Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/3cc848-7861-4ce1-870d-84b67b470b04/1/2JOLp9sTWqnGO5V208NVAaNfj6c.roa
File: 2JOLp9sTWqnGO5V208NVAaNfj6c.roa (raw, json)
Hash identifier: OPQfWzdwRnGgkgeQyGELsECMIjdlTl+dZ5PohpBchjs=
Subject key identifier: D8:93:8B:A7:DB:13:5A:A9:C6:3B:95:76:D3:C3:55:01:A3:5F:8F:A7
Certificate issuer: /CN=ad367bc19f066996490a206674c8da8f5ed2cd0e
Certificate serial: 4C4771
Authority key identifier: AD:36:7B:C1:9F:06:69:96:49:0A:20:66:74:C8:DA:8F:5E:D2:CD:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rTZ7wZ8GaZZJCiBmdMjaj17SzQ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/3cc848-7861-4ce1-870d-84b67b470b04/1/2JOLp9sTWqnGO5V208NVAaNfj6c.roa
Signing time: Sat 01 Jan 2022 02:51:57 +0000
ROA not before: Sat 01 Jan 2022 02:51:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 56322
IP address blocks: 185.163.204.0/24 maxlen: 24
91.219.236.0/24 maxlen: 24
91.219.237.0/24 maxlen: 24
91.219.238.0/24 maxlen: 24
91.219.236.0/22 maxlen: 22
91.219.239.0/24 maxlen: 24
2a10:c800:1::/48 maxlen: 48
2a10:c800::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4999025 (0x4c4771)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad367bc19f066996490a206674c8da8f5ed2cd0e
Validity
Not Before: Jan 1 02:51:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d8938ba7db135aa9c63b9576d3c35501a35f8fa7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:a5:59:47:c3:63:32:92:19:ca:34:00:ea:e7:
0e:12:13:58:24:eb:0d:c2:2c:da:f8:90:d3:1f:36:
bc:b9:2a:15:09:2c:72:48:5a:80:3b:db:89:0d:2a:
3c:43:ea:da:ae:6d:b4:97:27:5d:88:5b:52:27:6b:
71:25:6d:99:86:ee:ea:af:3d:81:10:af:61:de:26:
14:a2:50:46:06:5f:0b:e5:14:25:ba:91:cf:8c:4e:
29:1a:ce:d3:8e:a0:a4:f4:0a:e9:1a:ca:ad:1f:0c:
7a:f1:bb:81:9d:0d:18:07:a4:96:31:23:b2:88:ea:
12:d5:5e:d9:f8:22:dc:6d:eb:91:b5:2c:b7:82:4a:
a3:a2:ec:93:b2:ae:bd:d2:ee:2f:b4:25:eb:d5:27:
89:15:1f:8d:cc:90:5f:e2:0a:70:89:5e:c1:fc:55:
8c:85:b7:5a:af:d5:27:27:f0:0c:88:b2:6c:19:94:
21:7f:7f:63:f9:b4:6b:c3:c5:b6:22:20:f1:2d:57:
9f:f4:d2:70:9e:e2:0c:e7:82:71:31:39:3c:08:b5:
2b:16:b9:99:fa:27:0a:9f:57:72:cc:f2:da:af:de:
cc:f1:2f:5f:a6:16:35:0f:09:d3:74:2d:02:e0:18:
1a:8e:3c:8d:76:c1:ab:40:e6:96:68:ad:38:34:40:
a0:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:93:8B:A7:DB:13:5A:A9:C6:3B:95:76:D3:C3:55:01:A3:5F:8F:A7
X509v3 Authority Key Identifier:
keyid:AD:36:7B:C1:9F:06:69:96:49:0A:20:66:74:C8:DA:8F:5E:D2:CD:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rTZ7wZ8GaZZJCiBmdMjaj17SzQ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/3cc848-7861-4ce1-870d-84b67b470b04/1/2JOLp9sTWqnGO5V208NVAaNfj6c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/3cc848-7861-4ce1-870d-84b67b470b04/1/rTZ7wZ8GaZZJCiBmdMjaj17SzQ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.219.236.0/22
185.163.204.0/24
IPv6:
2a10:c800::/47
Signature Algorithm: sha256WithRSAEncryption
02:0c:6c:23:a9:61:05:a6:1e:c4:a1:1c:8e:31:1f:fd:5e:55:
60:59:7e:d2:d6:36:77:19:38:04:d3:b6:40:e4:26:05:3c:32:
3e:ab:e1:64:49:bc:65:92:65:8d:69:62:82:73:bf:0b:c2:f7:
38:78:63:54:aa:6c:0f:0e:25:5e:63:ea:cf:c1:28:2a:b2:76:
17:94:66:c3:0a:33:d5:56:73:0f:a3:06:e4:27:24:8a:15:c9:
cd:46:14:0c:3c:e0:ad:75:18:8d:1b:4a:4a:76:cb:d9:8f:cf:
21:23:96:e5:94:a0:28:bf:1b:25:ad:5a:b8:e8:04:72:81:42:
95:63:30:d1:8d:92:bd:79:c9:ef:af:91:85:73:29:ea:be:a3:
32:cc:80:99:b2:45:9a:b2:fc:b9:0b:94:fb:31:ed:2f:9f:b0:
10:b1:2a:8f:05:b2:1f:1a:48:d2:e6:6d:35:71:dd:36:5d:2d:
4d:b5:6d:8d:54:52:6a:1f:6c:80:f7:47:3c:1b:eb:ca:e6:d7:
02:61:24:c2:3d:86:47:42:66:59:11:76:84:40:77:e9:82:71:
3c:82:72:ec:59:8f:c4:5f:9c:90:4b:39:7d:8b:18:02:59:9a:
dd:1e:27:ab:45:a3:65:ac:39:8b:31:3f:12:9a:6a:f6:2e:2b:
92:78:ef:0a
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgIDTEdxMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGFk
MzY3YmMxOWYwNjY5OTY0OTBhMjA2Njc0YzhkYThmNWVkMmNkMGUwHhcNMjIwMTAx
MDI1MTU3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhkODkzOGJhN2RiMTM1
YWE5YzYzYjk1NzZkM2MzNTUwMWEzNWY4ZmE3MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA4qVZR8NjMpIZyjQA6ucOEhNYJOsNwiza+JDTHza8uSoVCSxy
SFqAO9uJDSo8Q+rarm20lyddiFtSJ2txJW2Zhu7qrz2BEK9h3iYUolBGBl8L5RQl
upHPjE4pGs7TjqCk9ArpGsqtHwx68buBnQ0YB6SWMSOyiOoS1V7Z+CLcbeuRtSy3
gkqjouyTsq690u4vtCXr1SeJFR+NzJBf4gpwiV7B/FWMhbdar9UnJ/AMiLJsGZQh
f39j+bRrw8W2IiDxLVef9NJwnuIM54JxMTk8CLUrFrmZ+icKn1dyzPLar97M8S9f
phY1DwnTdC0C4BgajjyNdsGrQOaWaK04NECgvQIDAQABo4ICIDCCAhwwHQYDVR0O
BBYEFNiTi6fbE1qpxjuVdtPDVQGjX4+nMB8GA1UdIwQYMBaAFK02e8GfBmmWSQog
ZnTI2o9e0s0OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
clRaN3daOEdhWlpKQ2lCbWRNamFqMTdTelE0LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jYi8zY2M4NDgtNzg2MS00Y2UxLTg3MGQtODRiNjdiNDcwYjA0LzEv
MkpPTHA5c1RXcW5HTzVWMjA4TlZBYU5majZjLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi8z
Y2M4NDgtNzg2MS00Y2UxLTg3MGQtODRiNjdiNDcwYjA0LzEvclRaN3daOEdhWlpK
Q2lCbWRNamFqMTdTelE0LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDYG
CCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQCW9vsAwQAuaPMMA8EAgACMAkDBwEq
EMgAAAAwDQYJKoZIhvcNAQELBQADggEBAAIMbCOpYQWmHsShHI4xH/1eVWBZftLW
NncZOATTtkDkJgU8Mj6r4WRJvGWSZY1pYoJzvwvC9zh4Y1SqbA8OJV5j6s/BKCqy
dheUZsMKM9VWcw+jBuQnJIoVyc1GFAw84K11GI0bSkp2y9mPzyEjluWUoCi/GyWt
WrjoBHKBQpVjMNGNkr15ye+vkYVzKeq+ozLMgJmyRZqy/LkLlPsx7S+fsBCxKo8F
sh8aSNLmbTVx3TZdLU21bY1UUmofbID3Rzwb68rm1wJhJMI9hkdCZlkRdoRAd+mC
cTyCcuxZj8RfnJBLOX2LGAJZmt0eJ6tFo2WsOYsxPxKaavYuK5J47wo=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:29 2023 by rpki-client on console.sobornost.net