Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/ov_wvlH8yQneRxb0qKLUUIzKibg.roa
File: ov_wvlH8yQneRxb0qKLUUIzKibg.roa (raw, json)
Hash identifier: QJowgsuTELDPUp2zlQ1XkL2vgsK/jcfxl2HIiMHtOM8=
Subject key identifier: A2:FF:F0:BE:51:FC:C9:09:DE:47:16:F4:A8:A2:D4:50:8C:CA:89:B8
Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Certificate serial: 0185397F7F6684F93B6449C7D702F36A2B6C
Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/ov_wvlH8yQneRxb0qKLUUIzKibg.roa
Signing time: Thu 22 Dec 2022 11:02:15 +0000
ROA not before: Thu 22 Dec 2022 11:02:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48146
IP address blocks: 151.237.131.0/24 maxlen: 24
185.240.22.0/24 maxlen: 24
185.240.20.0/23 maxlen: 24
185.240.23.0/24 maxlen: 24
151.237.58.0/24 maxlen: 24
194.36.104.0/22 maxlen: 24
185.209.8.0/22 maxlen: 24
151.237.59.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:39:7f:7f:66:84:f9:3b:64:49:c7:d7:02:f3:6a:2b:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Validity
Not Before: Dec 22 11:02:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a2fff0be51fcc909de4716f4a8a2d4508cca89b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:bf:9f:18:2e:f3:aa:78:ad:83:7e:f8:18:f6:
88:25:95:7e:8e:f3:48:85:ab:9f:ed:7f:cb:d2:85:
f6:6c:25:5a:9f:cc:9e:e7:03:4c:92:6e:b4:2a:1e:
58:9b:de:45:93:0b:65:bd:25:94:63:17:2f:2c:a4:
fe:5d:46:b1:60:21:4a:f9:6f:1c:33:d0:ed:0f:98:
06:e5:6f:4a:4c:05:1d:08:e0:de:b7:b7:bf:7a:5d:
5c:66:71:13:9b:2b:dd:a1:fb:d1:2b:47:98:92:4e:
74:b3:4c:5a:9d:b0:36:28:b2:71:b4:27:94:b4:72:
1d:63:7a:25:45:5b:b9:0b:9e:2f:b0:4b:83:9e:1d:
54:ae:7f:9c:63:08:1e:db:db:b1:b5:ed:78:75:fe:
bd:f8:16:17:67:26:a0:ce:4e:aa:8c:15:22:db:b8:
14:11:23:9a:6e:46:59:c2:7d:f1:31:3d:8e:6e:86:
f5:07:0d:c0:f9:d8:da:b2:25:41:69:d5:b4:7a:ce:
34:73:6e:a0:64:32:00:70:36:35:a1:e8:70:2b:57:
88:55:89:bd:5d:54:42:d3:da:72:f9:6a:11:43:ab:
4c:bc:f4:08:c3:b3:4a:f9:95:1c:98:aa:f9:98:f4:
e8:0e:48:6f:5c:c9:3d:fe:94:c9:7f:86:10:33:5c:
4d:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:FF:F0:BE:51:FC:C9:09:DE:47:16:F4:A8:A2:D4:50:8C:CA:89:B8
X509v3 Authority Key Identifier:
keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/ov_wvlH8yQneRxb0qKLUUIzKibg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.237.58.0/23
151.237.131.0/24
185.209.8.0/22
185.240.20.0/22
194.36.104.0/22
Signature Algorithm: sha256WithRSAEncryption
9f:e2:c0:2a:a2:19:1a:8f:ba:03:0e:24:57:ed:6a:46:ad:42:
ec:7e:c0:0d:10:41:63:3c:87:14:db:de:8a:60:17:d2:0f:52:
83:80:5d:b3:49:18:45:4c:4d:bb:3b:1e:6f:7e:57:c4:e4:63:
7a:28:e5:97:72:68:4d:2f:e9:ec:67:15:f0:1f:ff:a1:20:63:
89:ff:1e:64:e4:10:bd:f2:73:b6:6e:73:24:67:ee:cf:3a:a1:
40:f6:c9:b9:82:09:10:68:2b:1b:49:03:b2:e8:f9:c0:52:f0:
af:41:5d:45:32:3f:6c:71:9d:ae:e5:e0:9b:42:27:9b:6c:a8:
62:0a:e0:44:5b:87:b8:93:23:b2:16:b2:43:ce:67:97:de:1f:
25:f4:f4:f7:77:ae:04:58:14:52:cd:58:f9:40:ae:46:d5:76:
14:ec:80:92:b3:05:ee:9c:6d:f6:9f:40:86:81:cc:01:af:c0:
3b:b5:d1:b6:d5:6a:4b:af:b9:0e:6d:d4:cf:7f:86:65:66:44:
8a:13:2e:50:8f:e4:b2:82:b5:10:38:6e:e8:51:75:a7:36:a8:
32:be:e2:25:21:01:83:7a:57:be:87:2e:04:3b:91:20:22:5d:
d8:33:e4:34:c4:c0:66:c4:1a:62:5c:f2:3d:6d:62:8d:23:a2:
3a:48:4b:db
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYU5f39mhPk7ZEnH1wLzaitsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4
YjZiNzUwHhcNMjIxMjIyMTEwMjE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmZmZjBiZTUxZmNjOTA5ZGU0NzE2ZjRhOGEyZDQ1MDhjY2E4OWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoL+fGC7zqnitg374GPaIJZV+jvNI
hauf7X/L0oX2bCVan8ye5wNMkm60Kh5Ym95FkwtlvSWUYxcvLKT+XUaxYCFK+W8c
M9DtD5gG5W9KTAUdCODet7e/el1cZnETmyvdofvRK0eYkk50s0xanbA2KLJxtCeU
tHIdY3olRVu5C54vsEuDnh1Urn+cYwge29uxte14df69+BYXZyagzk6qjBUi27gU
ESOabkZZwn3xMT2Obob1Bw3A+djasiVBadW0es40c26gZDIAcDY1oehwK1eIVYm9
XVRC09py+WoRQ6tMvPQIw7NK+ZUcmKr5mPToDkhvXMk9/pTJf4YQM1xNzQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFKL/8L5R/MkJ3kcW9Kii1FCMyom4MB8GA1UdIwQY
MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt
Yzc5MTRhYjY0MjczLzEvb3Zfd3ZsSDh5UW5lUnhiMHFLTFVVSXpLaWJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYtYzc5MTRhYjY0Mjcz
LzEvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBl+06AwQA
l+2DAwQCudEIAwQCufAUAwQCwiRoMA0GCSqGSIb3DQEBCwUAA4IBAQCf4sAqohka
j7oDDiRX7WpGrULsfsANEEFjPIcU296KYBfSD1KDgF2zSRhFTE27Ox5vflfE5GN6
KOWXcmhNL+nsZxXwH/+hIGOJ/x5k5BC98nO2bnMkZ+7POqFA9sm5ggkQaCsbSQOy
6PnAUvCvQV1FMj9scZ2u5eCbQiebbKhiCuBEW4e4kyOyFrJDzmeX3h8l9PT3d64E
WBRSzVj5QK5G1XYU7ICSswXunG32n0CGgcwBr8A7tdG21WpLr7kObdTPf4ZlZkSK
Ey5Qj+SygrUQOG7oUXWnNqgyvuIlIQGDele+hy4EO5EgIl3YM+Q0xMBmxBpiXPI9
bWKNI6I6SEvb
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:12 2023 by rpki-client on console.sobornost.net