Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/40b8f6-685d-4e86-97d8-6e31347d04d9/1/8dxLhk8djgTaAPdAzjI3g2dRMws.roa
File: 8dxLhk8djgTaAPdAzjI3g2dRMws.roa (raw, json)
Hash identifier: MV0pgY8msJ+ogVFJ4vt3lVJ/95AJWartweWedFRKG20=
Subject key identifier: F1:DC:4B:86:4F:1D:8E:04:DA:00:F7:40:CE:32:37:83:67:51:33:0B
Certificate issuer: /CN=58dd42ab3460279709c134b570f76e34e4d95b91
Certificate serial: 01855447609789987D54605D06D5876B3215
Authority key identifier: 58:DD:42:AB:34:60:27:97:09:C1:34:B5:70:F7:6E:34:E4:D9:5B:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WN1CqzRgJ5cJwTS1cPduNOTZW5E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/40b8f6-685d-4e86-97d8-6e31347d04d9/1/8dxLhk8djgTaAPdAzjI3g2dRMws.roa
Signing time: Tue 27 Dec 2022 15:50:41 +0000
ROA not before: Tue 27 Dec 2022 15:50:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29152
IP address blocks: 195.80.152.0/24 maxlen: 24
195.80.158.0/24 maxlen: 24
195.80.154.0/24 maxlen: 24
195.80.157.0/24 maxlen: 24
195.80.153.0/24 maxlen: 24
195.80.156.0/24 maxlen: 24
195.80.159.0/24 maxlen: 24
195.80.155.0/24 maxlen: 24
2a00:1b11:115::/48 maxlen: 48
2a00:1b11:116::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:54:47:60:97:89:98:7d:54:60:5d:06:d5:87:6b:32:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58dd42ab3460279709c134b570f76e34e4d95b91
Validity
Not Before: Dec 27 15:50:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f1dc4b864f1d8e04da00f740ce3237836751330b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:dc:5d:c7:8e:35:5a:95:61:bd:41:ff:56:36:
63:67:2c:7a:c5:ac:56:2d:d3:68:09:2d:f0:d9:f7:
50:ad:7a:f8:b8:a6:48:b2:17:24:e3:4c:b5:b0:cb:
3e:39:41:e8:82:76:9f:59:45:4d:46:43:75:73:f5:
bc:46:e6:03:08:16:5d:b2:43:19:c1:20:2e:01:62:
de:22:e0:b9:6b:d6:af:98:ac:10:98:fe:d0:3e:30:
c4:58:6f:02:c6:06:dc:da:a8:7b:9b:0b:ec:f4:7c:
99:5a:0e:bb:d8:da:d9:67:5a:14:81:1f:4a:8b:7d:
e2:1d:db:76:94:fd:a4:d7:1a:76:ad:ac:b4:6c:84:
1f:98:25:9d:15:df:7d:31:21:2c:a8:95:2a:e7:71:
5c:08:04:c5:c5:d8:ad:c8:5d:0d:2b:b7:1a:c3:e0:
7a:ae:86:08:2d:24:c5:b4:1e:92:0d:68:0d:ff:76:
96:ed:a6:f7:01:24:90:8d:3a:83:5d:f6:af:a0:4b:
0e:93:b0:5e:0b:f7:2b:bc:86:df:ee:f3:35:91:84:
6f:ec:90:5e:da:a6:5a:cd:0d:0e:93:b3:da:a4:55:
54:21:07:4c:7c:cb:b4:df:cc:ba:ee:f7:18:10:f1:
97:4a:c7:ee:7e:c3:bf:56:60:18:aa:8d:58:c9:df:
31:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:DC:4B:86:4F:1D:8E:04:DA:00:F7:40:CE:32:37:83:67:51:33:0B
X509v3 Authority Key Identifier:
keyid:58:DD:42:AB:34:60:27:97:09:C1:34:B5:70:F7:6E:34:E4:D9:5B:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WN1CqzRgJ5cJwTS1cPduNOTZW5E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/40b8f6-685d-4e86-97d8-6e31347d04d9/1/8dxLhk8djgTaAPdAzjI3g2dRMws.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/40b8f6-685d-4e86-97d8-6e31347d04d9/1/WN1CqzRgJ5cJwTS1cPduNOTZW5E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.80.152.0/21
IPv6:
2a00:1b11:115::-2a00:1b11:116:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
61:de:3f:7b:18:90:4a:48:5d:24:5e:8a:37:95:31:ea:45:0a:
3c:2f:82:91:7c:4b:1f:60:c7:e8:bd:9a:4d:ba:7e:80:bf:71:
f7:27:6a:26:0c:d8:07:d0:a9:35:ed:ae:b8:4e:23:ab:fd:3f:
27:66:0c:c6:c0:c1:aa:a3:61:a4:21:36:b2:b5:34:a9:96:fe:
1b:65:d1:35:f4:d5:33:42:b2:a5:ca:5f:fd:d4:41:79:54:46:
b4:2a:30:d4:7f:fa:b0:67:79:78:50:f2:02:4a:7f:9c:86:d7:
21:5b:11:2d:69:7e:61:4a:48:03:e5:e8:54:eb:8f:7f:cb:84:
0e:bb:be:4f:8b:2d:e2:e4:a1:1d:f7:34:bd:10:30:85:92:21:
92:d3:0b:8c:3b:20:b4:5a:8d:f5:25:ef:28:34:5d:26:0f:8a:
cb:1e:c2:8a:c1:03:2b:d3:00:32:2e:84:a5:95:75:5a:64:6c:
d5:72:d1:0a:26:4e:f6:22:7d:df:56:75:cc:41:57:9d:3f:9c:
7d:c2:ff:62:8b:c4:3e:0f:e2:76:8c:49:dd:71:8e:d1:78:d1:
6a:ec:dc:2f:4e:8c:19:20:fa:15:2f:b4:8e:b2:c5:eb:a8:8e:
0a:98:ae:92:3c:21:64:7b:d2:bf:28:7f:a6:08:07:d0:f2:58:
fe:53:15:9e
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYVUR2CXiZh9VGBdBtWHazIVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4ZGQ0MmFiMzQ2MDI3OTcwOWMxMzRiNTcwZjc2ZTM0ZTRk
OTViOTEwHhcNMjIxMjI3MTU1MDQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMWRjNGI4NjRmMWQ4ZTA0ZGEwMGY3NDBjZTMyMzc4MzY3NTEzMzBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAutxdx441WpVhvUH/VjZjZyx6xaxW
LdNoCS3w2fdQrXr4uKZIshck40y1sMs+OUHognafWUVNRkN1c/W8RuYDCBZdskMZ
wSAuAWLeIuC5a9avmKwQmP7QPjDEWG8Cxgbc2qh7mwvs9HyZWg672NrZZ1oUgR9K
i33iHdt2lP2k1xp2ray0bIQfmCWdFd99MSEsqJUq53FcCATFxdityF0NK7caw+B6
roYILSTFtB6SDWgN/3aW7ab3ASSQjTqDXfavoEsOk7BeC/crvIbf7vM1kYRv7JBe
2qZazQ0Ok7PapFVUIQdMfMu038y67vcYEPGXSsfufsO/VmAYqo1Yyd8xmwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFPHcS4ZPHY4E2gD3QM4yN4NnUTMLMB8GA1UdIwQY
MBaAFFjdQqs0YCeXCcE0tXD3bjTk2VuRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV04xQ3F6UmdKNWNKd1RTMWNQZHVOT1RaVzVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC80MGI4ZjYtNjg1ZC00ZTg2LTk3ZDgt
NmUzMTM0N2QwNGQ5LzEvOGR4TGhrOGRqZ1RhQVBkQXpqSTNnMmRSTXdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC80MGI4ZjYtNjg1ZC00ZTg2LTk3ZDgtNmUzMTM0N2QwNGQ5
LzEvV04xQ3F6UmdKNWNKd1RTMWNQZHVOT1RaVzVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAMBAIAATAGAwQDw1CYMBoE
AgACMBQwEgMHACoAGxEBFQMHACoAGxEBFjANBgkqhkiG9w0BAQsFAAOCAQEAYd4/
exiQSkhdJF6KN5Ux6kUKPC+CkXxLH2DH6L2aTbp+gL9x9ydqJgzYB9CpNe2uuE4j
q/0/J2YMxsDBqqNhpCE2srU0qZb+G2XRNfTVM0Kypcpf/dRBeVRGtCow1H/6sGd5
eFDyAkp/nIbXIVsRLWl+YUpIA+XoVOuPf8uEDru+T4st4uShHfc0vRAwhZIhktML
jDsgtFqN9SXvKDRdJg+Kyx7CisEDK9MAMi6EpZV1WmRs1XLRCiZO9iJ931Z1zEFX
nT+cfcL/YovEPg/idoxJ3XGO0XjRauzcL06MGSD6FS+0jrLF66iOCpiukjwhZHvS
vyh/pggH0PJY/lMVng==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:05 2023 by rpki-client on console.sobornost.net