Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/b35379-2122-4191-8821-c47e18df0371/1/lWfjbxZmaMPv_AuV26f52AEnccY.roa
File: lWfjbxZmaMPv_AuV26f52AEnccY.roa (raw, json)
Hash identifier: Bu4vf/kNxlPh6gH89aZqnAHr6tYK82n/EvQ/Sa9q5kk=
Subject key identifier: 95:67:E3:6F:16:66:68:C3:EF:FC:0B:95:DB:A7:F9:D8:01:27:71:C6
Certificate issuer: /CN=9c73d9453fbedfb80c4543bb529fc330c1f8c1ce
Certificate serial: 0182A6833DB13FC2B54101137D6813B4ADCD
Authority key identifier: 9C:73:D9:45:3F:BE:DF:B8:0C:45:43:BB:52:9F:C3:30:C1:F8:C1:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nHPZRT--37gMRUO7Up_DMMH4wc4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/b35379-2122-4191-8821-c47e18df0371/1/lWfjbxZmaMPv_AuV26f52AEnccY.roa
Signing time: Tue 16 Aug 2022 11:56:35 +0000
ROA not before: Tue 16 Aug 2022 11:56:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61400
IP address blocks: 217.199.223.0/24 maxlen: 24
217.199.221.0/24 maxlen: 24
217.199.220.0/24 maxlen: 24
193.243.182.0/24 maxlen: 24
78.24.92.0/22 maxlen: 22
185.16.212.0/22 maxlen: 22
37.0.120.0/21 maxlen: 21
89.248.235.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:a6:83:3d:b1:3f:c2:b5:41:01:13:7d:68:13:b4:ad:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c73d9453fbedfb80c4543bb529fc330c1f8c1ce
Validity
Not Before: Aug 16 11:56:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9567e36f166668c3effc0b95dba7f9d8012771c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:71:88:5a:52:d4:6a:37:3a:42:dd:be:a4:4b:
4e:e7:54:79:4b:52:22:ff:1b:85:c0:83:9f:ec:51:
93:6d:82:99:b2:2c:1c:89:81:df:a8:93:fc:29:b6:
15:c2:6a:01:7e:37:ca:0a:79:d9:e7:41:b5:55:29:
d1:d5:ac:4b:32:a3:3d:95:f4:31:b3:33:5a:43:cf:
f4:de:01:6d:39:94:f0:3b:21:8c:1d:0a:cd:48:0f:
19:2b:1c:2d:a6:d5:38:52:7e:d0:80:71:d8:aa:84:
b1:f3:8a:f1:ca:7d:2d:7a:26:1a:46:dc:42:8c:5b:
56:e8:df:34:3b:57:db:31:12:8b:9e:c7:31:21:e7:
db:c1:7a:41:ba:ca:c4:8c:b1:53:de:5f:62:a2:81:
8d:71:65:af:18:70:1d:e3:68:8a:3d:89:c0:b4:a4:
08:44:27:98:aa:93:46:3c:74:8d:0a:da:09:9f:8c:
78:d6:e3:d7:34:d9:fc:cd:1d:07:e8:ef:4a:c4:f0:
c7:21:72:b3:fb:85:da:d1:a7:41:5e:ac:c9:f3:ed:
5d:61:87:49:ee:9a:70:1c:57:45:a2:53:83:d1:42:
a8:dd:ad:5c:85:9d:d5:da:33:63:e4:9b:0d:90:8f:
9b:cf:f6:7c:94:2b:e9:bc:f4:c0:ce:a8:ca:a7:da:
4a:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:67:E3:6F:16:66:68:C3:EF:FC:0B:95:DB:A7:F9:D8:01:27:71:C6
X509v3 Authority Key Identifier:
keyid:9C:73:D9:45:3F:BE:DF:B8:0C:45:43:BB:52:9F:C3:30:C1:F8:C1:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nHPZRT--37gMRUO7Up_DMMH4wc4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/b35379-2122-4191-8821-c47e18df0371/1/lWfjbxZmaMPv_AuV26f52AEnccY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/b35379-2122-4191-8821-c47e18df0371/1/nHPZRT--37gMRUO7Up_DMMH4wc4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.0.120.0/21
78.24.92.0/22
89.248.235.0/24
185.16.212.0/22
193.243.182.0/24
217.199.220.0/23
217.199.223.0/24
Signature Algorithm: sha256WithRSAEncryption
90:2f:42:49:26:e9:2f:bd:a8:24:2a:2b:d0:fb:95:22:e8:9a:
d3:23:7a:e8:de:2d:bc:b9:4c:d1:3b:c2:c9:05:44:0e:1c:2f:
9e:00:49:51:d8:d2:a4:40:91:c4:82:63:e4:3e:d1:28:f4:00:
e0:7f:1a:8e:16:56:78:2d:60:46:9c:ea:69:3f:50:a2:71:7c:
bb:29:f5:2f:8a:de:3b:ef:1b:fe:f6:d6:b7:e0:46:46:aa:9d:
2b:b3:b6:18:c9:8b:ff:4a:5f:6c:ea:ff:bc:11:4f:d2:60:dd:
6c:9d:df:fb:b2:74:5a:f8:a0:60:98:4c:4b:12:77:67:3a:9f:
1c:06:a1:29:ff:77:d2:35:54:73:df:58:cf:7f:d1:f5:a3:fd:
38:d3:89:9e:64:e0:9e:e2:a7:30:8f:c9:b1:08:b2:29:da:76:
08:fa:3a:5e:ea:c8:b8:66:b5:17:59:27:ed:1f:af:57:e8:e9:
35:bd:60:85:c4:b2:d3:f4:05:c2:07:ba:50:eb:dc:6b:69:24:
1d:b9:0d:36:61:ec:e6:58:47:30:6f:0c:89:04:21:73:da:1a:
bb:75:43:34:0e:c0:c8:a9:d0:1b:81:4f:67:c8:24:81:76:59:
8c:d4:9e:61:95:4c:f9:6e:5b:1c:a3:a1:1e:ff:55:aa:45:29:
d3:77:a4:73
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYKmgz2xP8K1QQETfWgTtK3NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljNzNkOTQ1M2ZiZWRmYjgwYzQ1NDNiYjUyOWZjMzMwYzFm
OGMxY2UwHhcNMjIwODE2MTE1NjM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTY3ZTM2ZjE2NjY2OGMzZWZmYzBiOTVkYmE3ZjlkODAxMjc3MWM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAknGIWlLUajc6Qt2+pEtO51R5S1Ii
/xuFwIOf7FGTbYKZsiwciYHfqJP8KbYVwmoBfjfKCnnZ50G1VSnR1axLMqM9lfQx
szNaQ8/03gFtOZTwOyGMHQrNSA8ZKxwtptU4Un7QgHHYqoSx84rxyn0teiYaRtxC
jFtW6N80O1fbMRKLnscxIefbwXpBusrEjLFT3l9iooGNcWWvGHAd42iKPYnAtKQI
RCeYqpNGPHSNCtoJn4x41uPXNNn8zR0H6O9KxPDHIXKz+4Xa0adBXqzJ8+1dYYdJ
7ppwHFdFolOD0UKo3a1chZ3V2jNj5JsNkI+bz/Z8lCvpvPTAzqjKp9pK5QIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFJVn428WZmjD7/wLldun+dgBJ3HGMB8GA1UdIwQY
MBaAFJxz2UU/vt+4DEVDu1KfwzDB+MHOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkhQWlJULS0zN2dNUlVPN1VwX0RNTUg0d2M0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC9iMzUzNzktMjEyMi00MTkxLTg4MjEt
YzQ3ZTE4ZGYwMzcxLzEvbFdmamJ4Wm1hTVB2X0F1VjI2ZjUyQUVuY2NZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC9iMzUzNzktMjEyMi00MTkxLTg4MjEtYzQ3ZTE4ZGYwMzcx
LzEvbkhQWlJULS0zN2dNUlVPN1VwX0RNTUg0d2M0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQDJQB4AwQC
ThhcAwQAWfjrAwQCuRDUAwQAwfO2AwQB2cfcAwQA2cffMA0GCSqGSIb3DQEBCwUA
A4IBAQCQL0JJJukvvagkKivQ+5Ui6JrTI3ro3i28uUzRO8LJBUQOHC+eAElR2NKk
QJHEgmPkPtEo9ADgfxqOFlZ4LWBGnOppP1CicXy7KfUvit477xv+9ta34EZGqp0r
s7YYyYv/Sl9s6v+8EU/SYN1snd/7snRa+KBgmExLEndnOp8cBqEp/3fSNVRz31jP
f9H1o/0404meZOCe4qcwj8mxCLIp2nYI+jpe6si4ZrUXWSftH69X6Ok1vWCFxLLT
9AXCB7pQ69xraSQduQ02YezmWEcwbwyJBCFz2hq7dUM0DsDIqdAbgU9nyCSBdlmM
1J5hlUz5blsco6Ee/1WqRSnTd6Rz
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:06 2023 by rpki-client on console.sobornost.net