Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/c5a159-8568-4945-8026-23c338680771/1/On32m31oD7aq1WZQCWeuiYJZmT0.roa
File: On32m31oD7aq1WZQCWeuiYJZmT0.roa (raw, json)
Hash identifier: 3544jcSgiHXnGZFpQ3ypn4qS6VYH5brG5+AW1At27+U=
Subject key identifier: 3A:7D:F6:9B:7D:68:0F:B6:AA:D5:66:50:09:67:AE:89:82:59:99:3D
Certificate issuer: /CN=acbe212a2f1a119ef64ab62e1a96d711524c8bc7
Certificate serial: 08732124
Authority key identifier: AC:BE:21:2A:2F:1A:11:9E:F6:4A:B6:2E:1A:96:D7:11:52:4C:8B:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rL4hKi8aEZ72SrYuGpbXEVJMi8c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/c5a159-8568-4945-8026-23c338680771/1/On32m31oD7aq1WZQCWeuiYJZmT0.roa
Signing time: Sat 01 Jan 2022 04:58:50 +0000
ROA not before: Sat 01 Jan 2022 04:58:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48469
IP address blocks: 185.247.99.0/24 maxlen: 24
94.127.56.0/22 maxlen: 22
2a02:2188:1000::/36 maxlen: 36
2a02:2188::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 141762852 (0x8732124)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=acbe212a2f1a119ef64ab62e1a96d711524c8bc7
Validity
Not Before: Jan 1 04:58:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3a7df69b7d680fb6aad566500967ae898259993d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:62:db:b7:e2:42:0b:f1:e3:fa:99:61:f4:34:
8d:03:e2:f4:2f:c7:f8:29:9d:b2:9a:4e:a2:e1:24:
39:b6:0a:80:f8:84:50:40:ce:c6:f3:b4:ea:4f:a5:
e9:e7:f7:88:2c:88:ca:4c:45:b2:cb:f2:de:0a:6c:
db:3a:c9:75:1d:5f:ff:c6:c6:02:f4:d9:63:a4:64:
1b:80:f1:0e:79:16:e1:8e:77:dc:7c:ba:4b:50:fc:
90:b6:b7:ff:da:fb:9f:e7:29:36:ae:2f:33:56:d6:
95:45:cb:d2:d4:c3:b4:bb:91:c5:d0:6a:5a:55:e2:
45:94:31:dd:6a:e1:00:35:c3:f9:7c:f3:73:c1:0c:
47:a1:03:1c:2f:fc:dc:bd:9e:9e:2a:36:ad:b2:fa:
eb:57:18:09:2e:a9:1c:3a:6f:0b:4c:6e:af:02:4d:
fa:ff:f3:7d:9a:20:ce:5d:ca:e6:b1:78:24:d8:44:
f2:72:c9:1c:3f:0e:4a:05:2e:f5:0e:74:fb:d0:f3:
dc:55:34:80:51:30:b4:e5:ea:4f:41:8d:52:17:5f:
52:ce:24:cb:13:b7:1f:43:50:24:c5:69:2f:c2:43:
3d:6b:4a:c2:c4:fc:9a:86:f2:6d:be:89:bd:8d:55:
90:65:1f:57:54:fe:e7:16:69:66:8a:90:12:a0:46:
5c:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:7D:F6:9B:7D:68:0F:B6:AA:D5:66:50:09:67:AE:89:82:59:99:3D
X509v3 Authority Key Identifier:
keyid:AC:BE:21:2A:2F:1A:11:9E:F6:4A:B6:2E:1A:96:D7:11:52:4C:8B:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rL4hKi8aEZ72SrYuGpbXEVJMi8c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/c5a159-8568-4945-8026-23c338680771/1/On32m31oD7aq1WZQCWeuiYJZmT0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/c5a159-8568-4945-8026-23c338680771/1/rL4hKi8aEZ72SrYuGpbXEVJMi8c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.127.56.0/22
185.247.99.0/24
IPv6:
2a02:2188::/48
2a02:2188:1000::/36
Signature Algorithm: sha256WithRSAEncryption
05:ff:c1:03:76:15:83:58:fa:92:02:21:bb:67:25:a1:81:c5:
3f:76:35:a4:a6:be:0a:33:a3:ca:ec:52:59:5f:ca:fb:57:70:
fd:b2:ab:3b:79:71:06:b0:b0:08:77:46:db:88:99:0d:63:54:
cd:ba:f9:88:51:2a:3d:09:06:7f:fd:bf:c9:9b:17:34:7a:86:
71:a3:5c:92:ea:46:30:af:b2:2c:bb:63:82:e6:e1:da:37:e6:
a9:d7:67:ac:77:9b:be:b6:04:89:41:c6:eb:12:75:43:93:f9:
d5:bb:4a:97:0d:37:e4:8f:21:f0:a5:48:72:e4:0c:b9:e0:5f:
44:c9:87:89:dd:10:d7:e7:8e:a4:e4:73:9a:13:9e:af:25:14:
11:ef:7b:c0:9e:69:29:ee:36:6d:f2:1a:21:29:e8:12:d4:cf:
27:6f:67:02:47:1d:5a:d0:67:0b:73:17:6b:6b:4e:5a:22:e7:
ad:f5:ef:26:f6:7e:55:07:7e:b7:71:72:63:6f:18:d4:62:bb:
6d:cf:23:20:2d:18:0b:d0:d7:4c:a4:3a:8d:63:c6:de:f8:14:
57:81:0c:e6:c4:61:58:60:89:45:85:ac:43:a0:a8:cd:c5:fa:
1b:bd:f8:67:4a:96:21:14:3d:63:a2:70:4b:70:ce:e4:82:cd:
cb:04:86:00
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgIECHMhJDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
Y2JlMjEyYTJmMWExMTllZjY0YWI2MmUxYTk2ZDcxMTUyNGM4YmM3MB4XDTIyMDEw
MTA0NTg1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2E3ZGY2OWI3ZDY4
MGZiNmFhZDU2NjUwMDk2N2FlODk4MjU5OTkzZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOZi27fiQgvx4/qZYfQ0jQPi9C/H+CmdsppOouEkObYKgPiE
UEDOxvO06k+l6ef3iCyIykxFssvy3gps2zrJdR1f/8bGAvTZY6RkG4DxDnkW4Y53
3Hy6S1D8kLa3/9r7n+cpNq4vM1bWlUXL0tTDtLuRxdBqWlXiRZQx3WrhADXD+Xzz
c8EMR6EDHC/83L2enio2rbL661cYCS6pHDpvC0xurwJN+v/zfZogzl3K5rF4JNhE
8nLJHD8OSgUu9Q50+9Dz3FU0gFEwtOXqT0GNUhdfUs4kyxO3H0NQJMVpL8JDPWtK
wsT8mobybb6JvY1VkGUfV1T+5xZpZoqQEqBGXFECAwEAAaOCAigwggIkMB0GA1Ud
DgQWBBQ6ffabfWgPtqrVZlAJZ66JglmZPTAfBgNVHSMEGDAWgBSsviEqLxoRnvZK
ti4altcRUkyLxzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3JMNGhLaThhRVo3MlNyWXVHcGJYRVZKTWk4Yy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGMvYzVhMTU5LTg1NjgtNDk0NS04MDI2LTIzYzMzODY4MDc3MS8x
L09uMzJtMzFvRDdhcTFXWlFDV2V1aVlKWm1UMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGMv
YzVhMTU5LTg1NjgtNDk0NS04MDI2LTIzYzMzODY4MDc3MS8xL3JMNGhLaThhRVo3
MlNyWXVHcGJYRVZKTWk4Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA+
BggrBgEFBQcBBwEB/wQvMC0wEgQCAAEwDAMEAl5/OAMEALn3YzAXBAIAAjARAwcA
KgIhiAAAAwYEKgIhiBAwDQYJKoZIhvcNAQELBQADggEBAAX/wQN2FYNY+pICIbtn
JaGBxT92NaSmvgozo8rsUllfyvtXcP2yqzt5cQawsAh3RtuImQ1jVM26+YhRKj0J
Bn/9v8mbFzR6hnGjXJLqRjCvsiy7Y4Lm4do35qnXZ6x3m762BIlBxusSdUOT+dW7
SpcNN+SPIfClSHLkDLngX0TJh4ndENfnjqTkc5oTnq8lFBHve8CeaSnuNm3yGiEp
6BLUzydvZwJHHVrQZwtzF2trTloi56317yb2flUHfrdxcmNvGNRiu23PIyAtGAvQ
10ykOo1jxt74FFeBDObEYVhgiUWFrEOgqM3F+hu9+GdKliEUPWOicEtwzuSCzcsE
hgA=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:49 2023 by rpki-client on console.sobornost.net