Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/1bHFydMMkZHx4l3TJqUrh2S58RA.roa
File: 1bHFydMMkZHx4l3TJqUrh2S58RA.roa (raw, json)
Hash identifier: R7DxOxu2Tszwd7shmyehbyeO50LwD9iPrPLGb+NvR6U=
Subject key identifier: D5:B1:C5:C9:D3:0C:91:91:F1:E2:5D:D3:26:A5:2B:87:64:B9:F1:10
Certificate issuer: /CN=abbad3de831da94222c1add104caf4c3247689ac
Certificate serial: 1735435F
Authority key identifier: AB:BA:D3:DE:83:1D:A9:42:22:C1:AD:D1:04:CA:F4:C3:24:76:89:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q7rT3oMdqUIiwa3RBMr0wyR2iaw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/1bHFydMMkZHx4l3TJqUrh2S58RA.roa
Signing time: Wed 18 May 2022 08:57:50 +0000
ROA not before: Wed 18 May 2022 08:57:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43260
IP address blocks: 212.68.171.0/24 maxlen: 24
212.68.172.0/24 maxlen: 24
212.68.170.0/24 maxlen: 24
212.68.168.0/24 maxlen: 24
212.68.169.0/24 maxlen: 24
212.68.173.0/24 maxlen: 24
212.68.174.0/24 maxlen: 24
212.68.178.0/24 maxlen: 24
212.68.179.0/24 maxlen: 24
212.68.177.0/24 maxlen: 24
212.68.175.0/24 maxlen: 24
212.68.176.0/24 maxlen: 24
212.68.180.0/24 maxlen: 24
212.68.181.0/24 maxlen: 24
212.68.185.0/24 maxlen: 24
212.68.186.0/24 maxlen: 24
212.68.183.0/24 maxlen: 24
212.68.184.0/24 maxlen: 24
212.68.182.0/24 maxlen: 24
212.68.187.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 389366623 (0x1735435f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=abbad3de831da94222c1add104caf4c3247689ac
Validity
Not Before: May 18 08:57:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d5b1c5c9d30c9191f1e25dd326a52b8764b9f110
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:32:69:b7:02:09:e5:95:06:dd:8d:07:9a:04:
07:cf:98:c9:10:70:c2:61:d5:53:0d:10:35:36:3b:
2d:bb:74:3b:58:8b:4e:d3:af:ee:96:d8:56:66:48:
2f:2f:30:a7:f2:cb:b7:66:dd:0a:7e:92:cc:3b:83:
8d:96:42:3a:bb:72:e0:52:a0:e0:a3:6c:77:62:f3:
3e:0a:9b:3a:69:66:ef:1c:ee:c0:06:65:99:ce:fc:
a0:4f:70:0e:46:d9:1a:e7:7a:87:a2:06:47:05:4d:
75:69:59:bf:7b:7a:ac:26:a7:9c:92:44:ad:01:cd:
ac:97:9e:9b:44:5f:6c:51:47:37:54:b8:1b:b7:3d:
15:c0:e1:d3:50:8e:31:56:b1:ae:a7:90:d8:02:d2:
54:30:28:28:c4:ca:b0:f7:52:25:29:46:e1:7f:67:
3e:68:c0:c3:90:74:d7:8b:a7:b8:51:f8:9f:ea:ed:
16:f9:0c:a4:d3:ee:14:a8:83:66:4f:8d:a2:63:2b:
a8:cd:68:35:92:e4:b8:6b:fa:a8:1e:fc:94:09:c2:
23:99:2f:39:37:e3:ca:27:1b:96:3a:e4:2e:2e:68:
0d:da:76:0f:21:6b:8b:98:b6:7f:ce:fa:90:99:16:
3e:f7:9c:0d:ed:68:55:15:e8:48:63:3d:a6:13:63:
8a:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:B1:C5:C9:D3:0C:91:91:F1:E2:5D:D3:26:A5:2B:87:64:B9:F1:10
X509v3 Authority Key Identifier:
keyid:AB:BA:D3:DE:83:1D:A9:42:22:C1:AD:D1:04:CA:F4:C3:24:76:89:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q7rT3oMdqUIiwa3RBMr0wyR2iaw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/1bHFydMMkZHx4l3TJqUrh2S58RA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/q7rT3oMdqUIiwa3RBMr0wyR2iaw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.68.168.0-212.68.187.255
Signature Algorithm: sha256WithRSAEncryption
1a:f4:a0:7e:6d:db:86:ff:9f:ff:d5:fb:a9:78:9c:57:a2:b8:
69:51:42:fd:d6:33:07:88:28:99:d8:40:ab:94:1a:4c:06:31:
00:e1:0c:e2:3a:ac:cc:11:26:d7:b2:7a:65:0b:0d:9d:5f:c2:
25:00:41:c8:c2:cd:f6:06:e3:18:38:d8:02:00:18:08:b3:e4:
a7:7c:7a:12:37:ec:78:ab:70:f4:29:51:75:f7:35:b2:36:bd:
0b:6c:5f:b4:a3:9b:d6:44:0b:36:1b:85:6c:9c:15:79:76:8c:
63:59:66:89:7a:f1:e1:d7:d6:6c:ee:1c:13:8c:bc:8b:a4:34:
73:d7:69:e3:f1:c2:b2:2d:7e:28:6d:4b:54:79:59:e8:8b:22:
9b:fe:eb:99:f5:0d:ef:d1:5f:0d:34:c7:c9:c8:95:04:05:3e:
88:b9:f4:1f:44:2c:b8:7e:14:cd:00:59:d1:9c:70:3d:46:a7:
71:82:7a:ab:11:cd:f7:a6:e0:64:2c:be:53:0b:00:73:35:20:
c8:42:6b:69:b7:24:cf:f3:a4:52:31:7f:3e:56:1a:97:e8:17:
a8:99:f7:f0:4d:fc:41:ed:01:54:4a:ba:03:0d:bb:91:6c:38:
d8:f0:d7:0b:82:3b:42:d6:32:26:4a:90:46:91:ae:96:84:e4:
cd:5b:83:a2
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEFzVDXzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
YmJhZDNkZTgzMWRhOTQyMjJjMWFkZDEwNGNhZjRjMzI0NzY4OWFjMB4XDTIyMDUx
ODA4NTc1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDViMWM1YzlkMzBj
OTE5MWYxZTI1ZGQzMjZhNTJiODc2NGI5ZjExMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANEyabcCCeWVBt2NB5oEB8+YyRBwwmHVUw0QNTY7Lbt0O1iL
TtOv7pbYVmZILy8wp/LLt2bdCn6SzDuDjZZCOrty4FKg4KNsd2LzPgqbOmlm7xzu
wAZlmc78oE9wDkbZGud6h6IGRwVNdWlZv3t6rCannJJErQHNrJeem0RfbFFHN1S4
G7c9FcDh01COMVaxrqeQ2ALSVDAoKMTKsPdSJSlG4X9nPmjAw5B014unuFH4n+rt
FvkMpNPuFKiDZk+NomMrqM1oNZLkuGv6qB78lAnCI5kvOTfjyicbljrkLi5oDdp2
DyFri5i2f876kJkWPvecDe1oVRXoSGM9phNjil8CAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBTVscXJ0wyRkfHiXdMmpSuHZLnxEDAfBgNVHSMEGDAWgBSrutPegx2pQiLB
rdEEyvTDJHaJrDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3E3clQzb01kcVVJaXdhM1JCTXIwd3lSMmlhdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmMvOGU4MTQ5LWQ1M2MtNDk5Mi1iZDA3LTU1YzQzNGVlYzk2Yy8x
LzFiSEZ5ZE1Na1pIeDRsM1RKcVVyaDJTNThSQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmMv
OGU4MTQ5LWQ1M2MtNDk5Mi1iZDA3LTU1YzQzNGVlYzk2Yy8xL3E3clQzb01kcVVJ
aXdhM1JCTXIwd3lSMmlhdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQD1ESoAwQC1ES4MA0GCSqGSIb3
DQEBCwUAA4IBAQAa9KB+bduG/5//1fupeJxXorhpUUL91jMHiCiZ2ECrlBpMBjEA
4QziOqzMESbXsnplCw2dX8IlAEHIws32BuMYONgCABgIs+SnfHoSN+x4q3D0KVF1
9zWyNr0LbF+0o5vWRAs2G4VsnBV5doxjWWaJevHh19Zs7hwTjLyLpDRz12nj8cKy
LX4obUtUeVnoiyKb/uuZ9Q3v0V8NNMfJyJUEBT6IufQfRCy4fhTNAFnRnHA9Rqdx
gnqrEc33puBkLL5TCwBzNSDIQmtptyTP86RSMX8+VhqX6BeomffwTfxB7QFUSroD
DbuRbDjY8NcLgjtC1jImSpBGka6WhOTNW4Oi
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:19 2023 by rpki-client on console.sobornost.net