Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/226018-0e06-435e-abfd-f5ffee1720c1/1/q00i4a8PWHJQYqKmrP9JHtdWvco.roa
File: q00i4a8PWHJQYqKmrP9JHtdWvco.roa (raw, json)
Hash identifier: 2JYXijXOzNspGAjgtBsEhx37ofbQLbX9avSyU0h+Ozo=
Subject key identifier: AB:4D:22:E1:AF:0F:58:72:50:62:A2:A6:AC:FF:49:1E:D7:56:BD:CA
Certificate issuer: /CN=e50c44ae981e7492d3ba21e28472080180398d64
Certificate serial: 339FD0D3
Authority key identifier: E5:0C:44:AE:98:1E:74:92:D3:BA:21:E2:84:72:08:01:80:39:8D:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5QxErpgedJLTuiHihHIIAYA5jWQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/226018-0e06-435e-abfd-f5ffee1720c1/1/q00i4a8PWHJQYqKmrP9JHtdWvco.roa
Signing time: Sat 01 Jan 2022 15:01:09 +0000
ROA not before: Sat 01 Jan 2022 15:01:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20932
IP address blocks: 217.169.128.0/20 maxlen: 20
217.169.144.0/20 maxlen: 20
194.11.221.0/24 maxlen: 24
185.68.204.0/22 maxlen: 22
2001:41e0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 866111699 (0x339fd0d3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e50c44ae981e7492d3ba21e28472080180398d64
Validity
Not Before: Jan 1 15:01:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ab4d22e1af0f58725062a2a6acff491ed756bdca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:bf:92:dc:c1:bf:d0:67:6e:1c:15:7a:39:1f:
2c:8e:e9:43:a2:30:5d:50:d7:16:53:08:39:ef:e1:
12:c7:f3:69:53:b0:5b:ed:0b:ca:5e:1c:b0:19:b0:
3a:e4:28:dd:a5:6a:17:bf:3a:48:62:82:30:4b:f4:
1c:38:6f:8f:ce:38:57:93:8a:21:9b:d7:48:52:14:
37:ec:f4:a2:05:7d:54:d3:8e:1e:dd:0b:9b:b8:5e:
dc:7a:c6:d1:17:42:0a:ee:e0:59:1b:7a:1e:70:e9:
9e:52:50:b4:f0:9b:ca:4b:ea:f7:48:d4:fc:40:85:
0b:69:0e:56:99:d4:29:1b:1d:30:e8:8d:52:04:99:
a4:f1:3a:61:5a:a4:c3:42:37:48:7e:c2:28:b0:ff:
b4:38:99:2e:14:b3:22:1d:d1:b6:57:d7:9a:90:c3:
9b:1d:8c:50:97:7b:d7:e9:cc:b4:53:d6:3b:e1:14:
a7:f3:93:2a:02:9e:3a:b7:86:ef:de:84:5a:74:fc:
1e:dc:58:b9:35:3d:ef:2e:1f:81:d0:90:0b:b3:cb:
83:47:e9:89:89:e2:9e:31:f3:15:ed:1c:a9:9f:66:
f3:2a:92:d5:bf:b7:7c:ad:97:41:02:05:45:0f:a5:
38:bc:ae:7e:be:7b:ed:54:3a:0e:da:39:0d:15:4c:
7b:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:4D:22:E1:AF:0F:58:72:50:62:A2:A6:AC:FF:49:1E:D7:56:BD:CA
X509v3 Authority Key Identifier:
keyid:E5:0C:44:AE:98:1E:74:92:D3:BA:21:E2:84:72:08:01:80:39:8D:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5QxErpgedJLTuiHihHIIAYA5jWQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/226018-0e06-435e-abfd-f5ffee1720c1/1/q00i4a8PWHJQYqKmrP9JHtdWvco.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/226018-0e06-435e-abfd-f5ffee1720c1/1/5QxErpgedJLTuiHihHIIAYA5jWQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.68.204.0/22
194.11.221.0/24
217.169.128.0/19
IPv6:
2001:41e0::/32
Signature Algorithm: sha256WithRSAEncryption
23:28:5c:5d:b6:9f:03:70:76:b3:de:53:43:22:17:4b:6c:13:
a5:89:84:77:95:01:a6:c4:f1:8a:bd:8f:11:b3:4d:b8:fb:30:
bf:e0:4f:9e:d4:ae:96:17:47:f4:cc:fa:e8:35:c6:08:08:94:
c4:03:60:1f:f6:9c:96:49:07:04:cc:a1:a8:58:75:80:32:dc:
ea:f6:e6:74:2b:93:a4:d5:42:26:8e:00:bc:df:a5:2b:62:7b:
36:2e:b9:19:02:7a:26:0a:f6:fe:d7:4a:e4:30:55:1d:f1:35:
0b:11:82:c2:c9:65:7c:50:be:de:b8:1b:cf:4c:ed:16:f4:68:
16:51:6f:bc:a3:d8:38:7f:07:a5:3e:d7:16:ac:1e:f4:b6:98:
50:c9:87:ad:50:cb:e2:fe:16:64:01:65:6e:5f:b5:5f:7e:77:
b6:dd:a9:97:5c:e0:48:32:33:25:0e:13:bd:2c:df:79:94:3c:
86:aa:59:0f:54:61:14:f5:0c:04:54:bc:1c:21:1e:0a:4f:52:
7a:9b:43:6d:56:de:4e:57:42:27:c1:44:e3:c6:13:3b:67:75:
a7:70:64:f8:f5:75:83:c5:b2:28:78:55:b9:a2:fb:d5:62:cc:
d6:ea:99:0a:f7:13:e4:97:81:2c:25:d2:46:ae:5a:2f:b1:63:
e1:17:70:75
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEM5/Q0zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
NTBjNDRhZTk4MWU3NDkyZDNiYTIxZTI4NDcyMDgwMTgwMzk4ZDY0MB4XDTIyMDEw
MTE1MDEwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWI0ZDIyZTFhZjBm
NTg3MjUwNjJhMmE2YWNmZjQ5MWVkNzU2YmRjYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJa/ktzBv9BnbhwVejkfLI7pQ6IwXVDXFlMIOe/hEsfzaVOw
W+0Lyl4csBmwOuQo3aVqF786SGKCMEv0HDhvj844V5OKIZvXSFIUN+z0ogV9VNOO
Ht0Lm7he3HrG0RdCCu7gWRt6HnDpnlJQtPCbykvq90jU/ECFC2kOVpnUKRsdMOiN
UgSZpPE6YVqkw0I3SH7CKLD/tDiZLhSzIh3RtlfXmpDDmx2MUJd71+nMtFPWO+EU
p/OTKgKeOreG796EWnT8HtxYuTU97y4fgdCQC7PLg0fpiYninjHzFe0cqZ9m8yqS
1b+3fK2XQQIFRQ+lOLyufr577VQ6Dto5DRVMe+8CAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBSrTSLhrw9YclBioqas/0ke11a9yjAfBgNVHSMEGDAWgBTlDESumB50ktO6
IeKEcggBgDmNZDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzVReEVycGdlZEpMVHVpSGloSElJQVlBNWpXUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjcvMjI2MDE4LTBlMDYtNDM1ZS1hYmZkLWY1ZmZlZTE3MjBjMS8x
L3EwMGk0YThQV0hKUVlxS21yUDlKSHRkV3Zjby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjcv
MjI2MDE4LTBlMDYtNDM1ZS1hYmZkLWY1ZmZlZTE3MjBjMS8xLzVReEVycGdlZEpM
VHVpSGloSElJQVlBNWpXUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEArlEzAMEAMIL3QMEBdmpgDANBAIA
AjAHAwUAIAFB4DANBgkqhkiG9w0BAQsFAAOCAQEAIyhcXbafA3B2s95TQyIXS2wT
pYmEd5UBpsTxir2PEbNNuPswv+BPntSulhdH9Mz66DXGCAiUxANgH/aclkkHBMyh
qFh1gDLc6vbmdCuTpNVCJo4AvN+lK2J7Ni65GQJ6Jgr2/tdK5DBVHfE1CxGCwsll
fFC+3rgbz0ztFvRoFlFvvKPYOH8HpT7XFqwe9LaYUMmHrVDL4v4WZAFlbl+1X353
tt2pl1zgSDIzJQ4TvSzfeZQ8hqpZD1RhFPUMBFS8HCEeCk9SeptDbVbeTldCJ8FE
48YTO2d1p3Bk+PV1g8WyKHhVuaL71WLM1uqZCvcT5JeBLCXSRq5aL7Fj4RdwdQ==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:16 2023 by rpki-client on console.sobornost.net