Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/3405e3-8cc0-460d-b7e9-9ba6da70fadb/1/EF2l-nl3EICDoy3fLjjeAxoksnk.roa
File: EF2l-nl3EICDoy3fLjjeAxoksnk.roa (raw, json)
Hash identifier: bwoB6hyIXUG+VHENNmtWKNJbn0b7mpRXlNrKRXNA0vA=
Subject key identifier: 10:5D:A5:FA:79:77:10:80:83:A3:2D:DF:2E:38:DE:03:1A:24:B2:79
Certificate issuer: /CN=5b862e231fcbd5391bd476c6ab9ab2b7210a87a4
Certificate serial: F254
Authority key identifier: 5B:86:2E:23:1F:CB:D5:39:1B:D4:76:C6:AB:9A:B2:B7:21:0A:87:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W4YuIx_L1Tkb1HbGq5qytyEKh6Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/3405e3-8cc0-460d-b7e9-9ba6da70fadb/1/EF2l-nl3EICDoy3fLjjeAxoksnk.roa
Signing time: Wed 05 Jan 2022 07:48:32 +0000
ROA not before: Wed 05 Jan 2022 07:48:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3330
IP address blocks: 195.43.149.0/24 maxlen: 24
2001:67c:2aa8::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62036 (0xf254)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b862e231fcbd5391bd476c6ab9ab2b7210a87a4
Validity
Not Before: Jan 5 07:48:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=105da5fa7977108083a32ddf2e38de031a24b279
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:50:b5:3a:5e:e5:80:aa:e1:33:08:d4:7e:28:
9e:c3:a4:4f:f2:24:69:2d:a8:4e:85:7b:a7:db:35:
d9:ac:de:fb:5e:5b:5c:df:75:2c:69:13:1f:4a:a5:
88:a8:76:32:4a:86:50:3b:60:bb:c3:4d:18:a0:3d:
1a:9b:f0:6d:87:66:a3:c9:54:c1:de:a5:9d:43:13:
1f:2d:6e:44:fe:35:6e:48:34:62:04:68:38:ba:0d:
24:86:31:1f:1a:0e:91:fa:df:6c:12:3e:08:6a:fa:
5a:71:2d:7c:0f:5c:4e:e9:88:7f:6c:9b:e0:2c:fe:
32:0f:75:3f:1d:d1:a4:c5:7b:01:5e:2b:e1:60:b0:
bb:cd:8e:5b:70:01:12:82:43:f8:ab:e6:48:e6:b7:
48:c7:4f:b2:08:e8:60:8d:4f:db:f6:d3:99:c9:d7:
60:bf:3f:33:9a:65:1f:e8:88:56:3f:6a:d6:bc:e4:
0a:64:66:8d:d7:b7:65:70:83:64:8c:c4:09:e3:8b:
86:52:aa:05:9b:04:13:d2:17:43:04:60:ad:d6:cf:
85:55:67:07:1e:d7:9e:87:ca:a9:62:8a:a1:5a:4f:
1c:f9:4a:27:22:5d:21:0c:ba:c6:3d:06:27:fc:f0:
81:d8:50:71:73:a8:de:ed:4e:c5:86:d8:c6:63:71:
54:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:5D:A5:FA:79:77:10:80:83:A3:2D:DF:2E:38:DE:03:1A:24:B2:79
X509v3 Authority Key Identifier:
keyid:5B:86:2E:23:1F:CB:D5:39:1B:D4:76:C6:AB:9A:B2:B7:21:0A:87:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W4YuIx_L1Tkb1HbGq5qytyEKh6Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/3405e3-8cc0-460d-b7e9-9ba6da70fadb/1/EF2l-nl3EICDoy3fLjjeAxoksnk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/3405e3-8cc0-460d-b7e9-9ba6da70fadb/1/W4YuIx_L1Tkb1HbGq5qytyEKh6Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.43.149.0/24
IPv6:
2001:67c:2aa8::/48
Signature Algorithm: sha256WithRSAEncryption
69:a2:8b:c4:23:d9:ee:7d:81:54:7e:fc:7d:ac:f0:47:bb:3d:
80:cc:43:17:c8:34:ae:84:60:0a:68:9f:70:73:66:d1:f3:8a:
38:16:77:cb:06:89:aa:f8:db:0a:9a:7c:6a:01:7c:67:d3:81:
ef:bb:e5:5e:ad:9c:41:80:e7:f8:a8:9e:24:38:f9:c4:d6:4b:
56:49:12:5c:4b:ed:7e:bf:e0:44:ce:ff:c0:84:15:32:ee:7e:
22:99:88:7f:30:11:7d:e8:7d:1f:90:81:60:38:bb:5b:55:7c:
93:42:7d:2a:a9:24:39:44:29:70:1d:8d:a4:22:73:94:58:3d:
cb:07:8b:0b:03:9b:95:a3:a7:09:80:e4:5a:14:ae:32:18:b6:
b8:15:2d:26:b1:76:bd:35:e8:2b:89:30:13:73:3f:d1:13:80:
df:77:be:06:12:52:35:7d:17:bc:08:b6:14:fb:e1:88:8f:32:
d5:12:aa:da:5f:92:7a:99:ee:2f:73:1c:b3:93:a3:51:29:0f:
4e:48:65:e1:d9:38:cb:8e:a1:05:46:b1:5a:78:e2:04:a5:af:
59:59:1c:f6:12:28:a5:0d:fe:32:5a:19:58:e4:70:c4:af:db:
0d:7b:06:00:c2:10:d0:27:c8:a3:81:7c:dd:ba:bc:d0:cc:8d:
69:24:14:84
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIDAPJUMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDVi
ODYyZTIzMWZjYmQ1MzkxYmQ0NzZjNmFiOWFiMmI3MjEwYTg3YTQwHhcNMjIwMTA1
MDc0ODMyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygxMDVkYTVmYTc5Nzcx
MDgwODNhMzJkZGYyZTM4ZGUwMzFhMjRiMjc5MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAwlC1Ol7lgKrhMwjUfiiew6RP8iRpLahOhXun2zXZrN77Xltc
33UsaRMfSqWIqHYySoZQO2C7w00YoD0am/Bth2ajyVTB3qWdQxMfLW5E/jVuSDRi
BGg4ug0khjEfGg6R+t9sEj4IavpacS18D1xO6Yh/bJvgLP4yD3U/HdGkxXsBXivh
YLC7zY5bcAESgkP4q+ZI5rdIx0+yCOhgjU/b9tOZyddgvz8zmmUf6IhWP2rWvOQK
ZGaN17dlcINkjMQJ44uGUqoFmwQT0hdDBGCt1s+FVWcHHteeh8qpYoqhWk8c+Uon
Il0hDLrGPQYn/PCB2FBxc6je7U7FhtjGY3FUlQIDAQABo4ICGjCCAhYwHQYDVR0O
BBYEFBBdpfp5dxCAg6Mt3y443gMaJLJ5MB8GA1UdIwQYMBaAFFuGLiMfy9U5G9R2
xquasrchCoekMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
VzRZdUl4X0wxVGtiMUhiR3E1cXl0eUVLaDZRLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9hOS8zNDA1ZTMtOGNjMC00NjBkLWI3ZTktOWJhNmRhNzBmYWRiLzEv
RUYybC1ubDNFSUNEb3kzZkxqamVBeG9rc25rLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS8z
NDA1ZTMtOGNjMC00NjBkLWI3ZTktOWJhNmRhNzBmYWRiLzEvVzRZdUl4X0wxVGti
MUhiR3E1cXl0eUVLaDZRLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDAG
CCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwyuVMA8EAgACMAkDBwAgAQZ8Kqgw
DQYJKoZIhvcNAQELBQADggEBAGmii8Qj2e59gVR+/H2s8Ee7PYDMQxfINK6EYApo
n3BzZtHzijgWd8sGiar42wqafGoBfGfTge+75V6tnEGA5/ioniQ4+cTWS1ZJElxL
7X6/4ETO/8CEFTLufiKZiH8wEX3ofR+QgWA4u1tVfJNCfSqpJDlEKXAdjaQic5RY
PcsHiwsDm5WjpwmA5FoUrjIYtrgVLSaxdr016CuJMBNzP9ETgN93vgYSUjV9F7wI
thT74YiPMtUSqtpfknqZ7i9zHLOTo1EpD05IZeHZOMuOoQVGsVp44gSlr1lZHPYS
KKUN/jJaGVjkcMSv2w17BgDCENAnyKOBfN26vNDMjWkkFIQ=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:55 2023 by rpki-client on console.sobornost.net