Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/543221-f267-4731-a7ad-987173b9e987/1/u6lgmXF9NrluEfmcZPhVrjIDtAo.roa
File: u6lgmXF9NrluEfmcZPhVrjIDtAo.roa (raw, json)
Hash identifier: z6MyLg5ZqH8LC588rmowQHc5MZTu8Pw/bzLklhC7xck=
Subject key identifier: BB:A9:60:99:71:7D:36:B9:6E:11:F9:9C:64:F8:55:AE:32:03:B4:0A
Certificate issuer: /CN=b220d91b4e9d70f034fa16a16a887d4255792ade
Certificate serial: 40CAC056
Authority key identifier: B2:20:D9:1B:4E:9D:70:F0:34:FA:16:A1:6A:88:7D:42:55:79:2A:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/siDZG06dcPA0-hahaoh9QlV5Kt4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/543221-f267-4731-a7ad-987173b9e987/1/u6lgmXF9NrluEfmcZPhVrjIDtAo.roa
Signing time: Sat 01 Jan 2022 16:02:44 +0000
ROA not before: Sat 01 Jan 2022 16:02:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42010
IP address blocks: 5.28.48.0/21 maxlen: 24
128.65.97.0/24 maxlen: 24
128.65.98.0/23 maxlen: 23
128.65.96.0/21 maxlen: 21
128.65.96.0/24 maxlen: 24
91.103.184.0/21 maxlen: 24
185.91.20.0/22 maxlen: 24
128.65.100.0/22 maxlen: 22
2a03:7f80::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1087029334 (0x40cac056)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b220d91b4e9d70f034fa16a16a887d4255792ade
Validity
Not Before: Jan 1 16:02:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bba96099717d36b96e11f99c64f855ae3203b40a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:43:fc:6b:5b:a8:25:41:f6:08:49:47:d7:a2:
0c:37:0c:cf:66:e9:76:12:bd:94:e9:32:85:be:93:
43:09:05:b5:fe:dc:e8:f5:57:98:93:da:fb:e7:e3:
a3:2d:97:3c:71:93:76:f1:93:6d:bf:b6:51:15:f8:
a2:e8:9e:2a:35:27:41:72:91:cb:62:35:16:0d:05:
5e:0a:16:6b:b7:91:95:cd:7f:1f:87:bd:e7:86:39:
9b:a0:02:f3:37:b9:b3:45:72:04:48:13:58:70:c4:
01:8d:77:15:61:37:0c:27:60:8d:44:dc:44:33:bb:
9f:c9:5d:f2:e5:12:c6:40:97:3a:f2:62:ca:3a:3a:
66:a8:20:35:9c:fc:82:e6:2a:2c:b0:6e:00:37:ca:
b0:d7:c0:8b:bc:37:cc:f3:38:48:aa:8a:04:be:9f:
12:01:c5:ac:b2:bd:b5:40:76:16:5b:a2:fa:77:8e:
8c:8a:4b:fe:4f:0a:36:21:a9:b2:77:00:ca:6b:fc:
e6:95:c8:43:6d:de:8b:e0:6c:59:f6:23:52:e3:e8:
34:09:fd:8d:4a:ac:f8:46:63:71:dc:a7:fb:6b:c3:
a9:63:81:0c:b2:58:ff:8f:21:a7:70:f9:37:de:c4:
6a:79:3e:6b:5c:94:aa:d0:31:56:ed:7c:6e:5c:c5:
e2:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:A9:60:99:71:7D:36:B9:6E:11:F9:9C:64:F8:55:AE:32:03:B4:0A
X509v3 Authority Key Identifier:
keyid:B2:20:D9:1B:4E:9D:70:F0:34:FA:16:A1:6A:88:7D:42:55:79:2A:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/siDZG06dcPA0-hahaoh9QlV5Kt4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/543221-f267-4731-a7ad-987173b9e987/1/u6lgmXF9NrluEfmcZPhVrjIDtAo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/543221-f267-4731-a7ad-987173b9e987/1/siDZG06dcPA0-hahaoh9QlV5Kt4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.28.48.0/21
91.103.184.0/21
128.65.96.0/21
185.91.20.0/22
IPv6:
2a03:7f80::/32
Signature Algorithm: sha256WithRSAEncryption
69:e3:c7:39:fb:50:fa:18:21:48:df:a0:cf:c3:0a:78:2d:2f:
e6:a6:f9:8f:81:10:77:8c:b7:ce:f5:d1:aa:39:56:78:ac:03:
a4:34:0f:49:db:56:30:01:14:7f:70:e5:e4:92:a5:d8:95:1d:
cd:48:fc:f6:06:8f:01:36:9c:d0:15:fe:34:56:3e:35:4e:77:
4b:16:fe:60:a8:1d:87:16:d6:05:1d:12:8a:8c:56:cc:44:fc:
87:b9:bd:20:07:97:45:c8:4a:30:ab:3b:07:bc:48:b9:78:0f:
1f:8a:cf:cc:d3:51:09:41:ee:3d:a6:29:82:27:bd:a6:9d:d1:
12:b2:5b:83:ae:ea:01:93:8b:e2:86:6e:e6:08:f8:3b:10:8f:
ed:8d:fb:82:7a:de:6a:a0:90:3a:94:b4:23:c5:86:8b:3a:12:
90:33:ae:f5:90:9a:db:fc:bb:ee:85:9c:5f:36:bd:40:be:6b:
67:99:40:74:4b:87:22:7d:04:2c:b8:61:86:c3:c6:d8:6c:cc:
1f:1f:7f:ab:ba:22:ce:6c:1b:17:3d:50:55:fb:2c:7d:82:f3:
20:bf:6e:ef:15:c2:17:c6:33:28:ea:e9:ed:69:be:f3:b0:92:
46:6b:a7:94:96:67:e2:07:3b:98:5a:77:76:c2:34:cf:a1:bb:
00:9c:91:77
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIEQMrAVjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MjIwZDkxYjRlOWQ3MGYwMzRmYTE2YTE2YTg4N2Q0MjU1NzkyYWRlMB4XDTIyMDEw
MTE2MDI0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmJhOTYwOTk3MTdk
MzZiOTZlMTFmOTljNjRmODU1YWUzMjAzYjQwYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKRD/GtbqCVB9ghJR9eiDDcMz2bpdhK9lOkyhb6TQwkFtf7c
6PVXmJPa++fjoy2XPHGTdvGTbb+2URX4ouieKjUnQXKRy2I1Fg0FXgoWa7eRlc1/
H4e954Y5m6AC8ze5s0VyBEgTWHDEAY13FWE3DCdgjUTcRDO7n8ld8uUSxkCXOvJi
yjo6ZqggNZz8guYqLLBuADfKsNfAi7w3zPM4SKqKBL6fEgHFrLK9tUB2Flui+neO
jIpL/k8KNiGpsncAymv85pXIQ23ei+BsWfYjUuPoNAn9jUqs+EZjcdyn+2vDqWOB
DLJY/48hp3D5N97Eank+a1yUqtAxVu18blzF4iECAwEAAaOCAiowggImMB0GA1Ud
DgQWBBS7qWCZcX02uW4R+Zxk+FWuMgO0CjAfBgNVHSMEGDAWgBSyINkbTp1w8DT6
FqFqiH1CVXkq3jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NpRFpHMDZkY1BBMC1oYWhhb2g5UWxWNUt0NC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2IvNTQzMjIxLWYyNjctNDczMS1hN2FkLTk4NzE3M2I5ZTk4Ny8x
L3U2bGdtWEY5TnJsdUVmbWNaUGhWcmpJRHRBby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Iv
NTQzMjIxLWYyNjctNDczMS1hN2FkLTk4NzE3M2I5ZTk4Ny8xL3NpRFpHMDZkY1BB
MC1oYWhhb2g5UWxWNUt0NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEAwUcMAMEA1tnuAMEA4BBYAMEArlb
FDANBAIAAjAHAwUAKgN/gDANBgkqhkiG9w0BAQsFAAOCAQEAaePHOftQ+hghSN+g
z8MKeC0v5qb5j4EQd4y3zvXRqjlWeKwDpDQPSdtWMAEUf3Dl5JKl2JUdzUj89gaP
ATac0BX+NFY+NU53Sxb+YKgdhxbWBR0SioxWzET8h7m9IAeXRchKMKs7B7xIuXgP
H4rPzNNRCUHuPaYpgie9pp3RErJbg67qAZOL4oZu5gj4OxCP7Y37gnreaqCQOpS0
I8WGizoSkDOu9ZCa2/y77oWcXza9QL5rZ5lAdEuHIn0ELLhhhsPG2GzMHx9/q7oi
zmwbFz1QVfssfYLzIL9u7xXCF8YzKOrp7Wm+87CSRmunlJZn4gc7mFp3dsI0z6G7
AJyRdw==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:29 2023 by rpki-client on console.sobornost.net