Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/c38360-743a-428f-ab97-6369b17ff178/1/Ovd3FpFqVilZlPq-6oU6Lnp0quQ.roa
File: Ovd3FpFqVilZlPq-6oU6Lnp0quQ.roa (raw, json)
Hash identifier: tkO8zLnqV7I6NdmYeGG83plLZ07vCCgSSfwxIlDk2Og=
Subject key identifier: 3A:F7:77:16:91:6A:56:29:59:94:FA:BE:EA:85:3A:2E:7A:74:AA:E4
Certificate issuer: /CN=cd2d25f7691360878cbace985890b9f5efcf7d95
Certificate serial: 055F6F3F
Authority key identifier: CD:2D:25:F7:69:13:60:87:8C:BA:CE:98:58:90:B9:F5:EF:CF:7D:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zS0l92kTYIeMus6YWJC59e_PfZU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/c38360-743a-428f-ab97-6369b17ff178/1/Ovd3FpFqVilZlPq-6oU6Lnp0quQ.roa
Signing time: Sat 01 Jan 2022 06:55:24 +0000
ROA not before: Sat 01 Jan 2022 06:55:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 9063
IP address blocks: 195.66.0.0/21 maxlen: 21
213.185.65.0/24 maxlen: 24
213.185.68.0/22 maxlen: 22
213.185.66.0/23 maxlen: 23
213.185.72.0/22 maxlen: 22
213.185.76.0/23 maxlen: 23
185.5.28.0/22 maxlen: 22
2a02:7940::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90140479 (0x55f6f3f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd2d25f7691360878cbace985890b9f5efcf7d95
Validity
Not Before: Jan 1 06:55:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3af77716916a56295994fabeea853a2e7a74aae4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:44:38:41:0d:d0:34:b0:27:16:ab:c7:a5:57:
94:35:77:12:f9:e8:02:44:92:fd:a1:8d:5e:bc:e7:
93:d5:3b:9b:4b:89:96:1b:a6:fe:9d:26:a8:16:ed:
d0:7d:aa:0c:b1:00:41:29:f5:39:9d:8b:93:07:88:
9f:92:38:d8:14:03:ad:f0:2f:2f:4b:c7:36:e0:ff:
27:cc:c1:fb:e4:6e:8d:bc:ac:3f:eb:82:71:fd:5a:
f7:38:1a:aa:a6:8d:6a:5d:71:a2:76:ac:5c:36:bb:
4b:85:30:7e:fa:b8:f9:da:e3:e2:4e:88:c3:d7:be:
2f:66:96:ae:94:23:1b:f3:a6:33:cc:25:8f:77:2e:
0d:79:b6:62:d0:01:aa:ae:79:1c:57:4e:16:70:2f:
5c:ca:9e:f4:2e:8a:ec:27:18:fc:24:88:6b:8e:5c:
94:d4:40:95:ba:e9:3a:40:68:6a:9b:20:2f:d1:99:
fa:f2:e7:fb:5a:64:16:c4:a6:ef:59:54:58:ac:d0:
13:61:27:0f:e9:c3:be:0a:7a:e4:ee:50:78:1f:5a:
82:2f:95:50:4a:ec:20:1d:79:11:3c:cd:59:55:d0:
01:c9:51:0c:99:14:b6:4a:54:70:a4:33:1d:70:f0:
ca:0c:b8:5c:56:2b:e8:83:53:8d:1d:b0:47:a4:37:
a3:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:F7:77:16:91:6A:56:29:59:94:FA:BE:EA:85:3A:2E:7A:74:AA:E4
X509v3 Authority Key Identifier:
keyid:CD:2D:25:F7:69:13:60:87:8C:BA:CE:98:58:90:B9:F5:EF:CF:7D:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zS0l92kTYIeMus6YWJC59e_PfZU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/c38360-743a-428f-ab97-6369b17ff178/1/Ovd3FpFqVilZlPq-6oU6Lnp0quQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/c38360-743a-428f-ab97-6369b17ff178/1/zS0l92kTYIeMus6YWJC59e_PfZU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.5.28.0/22
195.66.0.0/21
213.185.65.0-213.185.77.255
IPv6:
2a02:7940::/32
Signature Algorithm: sha256WithRSAEncryption
6c:11:b9:7e:e1:48:7a:66:13:d9:f3:bd:a9:14:ba:0a:2c:1e:
56:21:39:6c:cd:d7:ae:ea:b2:3d:4e:c1:ff:3b:cf:c3:cd:22:
4a:c6:fd:3d:3d:50:73:fa:20:ac:56:32:a1:38:72:f0:6d:97:
99:18:b8:04:25:23:65:56:0b:a5:b1:33:f8:4f:ed:77:1f:37:
9f:cb:79:98:a1:33:8d:43:61:b6:93:d6:06:8f:ce:30:e8:8d:
72:e6:bb:de:d8:1c:75:0a:df:28:e3:66:e8:43:08:73:8d:2b:
a8:96:3e:44:9c:98:a2:17:d3:f1:5b:2e:d8:29:5e:dd:08:e9:
a1:ef:12:05:70:ff:cf:39:91:8b:6c:e3:03:22:e0:46:c2:1e:
0f:12:42:43:3e:f8:90:71:b0:44:9a:9b:37:05:c3:b6:b2:06:
19:49:97:5e:ad:36:cd:68:a9:8e:d5:4b:f6:38:54:58:10:f7:
d2:0a:b2:bf:a2:07:1d:9b:df:67:0c:ee:ac:6d:32:88:5f:a1:
9f:cb:7d:4d:53:9c:e9:27:ee:e1:36:0c:2c:60:47:17:d8:29:
a1:ca:50:6a:cb:a4:ff:67:2e:ec:5f:8b:2c:f4:28:b0:f7:a0:
c3:10:f7:fb:0d:35:45:22:17:b9:1d:0c:ad:24:91:06:68:0a:
4a:60:51:a7
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIEBV9vPzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
ZDJkMjVmNzY5MTM2MDg3OGNiYWNlOTg1ODkwYjlmNWVmY2Y3ZDk1MB4XDTIyMDEw
MTA2NTUyNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2FmNzc3MTY5MTZh
NTYyOTU5OTRmYWJlZWE4NTNhMmU3YTc0YWFlNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANNEOEEN0DSwJxarx6VXlDV3EvnoAkSS/aGNXrznk9U7m0uJ
lhum/p0mqBbt0H2qDLEAQSn1OZ2LkweIn5I42BQDrfAvL0vHNuD/J8zB++Rujbys
P+uCcf1a9zgaqqaNal1xonasXDa7S4Uwfvq4+drj4k6Iw9e+L2aWrpQjG/OmM8wl
j3cuDXm2YtABqq55HFdOFnAvXMqe9C6K7CcY/CSIa45clNRAlbrpOkBoapsgL9GZ
+vLn+1pkFsSm71lUWKzQE2EnD+nDvgp65O5QeB9agi+VUErsIB15ETzNWVXQAclR
DJkUtkpUcKQzHXDwygy4XFYr6INTjR2wR6Q3o4MCAwEAAaOCAiwwggIoMB0GA1Ud
DgQWBBQ693cWkWpWKVmU+r7qhTouenSq5DAfBgNVHSMEGDAWgBTNLSX3aRNgh4y6
zphYkLn17899lTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3pTMGw5MmtUWUllTXVzNllXSkM1OWVfUGZaVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODEvYzM4MzYwLTc0M2EtNDI4Zi1hYjk3LTYzNjliMTdmZjE3OC8x
L092ZDNGcEZxVmlsWmxQcS02b1U2TG5wMHF1US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODEv
YzM4MzYwLTc0M2EtNDI4Zi1hYjk3LTYzNjliMTdmZjE3OC8xL3pTMGw5MmtUWUll
TXVzNllXSkM1OWVfUGZaVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBC
BggrBgEFBQcBBwEB/wQzMDEwIAQCAAEwGgMEArkFHAMEA8NCADAMAwQA1blBAwQB
1blMMA0EAgACMAcDBQAqAnlAMA0GCSqGSIb3DQEBCwUAA4IBAQBsEbl+4Uh6ZhPZ
872pFLoKLB5WITlszdeu6rI9TsH/O8/DzSJKxv09PVBz+iCsVjKhOHLwbZeZGLgE
JSNlVgulsTP4T+13Hzefy3mYoTONQ2G2k9YGj84w6I1y5rve2Bx1Ct8o42boQwhz
jSuolj5EnJiiF9PxWy7YKV7dCOmh7xIFcP/POZGLbOMDIuBGwh4PEkJDPviQcbBE
mps3BcO2sgYZSZderTbNaKmO1Uv2OFRYEPfSCrK/ogcdm99nDO6sbTKIX6Gfy31N
U5zpJ+7hNgwsYEcX2CmhylBqy6T/Zy7sX4ss9Ciw96DDEPf7DTVFIhe5HQytJJEG
aApKYFGn
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:56 2023 by rpki-client on console.sobornost.net