Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/6c2736-ab02-4897-9568-77f6e94e3dcc/1/Fh3_zixwtnfXr1-_wRTLracXj5w.roa
File: Fh3_zixwtnfXr1-_wRTLracXj5w.roa (raw, json)
Hash identifier: lsLASQ+GD1xUljFEC5n13PtjjAYDWy3IftbzIdgKp4w=
Subject key identifier: 16:1D:FF:CE:2C:70:B6:77:D7:AF:5F:BF:C1:14:CB:AD:A7:17:8F:9C
Certificate issuer: /CN=77f8e7fbd4ab69507fb1fe3579af343a56639086
Certificate serial: 79FA35
Authority key identifier: 77:F8:E7:FB:D4:AB:69:50:7F:B1:FE:35:79:AF:34:3A:56:63:90:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d_jn-9SraVB_sf41ea80OlZjkIY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/6c2736-ab02-4897-9568-77f6e94e3dcc/1/Fh3_zixwtnfXr1-_wRTLracXj5w.roa
Signing time: Wed 05 Jan 2022 12:04:02 +0000
ROA not before: Wed 05 Jan 2022 12:04:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60530
IP address blocks: 185.30.44.0/22 maxlen: 24
5.152.128.0/22 maxlen: 24
5.152.144.0/22 maxlen: 24
109.107.138.0/24 maxlen: 24
5.152.148.0/23 maxlen: 24
5.152.156.0/22 maxlen: 24
5.152.154.0/23 maxlen: 24
2a00:ab20::/29 maxlen: 32
2a11:cf40::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7993909 (0x79fa35)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77f8e7fbd4ab69507fb1fe3579af343a56639086
Validity
Not Before: Jan 5 12:04:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=161dffce2c70b677d7af5fbfc114cbada7178f9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:9c:81:bd:94:e7:9e:d3:89:5f:65:e2:b8:78:
28:88:d5:0e:2a:c2:ea:cc:6f:2b:f7:53:d8:18:6c:
9a:c2:9f:44:fe:91:0d:81:2d:b7:d9:e3:75:2e:5d:
1e:27:d5:23:f5:de:1c:91:6e:b6:e6:be:c6:99:79:
7f:98:ef:1b:f4:d3:62:ef:6d:e7:37:d2:e7:82:1b:
53:5d:c7:4a:c5:31:9b:3e:ed:22:e3:ec:4a:df:12:
2e:94:00:7a:48:d0:92:6e:72:6c:44:ee:42:dd:f9:
c0:2a:fb:06:4c:b8:37:80:01:87:af:7a:8f:2a:73:
c1:06:f0:f4:62:6f:0d:66:18:f4:00:9f:c5:d5:8e:
a7:e8:ec:92:d9:55:49:fc:10:51:1a:6f:c2:2e:ac:
17:1d:77:0b:a9:3c:78:9a:09:4e:85:79:52:7a:83:
08:09:41:25:aa:96:d4:36:c3:d9:c3:dc:9f:89:f7:
10:03:ac:4f:84:95:68:1f:4c:23:14:27:09:57:cf:
85:73:94:ee:8a:7a:70:21:d0:cf:30:42:b6:f7:9e:
fa:a1:db:66:a4:fd:8a:8e:90:1c:6a:0b:3d:fd:50:
87:d7:de:c5:1e:e0:a1:08:b3:91:7b:58:26:17:01:
37:8d:b8:8e:85:ae:9a:aa:4e:23:57:f0:bd:4e:fc:
c1:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:1D:FF:CE:2C:70:B6:77:D7:AF:5F:BF:C1:14:CB:AD:A7:17:8F:9C
X509v3 Authority Key Identifier:
keyid:77:F8:E7:FB:D4:AB:69:50:7F:B1:FE:35:79:AF:34:3A:56:63:90:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d_jn-9SraVB_sf41ea80OlZjkIY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/6c2736-ab02-4897-9568-77f6e94e3dcc/1/Fh3_zixwtnfXr1-_wRTLracXj5w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/6c2736-ab02-4897-9568-77f6e94e3dcc/1/d_jn-9SraVB_sf41ea80OlZjkIY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.152.128.0/22
5.152.144.0-5.152.149.255
5.152.154.0-5.152.159.255
109.107.138.0/24
185.30.44.0/22
IPv6:
2a00:ab20::/29
2a11:cf40::/29
Signature Algorithm: sha256WithRSAEncryption
1c:8e:4b:4b:74:85:9b:79:87:b6:d6:0e:78:9f:a8:75:5c:ad:
31:29:b1:fe:02:ea:09:99:d7:6c:82:38:be:5b:2f:e4:3e:a7:
c7:94:c0:5f:de:17:0a:d8:b2:54:0b:ca:76:db:d7:1f:1e:a4:
b1:c5:0d:3a:66:04:1e:94:4b:70:65:8f:27:89:2b:c3:df:1f:
b3:d5:bf:f9:69:01:d6:3c:94:cb:75:0a:09:2d:05:6a:7a:8e:
69:ca:6a:19:bc:42:6d:15:dd:a1:05:3b:5b:a4:fc:01:3b:de:
ff:a9:e8:8b:70:5a:3b:34:28:0f:7e:db:7b:ad:cb:e0:40:53:
60:f5:ae:e8:7d:69:37:25:0f:09:0e:97:6c:a4:d3:6c:00:91:
0a:3c:26:cc:28:59:0d:6a:4e:5b:4a:e4:5a:98:0d:4b:4f:be:
60:4e:c2:33:f0:1e:a6:8d:ed:47:36:b1:d2:80:95:0e:54:a4:
e1:84:1f:8f:86:0c:b0:bf:d1:9d:7b:00:29:ee:1d:b6:be:fe:
60:e9:9f:91:63:3b:d0:68:b0:b1:91:29:31:6c:38:dc:0d:83:
19:6a:24:33:07:ba:99:5c:bc:12:80:53:27:63:8e:b2:30:b8:
5f:c1:01:80:46:91:b4:26:5e:32:73:d3:4d:f8:fc:c5:b5:0a:
4c:eb:b7:18
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgIDefo1MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDc3
ZjhlN2ZiZDRhYjY5NTA3ZmIxZmUzNTc5YWYzNDNhNTY2MzkwODYwHhcNMjIwMTA1
MTIwNDAyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygxNjFkZmZjZTJjNzBi
Njc3ZDdhZjVmYmZjMTE0Y2JhZGE3MTc4ZjljMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAmpyBvZTnntOJX2XiuHgoiNUOKsLqzG8r91PYGGyawp9E/pEN
gS232eN1Ll0eJ9Uj9d4ckW625r7GmXl/mO8b9NNi723nN9LnghtTXcdKxTGbPu0i
4+xK3xIulAB6SNCSbnJsRO5C3fnAKvsGTLg3gAGHr3qPKnPBBvD0Ym8NZhj0AJ/F
1Y6n6OyS2VVJ/BBRGm/CLqwXHXcLqTx4mglOhXlSeoMICUElqpbUNsPZw9yfifcQ
A6xPhJVoH0wjFCcJV8+Fc5TuinpwIdDPMEK29576odtmpP2KjpAcags9/VCH197F
HuChCLORe1gmFwE3jbiOha6aqk4jV/C9TvzBHQIDAQABo4ICRzCCAkMwHQYDVR0O
BBYEFBYd/84scLZ3169fv8EUy62nF4+cMB8GA1UdIwQYMBaAFHf45/vUq2lQf7H+
NXmvNDpWY5CGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
ZF9qbi05U3JhVkJfc2Y0MWVhODBPbFpqa0lZLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9hMC82YzI3MzYtYWIwMi00ODk3LTk1NjgtNzdmNmU5NGUzZGNjLzEv
RmgzX3ppeHd0bmZYcjEtX3dSVExyYWNYajV3LnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC82
YzI3MzYtYWIwMi00ODk3LTk1NjgtNzdmNmU5NGUzZGNjLzEvZF9qbi05U3JhVkJf
c2Y0MWVhODBPbFpqa0lZLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0G
CCsGAQUFBwEHAQH/BE4wTDA0BAIAATAuAwQCBZiAMAwDBAQFmJADBAEFmJQwDAME
AQWYmgMEBQWYgAMEAG1rigMEArkeLDAUBAIAAjAOAwUDKgCrIAMFAyoRz0AwDQYJ
KoZIhvcNAQELBQADggEBAByOS0t0hZt5h7bWDnifqHVcrTEpsf4C6gmZ12yCOL5b
L+Q+p8eUwF/eFwrYslQLynbb1x8epLHFDTpmBB6US3BljyeJK8PfH7PVv/lpAdY8
lMt1CgktBWp6jmnKahm8Qm0V3aEFO1uk/AE73v+p6ItwWjs0KA9+23uty+BAU2D1
ruh9aTclDwkOl2yk02wAkQo8JswoWQ1qTltK5FqYDUtPvmBOwjPwHqaN7Uc2sdKA
lQ5UpOGEH4+GDLC/0Z17ACnuHba+/mDpn5FjO9BosLGRKTFsONwNgxlqJDMHuplc
vBKAUydjjrIwuF/BAYBGkbQmXjJz0034/MW1Ckzrtxg=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:44:34 2023 by rpki-client on console.sobornost.net