Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/58a19b-70c4-4a0e-b8ab-58c3f418f3fd/1/aJR8-0LrTmFO9OLHIghkpcXWkU0.roa
File: aJR8-0LrTmFO9OLHIghkpcXWkU0.roa (raw, json)
Hash identifier: 0+N1Eyw+YqZHqjDASQ7qL+GljGpjKjQ3KKJDic9mEzk=
Subject key identifier: 68:94:7C:FB:42:EB:4E:61:4E:F4:E2:C7:22:08:64:A5:C5:D6:91:4D
Certificate issuer: /CN=a65f995603663a569430ccc617287e919df144a0
Certificate serial: 024EC945
Authority key identifier: A6:5F:99:56:03:66:3A:56:94:30:CC:C6:17:28:7E:91:9D:F1:44:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pl-ZVgNmOlaUMMzGFyh-kZ3xRKA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/58a19b-70c4-4a0e-b8ab-58c3f418f3fd/1/aJR8-0LrTmFO9OLHIghkpcXWkU0.roa
Signing time: Sat 01 Jan 2022 15:06:30 +0000
ROA not before: Sat 01 Jan 2022 15:06:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62269
IP address blocks: 193.56.133.0/24 maxlen: 24
2a11:5b00::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 38717765 (0x24ec945)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a65f995603663a569430ccc617287e919df144a0
Validity
Not Before: Jan 1 15:06:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=68947cfb42eb4e614ef4e2c7220864a5c5d6914d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:aa:28:cf:68:cd:ad:23:c5:84:2c:80:0f:9b:
f0:3b:82:dd:2e:e5:ca:0c:cd:a8:bd:5f:99:ab:4e:
d9:a7:3d:ba:94:31:22:5b:df:3b:ae:1d:02:ed:39:
e0:33:a0:e3:a2:5f:4e:65:4f:5f:26:41:c2:32:fb:
05:cf:64:77:d7:36:a6:19:54:ba:7a:ba:ea:fa:ad:
be:14:9b:ef:67:f9:f3:5d:fa:26:d2:56:11:f9:eb:
08:a4:58:58:33:28:2a:e8:f3:61:83:56:7a:a9:a6:
b8:7d:cb:41:21:2d:6b:c0:d3:9b:90:3a:6b:eb:59:
f0:34:e8:a9:44:ef:c6:46:42:92:4a:40:f8:a2:f7:
14:13:08:c5:cf:78:2b:98:9a:6f:99:86:8c:a1:f9:
87:92:25:13:41:e9:61:23:85:f7:e5:21:b1:95:ff:
64:cd:02:0b:18:e3:a8:3e:1e:10:9b:dd:ab:b8:93:
0d:bd:ef:d0:b2:1f:40:40:4a:68:b6:5c:53:17:4f:
d1:b7:f9:6e:a6:a9:ab:6b:11:72:f2:0a:f7:7d:82:
00:17:05:4e:06:48:74:7a:21:5f:fe:6a:69:a6:4c:
62:e8:12:d6:23:6e:c1:78:e5:b0:33:cb:70:4d:9f:
1f:d5:7f:6b:1a:56:1f:f0:96:51:d8:4b:a9:b3:61:
06:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:94:7C:FB:42:EB:4E:61:4E:F4:E2:C7:22:08:64:A5:C5:D6:91:4D
X509v3 Authority Key Identifier:
keyid:A6:5F:99:56:03:66:3A:56:94:30:CC:C6:17:28:7E:91:9D:F1:44:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pl-ZVgNmOlaUMMzGFyh-kZ3xRKA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/58a19b-70c4-4a0e-b8ab-58c3f418f3fd/1/aJR8-0LrTmFO9OLHIghkpcXWkU0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/58a19b-70c4-4a0e-b8ab-58c3f418f3fd/1/pl-ZVgNmOlaUMMzGFyh-kZ3xRKA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.56.133.0/24
IPv6:
2a11:5b00::/32
Signature Algorithm: sha256WithRSAEncryption
3d:26:ab:99:ff:be:23:92:61:fb:cf:66:ef:be:7c:c1:d4:3d:
f5:33:c7:a2:c7:71:70:7c:f9:db:fd:cd:7d:e3:12:c5:d8:39:
ef:29:15:99:b7:18:e0:9b:71:e9:60:a3:9d:b9:7e:e1:30:a9:
7a:30:76:3f:4b:eb:66:da:67:ac:66:e1:38:47:1d:46:a1:cf:
a5:35:4d:23:53:4c:14:8b:fa:0f:e4:9c:a2:6f:93:19:64:c9:
05:a5:66:42:a8:89:43:77:ad:25:03:9b:e4:fa:1f:8d:61:9d:
ac:ec:e5:d5:61:b2:d9:fd:a5:1d:cd:82:7d:37:26:52:10:7d:
ad:c0:67:f2:9a:e3:40:90:a5:6f:77:0f:1c:e9:30:8e:97:d6:
93:dc:d8:94:a0:c3:bf:4a:9d:a5:86:aa:5c:40:64:17:d1:d1:
39:49:76:df:21:64:9e:22:46:31:d6:da:68:66:70:73:59:11:
e9:23:23:34:fd:50:3e:26:2b:03:c1:83:48:1b:2a:e8:34:18:
b7:3c:a0:ef:5f:6a:71:ad:74:5e:88:83:79:b7:c5:9a:e9:2f:
74:9f:be:1e:fe:b4:2b:34:c5:2d:b5:62:b4:28:54:d4:18:ad:
65:b5:69:f3:4f:d8:95:20:57:bc:17:99:47:f8:08:dd:33:c8:
5a:b4:e6:4a
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEAk7JRTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
NjVmOTk1NjAzNjYzYTU2OTQzMGNjYzYxNzI4N2U5MTlkZjE0NGEwMB4XDTIyMDEw
MTE1MDYzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjg5NDdjZmI0MmVi
NGU2MTRlZjRlMmM3MjIwODY0YTVjNWQ2OTE0ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALGqKM9oza0jxYQsgA+b8DuC3S7lygzNqL1fmatO2ac9upQx
IlvfO64dAu054DOg46JfTmVPXyZBwjL7Bc9kd9c2phlUunq66vqtvhSb72f58136
JtJWEfnrCKRYWDMoKujzYYNWeqmmuH3LQSEta8DTm5A6a+tZ8DToqUTvxkZCkkpA
+KL3FBMIxc94K5iab5mGjKH5h5IlE0HpYSOF9+UhsZX/ZM0CCxjjqD4eEJvdq7iT
Db3v0LIfQEBKaLZcUxdP0bf5bqapq2sRcvIK932CABcFTgZIdHohX/5qaaZMYugS
1iNuwXjlsDPLcE2fH9V/axpWH/CWUdhLqbNhBqkCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBRolHz7QutOYU704sciCGSlxdaRTTAfBgNVHSMEGDAWgBSmX5lWA2Y6VpQw
zMYXKH6RnfFEoDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3BsLVpWZ05tT2xhVU1NekdGeWgta1ozeFJLQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2QvNThhMTliLTcwYzQtNGEwZS1iOGFiLTU4YzNmNDE4ZjNmZC8x
L2FKUjgtMExyVG1GTzlPTEhJZ2hrcGNYV2tVMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Qv
NThhMTliLTcwYzQtNGEwZS1iOGFiLTU4YzNmNDE4ZjNmZC8xL3BsLVpWZ05tT2xh
VU1NekdGeWgta1ozeFJLQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAME4hTANBAIAAjAHAwUAKhFbADAN
BgkqhkiG9w0BAQsFAAOCAQEAPSarmf++I5Jh+89m7758wdQ99TPHosdxcHz52/3N
feMSxdg57ykVmbcY4Jtx6WCjnbl+4TCpejB2P0vrZtpnrGbhOEcdRqHPpTVNI1NM
FIv6D+Scom+TGWTJBaVmQqiJQ3etJQOb5PofjWGdrOzl1WGy2f2lHc2CfTcmUhB9
rcBn8prjQJClb3cPHOkwjpfWk9zYlKDDv0qdpYaqXEBkF9HROUl23yFkniJGMdba
aGZwc1kR6SMjNP1QPiYrA8GDSBsq6DQYtzyg719qca10XoiDebfFmukvdJ++Hv60
KzTFLbVitChU1BitZbVp80/YlSBXvBeZR/gI3TPIWrTmSg==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:38 2023 by rpki-client on console.sobornost.net