Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/276c24-2a7f-4726-8d9f-8bf4fe4c7732/1/kUcNGu3SMHFVfCJMJwZ3ahkssXk.roa
File: kUcNGu3SMHFVfCJMJwZ3ahkssXk.roa (raw, json)
Hash identifier: VYBno8nc4JPDQmrzNJ7VyqMfQrpxQMGsSn3lUa0mGzQ=
Subject key identifier: 91:47:0D:1A:ED:D2:30:71:55:7C:22:4C:27:06:77:6A:19:2C:B1:79
Certificate issuer: /CN=fa56c7e660b1c74e3b0318b14338c3f00dd7bc72
Certificate serial: 12EDF1F4
Authority key identifier: FA:56:C7:E6:60:B1:C7:4E:3B:03:18:B1:43:38:C3:F0:0D:D7:BC:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-lbH5mCxx047AxixQzjD8A3XvHI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/276c24-2a7f-4726-8d9f-8bf4fe4c7732/1/kUcNGu3SMHFVfCJMJwZ3ahkssXk.roa
Signing time: Sat 01 Jan 2022 12:59:09 +0000
ROA not before: Sat 01 Jan 2022 12:59:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210990
IP address blocks: 192.145.120.0/22 maxlen: 24
176.106.40.0/24 maxlen: 24
176.106.44.0/24 maxlen: 24
176.106.43.0/24 maxlen: 24
176.106.42.0/24 maxlen: 24
176.106.41.0/24 maxlen: 24
176.106.47.0/24 maxlen: 24
176.106.46.0/24 maxlen: 24
176.106.45.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 317583860 (0x12edf1f4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fa56c7e660b1c74e3b0318b14338c3f00dd7bc72
Validity
Not Before: Jan 1 12:59:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=91470d1aedd23071557c224c2706776a192cb179
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:74:9d:8a:65:8b:dd:d8:58:4b:98:ac:dd:55:
40:56:d8:d7:51:bf:db:0c:aa:db:31:b3:cd:23:26:
cb:a1:17:d5:81:75:c2:f8:e3:e6:bb:5a:c4:85:c0:
a4:42:2e:62:9f:82:b6:36:5a:48:b0:66:78:06:a2:
12:75:1f:28:00:95:c4:b7:85:af:95:f9:35:6a:16:
6c:cc:47:09:6d:69:ca:0f:35:2e:5f:8f:87:ca:28:
b1:47:f1:28:b1:8e:eb:f9:33:1f:22:4c:43:0a:a0:
de:41:72:6d:26:c6:8f:2f:e1:b0:59:2c:e9:d4:22:
a3:5a:5e:88:84:2f:0d:98:07:13:3c:9c:74:52:b2:
f7:c3:bb:18:19:8b:2f:79:86:aa:31:7d:0c:52:53:
0e:3d:27:f3:f8:68:48:1b:fd:0a:50:78:2e:e4:99:
6c:68:99:85:5e:4b:03:a2:0e:73:be:5d:8e:b2:9a:
35:06:2c:ee:cd:26:db:42:96:d7:d5:14:e0:64:80:
2d:37:f1:02:0b:2c:5f:c5:44:48:f3:2e:53:cd:d7:
67:5d:a4:0a:2d:07:50:ee:a0:4e:cf:f3:b1:52:c2:
84:64:36:99:0b:86:19:5d:f3:18:5b:45:e4:79:f0:
4e:8b:2d:56:85:c0:0c:f6:56:22:3b:60:60:84:e7:
51:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:47:0D:1A:ED:D2:30:71:55:7C:22:4C:27:06:77:6A:19:2C:B1:79
X509v3 Authority Key Identifier:
keyid:FA:56:C7:E6:60:B1:C7:4E:3B:03:18:B1:43:38:C3:F0:0D:D7:BC:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-lbH5mCxx047AxixQzjD8A3XvHI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/276c24-2a7f-4726-8d9f-8bf4fe4c7732/1/kUcNGu3SMHFVfCJMJwZ3ahkssXk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/276c24-2a7f-4726-8d9f-8bf4fe4c7732/1/1-lbH5mCxx047AxixQzjD8A3XvHI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.106.40.0/21
192.145.120.0/22
Signature Algorithm: sha256WithRSAEncryption
4c:a8:06:9a:13:b5:44:a0:50:ff:e5:58:4f:88:84:bc:c4:b4:
37:9e:49:92:7a:bb:c4:44:b6:11:b3:02:45:6e:2d:83:62:9b:
8a:0c:00:f1:25:47:85:a1:64:81:d7:ec:45:8b:30:e2:2f:fc:
18:af:40:ac:41:37:6c:ba:d1:86:9c:ce:07:6a:15:f1:ee:7b:
ee:ee:bc:b5:99:4e:81:fe:76:18:4b:0f:56:5b:ee:53:f7:c7:
db:49:ee:34:50:12:11:ef:33:39:3a:81:d0:c7:fd:65:32:27:
21:08:7f:7d:60:ab:14:68:f9:00:cf:5f:10:ae:0a:44:ea:74:
18:b0:3b:cf:4f:44:c8:50:65:99:b9:0c:02:e3:ee:47:cd:2f:
0c:31:a0:44:ba:94:ff:72:c3:85:5b:05:80:95:a7:a6:b2:28:
13:0f:bd:05:db:c4:ff:34:48:20:c6:63:bf:21:c6:e1:da:e5:
2c:e0:c1:fd:6c:95:c9:27:aa:4a:29:0c:ea:90:ad:71:29:90:
8f:c5:bf:ab:68:ee:e7:dc:7f:14:30:e9:40:4f:dd:a7:0a:2f:
d6:07:12:f1:87:0a:7c:43:a1:f9:88:4a:d7:36:17:6a:4d:d5:
e5:42:cd:b5:e0:a8:9b:6d:b1:91:be:cc:83:db:95:fd:30:96:
17:62:4b:91
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEEu3x9DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
YTU2YzdlNjYwYjFjNzRlM2IwMzE4YjE0MzM4YzNmMDBkZDdiYzcyMB4XDTIyMDEw
MTEyNTkwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTE0NzBkMWFlZGQy
MzA3MTU1N2MyMjRjMjcwNjc3NmExOTJjYjE3OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALB0nYpli93YWEuYrN1VQFbY11G/2wyq2zGzzSMmy6EX1YF1
wvjj5rtaxIXApEIuYp+CtjZaSLBmeAaiEnUfKACVxLeFr5X5NWoWbMxHCW1pyg81
Ll+Ph8oosUfxKLGO6/kzHyJMQwqg3kFybSbGjy/hsFks6dQio1peiIQvDZgHEzyc
dFKy98O7GBmLL3mGqjF9DFJTDj0n8/hoSBv9ClB4LuSZbGiZhV5LA6IOc75djrKa
NQYs7s0m20KW19UU4GSALTfxAgssX8VESPMuU83XZ12kCi0HUO6gTs/zsVLChGQ2
mQuGGV3zGFtF5HnwTostVoXADPZWIjtgYITnUVcCAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBSRRw0a7dIwcVV8IkwnBndqGSyxeTAfBgNVHSMEGDAWgBT6VsfmYLHHTjsD
GLFDOMPwDde8cjAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtbGJINW1DeHgwNDdBeGl4UXpqRDhBM1h2SEkuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzgyLzI3NmMyNC0yYTdmLTQ3MjYtOGQ5Zi04YmY0ZmU0Yzc3MzIv
MS9rVWNOR3UzU01IRlZmQ0pNSndaM2Foa3NzWGsucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzgy
LzI3NmMyNC0yYTdmLTQ3MjYtOGQ5Zi04YmY0ZmU0Yzc3MzIvMS8xLWxiSDVtQ3h4
MDQ3QXhpeFF6akQ4QTNYdkhJLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDsGooAwQCwJF4MA0GCSqGSIb3
DQEBCwUAA4IBAQBMqAaaE7VEoFD/5VhPiIS8xLQ3nkmServERLYRswJFbi2DYpuK
DADxJUeFoWSB1+xFizDiL/wYr0CsQTdsutGGnM4HahXx7nvu7ry1mU6B/nYYSw9W
W+5T98fbSe40UBIR7zM5OoHQx/1lMichCH99YKsUaPkAz18QrgpE6nQYsDvPT0TI
UGWZuQwC4+5HzS8MMaBEupT/csOFWwWAlaemsigTD70F28T/NEggxmO/Icbh2uUs
4MH9bJXJJ6pKKQzqkK1xKZCPxb+raO7n3H8UMOlAT92nCi/WBxLxhwp8Q6H5iErX
NhdqTdXlQs214KibbbGRvsyD25X9MJYXYkuR
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:22 2023 by rpki-client on console.sobornost.net