Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/6bda82-a2e1-45c9-a181-313de4892b8d/1/wmBQmIvBhFVTPoIg4FwHTwoZv-A.roa
File: wmBQmIvBhFVTPoIg4FwHTwoZv-A.roa (raw, json)
Hash identifier: lTe0a3xg9ShCkm5VbOaq6HYlpvc3L+Tlm6Eq31Wd7SI=
Subject key identifier: C2:60:50:98:8B:C1:84:55:53:3E:82:20:E0:5C:07:4F:0A:19:BF:E0
Certificate issuer: /CN=a8b3eb443c06a3dcc088e2caa05ce09cf8d4e7a6
Certificate serial: 01F9F4B8
Authority key identifier: A8:B3:EB:44:3C:06:A3:DC:C0:88:E2:CA:A0:5C:E0:9C:F8:D4:E7:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qLPrRDwGo9zAiOLKoFzgnPjU56Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/6bda82-a2e1-45c9-a181-313de4892b8d/1/wmBQmIvBhFVTPoIg4FwHTwoZv-A.roa
Signing time: Sat 01 Jan 2022 04:58:33 +0000
ROA not before: Sat 01 Jan 2022 04:58:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211494
IP address blocks: 185.235.143.0/24 maxlen: 24
2a0d:a180::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 33158328 (0x1f9f4b8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a8b3eb443c06a3dcc088e2caa05ce09cf8d4e7a6
Validity
Not Before: Jan 1 04:58:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c26050988bc18455533e8220e05c074f0a19bfe0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:62:70:df:4e:04:32:93:b8:8b:49:30:1b:c2:
e6:73:c1:a5:ea:01:80:11:d3:c6:fb:89:1b:c3:70:
50:e0:8b:37:48:52:62:a8:27:0a:5a:f4:49:7a:d8:
6e:22:06:c2:66:54:f4:c6:b9:b3:5e:aa:a4:ef:fa:
f9:eb:ad:9a:c9:c4:af:f0:62:87:af:d7:a0:97:72:
02:1f:3d:ee:18:b8:1d:db:d3:a2:0a:43:6c:c4:4c:
6d:c4:0c:1c:63:d8:60:b9:69:4f:e7:12:b4:bc:89:
22:d9:e5:d3:31:26:ff:cd:fc:99:b0:53:21:4e:65:
7d:b8:46:0c:f4:89:1a:a8:60:69:c2:29:1b:be:a7:
88:a9:f8:f7:65:79:96:6b:cd:65:ca:98:23:f2:52:
6d:20:bd:88:1c:31:fa:5c:94:b4:00:99:ba:4f:1b:
5f:70:dc:0b:c3:0e:e5:fa:b8:5c:8e:e2:37:e6:42:
d2:77:16:e7:fd:30:53:02:d5:7c:fb:3d:39:37:0d:
ff:f1:50:8c:2c:3f:40:2d:b5:de:cc:f3:3e:61:70:
7d:09:db:44:42:4e:79:63:7d:bb:16:d7:4b:03:53:
44:a7:0f:6d:e3:88:cc:80:14:c4:16:0e:3f:08:35:
1c:70:86:9d:7f:2c:c4:12:c4:b7:72:8f:ce:88:86:
ea:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:60:50:98:8B:C1:84:55:53:3E:82:20:E0:5C:07:4F:0A:19:BF:E0
X509v3 Authority Key Identifier:
keyid:A8:B3:EB:44:3C:06:A3:DC:C0:88:E2:CA:A0:5C:E0:9C:F8:D4:E7:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qLPrRDwGo9zAiOLKoFzgnPjU56Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/6bda82-a2e1-45c9-a181-313de4892b8d/1/wmBQmIvBhFVTPoIg4FwHTwoZv-A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/6bda82-a2e1-45c9-a181-313de4892b8d/1/qLPrRDwGo9zAiOLKoFzgnPjU56Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.235.143.0/24
IPv6:
2a0d:a180::/32
Signature Algorithm: sha256WithRSAEncryption
3b:cd:a9:6e:7e:e1:cb:8b:bd:e0:af:4c:04:e5:83:43:40:db:
a3:78:c3:0f:0b:e8:7a:d3:1c:ec:11:f8:83:66:81:51:d8:8c:
f2:b8:b7:8b:eb:bb:78:00:0f:f1:eb:e4:ab:c0:09:47:69:41:
ab:11:b1:5b:1d:85:00:21:0e:88:88:3a:7d:e7:e1:d9:83:6a:
17:53:2d:60:9d:fd:53:5b:58:fc:a1:fd:fa:b0:a7:42:bf:8d:
0f:e1:f8:1f:45:60:fa:79:7c:f3:81:26:2a:dc:af:7f:ed:da:
d2:38:f9:68:6c:c3:28:5b:a6:88:46:d3:76:67:6a:fe:58:5e:
6d:71:18:30:f4:79:65:20:ba:e1:4b:f9:d4:8d:02:92:cd:43:
76:67:6f:c7:d3:88:aa:b1:98:76:bc:dc:17:a9:88:a2:13:04:
4a:5b:98:36:16:4a:b5:72:e4:61:1a:5c:06:fa:0a:0e:00:54:
2b:c4:a2:5b:21:3f:80:29:34:e6:43:05:5d:9b:e7:d8:c0:bb:
0f:40:d4:9b:ac:d3:41:fd:0b:af:63:13:5b:1e:34:60:5f:65:
11:b9:c6:7c:d3:83:10:d2:c8:3e:00:3d:80:4d:fd:59:59:6e:
3a:f1:d3:ba:d3:71:72:7f:c6:39:6e:ff:c6:ef:69:4f:f8:44:
ea:83:d8:dd
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEAfn0uDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
OGIzZWI0NDNjMDZhM2RjYzA4OGUyY2FhMDVjZTA5Y2Y4ZDRlN2E2MB4XDTIyMDEw
MTA0NTgzM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzI2MDUwOTg4YmMx
ODQ1NTUzM2U4MjIwZTA1YzA3NGYwYTE5YmZlMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALZicN9OBDKTuItJMBvC5nPBpeoBgBHTxvuJG8NwUOCLN0hS
YqgnClr0SXrYbiIGwmZU9Ma5s16qpO/6+eutmsnEr/Bih6/XoJdyAh897hi4HdvT
ogpDbMRMbcQMHGPYYLlpT+cStLyJItnl0zEm/838mbBTIU5lfbhGDPSJGqhgacIp
G76niKn492V5lmvNZcqYI/JSbSC9iBwx+lyUtACZuk8bX3DcC8MO5fq4XI7iN+ZC
0ncW5/0wUwLVfPs9OTcN//FQjCw/QC213szzPmFwfQnbREJOeWN9uxbXSwNTRKcP
beOIzIAUxBYOPwg1HHCGnX8sxBLEt3KPzoiG6u0CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBTCYFCYi8GEVVM+giDgXAdPChm/4DAfBgNVHSMEGDAWgBSos+tEPAaj3MCI
4sqgXOCc+NTnpjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3FMUHJSRHdHbzl6QWlPTEtvRnpnblBqVTU2WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGUvNmJkYTgyLWEyZTEtNDVjOS1hMTgxLTMxM2RlNDg5MmI4ZC8x
L3dtQlFtSXZCaEZWVFBvSWc0RndIVHdvWnYtQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGUv
NmJkYTgyLWEyZTEtNDVjOS1hMTgxLTMxM2RlNDg5MmI4ZC8xL3FMUHJSRHdHbzl6
QWlPTEtvRnpnblBqVTU2WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEALnrjzANBAIAAjAHAwUAKg2hgDAN
BgkqhkiG9w0BAQsFAAOCAQEAO82pbn7hy4u94K9MBOWDQ0Dbo3jDDwvoetMc7BH4
g2aBUdiM8ri3i+u7eAAP8evkq8AJR2lBqxGxWx2FACEOiIg6fefh2YNqF1MtYJ39
U1tY/KH9+rCnQr+ND+H4H0Vg+nl884EmKtyvf+3a0jj5aGzDKFumiEbTdmdq/lhe
bXEYMPR5ZSC64Uv51I0Cks1Ddmdvx9OIqrGYdrzcF6mIohMESluYNhZKtXLkYRpc
BvoKDgBUK8SiWyE/gCk05kMFXZvn2MC7D0DUm6zTQf0Lr2MTWx40YF9lEbnGfNOD
ENLIPgA9gE39WVluOvHTutNxcn/GOW7/xu9pT/hE6oPY3Q==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:56 2023 by rpki-client on console.sobornost.net