Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/373146-2c9d-45cc-85cc-9b7997481f72/1/G6VO69hlf23rMkCmUzpQVKY-Yvw.roa
File: G6VO69hlf23rMkCmUzpQVKY-Yvw.roa (raw, json)
Hash identifier: hyr2nMaVKAM2Kur8mL0ScTG+z5zc+3n/fX0irgXq2jM=
Subject key identifier: 1B:A5:4E:EB:D8:65:7F:6D:EB:32:40:A6:53:3A:50:54:A6:3E:62:FC
Certificate issuer: /CN=0beb38e34bbe17e15772706c7a961a85e5d18b5c
Certificate serial: 1F0F089C
Authority key identifier: 0B:EB:38:E3:4B:BE:17:E1:57:72:70:6C:7A:96:1A:85:E5:D1:8B:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C-s440u-F-FXcnBsepYaheXRi1w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/373146-2c9d-45cc-85cc-9b7997481f72/1/G6VO69hlf23rMkCmUzpQVKY-Yvw.roa
Signing time: Sat 01 Jan 2022 01:00:36 +0000
ROA not before: Sat 01 Jan 2022 01:00:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201958
IP address blocks: 185.42.189.0/24 maxlen: 24
185.42.188.0/23 maxlen: 23
185.42.188.0/24 maxlen: 24
185.42.191.0/24 maxlen: 24
185.42.190.0/24 maxlen: 24
185.42.190.0/23 maxlen: 23
2a04:9140:3003::/48 maxlen: 48
2a04:9140:3043::/48 maxlen: 48
2a04:9140:3044::/48 maxlen: 48
2a04:9140:3104::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 521078940 (0x1f0f089c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0beb38e34bbe17e15772706c7a961a85e5d18b5c
Validity
Not Before: Jan 1 01:00:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1ba54eebd8657f6deb3240a6533a5054a63e62fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:0f:1b:bd:13:a9:27:f1:99:f8:74:b0:08:24:
fb:3b:65:4d:58:87:67:2b:3f:9f:c9:00:a6:35:7f:
6f:24:0d:94:c8:5d:0d:a8:a2:35:dc:70:a9:17:6a:
57:2a:a4:52:06:52:ec:88:95:80:fa:c8:80:3d:a0:
92:91:dd:2d:a6:79:e0:f2:37:41:9c:8a:f9:84:9a:
27:29:70:ea:3f:3a:ce:b1:0c:a4:29:5f:90:90:ac:
9b:5d:32:a0:4f:48:46:d5:8e:4d:2f:da:30:d1:71:
73:99:e1:55:00:b0:b1:2b:78:ef:7e:7f:22:0a:3d:
8e:01:6a:a7:37:3f:26:f2:df:bf:ec:4d:79:5a:21:
64:98:e2:75:fb:da:d2:25:1a:43:7a:47:fc:e5:b4:
a4:5e:9c:15:a2:74:a6:d9:8f:c8:9a:06:2f:83:07:
c1:f2:3e:56:00:b7:a8:72:71:7c:be:7e:0c:98:86:
c4:24:d4:43:7e:2e:4b:a6:22:85:a4:dd:98:29:dd:
42:91:a6:b6:dc:29:62:9d:22:ec:8c:c8:79:de:2a:
0f:b8:5c:07:ef:8e:34:68:2c:3a:fd:d7:33:69:8a:
23:d6:15:3d:6e:04:29:4f:b7:ce:15:36:21:32:56:
55:c6:c7:33:22:06:b3:c7:7e:ad:06:f1:ba:e9:2f:
b7:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:A5:4E:EB:D8:65:7F:6D:EB:32:40:A6:53:3A:50:54:A6:3E:62:FC
X509v3 Authority Key Identifier:
keyid:0B:EB:38:E3:4B:BE:17:E1:57:72:70:6C:7A:96:1A:85:E5:D1:8B:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C-s440u-F-FXcnBsepYaheXRi1w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/373146-2c9d-45cc-85cc-9b7997481f72/1/G6VO69hlf23rMkCmUzpQVKY-Yvw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/373146-2c9d-45cc-85cc-9b7997481f72/1/C-s440u-F-FXcnBsepYaheXRi1w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.42.188.0/22
IPv6:
2a04:9140:3003::/48
2a04:9140:3043::-2a04:9140:3044:ffff:ffff:ffff:ffff:ffff
2a04:9140:3104::/48
Signature Algorithm: sha256WithRSAEncryption
3f:d5:50:e3:2a:eb:9a:f4:08:8c:e3:09:fe:49:e7:ff:59:0f:
05:09:8e:2c:7e:d7:bd:10:11:b0:99:1d:07:c6:83:f4:b3:e7:
75:ce:cb:1c:55:cd:85:e5:c9:61:9c:4c:d5:9f:30:eb:5e:c2:
85:f0:69:99:ca:e5:a9:0a:fa:a2:ff:3d:4e:14:3e:3c:4a:a8:
0c:e9:c6:f3:98:70:af:42:3e:1a:d6:1c:21:7d:47:18:3d:26:
d4:64:15:48:6d:1d:34:66:32:b7:71:88:3d:9c:71:bb:74:49:
20:fa:21:2a:28:ec:51:79:e2:c7:37:93:54:1d:eb:75:3e:3d:
e6:11:df:a4:42:3a:e1:44:bc:bc:8d:6d:46:ba:8e:7c:23:04:
ec:00:15:94:d3:56:25:be:73:72:d5:30:8a:18:4c:3a:56:83:
0d:f3:8b:ed:73:8d:5c:0f:bb:b1:f7:0f:3b:90:9c:33:20:5f:
89:4b:17:31:48:63:da:9b:33:02:d0:88:b1:bd:54:ee:5f:92:
4b:63:0d:f8:13:20:14:7a:17:d0:31:b0:b7:31:6e:c6:05:44:
e7:0f:aa:9f:76:e3:0d:4a:6a:e7:41:01:6c:e7:0e:5a:e7:f6:
7f:b9:94:2f:75:58:e5:f4:25:b5:93:7d:d0:00:3d:63:f5:0a:
65:cf:f3:e3
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgIEHw8InDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
YmViMzhlMzRiYmUxN2UxNTc3MjcwNmM3YTk2MWE4NWU1ZDE4YjVjMB4XDTIyMDEw
MTAxMDAzNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWJhNTRlZWJkODY1
N2Y2ZGViMzI0MGE2NTMzYTUwNTRhNjNlNjJmYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL4PG70TqSfxmfh0sAgk+ztlTViHZys/n8kApjV/byQNlMhd
DaiiNdxwqRdqVyqkUgZS7IiVgPrIgD2gkpHdLaZ54PI3QZyK+YSaJylw6j86zrEM
pClfkJCsm10yoE9IRtWOTS/aMNFxc5nhVQCwsSt4735/Igo9jgFqpzc/JvLfv+xN
eVohZJjidfva0iUaQ3pH/OW0pF6cFaJ0ptmPyJoGL4MHwfI+VgC3qHJxfL5+DJiG
xCTUQ34uS6YihaTdmCndQpGmttwpYp0i7IzIed4qD7hcB++ONGgsOv3XM2mKI9YV
PW4EKU+3zhU2ITJWVcbHMyIGs8d+rQbxuukvt1cCAwEAAaOCAjcwggIzMB0GA1Ud
DgQWBBQbpU7r2GV/besyQKZTOlBUpj5i/DAfBgNVHSMEGDAWgBQL6zjjS74X4Vdy
cGx6lhqF5dGLXDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0MtczQ0MHUtRi1GWGNuQnNlcFlhaGVYUmkxdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjUvMzczMTQ2LTJjOWQtNDVjYy04NWNjLTliNzk5NzQ4MWY3Mi8x
L0c2Vk82OWhsZjIzck1rQ21VenBRVktZLVl2dy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjUv
MzczMTQ2LTJjOWQtNDVjYy04NWNjLTliNzk5NzQ4MWY3Mi8xL0MtczQ0MHUtRi1G
WGNuQnNlcFlhaGVYUmkxdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBN
BggrBgEFBQcBBwEB/wQ+MDwwDAQCAAEwBgMEArkqvDAsBAIAAjAmAwcAKgSRQDAD
MBIDBwAqBJFAMEMDBwAqBJFAMEQDBwAqBJFAMQQwDQYJKoZIhvcNAQELBQADggEB
AD/VUOMq65r0CIzjCf5J5/9ZDwUJjix+170QEbCZHQfGg/Sz53XOyxxVzYXlyWGc
TNWfMOtewoXwaZnK5akK+qL/PU4UPjxKqAzpxvOYcK9CPhrWHCF9Rxg9JtRkFUht
HTRmMrdxiD2ccbt0SSD6ISoo7FF54sc3k1Qd63U+PeYR36RCOuFEvLyNbUa6jnwj
BOwAFZTTViW+c3LVMIoYTDpWgw3zi+1zjVwPu7H3DzuQnDMgX4lLFzFIY9qbMwLQ
iLG9VO5fkktjDfgTIBR6F9AxsLcxbsYFROcPqp924w1KaudBAWznDlrn9n+5lC91
WOX0JbWTfdAAPWP1CmXP8+M=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:08 2023 by rpki-client on console.sobornost.net