4/cgW6pFrRzVZ+d4ggUqAPA==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:56 2023 by rpki-client on console.sobornost.net