Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/b35379-2122-4191-8821-c47e18df0371/1/UqE6Bn3C8IXlv6dmIlJe3i-jN5A.roa
File: UqE6Bn3C8IXlv6dmIlJe3i-jN5A.roa (raw, json)
Hash identifier: PT9SzHicNnVdrZ5lUeE5QErocahuBG5IeUMSCF3ElJ8=
Subject key identifier: 52:A1:3A:06:7D:C2:F0:85:E5:BF:A7:66:22:52:5E:DE:2F:A3:37:90
Certificate issuer: /CN=9c73d9453fbedfb80c4543bb529fc330c1f8c1ce
Certificate serial: 018281985C1AAD7B75BC8678A3DAAD8583A6
Authority key identifier: 9C:73:D9:45:3F:BE:DF:B8:0C:45:43:BB:52:9F:C3:30:C1:F8:C1:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nHPZRT--37gMRUO7Up_DMMH4wc4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/b35379-2122-4191-8821-c47e18df0371/1/UqE6Bn3C8IXlv6dmIlJe3i-jN5A.roa
Signing time: Tue 09 Aug 2022 07:53:42 +0000
ROA not before: Tue 09 Aug 2022 07:53:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207353
IP address blocks: 217.199.213.0/24 maxlen: 24
193.243.161.0/24 maxlen: 24
89.248.230.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:81:98:5c:1a:ad:7b:75:bc:86:78:a3:da:ad:85:83:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c73d9453fbedfb80c4543bb529fc330c1f8c1ce
Validity
Not Before: Aug 9 07:53:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=52a13a067dc2f085e5bfa76622525ede2fa33790
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:04:22:27:f0:c2:6d:25:ec:53:1f:bb:81:5e:
f5:23:56:ac:0c:be:e3:20:b0:15:6b:7b:6c:b5:63:
ac:5d:f6:e4:d8:20:6b:6a:d7:99:33:4a:4a:d3:f6:
f3:6b:41:d3:15:19:97:0a:9a:bd:10:87:95:13:da:
7b:51:bb:51:36:d1:1f:d3:31:e2:cb:4b:d1:d0:a0:
89:67:1f:48:74:40:4f:04:61:68:ff:4c:c4:b7:cb:
ea:8b:ee:70:40:07:b9:3f:b6:c9:fb:5f:67:f1:1e:
19:61:81:96:a1:44:e4:bc:3d:dc:27:2f:df:3e:91:
8c:f7:be:07:78:6f:91:65:37:85:a1:ca:b3:07:42:
1d:7b:db:f1:ee:0a:fc:9c:21:77:50:bb:f7:52:8e:
b4:6b:64:d0:48:bc:f6:00:b0:3a:35:95:37:72:0d:
ec:c0:f6:e7:c1:e4:64:a3:b0:c1:c7:5d:db:d6:f9:
c0:d1:ff:ee:2a:be:ea:15:c3:ba:cb:2a:25:b1:74:
b7:d1:43:8a:3e:92:f5:18:5a:1b:3f:98:54:cf:f8:
cf:4f:17:93:56:ac:4b:2a:33:56:59:44:a7:84:07:
f7:53:83:ab:4b:18:c2:fe:aa:26:8a:f2:0a:6b:20:
e6:e6:8b:c1:cf:0c:30:82:67:c1:ce:30:1e:b0:73:
82:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:A1:3A:06:7D:C2:F0:85:E5:BF:A7:66:22:52:5E:DE:2F:A3:37:90
X509v3 Authority Key Identifier:
keyid:9C:73:D9:45:3F:BE:DF:B8:0C:45:43:BB:52:9F:C3:30:C1:F8:C1:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nHPZRT--37gMRUO7Up_DMMH4wc4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/b35379-2122-4191-8821-c47e18df0371/1/UqE6Bn3C8IXlv6dmIlJe3i-jN5A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/b35379-2122-4191-8821-c47e18df0371/1/nHPZRT--37gMRUO7Up_DMMH4wc4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.248.230.0/24
193.243.161.0/24
217.199.213.0/24
Signature Algorithm: sha256WithRSAEncryption
40:ad:39:64:46:19:ed:5b:c4:5b:af:cb:23:bd:b5:d1:09:92:
2c:0b:3f:be:de:27:12:dd:f5:7f:3d:32:5b:00:c1:3f:1e:36:
76:67:7a:0d:e1:0a:45:14:83:b8:fc:d6:07:aa:5e:58:df:c1:
10:1a:0c:0b:ff:0a:01:9b:d0:9e:78:c2:91:ac:dd:88:a7:c2:
f4:f0:12:de:ab:4b:bb:49:83:8d:b2:88:8e:d2:86:66:7e:2e:
ff:1a:29:48:d2:8e:db:a4:d0:50:36:34:2b:7c:3c:60:57:95:
78:a4:91:1f:b0:9c:60:f5:94:49:5a:02:80:3c:98:48:e1:54:
06:cf:c7:e7:4d:0f:c2:d4:02:74:92:29:3e:d0:2e:c9:e1:c8:
99:ae:1e:d1:85:6d:67:b8:ac:cf:73:5c:55:90:80:74:73:98:
70:11:b9:fc:1f:85:4f:f6:e4:98:e2:db:5d:bf:13:52:64:4d:
68:77:3c:4e:b1:83:a7:65:d1:96:b8:a8:80:e6:3c:7e:50:13:
ed:f8:48:7f:c6:87:16:85:2c:77:6a:5c:c3:27:3e:c3:ff:ea:
24:30:0d:23:81:53:6a:52:fb:68:03:e2:f6:8a:fe:5c:b2:99:
25:71:33:ce:50:bf:4e:88:cf:f8:b8:9c:a9:55:c1:4c:7e:1a:
1e:d3:c8:a2
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYKBmFwarXt1vIZ4o9qthYOmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljNzNkOTQ1M2ZiZWRmYjgwYzQ1NDNiYjUyOWZjMzMwYzFm
OGMxY2UwHhcNMjIwODA5MDc1MzQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmExM2EwNjdkYzJmMDg1ZTViZmE3NjYyMjUyNWVkZTJmYTMzNzkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjgQiJ/DCbSXsUx+7gV71I1asDL7j
ILAVa3tstWOsXfbk2CBrateZM0pK0/bza0HTFRmXCpq9EIeVE9p7UbtRNtEf0zHi
y0vR0KCJZx9IdEBPBGFo/0zEt8vqi+5wQAe5P7bJ+19n8R4ZYYGWoUTkvD3cJy/f
PpGM974HeG+RZTeFocqzB0Ide9vx7gr8nCF3ULv3Uo60a2TQSLz2ALA6NZU3cg3s
wPbnweRko7DBx13b1vnA0f/uKr7qFcO6yyolsXS30UOKPpL1GFobP5hUz/jPTxeT
VqxLKjNWWUSnhAf3U4OrSxjC/qomivIKayDm5ovBzwwwgmfBzjAesHOCQQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFKhOgZ9wvCF5b+nZiJSXt4vozeQMB8GA1UdIwQY
MBaAFJxz2UU/vt+4DEVDu1KfwzDB+MHOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkhQWlJULS0zN2dNUlVPN1VwX0RNTUg0d2M0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC9iMzUzNzktMjEyMi00MTkxLTg4MjEt
YzQ3ZTE4ZGYwMzcxLzEvVXFFNkJuM0M4SVhsdjZkbUlsSmUzaS1qTjVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC9iMzUzNzktMjEyMi00MTkxLTg4MjEtYzQ3ZTE4ZGYwMzcx
LzEvbkhQWlJULS0zN2dNUlVPN1VwX0RNTUg0d2M0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWfjmAwQA
wfOhAwQA2cfVMA0GCSqGSIb3DQEBCwUAA4IBAQBArTlkRhntW8Rbr8sjvbXRCZIs
Cz++3icS3fV/PTJbAME/HjZ2Z3oN4QpFFIO4/NYHql5Y38EQGgwL/woBm9CeeMKR
rN2Ip8L08BLeq0u7SYONsoiO0oZmfi7/GilI0o7bpNBQNjQrfDxgV5V4pJEfsJxg
9ZRJWgKAPJhI4VQGz8fnTQ/C1AJ0kik+0C7J4ciZrh7RhW1nuKzPc1xVkIB0c5hw
Ebn8H4VP9uSY4ttdvxNSZE1odzxOsYOnZdGWuKiA5jx+UBPt+Eh/xocWhSx3alzD
Jz7D/+okMA0jgVNqUvtoA+L2iv5cspklcTPOUL9OiM/4uJypVcFMfhoe08ii
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:06 2023 by rpki-client on console.sobornost.net