Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/tHYGkOmETvVqljh7vrqGsO3u5bs.roa
File: tHYGkOmETvVqljh7vrqGsO3u5bs.roa (raw, json)
Hash identifier: pIqw49PhYSSc53OgtJq3Eq4Ui6zBN5R8kQxA4WAKw3g=
Subject key identifier: B4:76:06:90:E9:84:4E:F5:6A:96:38:7B:BE:BA:86:B0:ED:EE:E5:BB
Certificate issuer: /CN=d4e2971e5d8169c940af020db027bedad8991590
Certificate serial: 168B9B5E
Authority key identifier: D4:E2:97:1E:5D:81:69:C9:40:AF:02:0D:B0:27:BE:DA:D8:99:15:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1OKXHl2BaclArwINsCe-2tiZFZA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/tHYGkOmETvVqljh7vrqGsO3u5bs.roa
Signing time: Sat 01 Jan 2022 13:04:27 +0000
ROA not before: Sat 01 Jan 2022 13:04:27 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201353
IP address blocks: 185.70.32.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 378248030 (0x168b9b5e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4e2971e5d8169c940af020db027bedad8991590
Validity
Not Before: Jan 1 13:04:27 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b4760690e9844ef56a96387bbeba86b0edeee5bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:1c:9d:d0:da:03:aa:96:e1:c5:9f:a3:4a:83:
fd:9c:9b:2e:ed:c4:2b:fc:af:5f:b0:54:a3:cf:45:
3c:45:41:a5:9d:9c:4a:30:6f:c7:7c:2e:69:ef:82:
87:cf:e0:23:7d:07:26:57:c6:09:83:15:bb:cf:5b:
50:d2:33:9d:e6:d6:70:19:4e:5f:29:76:db:c6:27:
93:26:0e:8f:33:8d:f5:c2:92:22:18:30:ce:f6:ed:
8d:08:71:e5:b5:76:f6:09:7b:3d:b2:ce:0c:1f:8c:
66:05:5f:9f:ea:35:44:08:77:41:f7:5e:7b:ae:c7:
28:6c:a8:9d:b7:44:16:9a:16:6d:64:0a:40:19:53:
16:62:cc:3a:ce:e0:5d:7f:ad:6b:39:99:5a:dd:0f:
39:57:e7:97:59:51:34:ac:d8:0c:ce:71:e1:ca:89:
9e:04:98:85:cc:24:db:17:fa:02:c5:45:00:b4:b8:
59:fa:c4:1b:1e:be:79:52:8f:1f:78:7e:42:4d:c5:
2d:9b:37:51:e3:6b:fb:b6:8a:b3:4a:5d:62:da:75:
b7:f2:8f:da:f4:a6:8f:b5:8b:31:1f:7e:42:c7:30:
25:e3:1c:c1:46:2e:a4:e5:49:ee:39:d8:a4:fd:7e:
ba:3e:74:25:ac:15:2b:4a:ec:b8:cb:d4:31:17:53:
15:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:76:06:90:E9:84:4E:F5:6A:96:38:7B:BE:BA:86:B0:ED:EE:E5:BB
X509v3 Authority Key Identifier:
keyid:D4:E2:97:1E:5D:81:69:C9:40:AF:02:0D:B0:27:BE:DA:D8:99:15:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1OKXHl2BaclArwINsCe-2tiZFZA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/tHYGkOmETvVqljh7vrqGsO3u5bs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/1OKXHl2BaclArwINsCe-2tiZFZA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.70.32.0/22
Signature Algorithm: sha256WithRSAEncryption
96:b7:de:5d:04:4a:71:30:f8:66:d8:2d:5e:89:f7:4c:85:15:
54:b0:6d:46:19:08:12:f9:c2:63:a7:cc:20:7d:5b:85:c3:30:
d3:b8:d0:36:c4:eb:44:05:56:be:fd:d0:ff:57:78:f5:4f:00:
7e:72:55:ce:b7:8c:d6:7c:11:ac:97:6a:fc:b3:6e:64:d1:d4:
53:bb:ec:5a:6a:47:74:f0:ea:22:ce:c2:83:cd:a8:5d:2f:5d:
d3:2f:4d:cc:5d:c0:84:70:c4:c2:6a:39:76:26:e1:45:7a:4e:
4a:52:14:9f:b9:83:c8:a8:d2:f6:89:e1:f2:1d:0b:20:25:e9:
05:6e:de:3f:d5:8e:19:77:ef:66:bf:1d:1f:57:53:36:07:d3:
c4:fe:b4:4f:14:9e:b9:a7:8b:f9:c6:b7:78:2f:db:31:85:53:
2d:e4:91:6c:4a:24:ef:f4:a7:f2:a2:00:cb:f1:32:74:54:be:
b2:47:af:20:88:df:14:9f:ab:63:b4:02:fb:fd:b1:74:59:fe:
f4:df:ee:9e:c5:cf:d1:d4:de:e7:b5:ba:02:e4:34:f3:a3:e8:
19:fa:e0:df:58:af:8e:20:de:c0:1c:9d:4e:05:0f:de:a3:06:
63:a8:d3:fc:fa:3b:6b:f8:66:cd:f3:1a:d5:f7:70:73:04:e3:
35:a3:08:35
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEFoubXjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NGUyOTcxZTVkODE2OWM5NDBhZjAyMGRiMDI3YmVkYWQ4OTkxNTkwMB4XDTIyMDEw
MTEzMDQyN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjQ3NjA2OTBlOTg0
NGVmNTZhOTYzODdiYmViYTg2YjBlZGVlZTViYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJkcndDaA6qW4cWfo0qD/ZybLu3EK/yvX7BUo89FPEVBpZ2c
SjBvx3wuae+Ch8/gI30HJlfGCYMVu89bUNIznebWcBlOXyl228YnkyYOjzON9cKS
IhgwzvbtjQhx5bV29gl7PbLODB+MZgVfn+o1RAh3Qfdee67HKGyonbdEFpoWbWQK
QBlTFmLMOs7gXX+tazmZWt0POVfnl1lRNKzYDM5x4cqJngSYhcwk2xf6AsVFALS4
WfrEGx6+eVKPH3h+Qk3FLZs3UeNr+7aKs0pdYtp1t/KP2vSmj7WLMR9+QscwJeMc
wUYupOVJ7jnYpP1+uj50JawVK0rsuMvUMRdTFcMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBS0dgaQ6YRO9WqWOHu+uoaw7e7luzAfBgNVHSMEGDAWgBTU4pceXYFpyUCv
Ag2wJ77a2JkVkDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFPS1hIbDJCYWNsQXJ3SU5zQ2UtMnRpWkZaQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzAvNDc4YWVhLTZiOTQtNDlhMy1hYTdmLTE4OTQ5MGQ2MGVhNi8x
L3RIWUdrT21FVHZWcWxqaDd2cnFHc08zdTVicy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzAv
NDc4YWVhLTZiOTQtNDlhMy1hYTdmLTE4OTQ5MGQ2MGVhNi8xLzFPS1hIbDJCYWNs
QXJ3SU5zQ2UtMnRpWkZaQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArlGIDANBgkqhkiG9w0BAQsFAAOC
AQEAlrfeXQRKcTD4ZtgtXon3TIUVVLBtRhkIEvnCY6fMIH1bhcMw07jQNsTrRAVW
vv3Q/1d49U8AfnJVzreM1nwRrJdq/LNuZNHUU7vsWmpHdPDqIs7Cg82oXS9d0y9N
zF3AhHDEwmo5dibhRXpOSlIUn7mDyKjS9onh8h0LICXpBW7eP9WOGXfvZr8dH1dT
NgfTxP60TxSeuaeL+ca3eC/bMYVTLeSRbEok7/Sn8qIAy/EydFS+skevIIjfFJ+r
Y7QC+/2xdFn+9N/unsXP0dTe57W6AuQ086PoGfrg31ivjiDewBydTgUP3qMGY6jT
/Po7a/hmzfMa1fdwcwTjNaMINQ==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:11 2023 by rpki-client on console.sobornost.net