Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/325c8d-d368-4eee-9ca8-929f7d635f4b/1/rbBb9LYHtYbsvtG9rVeN_QFhsjk.roa
File: rbBb9LYHtYbsvtG9rVeN_QFhsjk.roa (raw, json)
Hash identifier: sFKwRKi0DBDz6Fh//phh8rYJYoF1VZbeqfzIR7+UJsc=
Subject key identifier: AD:B0:5B:F4:B6:07:B5:86:EC:BE:D1:BD:AD:57:8D:FD:01:61:B2:39
Certificate issuer: /CN=adac830ccaa74783dd961fab241a228d7cc6f808
Certificate serial: 0AAF5758
Authority key identifier: AD:AC:83:0C:CA:A7:47:83:DD:96:1F:AB:24:1A:22:8D:7C:C6:F8:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rayDDMqnR4Pdlh-rJBoijXzG-Ag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/325c8d-d368-4eee-9ca8-929f7d635f4b/1/rbBb9LYHtYbsvtG9rVeN_QFhsjk.roa
Signing time: Sat 01 Jan 2022 08:57:46 +0000
ROA not before: Sat 01 Jan 2022 08:57:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 196797
IP address blocks: 91.222.28.0/22 maxlen: 32
94.125.88.0/21 maxlen: 32
81.30.48.0/20 maxlen: 32
193.151.24.0/22 maxlen: 32
176.115.88.0/21 maxlen: 32
109.233.168.0/22 maxlen: 32
195.69.236.0/22 maxlen: 32
164.138.32.0/21 maxlen: 32
195.69.168.0/22 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 179263320 (0xaaf5758)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=adac830ccaa74783dd961fab241a228d7cc6f808
Validity
Not Before: Jan 1 08:57:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=adb05bf4b607b586ecbed1bdad578dfd0161b239
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:13:65:4a:69:ee:a5:ce:69:45:4e:b7:11:bf:
be:ec:d9:3e:5a:10:11:a3:b5:cb:c2:df:9a:14:c7:
ef:7a:0b:d8:b3:78:f1:f7:10:27:94:51:01:21:5f:
e1:29:2d:08:b9:1e:7b:36:25:35:24:e0:2c:49:be:
71:f0:c5:73:8c:39:43:75:92:e7:da:a3:71:07:f8:
1c:0e:08:6f:51:52:dd:d0:52:40:a3:ee:f3:7a:1d:
83:d3:00:b7:71:c3:de:77:6e:65:e0:e7:65:11:09:
0f:f7:f0:4f:47:b3:5b:2d:ac:ad:59:8b:f1:c5:42:
2d:26:78:f6:2f:16:23:20:7b:9e:1b:de:44:74:ae:
5b:3a:63:ee:25:e5:db:d8:ec:5a:37:4f:0b:34:97:
da:bb:92:9d:df:7c:60:5a:c4:d8:b9:75:04:99:18:
14:a5:75:88:dc:7e:b9:a1:84:97:4a:8e:79:e5:21:
a6:21:b8:03:a8:20:c3:ac:0e:53:38:5f:77:e5:5f:
87:ad:ab:18:62:1d:a8:f7:20:c7:95:24:1b:cc:ce:
35:93:f9:b8:77:74:e7:00:c2:ce:ed:77:58:15:04:
50:61:14:ba:06:2a:a3:38:24:73:fc:e1:b5:01:bc:
5d:3e:0e:c0:33:5f:42:4c:b5:67:e1:60:62:dc:64:
24:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:B0:5B:F4:B6:07:B5:86:EC:BE:D1:BD:AD:57:8D:FD:01:61:B2:39
X509v3 Authority Key Identifier:
keyid:AD:AC:83:0C:CA:A7:47:83:DD:96:1F:AB:24:1A:22:8D:7C:C6:F8:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rayDDMqnR4Pdlh-rJBoijXzG-Ag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/325c8d-d368-4eee-9ca8-929f7d635f4b/1/rbBb9LYHtYbsvtG9rVeN_QFhsjk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/325c8d-d368-4eee-9ca8-929f7d635f4b/1/rayDDMqnR4Pdlh-rJBoijXzG-Ag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.30.48.0/20
91.222.28.0/22
94.125.88.0/21
109.233.168.0/22
164.138.32.0/21
176.115.88.0/21
193.151.24.0/22
195.69.168.0/22
195.69.236.0/22
Signature Algorithm: sha256WithRSAEncryption
2e:13:fa:7a:f7:31:3d:f6:df:55:6f:e4:bf:bb:90:c6:d4:cc:
9b:8c:3e:fe:fc:a8:21:26:2d:2f:bd:8c:8c:20:79:77:3b:a7:
73:1f:44:56:be:1a:a7:40:a9:3e:de:ce:b2:48:06:6c:1a:27:
c6:10:88:d8:67:7c:2a:2c:69:e8:d5:04:38:ce:8c:be:51:eb:
61:ef:60:3c:fa:cd:5a:7f:17:79:24:72:c1:6d:01:60:93:fd:
fb:6f:5c:6f:e9:d3:f1:b8:e6:1f:97:1a:b3:e6:82:87:1c:04:
ab:da:a0:50:7b:f8:6c:4c:3c:4c:fd:80:c7:dc:46:21:a4:5f:
39:95:59:54:22:7e:1a:04:7a:2c:37:84:54:c0:a1:ba:c7:a6:
3d:ed:db:c9:81:53:b5:4c:99:7b:c4:37:c5:45:eb:78:cf:ea:
7b:61:ed:5a:eb:58:8c:0a:5a:38:09:75:e9:c1:d3:35:83:b3:
b6:65:6a:06:4d:a2:d4:d8:22:01:21:b5:b9:72:20:a3:0f:03:
9c:4d:18:c6:95:05:67:23:9d:23:ae:bd:36:67:4b:ff:77:2c:
a7:49:56:53:f7:15:aa:f0:07:4b:32:41:06:2f:50:9d:ab:9b:
a5:ac:23:a9:6f:60:d5:18:f2:b9:5b:4c:7c:5a:23:6b:3b:a8:
24:95:c5:4f
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgIECq9XWDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ZGFjODMwY2NhYTc0NzgzZGQ5NjFmYWIyNDFhMjI4ZDdjYzZmODA4MB4XDTIyMDEw
MTA4NTc0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWRiMDViZjRiNjA3
YjU4NmVjYmVkMWJkYWQ1NzhkZmQwMTYxYjIzOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIkTZUpp7qXOaUVOtxG/vuzZPloQEaO1y8LfmhTH73oL2LN4
8fcQJ5RRASFf4SktCLkeezYlNSTgLEm+cfDFc4w5Q3WS59qjcQf4HA4Ib1FS3dBS
QKPu83odg9MAt3HD3nduZeDnZREJD/fwT0ezWy2srVmL8cVCLSZ49i8WIyB7nhve
RHSuWzpj7iXl29jsWjdPCzSX2ruSnd98YFrE2Ll1BJkYFKV1iNx+uaGEl0qOeeUh
piG4A6ggw6wOUzhfd+Vfh62rGGIdqPcgx5UkG8zONZP5uHd05wDCzu13WBUEUGEU
ugYqozgkc/zhtQG8XT4OwDNfQky1Z+FgYtxkJOsCAwEAAaOCAjkwggI1MB0GA1Ud
DgQWBBStsFv0tge1huy+0b2tV439AWGyOTAfBgNVHSMEGDAWgBStrIMMyqdHg92W
H6skGiKNfMb4CDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3JheURETXFuUjRQZGxoLXJKQm9palh6Ry1BZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODIvMzI1YzhkLWQzNjgtNGVlZS05Y2E4LTkyOWY3ZDYzNWY0Yi8x
L3JiQmI5TFlIdFlic3Z0RzlyVmVOX1FGaHNqay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODIv
MzI1YzhkLWQzNjgtNGVlZS05Y2E4LTkyOWY3ZDYzNWY0Yi8xL3JheURETXFuUjRQ
ZGxoLXJKQm9palh6Ry1BZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBP
BggrBgEFBQcBBwEB/wRAMD4wPAQCAAEwNgMEBFEeMAMEAlveHAMEA159WAMEAm3p
qAMEA6SKIAMEA7BzWAMEAsGXGAMEAsNFqAMEAsNF7DANBgkqhkiG9w0BAQsFAAOC
AQEALhP6evcxPfbfVW/kv7uQxtTMm4w+/vyoISYtL72MjCB5dzuncx9EVr4ap0Cp
Pt7OskgGbBonxhCI2Gd8Kixp6NUEOM6MvlHrYe9gPPrNWn8XeSRywW0BYJP9+29c
b+nT8bjmH5cas+aChxwEq9qgUHv4bEw8TP2Ax9xGIaRfOZVZVCJ+GgR6LDeEVMCh
usemPe3byYFTtUyZe8Q3xUXreM/qe2HtWutYjApaOAl16cHTNYOztmVqBk2i1Ngi
ASG1uXIgow8DnE0YxpUFZyOdI669NmdL/3csp0lWU/cVqvAHSzJBBi9Qnaubpawj
qW9g1RjyuVtMfFojazuoJJXFTw==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:22 2023 by rpki-client on console.sobornost.net