Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/dfec40-b86e-494c-ba10-3a5628cc81d9/1/IUShkfMut7vAv5dVnAhYqxvcmnE.roa
File: IUShkfMut7vAv5dVnAhYqxvcmnE.roa (raw, json)
Hash identifier: /5nj7xJRx9IvrWfnCPca7EtreH4O1bBc868/qXM2hY0=
Subject key identifier: 21:44:A1:91:F3:2E:B7:BB:C0:BF:97:55:9C:08:58:AB:1B:DC:9A:71
Certificate issuer: /CN=b1a4a601ca35c6c8376b89aaf443b63ea439cdb8
Certificate serial: 37D18E9F
Authority key identifier: B1:A4:A6:01:CA:35:C6:C8:37:6B:89:AA:F4:43:B6:3E:A4:39:CD:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saSmAco1xsg3a4mq9EO2PqQ5zbg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/dfec40-b86e-494c-ba10-3a5628cc81d9/1/IUShkfMut7vAv5dVnAhYqxvcmnE.roa
Signing time: Sat 01 Jan 2022 11:57:24 +0000
ROA not before: Sat 01 Jan 2022 11:57:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 30925
IP address blocks: 185.142.248.0/22 maxlen: 24
109.109.96.0/19 maxlen: 24
83.98.224.0/19 maxlen: 24
185.34.156.0/22 maxlen: 24
185.26.56.0/22 maxlen: 24
185.34.168.0/22 maxlen: 24
2a02:988::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 936480415 (0x37d18e9f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a4a601ca35c6c8376b89aaf443b63ea439cdb8
Validity
Not Before: Jan 1 11:57:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2144a191f32eb7bbc0bf97559c0858ab1bdc9a71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:ed:a5:92:10:fb:72:c3:13:58:70:4c:fc:d7:
41:54:07:b9:c6:c1:50:68:79:c7:48:11:8c:fe:eb:
21:2b:be:48:b6:bb:db:cc:6c:a8:bc:eb:6b:c2:9c:
ad:8c:72:fa:0f:b3:da:2d:45:1d:6b:1d:f8:15:d1:
76:44:81:28:f7:19:85:ea:38:f2:27:06:c9:c3:ce:
bd:9d:dd:39:ee:21:99:76:fe:f0:56:09:e4:1a:ed:
87:1d:04:a1:10:d8:d4:d7:1e:96:0d:81:09:13:33:
89:85:45:97:42:2b:ee:aa:1d:1f:90:a1:d0:8c:81:
61:b0:2f:63:a3:67:e4:ab:44:03:f3:ac:65:cc:32:
43:8a:2b:81:7f:2c:84:d7:81:32:0e:00:4f:f7:52:
d3:9a:30:cf:c5:1d:19:6c:69:7b:09:15:15:c8:31:
14:c8:45:c6:0c:d1:f2:1b:9a:70:b0:86:7a:a4:0a:
80:53:01:8d:1b:6b:cc:81:d1:b0:e1:a5:42:b7:85:
2e:65:8b:d0:98:9b:1c:cc:5c:80:6d:24:34:57:bb:
d2:23:2f:ff:89:63:df:35:aa:85:58:c9:a0:50:1f:
f7:b7:d2:60:e7:e7:01:88:42:4a:8a:2e:86:3c:3d:
03:6d:dc:2a:41:c3:4e:9c:05:59:88:29:9a:6b:46:
98:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:44:A1:91:F3:2E:B7:BB:C0:BF:97:55:9C:08:58:AB:1B:DC:9A:71
X509v3 Authority Key Identifier:
keyid:B1:A4:A6:01:CA:35:C6:C8:37:6B:89:AA:F4:43:B6:3E:A4:39:CD:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saSmAco1xsg3a4mq9EO2PqQ5zbg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/dfec40-b86e-494c-ba10-3a5628cc81d9/1/IUShkfMut7vAv5dVnAhYqxvcmnE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/dfec40-b86e-494c-ba10-3a5628cc81d9/1/saSmAco1xsg3a4mq9EO2PqQ5zbg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.98.224.0/19
109.109.96.0/19
185.26.56.0/22
185.34.156.0/22
185.34.168.0/22
185.142.248.0/22
IPv6:
2a02:988::/32
Signature Algorithm: sha256WithRSAEncryption
21:45:4c:06:2c:0f:b7:39:e2:0f:e2:4a:3f:8d:70:b7:02:4a:
59:56:68:1c:88:88:84:f7:8c:bc:34:01:a3:3b:c8:e5:f2:65:
6c:5f:7b:99:f6:6b:0c:d4:31:72:99:f9:ae:37:1a:5d:fa:e3:
af:7a:34:45:0f:cd:ff:05:79:03:2a:dd:34:2c:5c:66:17:14:
9b:8b:5f:b0:09:f0:10:67:03:c7:9c:48:ef:73:23:a8:63:30:
5f:b6:76:a6:3c:9f:4f:0e:60:0d:20:3f:94:ed:a4:2b:2d:f7:
2f:93:8a:53:40:9a:79:3a:7d:ca:d3:f1:be:56:91:2e:d3:9f:
76:70:34:61:75:6e:52:fa:64:c1:dd:80:ad:cb:46:15:ba:84:
3d:ec:18:83:8c:50:3a:15:bf:98:44:04:96:f9:42:ad:32:11:
a5:83:2e:68:7b:50:0e:a9:2f:31:d5:ca:70:96:80:e9:5b:e4:
19:ff:10:d8:24:da:3a:34:fd:98:6f:9b:00:92:f1:4f:85:e6:
0d:b7:2c:9d:a5:71:a4:f4:a8:56:0b:86:6e:4d:29:c6:8d:14:
f5:06:6d:99:14:34:7a:84:28:08:f5:20:ee:b0:c2:74:e5:b9:
81:18:09:ff:9e:31:03:ea:d6:61:6b:73:7b:c4:98:92:8e:35:
73:93:11:e0
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgIEN9GOnzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MWE0YTYwMWNhMzVjNmM4Mzc2Yjg5YWFmNDQzYjYzZWE0MzljZGI4MB4XDTIyMDEw
MTExNTcyNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjE0NGExOTFmMzJl
YjdiYmMwYmY5NzU1OWMwODU4YWIxYmRjOWE3MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKDtpZIQ+3LDE1hwTPzXQVQHucbBUGh5x0gRjP7rISu+SLa7
28xsqLzra8KcrYxy+g+z2i1FHWsd+BXRdkSBKPcZheo48icGycPOvZ3dOe4hmXb+
8FYJ5Brthx0EoRDY1Ncelg2BCRMziYVFl0Ir7qodH5Ch0IyBYbAvY6Nn5KtEA/Os
ZcwyQ4orgX8shNeBMg4AT/dS05owz8UdGWxpewkVFcgxFMhFxgzR8huacLCGeqQK
gFMBjRtrzIHRsOGlQreFLmWL0JibHMxcgG0kNFe70iMv/4lj3zWqhVjJoFAf97fS
YOfnAYhCSoouhjw9A23cKkHDTpwFWYgpmmtGmNcCAwEAAaOCAjYwggIyMB0GA1Ud
DgQWBBQhRKGR8y63u8C/l1WcCFirG9yacTAfBgNVHSMEGDAWgBSxpKYByjXGyDdr
iar0Q7Y+pDnNuDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NhU21BY28xeHNnM2E0bXE5RU8yUHFRNXpiZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2QvZGZlYzQwLWI4NmUtNDk0Yy1iYTEwLTNhNTYyOGNjODFkOS8x
L0lVU2hrZk11dDd2QXY1ZFZuQWhZcXh2Y21uRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Qv
ZGZlYzQwLWI4NmUtNDk0Yy1iYTEwLTNhNTYyOGNjODFkOS8xL3NhU21BY28xeHNn
M2E0bXE5RU8yUHFRNXpiZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBM
BggrBgEFBQcBBwEB/wQ9MDswKgQCAAEwJAMEBVNi4AMEBW1tYAMEArkaOAMEArki
nAMEArkiqAMEArmO+DANBAIAAjAHAwUAKgIJiDANBgkqhkiG9w0BAQsFAAOCAQEA
IUVMBiwPtzniD+JKP41wtwJKWVZoHIiIhPeMvDQBozvI5fJlbF97mfZrDNQxcpn5
rjcaXfrjr3o0RQ/N/wV5AyrdNCxcZhcUm4tfsAnwEGcDx5xI73MjqGMwX7Z2pjyf
Tw5gDSA/lO2kKy33L5OKU0CaeTp9ytPxvlaRLtOfdnA0YXVuUvpkwd2ArctGFbqE
PewYg4xQOhW/mEQElvlCrTIRpYMuaHtQDqkvMdXKcJaA6VvkGf8Q2CTaOjT9mG+b
AJLxT4XmDbcsnaVxpPSoVguGbk0pxo0U9QZtmRQ0eoQoCPUg7rDCdOW5gRgJ/54x
A+rWYWtze8SYko41c5MR4A==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:42 2023 by rpki-client on console.sobornost.net