Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/5c5821-f342-477a-9eb8-acc2879f9f2e/1/sswTLy0eLjCGIzCamBgPTG3bHd0.roa
File: sswTLy0eLjCGIzCamBgPTG3bHd0.roa (raw, json)
Hash identifier: gmOUF9/2GcayfWzpoPsY7MPbJ+2n7thhp3gHIfrvCrE=
Subject key identifier: B2:CC:13:2F:2D:1E:2E:30:86:23:30:9A:98:18:0F:4C:6D:DB:1D:DD
Certificate issuer: /CN=1360d57284bf127c28140e04b26a8f3e8bdef179
Certificate serial: 1BBE6530
Authority key identifier: 13:60:D5:72:84:BF:12:7C:28:14:0E:04:B2:6A:8F:3E:8B:DE:F1:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E2DVcoS_EnwoFA4EsmqPPove8Xk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/5c5821-f342-477a-9eb8-acc2879f9f2e/1/sswTLy0eLjCGIzCamBgPTG3bHd0.roa
Signing time: Sat 01 Jan 2022 12:55:12 +0000
ROA not before: Sat 01 Jan 2022 12:55:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202140
IP address blocks: 91.236.153.0/24 maxlen: 24
185.51.218.0/24 maxlen: 24
185.51.216.0/24 maxlen: 24
185.51.219.0/24 maxlen: 24
185.51.216.0/22 maxlen: 22
185.51.217.0/24 maxlen: 24
2a00:6760::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 465462576 (0x1bbe6530)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1360d57284bf127c28140e04b26a8f3e8bdef179
Validity
Not Before: Jan 1 12:55:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b2cc132f2d1e2e308623309a98180f4c6ddb1ddd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:b3:f9:a7:77:a5:c8:97:fc:a9:8d:67:09:db:
7d:d0:d2:84:27:3e:58:9e:86:c7:93:c6:a6:c5:df:
01:90:ec:29:71:25:38:e7:ff:97:9e:70:61:0d:e5:
e5:b1:b8:ba:99:d1:6a:70:8e:f4:83:4f:ca:76:16:
75:8c:4c:c9:aa:e9:09:76:94:09:a0:6e:d6:32:c0:
f2:9b:6b:7c:e5:d2:7e:ad:61:b5:e9:78:b7:49:59:
1f:7f:9b:83:88:c9:ac:f0:df:21:da:2f:52:12:4a:
fb:a1:90:dd:a3:11:2b:5a:e5:60:f5:53:46:94:42:
62:fc:a2:4b:b5:d8:67:ff:61:2d:67:6b:92:64:b2:
81:22:b6:14:ff:f4:01:10:7d:79:d2:3c:77:cf:24:
db:df:b0:ca:b9:eb:3e:c9:ec:4a:3f:d3:0d:a1:7f:
60:09:38:f8:4b:17:3f:62:c0:24:26:3d:fc:02:8e:
28:94:2e:8c:27:4d:a5:32:0a:79:5b:27:ef:5e:39:
28:5b:50:9f:96:90:05:b2:dd:5f:bc:e7:e6:9b:b5:
ea:c1:48:b7:91:8e:a9:5c:71:08:5c:10:64:b9:6d:
c1:56:ea:31:e4:0c:a4:66:32:a1:ae:16:00:07:63:
27:62:1f:0b:8d:18:cf:23:f2:f0:76:19:0e:39:b7:
32:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:CC:13:2F:2D:1E:2E:30:86:23:30:9A:98:18:0F:4C:6D:DB:1D:DD
X509v3 Authority Key Identifier:
keyid:13:60:D5:72:84:BF:12:7C:28:14:0E:04:B2:6A:8F:3E:8B:DE:F1:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E2DVcoS_EnwoFA4EsmqPPove8Xk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/5c5821-f342-477a-9eb8-acc2879f9f2e/1/sswTLy0eLjCGIzCamBgPTG3bHd0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/5c5821-f342-477a-9eb8-acc2879f9f2e/1/E2DVcoS_EnwoFA4EsmqPPove8Xk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.236.153.0/24
185.51.216.0/22
IPv6:
2a00:6760::/32
Signature Algorithm: sha256WithRSAEncryption
0d:b4:df:a8:72:d7:c7:33:56:c2:ef:60:eb:00:00:31:8a:28:
e9:da:7c:79:8e:7e:1a:8f:f8:a0:bd:35:49:86:fd:5b:c0:78:
42:44:b9:37:64:31:76:b1:6d:22:bb:00:dd:8c:c3:9e:37:f2:
ff:ac:00:f2:d8:57:8c:bc:0e:80:93:43:65:7f:1a:6c:af:5c:
be:1d:cd:a1:73:e3:ad:f6:66:1c:17:16:48:c5:ca:4f:12:b4:
34:dd:af:e4:c2:19:69:4e:c2:a1:2b:21:91:b2:2d:d1:45:14:
7d:f2:b3:00:78:b5:3a:1c:81:53:a7:b6:17:bd:e4:39:2f:f4:
d0:d6:56:27:d7:eb:57:3b:c9:f6:06:e1:3d:35:ab:13:a4:1f:
54:87:aa:df:40:d6:e7:e2:71:04:9f:a9:ff:16:87:32:10:0b:
bf:b8:3a:03:1e:5c:82:b5:08:ea:5d:6e:66:a3:f3:44:a6:56:
5c:cf:e1:d9:c0:a7:57:a4:d6:eb:fa:52:e8:6e:19:cc:8b:ce:
ea:d0:5e:37:4d:7b:6b:9e:1b:db:38:ba:71:66:90:39:fc:93:
cb:6a:ba:36:7d:18:dc:66:99:39:42:5c:a0:85:23:7c:dc:84:
56:30:3b:aa:2f:ba:46:59:f9:18:35:7a:59:e1:40:17:8a:15:
1e:cb:c4:dc
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEG75lMDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
MzYwZDU3Mjg0YmYxMjdjMjgxNDBlMDRiMjZhOGYzZThiZGVmMTc5MB4XDTIyMDEw
MTEyNTUxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjJjYzEzMmYyZDFl
MmUzMDg2MjMzMDlhOTgxODBmNGM2ZGRiMWRkZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALqz+ad3pciX/KmNZwnbfdDShCc+WJ6Gx5PGpsXfAZDsKXEl
OOf/l55wYQ3l5bG4upnRanCO9INPynYWdYxMyarpCXaUCaBu1jLA8ptrfOXSfq1h
tel4t0lZH3+bg4jJrPDfIdovUhJK+6GQ3aMRK1rlYPVTRpRCYvyiS7XYZ/9hLWdr
kmSygSK2FP/0ARB9edI8d88k29+wyrnrPsnsSj/TDaF/YAk4+EsXP2LAJCY9/AKO
KJQujCdNpTIKeVsn7145KFtQn5aQBbLdX7zn5pu16sFIt5GOqVxxCFwQZLltwVbq
MeQMpGYyoa4WAAdjJ2IfC40YzyPy8HYZDjm3MskCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBSyzBMvLR4uMIYjMJqYGA9Mbdsd3TAfBgNVHSMEGDAWgBQTYNVyhL8SfCgU
DgSyao8+i97xeTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0UyRFZjb1NfRW53b0ZBNEVzbXFQUG92ZThYay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjcvNWM1ODIxLWYzNDItNDc3YS05ZWI4LWFjYzI4NzlmOWYyZS8x
L3Nzd1RMeTBlTGpDR0l6Q2FtQmdQVEczYkhkMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjcv
NWM1ODIxLWYzNDItNDc3YS05ZWI4LWFjYzI4NzlmOWYyZS8xL0UyRFZjb1NfRW53
b0ZBNEVzbXFQUG92ZThYay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAFvsmQMEArkz2DANBAIAAjAHAwUA
KgBnYDANBgkqhkiG9w0BAQsFAAOCAQEADbTfqHLXxzNWwu9g6wAAMYoo6dp8eY5+
Go/4oL01SYb9W8B4QkS5N2QxdrFtIrsA3YzDnjfy/6wA8thXjLwOgJNDZX8abK9c
vh3NoXPjrfZmHBcWSMXKTxK0NN2v5MIZaU7CoSshkbIt0UUUffKzAHi1OhyBU6e2
F73kOS/00NZWJ9frVzvJ9gbhPTWrE6QfVIeq30DW5+JxBJ+p/xaHMhALv7g6Ax5c
grUI6l1uZqPzRKZWXM/h2cCnV6TW6/pS6G4ZzIvO6tBeN017a54b2zi6cWaQOfyT
y2q6Nn0Y3GaZOUJcoIUjfNyEVjA7qi+6Rln5GDV6WeFAF4oVHsvE3A==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:17 2023 by rpki-client on console.sobornost.net