Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/dc66f3-8ac9-41b9-8eb8-77295c9ce866/1/2EWZMw4jJrscUQvY7kBFJrWLOXo.roa
File: 2EWZMw4jJrscUQvY7kBFJrWLOXo.roa (raw, json)
Hash identifier: cw3yjfJGSgP573Q0YbVIG7OXTp6oqgU8o4PLAo1p8h0=
Subject key identifier: D8:45:99:33:0E:23:26:BB:1C:51:0B:D8:EE:40:45:26:B5:8B:39:7A
Certificate issuer: /CN=853a1db50ab771dcb529367dd951a67cacc48527
Certificate serial: 06FFE27B
Authority key identifier: 85:3A:1D:B5:0A:B7:71:DC:B5:29:36:7D:D9:51:A6:7C:AC:C4:85:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hTodtQq3cdy1KTZ92VGmfKzEhSc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/dc66f3-8ac9-41b9-8eb8-77295c9ce866/1/2EWZMw4jJrscUQvY7kBFJrWLOXo.roa
Signing time: Sat 01 Jan 2022 00:53:38 +0000
ROA not before: Sat 01 Jan 2022 00:53:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41332
IP address blocks: 194.127.252.0/23 maxlen: 24
194.145.112.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 117432955 (0x6ffe27b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=853a1db50ab771dcb529367dd951a67cacc48527
Validity
Not Before: Jan 1 00:53:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d84599330e2326bb1c510bd8ee404526b58b397a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:f1:e6:9c:55:80:9f:c2:ee:85:7c:02:ef:3f:
71:cb:8a:8a:43:ce:f3:ae:66:87:ef:f1:37:90:cb:
80:25:b8:ba:45:4a:d1:95:0d:94:27:cd:93:a6:e9:
e6:e1:00:fc:d4:58:ee:51:65:bf:68:61:af:70:23:
86:3d:e4:83:fa:95:5e:60:44:41:ec:8e:52:6d:8b:
09:70:1e:46:b9:47:0f:d5:69:f6:ae:b4:a9:6e:02:
c2:57:f4:4c:41:2c:ed:d8:11:43:03:7a:aa:3f:fc:
e5:f6:b4:18:80:24:47:46:02:03:16:5d:60:7f:76:
63:02:0e:09:82:f5:f9:31:3c:48:e3:75:a0:1f:17:
7e:ab:9e:d7:b0:57:9e:0f:d8:e0:5f:fb:7c:21:87:
78:43:5a:f5:aa:9f:77:da:50:9f:53:bc:52:fb:2a:
a6:a3:31:a3:0d:74:98:82:fb:22:94:08:f9:0e:f9:
f5:81:be:a0:57:60:2a:9b:4e:d0:69:01:a4:03:ee:
29:f1:0e:dd:49:6b:f7:06:70:68:01:53:99:39:c8:
96:b8:72:ba:d9:5c:74:32:79:6f:3d:5b:a5:7b:40:
3b:8c:f0:59:55:d4:50:5f:ed:45:97:21:ba:72:cd:
ba:91:a2:fd:20:a5:73:63:41:a5:fa:9c:7c:f4:2e:
90:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:45:99:33:0E:23:26:BB:1C:51:0B:D8:EE:40:45:26:B5:8B:39:7A
X509v3 Authority Key Identifier:
keyid:85:3A:1D:B5:0A:B7:71:DC:B5:29:36:7D:D9:51:A6:7C:AC:C4:85:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hTodtQq3cdy1KTZ92VGmfKzEhSc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/dc66f3-8ac9-41b9-8eb8-77295c9ce866/1/2EWZMw4jJrscUQvY7kBFJrWLOXo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/dc66f3-8ac9-41b9-8eb8-77295c9ce866/1/hTodtQq3cdy1KTZ92VGmfKzEhSc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.127.252.0/23
194.145.112.0/23
Signature Algorithm: sha256WithRSAEncryption
b8:b0:8d:06:ff:59:88:98:3d:9c:99:e9:e2:c9:66:00:a8:d6:
c9:bf:8e:54:d6:c0:98:3e:34:c3:73:71:52:30:8f:34:c3:d9:
c6:23:6c:24:15:19:f1:f6:59:d7:8d:d7:84:d5:ad:1b:82:74:
74:5a:72:db:61:5c:3b:1f:23:65:14:e5:58:00:ce:1e:b4:b1:
88:38:72:09:a2:e5:a3:d8:71:3c:da:ce:a9:c6:e2:d2:e1:04:
97:8f:9d:f9:ad:c7:41:ba:d9:2c:85:e3:f6:bc:c8:09:be:46:
59:32:02:52:d2:c6:c9:9b:28:01:2a:08:a3:ad:08:83:d3:1a:
73:9b:a5:36:cb:dc:62:d7:b6:77:6a:85:04:b1:01:98:0f:a0:
2a:33:b7:85:3a:7d:6e:1a:b8:38:4f:8b:bc:2d:9b:89:9a:02:
5d:12:04:8c:24:dc:31:1d:28:14:bb:12:56:74:00:ab:07:bd:
5e:b5:eb:36:b8:40:94:a8:a0:80:82:25:f4:ae:37:a6:32:43:
e9:0c:1a:eb:f0:5b:71:0c:6c:7c:71:ed:d9:65:1a:54:7a:d8:
11:5f:1d:19:1e:42:09:ab:11:42:ea:10:df:23:f2:40:b6:31:
ed:ef:37:cd:d0:12:c3:57:50:26:90:1b:f7:e7:28:71:70:18:
0c:5e:91:21
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBv/iezANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NTNhMWRiNTBhYjc3MWRjYjUyOTM2N2RkOTUxYTY3Y2FjYzQ4NTI3MB4XDTIyMDEw
MTAwNTMzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDg0NTk5MzMwZTIz
MjZiYjFjNTEwYmQ4ZWU0MDQ1MjZiNThiMzk3YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJLx5pxVgJ/C7oV8Au8/ccuKikPO865mh+/xN5DLgCW4ukVK
0ZUNlCfNk6bp5uEA/NRY7lFlv2hhr3Ajhj3kg/qVXmBEQeyOUm2LCXAeRrlHD9Vp
9q60qW4Cwlf0TEEs7dgRQwN6qj/85fa0GIAkR0YCAxZdYH92YwIOCYL1+TE8SON1
oB8Xfque17BXng/Y4F/7fCGHeENa9aqfd9pQn1O8UvsqpqMxow10mIL7IpQI+Q75
9YG+oFdgKptO0GkBpAPuKfEO3Ulr9wZwaAFTmTnIlrhyutlcdDJ5bz1bpXtAO4zw
WVXUUF/tRZchunLNupGi/SClc2NBpfqcfPQukBcCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTYRZkzDiMmuxxRC9juQEUmtYs5ejAfBgNVHSMEGDAWgBSFOh21Crdx3LUp
Nn3ZUaZ8rMSFJzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2hUb2R0UXEzY2R5MUtUWjkyVkdtZkt6RWhTYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzEvZGM2NmYzLThhYzktNDFiOS04ZWI4LTc3Mjk1YzljZTg2Ni8x
LzJFV1pNdzRqSnJzY1VRdlk3a0JGSnJXTE9Yby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzEv
ZGM2NmYzLThhYzktNDFiOS04ZWI4LTc3Mjk1YzljZTg2Ni8xL2hUb2R0UXEzY2R5
MUtUWjkyVkdtZkt6RWhTYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAcJ//AMEAcKRcDANBgkqhkiG9w0B
AQsFAAOCAQEAuLCNBv9ZiJg9nJnp4slmAKjWyb+OVNbAmD40w3NxUjCPNMPZxiNs
JBUZ8fZZ143XhNWtG4J0dFpy22FcOx8jZRTlWADOHrSxiDhyCaLlo9hxPNrOqcbi
0uEEl4+d+a3HQbrZLIXj9rzICb5GWTICUtLGyZsoASoIo60Ig9Mac5ulNsvcYte2
d2qFBLEBmA+gKjO3hTp9bhq4OE+LvC2biZoCXRIEjCTcMR0oFLsSVnQAqwe9XrXr
NrhAlKiggIIl9K43pjJD6Qwa6/BbcQxsfHHt2WUaVHrYEV8dGR5CCasRQuoQ3yPy
QLYx7e83zdASw1dQJpAb9+cocXAYDF6RIQ==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:23 2023 by rpki-client on console.sobornost.net