Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/469974-1184-4824-9181-f4a275d6b584/1/yqJA7nmGgGYtOYvun_kq7CeHPio.roa
File: yqJA7nmGgGYtOYvun_kq7CeHPio.roa (raw, json)
Hash identifier: tJCmd/32sh+b0errOooyNTF8X3qYVXhzCa9hRZNG9d0=
Subject key identifier: CA:A2:40:EE:79:86:80:66:2D:39:8B:EE:9F:F9:2A:EC:27:87:3E:2A
Certificate issuer: /CN=a74de092dc2e4d72aa7e6a960d21ad4e79758b3c
Certificate serial: 0CAB7129
Authority key identifier: A7:4D:E0:92:DC:2E:4D:72:AA:7E:6A:96:0D:21:AD:4E:79:75:8B:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p03gktwuTXKqfmqWDSGtTnl1izw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/469974-1184-4824-9181-f4a275d6b584/1/yqJA7nmGgGYtOYvun_kq7CeHPio.roa
Signing time: Thu 21 Apr 2022 13:11:14 +0000
ROA not before: Thu 21 Apr 2022 13:11:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12521
IP address blocks: 91.195.72.0/23 maxlen: 24
91.195.102.0/23 maxlen: 24
212.85.32.0/20 maxlen: 24
212.85.48.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 212562217 (0xcab7129)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a74de092dc2e4d72aa7e6a960d21ad4e79758b3c
Validity
Not Before: Apr 21 13:11:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=caa240ee798680662d398bee9ff92aec27873e2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:85:ab:9c:78:ec:49:33:19:4c:2f:a0:d5:b9:
21:cb:b9:88:22:df:2b:31:65:b2:1a:1a:20:83:11:
47:9d:9a:78:15:d7:ed:44:f3:4b:25:c8:c8:9b:b8:
22:2e:46:b9:a1:fc:02:57:38:5b:f0:ee:fc:df:89:
23:35:8e:1d:b8:0b:5b:a9:89:3b:84:50:4c:07:9c:
17:26:b6:fc:f0:59:e2:31:04:fe:3e:4d:1a:20:53:
ec:37:c4:7c:4d:94:55:e5:fc:46:23:4c:7f:75:5c:
8e:d7:5a:1f:e9:21:25:b5:d9:5d:57:6b:3f:0f:33:
bb:bd:66:3c:a3:4c:ef:be:fe:60:0f:3e:7c:e5:fa:
03:23:ed:4b:6c:ba:e1:b8:e2:0f:99:0e:40:30:16:
89:cb:0f:46:02:6e:c1:70:d3:7c:cb:5b:8f:b6:7e:
63:37:86:e0:17:71:09:a8:7f:30:2f:94:45:9f:8d:
5a:43:b8:59:72:19:14:76:59:11:32:48:fd:23:66:
5e:08:f2:31:d9:74:ca:25:26:d0:18:80:2b:ca:d8:
1e:7a:79:20:6d:34:15:62:87:61:7e:4a:b2:3c:a9:
06:82:55:34:d6:6a:ce:08:83:5f:f2:28:16:52:ed:
e0:86:98:9d:a4:13:fe:72:20:c2:ae:5d:6b:44:8b:
93:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:A2:40:EE:79:86:80:66:2D:39:8B:EE:9F:F9:2A:EC:27:87:3E:2A
X509v3 Authority Key Identifier:
keyid:A7:4D:E0:92:DC:2E:4D:72:AA:7E:6A:96:0D:21:AD:4E:79:75:8B:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p03gktwuTXKqfmqWDSGtTnl1izw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/469974-1184-4824-9181-f4a275d6b584/1/yqJA7nmGgGYtOYvun_kq7CeHPio.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/469974-1184-4824-9181-f4a275d6b584/1/p03gktwuTXKqfmqWDSGtTnl1izw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.195.72.0/23
91.195.102.0/23
212.85.32.0-212.85.55.255
Signature Algorithm: sha256WithRSAEncryption
15:29:8f:aa:a5:72:8d:7f:c8:e5:04:cc:d8:cc:41:f7:25:c5:
ea:1e:0e:59:ad:ec:cd:de:8f:87:cf:eb:45:78:05:da:ff:31:
ec:68:49:ae:eb:f7:10:d8:57:84:ed:bc:be:94:f0:3e:05:94:
9a:2e:4c:d6:9a:15:a6:48:65:df:ad:b9:dd:e0:c5:a5:b5:47:
90:c8:77:31:9b:82:0c:11:88:50:a4:0b:86:ca:77:ca:5b:6b:
ec:f0:60:d7:7d:b3:70:d6:1e:93:33:0f:95:b1:91:81:19:9f:
52:b2:03:5d:9f:de:06:31:f1:82:e8:fe:10:d8:5a:51:0c:7f:
18:99:bc:ba:fc:c8:e3:d5:e8:61:82:de:4a:dc:7e:ca:c5:e0:
ad:7b:7f:c2:bc:83:ef:91:cd:63:71:c5:a9:fb:55:0b:3b:8f:
34:72:ce:11:62:5e:11:45:45:7c:96:a6:22:74:53:e2:97:e3:
92:04:d3:c4:92:c6:5d:92:af:87:21:33:f9:fe:ea:1c:90:45:
31:0e:25:3a:48:21:da:ba:54:1b:0e:e0:59:87:b3:ca:25:4b:
f1:3f:c1:77:d3:73:1f:e8:ee:cc:f8:37:3d:b0:7f:d0:d5:11:
f3:e8:c6:ef:2d:ce:67:1c:07:2b:02:85:cf:b0:06:08:c5:26:
e2:3d:ea:27
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIEDKtxKTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
NzRkZTA5MmRjMmU0ZDcyYWE3ZTZhOTYwZDIxYWQ0ZTc5NzU4YjNjMB4XDTIyMDQy
MTEzMTExNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2FhMjQwZWU3OTg2
ODA2NjJkMzk4YmVlOWZmOTJhZWMyNzg3M2UyYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJuFq5x47EkzGUwvoNW5Icu5iCLfKzFlshoaIIMRR52aeBXX
7UTzSyXIyJu4Ii5GuaH8Alc4W/Du/N+JIzWOHbgLW6mJO4RQTAecFya2/PBZ4jEE
/j5NGiBT7DfEfE2UVeX8RiNMf3VcjtdaH+khJbXZXVdrPw8zu71mPKNM777+YA8+
fOX6AyPtS2y64bjiD5kOQDAWicsPRgJuwXDTfMtbj7Z+YzeG4BdxCah/MC+URZ+N
WkO4WXIZFHZZETJI/SNmXgjyMdl0yiUm0BiAK8rYHnp5IG00FWKHYX5KsjypBoJV
NNZqzgiDX/IoFlLt4IaYnaQT/nIgwq5da0SLk7sCAwEAAaOCAh0wggIZMB0GA1Ud
DgQWBBTKokDueYaAZi05i+6f+SrsJ4c+KjAfBgNVHSMEGDAWgBSnTeCS3C5Ncqp+
apYNIa1OeXWLPDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3AwM2drdHd1VFhLcWZtcVdEU0d0VG5sMWl6dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzIvNDY5OTc0LTExODQtNDgyNC05MTgxLWY0YTI3NWQ2YjU4NC8x
L3lxSkE3bm1HZ0dZdE9ZdnVuX2txN0NlSFBpby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzIv
NDY5OTc0LTExODQtNDgyNC05MTgxLWY0YTI3NWQ2YjU4NC8xL3AwM2drdHd1VFhL
cWZtcVdEU0d0VG5sMWl6dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAz
BggrBgEFBQcBBwEB/wQkMCIwIAQCAAEwGgMEAVvDSAMEAVvDZjAMAwQF1FUgAwQD
1FUwMA0GCSqGSIb3DQEBCwUAA4IBAQAVKY+qpXKNf8jlBMzYzEH3JcXqHg5ZrezN
3o+Hz+tFeAXa/zHsaEmu6/cQ2FeE7by+lPA+BZSaLkzWmhWmSGXfrbnd4MWltUeQ
yHcxm4IMEYhQpAuGynfKW2vs8GDXfbNw1h6TMw+VsZGBGZ9SsgNdn94GMfGC6P4Q
2FpRDH8Ymby6/Mjj1ehhgt5K3H7KxeCte3/CvIPvkc1jccWp+1ULO480cs4RYl4R
RUV8lqYidFPil+OSBNPEksZdkq+HITP5/uockEUxDiU6SCHaulQbDuBZh7PKJUvx
P8F303Mf6O7M+Dc9sH/Q1RHz6MbvLc5nHAcrAoXPsAYIxSbiPeon
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:25 2023 by rpki-client on console.sobornost.net