Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/20c187-00fd-459e-aae4-467f4f7f5ded/1/dx6bvkS5ETonIXbxS3HRCMjaPlw.roa
File: dx6bvkS5ETonIXbxS3HRCMjaPlw.roa (raw, json)
Hash identifier: uwM7hcyaHKZ36QjKC8pOa1b8kohwpxOhc/ZR2Xkx1io=
Subject key identifier: 77:1E:9B:BE:44:B9:11:3A:27:21:76:F1:4B:71:D1:08:C8:DA:3E:5C
Certificate issuer: /CN=dfd524a05d477b82fbca93e7a504aa31a3ad6863
Certificate serial: 084936C8
Authority key identifier: DF:D5:24:A0:5D:47:7B:82:FB:CA:93:E7:A5:04:AA:31:A3:AD:68:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/39UkoF1He4L7ypPnpQSqMaOtaGM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/20c187-00fd-459e-aae4-467f4f7f5ded/1/dx6bvkS5ETonIXbxS3HRCMjaPlw.roa
Signing time: Sat 01 Jan 2022 16:04:04 +0000
ROA not before: Sat 01 Jan 2022 16:04:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43260
IP address blocks: 185.106.21.0/24 maxlen: 24
185.106.22.0/24 maxlen: 24
185.106.20.0/24 maxlen: 24
185.106.23.0/24 maxlen: 24
185.28.62.0/24 maxlen: 24
185.28.63.0/24 maxlen: 24
185.28.60.0/24 maxlen: 24
185.28.61.0/24 maxlen: 24
185.103.198.0/24 maxlen: 24
185.103.196.0/24 maxlen: 24
185.103.197.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 139015880 (0x84936c8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dfd524a05d477b82fbca93e7a504aa31a3ad6863
Validity
Not Before: Jan 1 16:04:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=771e9bbe44b9113a272176f14b71d108c8da3e5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:aa:96:cc:7c:f1:65:ac:f6:ad:8a:1d:e2:f5:
1e:b9:6e:87:49:fa:01:b5:b4:3a:79:02:eb:ff:e3:
02:f9:f9:fe:87:42:dd:c9:30:c5:bc:0d:91:ac:db:
31:c0:de:c6:fc:91:00:ae:ab:4e:88:49:bc:d7:a7:
68:b6:6b:5c:a9:78:e8:56:fd:c8:1d:17:45:25:ad:
2b:11:bf:d4:09:db:7a:98:70:b0:3e:7e:0e:a4:4f:
6f:f6:c3:74:37:9b:f1:1f:3f:98:7c:85:3d:68:23:
59:3a:d6:2a:81:5e:64:6c:69:b0:8c:1e:c6:c6:fc:
5a:f5:52:59:b7:20:7f:b7:0b:bc:62:72:d3:0c:40:
d7:f9:cd:45:ba:ec:2a:d3:49:e7:0d:c3:b7:2f:b9:
d4:0d:93:f1:d2:96:6f:ab:66:69:49:9e:53:a2:0b:
c5:38:4a:0e:8b:72:ee:fe:07:b5:de:32:91:1b:a5:
02:0c:76:8d:7a:d8:4e:31:30:4b:f6:73:c8:b1:3a:
4b:e6:9f:50:0f:54:31:66:d7:1a:3e:b0:67:cb:3a:
c5:f4:0b:28:51:86:a6:c3:8b:be:92:df:f6:3d:8a:
a8:7c:8d:44:73:1a:b5:e1:84:b9:c6:46:03:61:a8:
d4:2d:60:92:4d:98:ac:d2:9c:33:61:ac:12:c5:b9:
2e:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:1E:9B:BE:44:B9:11:3A:27:21:76:F1:4B:71:D1:08:C8:DA:3E:5C
X509v3 Authority Key Identifier:
keyid:DF:D5:24:A0:5D:47:7B:82:FB:CA:93:E7:A5:04:AA:31:A3:AD:68:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/39UkoF1He4L7ypPnpQSqMaOtaGM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/20c187-00fd-459e-aae4-467f4f7f5ded/1/dx6bvkS5ETonIXbxS3HRCMjaPlw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/20c187-00fd-459e-aae4-467f4f7f5ded/1/39UkoF1He4L7ypPnpQSqMaOtaGM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.28.60.0/22
185.103.196.0-185.103.198.255
185.106.20.0/22
Signature Algorithm: sha256WithRSAEncryption
34:69:84:26:d4:cf:fc:fc:18:da:bb:21:1a:66:50:b4:f6:34:
05:93:3a:c7:4a:95:68:2e:1c:af:89:d2:e7:ad:ae:a6:9e:3c:
a3:e6:16:68:cf:ec:a0:b8:c5:8d:c2:20:af:52:0f:e8:4f:33:
a3:8f:68:2a:04:42:76:65:0b:bd:92:77:b0:ca:e8:e1:6a:64:
4b:45:22:7d:c3:94:f8:9e:05:d0:7a:71:58:ba:7a:26:85:c7:
49:94:cb:70:4c:f9:b9:0d:85:6e:18:87:63:8b:0f:aa:fa:fd:
29:77:3b:81:69:d8:79:e7:a5:0b:83:0a:3c:4d:29:d3:d4:96:
fd:c8:a6:f7:3e:78:04:be:72:75:6a:a3:8a:74:30:2e:82:47:
67:1e:c9:2e:de:fd:44:31:06:ea:c0:b9:d7:39:42:97:4f:fa:
ae:4e:95:ab:ba:8e:db:83:0f:8d:14:d0:37:dc:72:1d:98:82:
c0:42:c8:31:3c:db:fe:9a:0f:30:8a:96:75:29:fd:06:ff:f1:
2e:c7:e4:a7:2e:fb:97:f8:ca:92:bd:e7:95:6f:f2:bb:9d:34:
a1:57:88:5e:f7:70:75:7d:79:39:3f:19:87:1d:83:51:7a:13:
69:74:de:c5:b9:ac:b3:45:7c:01:53:cd:4d:fb:41:6d:65:cd:
78:a4:eb:d9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIECEk2yDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
ZmQ1MjRhMDVkNDc3YjgyZmJjYTkzZTdhNTA0YWEzMWEzYWQ2ODYzMB4XDTIyMDEw
MTE2MDQwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzcxZTliYmU0NGI5
MTEzYTI3MjE3NmYxNGI3MWQxMDhjOGRhM2U1YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKKqlsx88WWs9q2KHeL1Hrluh0n6AbW0OnkC6//jAvn5/odC
3ckwxbwNkazbMcDexvyRAK6rTohJvNenaLZrXKl46Fb9yB0XRSWtKxG/1Anbephw
sD5+DqRPb/bDdDeb8R8/mHyFPWgjWTrWKoFeZGxpsIwexsb8WvVSWbcgf7cLvGJy
0wxA1/nNRbrsKtNJ5w3Dty+51A2T8dKWb6tmaUmeU6ILxThKDoty7v4Htd4ykRul
Agx2jXrYTjEwS/ZzyLE6S+afUA9UMWbXGj6wZ8s6xfQLKFGGpsOLvpLf9j2KqHyN
RHMateGEucZGA2Go1C1gkk2YrNKcM2GsEsW5LhcCAwEAAaOCAh0wggIZMB0GA1Ud
DgQWBBR3Hpu+RLkROichdvFLcdEIyNo+XDAfBgNVHSMEGDAWgBTf1SSgXUd7gvvK
k+elBKoxo61oYzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzM5VWtvRjFIZTRMN3lwUG5wUVNxTWFPdGFHTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODIvMjBjMTg3LTAwZmQtNDU5ZS1hYWU0LTQ2N2Y0ZjdmNWRlZC8x
L2R4NmJ2a1M1RVRvbklYYnhTM0hSQ01qYVBsdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODIv
MjBjMTg3LTAwZmQtNDU5ZS1hYWU0LTQ2N2Y0ZjdmNWRlZC8xLzM5VWtvRjFIZTRM
N3lwUG5wUVNxTWFPdGFHTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAz
BggrBgEFBQcBBwEB/wQkMCIwIAQCAAEwGgMEArkcPDAMAwQCuWfEAwQAuWfGAwQC
uWoUMA0GCSqGSIb3DQEBCwUAA4IBAQA0aYQm1M/8/BjauyEaZlC09jQFkzrHSpVo
LhyvidLnra6mnjyj5hZoz+yguMWNwiCvUg/oTzOjj2gqBEJ2ZQu9knewyujhamRL
RSJ9w5T4ngXQenFYunomhcdJlMtwTPm5DYVuGIdjiw+q+v0pdzuBadh556ULgwo8
TSnT1Jb9yKb3PngEvnJ1aqOKdDAugkdnHsku3v1EMQbqwLnXOUKXT/quTpWruo7b
gw+NFNA33HIdmILAQsgxPNv+mg8wipZ1Kf0G//Eux+SnLvuX+MqSveeVb/K7nTSh
V4he93B1fXk5PxmHHYNRehNpdN7FuayzRXwBU81N+0FtZc14pOvZ
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:58 2023 by rpki-client on console.sobornost.net