Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/05e0ee-ae03-4124-b670-309b7b960d14/1/97vERzRFkAmX11MLl6qqwR-kMcg.roa
File: 97vERzRFkAmX11MLl6qqwR-kMcg.roa (raw, json)
Hash identifier: eWRM/hBU9INyb2SDcVOXTho5Tpp+beakcEKwkiwHhEk=
Subject key identifier: F7:BB:C4:47:34:45:90:09:97:D7:53:0B:97:AA:AA:C1:1F:A4:31:C8
Certificate issuer: /CN=6f3d89a81fc299f39c092e4f6d0173a9a9cfbc65
Certificate serial: 0C79FDA4
Authority key identifier: 6F:3D:89:A8:1F:C2:99:F3:9C:09:2E:4F:6D:01:73:A9:A9:CF:BC:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bz2JqB_CmfOcCS5PbQFzqanPvGU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/05e0ee-ae03-4124-b670-309b7b960d14/1/97vERzRFkAmX11MLl6qqwR-kMcg.roa
Signing time: Sat 01 Jan 2022 16:06:19 +0000
ROA not before: Sat 01 Jan 2022 16:06:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16024
IP address blocks: 156.67.56.0/24 maxlen: 24
156.67.57.0/24 maxlen: 24
217.70.160.0/20 maxlen: 20
185.47.232.0/22 maxlen: 24
46.28.32.0/21 maxlen: 21
185.159.32.0/22 maxlen: 24
149.232.244.0/22 maxlen: 24
149.232.248.0/22 maxlen: 24
2a02:1670::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 209321380 (0xc79fda4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f3d89a81fc299f39c092e4f6d0173a9a9cfbc65
Validity
Not Before: Jan 1 16:06:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f7bbc4473445900997d7530b97aaaac11fa431c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:98:0d:62:0a:71:c2:db:f3:eb:66:5b:7a:e6:
94:06:31:84:ee:35:93:96:d9:03:b4:35:a8:b2:4b:
7a:04:84:b4:12:2a:d7:1c:3c:b3:d9:8b:6a:56:bd:
df:d9:77:38:2b:b5:5d:1e:1c:28:e4:0e:e4:a1:25:
5d:c3:a4:53:db:39:f4:df:a7:d9:98:0a:f4:01:3d:
bf:10:72:a5:b9:2b:8e:d4:b0:12:32:6a:f5:0a:04:
86:e9:22:e1:76:ba:35:36:ab:80:b1:45:e9:60:fe:
77:9a:9a:93:2c:df:b0:dd:88:1c:91:94:68:a8:3e:
2d:12:4c:0d:57:69:d0:e5:3b:07:35:24:a9:cf:23:
43:74:ab:73:e2:4f:b8:ba:12:6a:67:62:05:a1:f4:
81:cc:fd:28:92:3f:8f:8c:f9:95:da:f9:cb:f6:c3:
e6:f2:36:e2:ee:ec:36:3a:2a:94:ce:4f:be:4b:f9:
33:9b:5a:90:a8:64:ce:fa:11:ca:f9:65:4a:0f:df:
ec:4d:84:f2:a1:f0:af:01:38:f6:d8:a2:24:00:93:
e8:87:be:74:7d:50:00:b6:3a:b0:b7:c6:08:cb:ad:
61:ff:6b:62:43:7f:1f:ab:45:6f:3e:2f:06:06:2f:
08:08:fc:35:1f:bc:ee:00:15:a2:59:19:a7:f9:24:
85:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:BB:C4:47:34:45:90:09:97:D7:53:0B:97:AA:AA:C1:1F:A4:31:C8
X509v3 Authority Key Identifier:
keyid:6F:3D:89:A8:1F:C2:99:F3:9C:09:2E:4F:6D:01:73:A9:A9:CF:BC:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bz2JqB_CmfOcCS5PbQFzqanPvGU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/05e0ee-ae03-4124-b670-309b7b960d14/1/97vERzRFkAmX11MLl6qqwR-kMcg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/05e0ee-ae03-4124-b670-309b7b960d14/1/bz2JqB_CmfOcCS5PbQFzqanPvGU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.28.32.0/21
149.232.244.0-149.232.251.255
156.67.56.0/23
185.47.232.0/22
185.159.32.0/22
217.70.160.0/20
IPv6:
2a02:1670::/32
Signature Algorithm: sha256WithRSAEncryption
63:87:d6:9a:e8:a8:53:bc:e6:d9:36:fa:eb:aa:79:f9:d5:97:
c0:7d:c8:fd:2b:b1:2a:d2:13:0a:0b:a0:8a:d6:86:9b:4f:a7:
4d:12:4a:7f:90:31:02:ff:50:f4:92:d6:23:5c:02:41:33:85:
6f:92:dd:89:90:76:98:78:35:45:70:6f:fc:92:54:9f:6b:47:
10:98:d2:83:72:26:1c:ee:21:36:59:73:23:f7:12:36:b7:0d:
19:8f:5f:31:2d:0a:9d:39:3d:a9:50:50:11:22:fe:c0:c4:c6:
dd:49:25:eb:44:a4:7f:57:c3:0a:c7:8c:91:79:e7:d7:47:6f:
5d:5a:9b:ea:9a:49:51:38:5f:52:6b:1f:6b:b0:43:67:91:02:
e0:b2:9d:91:38:59:00:60:4f:77:e0:7c:ba:68:14:e1:aa:7b:
67:41:9a:6f:2e:1a:8c:16:89:24:47:53:de:ce:b1:2a:21:98:
fe:7f:cf:f6:ae:f3:10:92:66:f8:d9:4e:ca:31:3b:5f:99:af:
6c:74:8b:4c:76:12:24:fc:69:16:57:f2:a7:67:df:c2:ac:40:
81:8c:6b:98:79:9f:08:56:62:0b:f7:00:7a:86:aa:c8:5f:ee:
17:71:76:f6:d6:6c:0b:10:9d:1c:19:f9:fc:7c:7b:c8:de:43:
f1:32:45:1e
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgIEDHn9pDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
ZjNkODlhODFmYzI5OWYzOWMwOTJlNGY2ZDAxNzNhOWE5Y2ZiYzY1MB4XDTIyMDEw
MTE2MDYxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjdiYmM0NDczNDQ1
OTAwOTk3ZDc1MzBiOTdhYWFhYzExZmE0MzFjODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKSYDWIKccLb8+tmW3rmlAYxhO41k5bZA7Q1qLJLegSEtBIq
1xw8s9mLala939l3OCu1XR4cKOQO5KElXcOkU9s59N+n2ZgK9AE9vxBypbkrjtSw
EjJq9QoEhuki4Xa6NTargLFF6WD+d5qakyzfsN2IHJGUaKg+LRJMDVdp0OU7BzUk
qc8jQ3Src+JPuLoSamdiBaH0gcz9KJI/j4z5ldr5y/bD5vI24u7sNjoqlM5Pvkv5
M5takKhkzvoRyvllSg/f7E2E8qHwrwE49tiiJACT6Ie+dH1QALY6sLfGCMutYf9r
YkN/H6tFbz4vBgYvCAj8NR+87gAVolkZp/kkhUMCAwEAAaOCAj4wggI6MB0GA1Ud
DgQWBBT3u8RHNEWQCZfXUwuXqqrBH6QxyDAfBgNVHSMEGDAWgBRvPYmoH8KZ85wJ
Lk9tAXOpqc+8ZTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2J6MkpxQl9DbWZPY0NTNVBiUUZ6cWFuUHZHVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODYvMDVlMGVlLWFlMDMtNDEyNC1iNjcwLTMwOWI3Yjk2MGQxNC8x
Lzk3dkVSelJGa0FtWDExTUxsNnFxd1Ita01jZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODYv
MDVlMGVlLWFlMDMtNDEyNC1iNjcwLTMwOWI3Yjk2MGQxNC8xL2J6MkpxQl9DbWZP
Y0NTNVBiUUZ6cWFuUHZHVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBU
BggrBgEFBQcBBwEB/wRFMEMwMgQCAAEwLAMEAy4cIDAMAwQClej0AwQClej4AwQB
nEM4AwQCuS/oAwQCuZ8gAwQE2UagMA0EAgACMAcDBQAqAhZwMA0GCSqGSIb3DQEB
CwUAA4IBAQBjh9aa6KhTvObZNvrrqnn51ZfAfcj9K7Eq0hMKC6CK1oabT6dNEkp/
kDEC/1D0ktYjXAJBM4Vvkt2JkHaYeDVFcG/8klSfa0cQmNKDciYc7iE2WXMj9xI2
tw0Zj18xLQqdOT2pUFARIv7AxMbdSSXrRKR/V8MKx4yReefXR29dWpvqmklROF9S
ax9rsENnkQLgsp2ROFkAYE934Hy6aBThqntnQZpvLhqMFokkR1PezrEqIZj+f8/2
rvMQkmb42U7KMTtfma9sdItMdhIk/GkWV/KnZ9/CrECBjGuYeZ8IVmIL9wB6hqrI
X+4XcXb21mwLEJ0cGfn8fHvI3kPxMkUe
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:36 2023 by rpki-client on console.sobornost.net