Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/71fd10-4f26-449a-b361-f98ec9d162be/1/1OnQWGfLgXXV3D0K1oH-i_t8_RM.roa
File: 1OnQWGfLgXXV3D0K1oH-i_t8_RM.roa (raw, json)
Hash identifier: vFP4f0/YQ1agNisF4XJMLL1JPHNJmD5SMczG9KfCCW8=
Subject key identifier: D4:E9:D0:58:67:CB:81:75:D5:DC:3D:0A:D6:81:FE:8B:FB:7C:FD:13
Certificate issuer: /CN=ca1def8400365e1cac16e8f7887092dac983b73e
Certificate serial: 0299CB87
Authority key identifier: CA:1D:EF:84:00:36:5E:1C:AC:16:E8:F7:88:70:92:DA:C9:83:B7:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yh3vhAA2XhysFuj3iHCS2smDtz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/71fd10-4f26-449a-b361-f98ec9d162be/1/1OnQWGfLgXXV3D0K1oH-i_t8_RM.roa
Signing time: Sat 01 Jan 2022 00:53:56 +0000
ROA not before: Sat 01 Jan 2022 00:53:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41165
IP address blocks: 80.64.80.0/20 maxlen: 20
195.238.176.0/22 maxlen: 22
195.216.204.0/23 maxlen: 23
185.35.8.0/22 maxlen: 22
94.100.208.0/20 maxlen: 20
2a00:7d00::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 43633543 (0x299cb87)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca1def8400365e1cac16e8f7887092dac983b73e
Validity
Not Before: Jan 1 00:53:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d4e9d05867cb8175d5dc3d0ad681fe8bfb7cfd13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:c5:59:45:2b:92:52:ef:9d:58:32:3e:43:9a:
17:2a:52:88:b3:51:59:b0:a1:01:7e:97:cc:9c:90:
38:a8:91:e6:68:82:b7:c0:e3:e3:14:a6:b7:6e:31:
92:32:8b:e4:49:97:49:23:ba:32:87:4e:9f:41:b4:
80:77:75:9f:24:be:f2:72:cd:d0:8d:04:26:a3:14:
25:0b:e1:82:ba:76:f4:b8:9c:8f:6c:62:9b:7d:54:
d5:9f:fb:2d:64:98:d8:85:ba:eb:a3:74:d0:79:42:
0c:b0:a3:f6:25:d6:30:e6:f4:b3:fb:b5:dd:e8:1b:
b4:97:56:a2:13:80:58:7e:4b:f0:ac:a1:92:80:47:
a6:20:c8:ad:6a:c7:f7:d8:77:76:3e:63:b5:27:6d:
2b:6a:52:e9:ab:59:4d:b9:d0:43:49:4d:4f:5a:e1:
2f:71:7c:72:ad:e2:c2:54:b9:da:23:6e:39:5f:3c:
f0:a0:55:0c:ae:b7:a6:c0:e2:5e:20:b8:a7:9f:7c:
d5:ab:98:7a:19:ef:98:c7:63:bb:21:2c:6d:41:a7:
7d:02:90:ca:2b:d1:76:d4:6b:8f:be:45:7b:0f:40:
fc:06:a8:64:8f:1a:c1:89:4c:cb:79:0e:8d:47:6f:
b0:2b:5c:71:c0:8d:e7:3c:b5:a3:40:4d:3c:c9:e8:
e3:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:E9:D0:58:67:CB:81:75:D5:DC:3D:0A:D6:81:FE:8B:FB:7C:FD:13
X509v3 Authority Key Identifier:
keyid:CA:1D:EF:84:00:36:5E:1C:AC:16:E8:F7:88:70:92:DA:C9:83:B7:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yh3vhAA2XhysFuj3iHCS2smDtz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/71fd10-4f26-449a-b361-f98ec9d162be/1/1OnQWGfLgXXV3D0K1oH-i_t8_RM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/71fd10-4f26-449a-b361-f98ec9d162be/1/yh3vhAA2XhysFuj3iHCS2smDtz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.64.80.0/20
94.100.208.0/20
185.35.8.0/22
195.216.204.0/23
195.238.176.0/22
IPv6:
2a00:7d00::/32
Signature Algorithm: sha256WithRSAEncryption
48:6a:96:f2:c3:38:20:ee:76:f0:fe:63:31:95:c9:64:dc:fb:
38:87:1e:c5:80:8e:ca:c3:2a:51:36:94:8c:b0:52:76:9d:79:
63:ca:87:d2:67:ec:49:50:1f:79:49:5f:61:cc:eb:bd:62:75:
c8:e0:64:7d:b7:de:3a:2f:d8:30:6e:03:f2:92:c8:59:09:37:
70:68:48:df:93:74:3d:2d:a1:2d:ba:45:20:73:51:64:38:5c:
67:9b:5f:e0:c2:d5:72:68:cd:d5:5a:91:b2:a2:14:68:93:fd:
b4:c1:92:55:48:f9:d2:5c:93:2d:54:56:3b:91:5c:80:3c:45:
90:cd:ff:dd:98:ec:ac:2a:26:b8:cb:62:e0:7e:f0:3e:f2:69:
28:ee:42:11:c1:2c:44:da:56:32:af:f1:b6:f0:38:36:de:ce:
7f:32:1e:1d:90:01:3b:b1:69:c0:ed:ad:1e:03:ab:5c:56:97:
e3:3d:c1:0c:90:b9:be:4d:05:0d:26:49:39:83:42:e6:01:9b:
cb:24:f9:1b:f2:f9:3d:48:1c:a1:e7:fb:7a:f8:03:15:99:d7:
b0:bf:5e:25:d7:ca:96:62:0c:32:71:bf:5b:62:c5:0e:40:89:
53:18:0e:8e:34:77:d1:8d:68:0b:81:e6:d8:66:7d:1a:21:9d:
3c:c4:24:f5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIEApnLhzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
YTFkZWY4NDAwMzY1ZTFjYWMxNmU4Zjc4ODcwOTJkYWM5ODNiNzNlMB4XDTIyMDEw
MTAwNTM1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDRlOWQwNTg2N2Ni
ODE3NWQ1ZGMzZDBhZDY4MWZlOGJmYjdjZmQxMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALDFWUUrklLvnVgyPkOaFypSiLNRWbChAX6XzJyQOKiR5miC
t8Dj4xSmt24xkjKL5EmXSSO6ModOn0G0gHd1nyS+8nLN0I0EJqMUJQvhgrp29Lic
j2xim31U1Z/7LWSY2IW666N00HlCDLCj9iXWMOb0s/u13egbtJdWohOAWH5L8Kyh
koBHpiDIrWrH99h3dj5jtSdtK2pS6atZTbnQQ0lNT1rhL3F8cq3iwlS52iNuOV88
8KBVDK63psDiXiC4p5981auYehnvmMdjuyEsbUGnfQKQyivRdtRrj75Few9A/Aao
ZI8awYlMy3kOjUdvsCtcccCN5zy1o0BNPMno42kCAwEAAaOCAjAwggIsMB0GA1Ud
DgQWBBTU6dBYZ8uBddXcPQrWgf6L+3z9EzAfBgNVHSMEGDAWgBTKHe+EADZeHKwW
6PeIcJLayYO3PjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3loM3ZoQUEyWGh5c0Z1ajNpSENTMnNtRHR6NC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGIvNzFmZDEwLTRmMjYtNDQ5YS1iMzYxLWY5OGVjOWQxNjJiZS8x
LzFPblFXR2ZMZ1hYVjNEMEsxb0gtaV90OF9STS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGIv
NzFmZDEwLTRmMjYtNDQ5YS1iMzYxLWY5OGVjOWQxNjJiZS8xL3loM3ZoQUEyWGh5
c0Z1ajNpSENTMnNtRHR6NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBG
BggrBgEFBQcBBwEB/wQ3MDUwJAQCAAEwHgMEBFBAUAMEBF5k0AMEArkjCAMEAcPY
zAMEAsPusDANBAIAAjAHAwUAKgB9ADANBgkqhkiG9w0BAQsFAAOCAQEASGqW8sM4
IO528P5jMZXJZNz7OIcexYCOysMqUTaUjLBSdp15Y8qH0mfsSVAfeUlfYczrvWJ1
yOBkfbfeOi/YMG4D8pLIWQk3cGhI35N0PS2hLbpFIHNRZDhcZ5tf4MLVcmjN1VqR
sqIUaJP9tMGSVUj50lyTLVRWO5FcgDxFkM3/3ZjsrComuMti4H7wPvJpKO5CEcEs
RNpWMq/xtvA4Nt7OfzIeHZABO7FpwO2tHgOrXFaX4z3BDJC5vk0FDSZJOYNC5gGb
yyT5G/L5PUgcoef7evgDFZnXsL9eJdfKlmIMMnG/W2LFDkCJUxgOjjR30Y1oC4Hm
2GZ9GiGdPMQk9Q==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:41 2023 by rpki-client on console.sobornost.net