Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/d34fa2-3a37-4308-b783-5857f1c17624/1/hOiqfYA4suQrS3bKEATccLuKMEc.roa
File: hOiqfYA4suQrS3bKEATccLuKMEc.roa (raw, json)
Hash identifier: vWi3NQqn9nxFlXBzKEn6IoKnt0sD5wGu2nlvT9PtDNk=
Subject key identifier: 84:E8:AA:7D:80:38:B2:E4:2B:4B:76:CA:10:04:DC:70:BB:8A:30:47
Certificate issuer: /CN=d4cf0fbd5f6e1759903cc69de0dc4ea24c1f83df
Certificate serial: 04061CCC
Authority key identifier: D4:CF:0F:BD:5F:6E:17:59:90:3C:C6:9D:E0:DC:4E:A2:4C:1F:83:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1M8PvV9uF1mQPMad4NxOokwfg98.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/d34fa2-3a37-4308-b783-5857f1c17624/1/hOiqfYA4suQrS3bKEATccLuKMEc.roa
Signing time: Sat 01 Jan 2022 13:56:33 +0000
ROA not before: Sat 01 Jan 2022 13:56:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 40994
IP address blocks: 46.102.157.0/24 maxlen: 24
46.102.156.0/24 maxlen: 24
31.14.17.0/24 maxlen: 24
86.106.182.0/24 maxlen: 24
2a0d:f302::/32 maxlen: 32
2a0d:f301::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67509452 (0x4061ccc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4cf0fbd5f6e1759903cc69de0dc4ea24c1f83df
Validity
Not Before: Jan 1 13:56:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=84e8aa7d8038b2e42b4b76ca1004dc70bb8a3047
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:dc:c5:09:45:e3:c6:be:34:e2:23:d5:85:da:
dc:69:d0:e6:d1:d2:86:ab:b5:de:63:f7:bf:ff:78:
c0:70:bc:12:b4:2a:4c:2f:62:c9:14:6b:54:6e:f6:
a2:0d:2a:3b:cb:cc:65:d0:c7:02:37:25:cf:2c:4f:
ea:7c:91:24:61:15:1c:2e:ee:65:6b:3f:f9:d8:dc:
fc:27:b3:97:f6:09:a1:fe:28:b1:a7:7d:d3:cd:86:
9e:f0:4b:60:17:fe:97:06:4c:b5:76:00:7b:d0:83:
7b:17:f7:26:6f:b1:ad:40:b6:2a:e8:c6:a5:25:69:
49:bc:2f:9e:72:0d:25:3b:4a:46:6b:f6:bf:64:5b:
2d:d7:48:2f:9f:29:44:18:69:11:bc:0e:18:8e:0b:
89:84:4f:57:10:d2:cb:16:b4:17:50:e7:ab:da:6b:
ad:27:c7:1c:08:4e:87:98:2e:e0:39:12:c2:76:9d:
2e:79:72:ee:6b:eb:0c:fe:9c:a6:91:09:37:84:45:
0e:b2:e4:71:fe:7f:24:be:c8:cf:f9:f1:88:f0:18:
e3:51:b9:5b:25:bd:c2:2b:64:51:88:5f:05:79:8e:
25:8c:dc:b8:0d:1f:93:9d:49:2f:b3:c4:b1:a9:af:
e2:17:f1:3d:00:aa:14:a3:bb:26:39:66:d1:3d:21:
0a:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:E8:AA:7D:80:38:B2:E4:2B:4B:76:CA:10:04:DC:70:BB:8A:30:47
X509v3 Authority Key Identifier:
keyid:D4:CF:0F:BD:5F:6E:17:59:90:3C:C6:9D:E0:DC:4E:A2:4C:1F:83:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1M8PvV9uF1mQPMad4NxOokwfg98.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/d34fa2-3a37-4308-b783-5857f1c17624/1/hOiqfYA4suQrS3bKEATccLuKMEc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/d34fa2-3a37-4308-b783-5857f1c17624/1/1M8PvV9uF1mQPMad4NxOokwfg98.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.17.0/24
46.102.156.0/23
86.106.182.0/24
IPv6:
2a0d:f301::/48
2a0d:f302::/32
Signature Algorithm: sha256WithRSAEncryption
95:60:fe:50:51:4c:27:1f:06:50:3d:e8:4f:2c:fa:61:d3:eb:
19:e8:70:fe:74:8b:ae:82:a3:a9:45:ba:c5:b5:20:71:6c:18:
7f:76:38:c8:84:86:a1:a0:33:b5:d2:2e:95:11:7e:8a:a3:38:
0f:1e:ff:85:ff:80:08:6d:d8:e2:5f:89:c1:00:2c:ff:c0:9a:
10:44:0e:62:2c:61:3e:4b:17:06:1b:46:70:00:11:c0:a6:53:
0b:f6:ff:bf:19:7e:a7:9e:c2:53:6e:23:57:65:d4:1a:4b:b2:
7b:99:84:96:33:f3:2d:21:92:6e:a5:b1:68:d2:5f:d4:6c:1e:
f9:94:bf:1c:17:2a:da:4c:70:a0:e7:cc:99:fb:17:3a:c4:71:
b9:90:02:dd:1d:47:b7:25:b2:2a:7d:0f:fd:6a:78:19:b9:94:
52:96:d7:64:4f:90:e0:d6:3a:15:bd:23:ba:3d:2d:72:db:7e:
2c:df:7f:79:e7:0d:a7:8e:10:a5:fb:b9:81:b1:e4:e4:39:4a:
d8:d9:37:77:6f:78:4f:03:44:2a:a4:dd:47:36:7c:b8:52:52:
ae:4f:9b:42:0b:ba:35:50:d7:18:65:c3:99:3e:af:e2:d6:a0:
f2:97:90:56:ed:fd:bd:8e:59:96:d8:8b:2b:e7:b7:bc:3d:fa:
52:25:fd:6d
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgIEBAYczDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NGNmMGZiZDVmNmUxNzU5OTAzY2M2OWRlMGRjNGVhMjRjMWY4M2RmMB4XDTIyMDEw
MTEzNTYzM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODRlOGFhN2Q4MDM4
YjJlNDJiNGI3NmNhMTAwNGRjNzBiYjhhMzA0NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALvcxQlF48a+NOIj1YXa3GnQ5tHShqu13mP3v/94wHC8ErQq
TC9iyRRrVG72og0qO8vMZdDHAjclzyxP6nyRJGEVHC7uZWs/+djc/Cezl/YJof4o
sad9082GnvBLYBf+lwZMtXYAe9CDexf3Jm+xrUC2KujGpSVpSbwvnnINJTtKRmv2
v2RbLddIL58pRBhpEbwOGI4LiYRPVxDSyxa0F1Dnq9prrSfHHAhOh5gu4DkSwnad
Lnly7mvrDP6cppEJN4RFDrLkcf5/JL7Iz/nxiPAY41G5WyW9witkUYhfBXmOJYzc
uA0fk51JL7PEsamv4hfxPQCqFKO7Jjlm0T0hCmcCAwEAAaOCAi0wggIpMB0GA1Ud
DgQWBBSE6Kp9gDiy5CtLdsoQBNxwu4owRzAfBgNVHSMEGDAWgBTUzw+9X24XWZA8
xp3g3E6iTB+D3zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFNOFB2Vjl1RjFtUVBNYWQ0TnhPb2t3Zmc5OC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTkvZDM0ZmEyLTNhMzctNDMwOC1iNzgzLTU4NTdmMWMxNzYyNC8x
L2hPaXFmWUE0c3VRclMzYktFQVRjY0x1S01FYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTkv
ZDM0ZmEyLTNhMzctNDMwOC1iNzgzLTU4NTdmMWMxNzYyNC8xLzFNOFB2Vjl1RjFt
UVBNYWQ0TnhPb2t3Zmc5OC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBD
BggrBgEFBQcBBwEB/wQ0MDIwGAQCAAEwEgMEAB8OEQMEAS5mnAMEAFZqtjAWBAIA
AjAQAwcAKg3zAQAAAwUAKg3zAjANBgkqhkiG9w0BAQsFAAOCAQEAlWD+UFFMJx8G
UD3oTyz6YdPrGehw/nSLroKjqUW6xbUgcWwYf3Y4yISGoaAztdIulRF+iqM4Dx7/
hf+ACG3Y4l+JwQAs/8CaEEQOYixhPksXBhtGcAARwKZTC/b/vxl+p57CU24jV2XU
Gkuye5mEljPzLSGSbqWxaNJf1Gwe+ZS/HBcq2kxwoOfMmfsXOsRxuZAC3R1HtyWy
Kn0P/Wp4GbmUUpbXZE+Q4NY6Fb0juj0tctt+LN9/eecNp44Qpfu5gbHk5DlK2Nk3
d294TwNEKqTdRzZ8uFJSrk+bQgu6NVDXGGXDmT6v4tag8peQVu39vY5ZltiLK+e3
vD36UiX9bQ==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:57 2023 by rpki-client on console.sobornost.net