Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/3e3483-1845-442d-a59a-dd72550d78ac/1/OVNqlEqaXtz3KyUOzP7pJ8J58DA.roa
File: OVNqlEqaXtz3KyUOzP7pJ8J58DA.roa (raw, json)
Hash identifier: bqYkQmRREn1KhHI0GvAXQaaHfkg095tOBPzpas5T1F8=
Subject key identifier: 39:53:6A:94:4A:9A:5E:DC:F7:2B:25:0E:CC:FE:E9:27:C2:79:F0:30
Certificate issuer: /CN=cd01cda0302b813eb145579ad81f5ed7d29c0209
Certificate serial: 01833189AD6E3A0A1F4264FF06DF4A0BD2C7
Authority key identifier: CD:01:CD:A0:30:2B:81:3E:B1:45:57:9A:D8:1F:5E:D7:D2:9C:02:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zQHNoDArgT6xRVea2B9e19KcAgk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/3e3483-1845-442d-a59a-dd72550d78ac/1/OVNqlEqaXtz3KyUOzP7pJ8J58DA.roa
Signing time: Mon 12 Sep 2022 11:50:49 +0000
ROA not before: Mon 12 Sep 2022 11:50:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57124
IP address blocks: 185.117.76.0/22 maxlen: 22
141.105.144.0/21 maxlen: 21
2a01:8980::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:31:89:ad:6e:3a:0a:1f:42:64:ff:06:df:4a:0b:d2:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd01cda0302b813eb145579ad81f5ed7d29c0209
Validity
Not Before: Sep 12 11:50:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=39536a944a9a5edcf72b250eccfee927c279f030
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:ae:49:84:87:3c:1c:b0:b0:49:e5:0e:5c:0e:
86:dc:a1:0d:e8:ed:63:dd:75:0e:df:c8:df:a5:d9:
7c:bf:7d:4d:5f:06:2d:c0:66:96:e3:98:0e:2c:8f:
87:fd:eb:d0:c9:92:15:6b:95:68:74:80:8f:22:07:
c5:16:71:93:38:5c:93:72:fb:f0:78:51:33:e9:b4:
82:ee:29:22:e7:04:2d:f5:6d:23:16:f3:22:a1:6a:
54:68:d7:ab:1c:c2:45:57:47:d8:90:93:e4:c9:d5:
28:6d:5c:b1:68:1e:7d:37:8c:91:ef:ab:f0:18:d4:
f6:15:05:b4:9d:8e:ec:cc:92:7d:3f:3a:ed:07:05:
3f:f9:44:70:46:64:48:4a:65:e4:d2:c7:02:81:3f:
c4:1c:0d:40:80:00:36:8d:ab:35:3c:e0:bf:7a:40:
be:ab:6e:bf:8f:f9:42:46:83:e6:bb:93:85:4d:0b:
20:84:36:2e:4c:05:f0:c0:cb:80:8d:ce:83:5d:71:
7c:7d:12:e1:c1:7c:58:54:7c:d1:60:2c:0a:99:2f:
71:b0:dc:f3:4c:ba:f4:1f:3c:ed:d1:d4:31:c9:0b:
c0:29:27:2d:7b:ca:b0:35:9c:7f:f9:ee:6b:17:d9:
47:87:0a:bf:38:4c:a2:63:e8:ac:02:c0:9f:a5:17:
01:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:53:6A:94:4A:9A:5E:DC:F7:2B:25:0E:CC:FE:E9:27:C2:79:F0:30
X509v3 Authority Key Identifier:
keyid:CD:01:CD:A0:30:2B:81:3E:B1:45:57:9A:D8:1F:5E:D7:D2:9C:02:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zQHNoDArgT6xRVea2B9e19KcAgk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/3e3483-1845-442d-a59a-dd72550d78ac/1/OVNqlEqaXtz3KyUOzP7pJ8J58DA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/3e3483-1845-442d-a59a-dd72550d78ac/1/zQHNoDArgT6xRVea2B9e19KcAgk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.105.144.0/21
185.117.76.0/22
IPv6:
2a01:8980::/32
Signature Algorithm: sha256WithRSAEncryption
0c:ac:30:0b:0c:3e:ae:7a:8b:3b:bb:a4:69:06:fa:48:fb:22:
06:77:c5:5d:87:e2:61:c9:85:1f:b9:98:5c:37:ec:69:a5:1c:
8e:1c:35:65:51:6d:dd:02:58:c2:7d:eb:40:9c:15:83:c3:0b:
95:1f:31:33:89:40:e9:4d:a3:82:aa:a0:2f:fc:4d:3b:02:10:
24:48:69:d4:a1:d0:d7:01:5e:bc:67:86:3f:79:79:10:77:23:
c5:5e:ba:95:d4:b9:53:66:00:04:0d:ac:c0:f9:af:3d:be:29:
0d:c1:5b:7a:61:a3:8a:86:88:3f:09:31:58:c8:2e:ff:eb:f9:
64:0f:c2:7f:e9:6c:55:11:61:5c:d9:e6:dc:e9:17:00:1c:2a:
89:9e:d1:d7:ab:f0:9f:95:95:7e:8b:8a:1b:22:51:ef:f3:d2:
25:0b:2e:1c:df:68:20:2a:99:6b:19:13:fc:fc:9c:d4:ad:28:
80:78:55:6a:af:26:39:b6:a4:2e:c7:90:97:e6:c6:a6:4e:ab:
d7:55:e9:e5:dc:77:b5:ac:c4:3f:11:90:b0:d6:b4:d4:f5:d4:
c5:ca:60:97:e8:ca:86:88:d0:68:72:bd:ec:1f:a8:fb:43:23:
17:64:38:c8:d8:8e:84:e6:71:b7:8e:52:76:91:a7:8a:62:f1:
a3:8b:c3:c1
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYMxia1uOgofQmT/Bt9KC9LHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkMDFjZGEwMzAyYjgxM2ViMTQ1NTc5YWQ4MWY1ZWQ3ZDI5
YzAyMDkwHhcNMjIwOTEyMTE1MDQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTUzNmE5NDRhOWE1ZWRjZjcyYjI1MGVjY2ZlZTkyN2MyNzlmMDMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz65JhIc8HLCwSeUOXA6G3KEN6O1j
3XUO38jfpdl8v31NXwYtwGaW45gOLI+H/evQyZIVa5VodICPIgfFFnGTOFyTcvvw
eFEz6bSC7iki5wQt9W0jFvMioWpUaNerHMJFV0fYkJPkydUobVyxaB59N4yR76vw
GNT2FQW0nY7szJJ9PzrtBwU/+URwRmRISmXk0scCgT/EHA1AgAA2jas1POC/ekC+
q26/j/lCRoPmu5OFTQsghDYuTAXwwMuAjc6DXXF8fRLhwXxYVHzRYCwKmS9xsNzz
TLr0Hzzt0dQxyQvAKScte8qwNZx/+e5rF9lHhwq/OEyiY+isAsCfpRcBuwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFDlTapRKml7c9yslDsz+6SfCefAwMB8GA1UdIwQY
MBaAFM0BzaAwK4E+sUVXmtgfXtfSnAIJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelFITm9EQXJnVDZ4UlZlYTJCOWUxOUtjQWdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy8zZTM0ODMtMTg0NS00NDJkLWE1OWEt
ZGQ3MjU1MGQ3OGFjLzEvT1ZOcWxFcWFYdHozS3lVT3pQN3BKOEo1OERBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy8zZTM0ODMtMTg0NS00NDJkLWE1OWEtZGQ3MjU1MGQ3OGFj
LzEvelFITm9EQXJnVDZ4UlZlYTJCOWUxOUtjQWdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDjWmQAwQC
uXVMMA0EAgACMAcDBQAqAYmAMA0GCSqGSIb3DQEBCwUAA4IBAQAMrDALDD6ueos7
u6RpBvpI+yIGd8Vdh+JhyYUfuZhcN+xppRyOHDVlUW3dAljCfetAnBWDwwuVHzEz
iUDpTaOCqqAv/E07AhAkSGnUodDXAV68Z4Y/eXkQdyPFXrqV1LlTZgAEDazA+a89
vikNwVt6YaOKhog/CTFYyC7/6/lkD8J/6WxVEWFc2ebc6RcAHCqJntHXq/CflZV+
i4obIlHv89IlCy4c32ggKplrGRP8/JzUrSiAeFVqryY5tqQux5CX5samTqvXVenl
3He1rMQ/EZCw1rTU9dTFymCX6MqGiNBocr3sH6j7QyMXZDjI2I6E5nG3jlJ2kaeK
YvGji8PB
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:21 2023 by rpki-client on console.sobornost.net