Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/c20fba-5b67-438c-ab00-c7eb34e2dca6/1/Rv75bhHxtgCOe3IGMfZLmh1oZn4.roa
File: Rv75bhHxtgCOe3IGMfZLmh1oZn4.roa (raw, json)
Hash identifier: BqpIwRGAb3sznBzMCu27uoVdHWEW68YtRiFamk6nhmk=
Subject key identifier: 46:FE:F9:6E:11:F1:B6:00:8E:7B:72:06:31:F6:4B:9A:1D:68:66:7E
Certificate issuer: /CN=7299ce64a0f1624d7bb2d2969e5c11adbaa5485c
Certificate serial: 01855472671E4588EACA5ABDAC967614479B
Authority key identifier: 72:99:CE:64:A0:F1:62:4D:7B:B2:D2:96:9E:5C:11:AD:BA:A5:48:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cpnOZKDxYk17stKWnlwRrbqlSFw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d6/c20fba-5b67-438c-ab00-c7eb34e2dca6/1/Rv75bhHxtgCOe3IGMfZLmh1oZn4.roa
Signing time: Tue 27 Dec 2022 16:37:41 +0000
ROA not before: Tue 27 Dec 2022 16:37:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197579
IP address blocks: 185.92.232.0/22 maxlen: 22
91.223.113.0/24 maxlen: 24
2a13:6b40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:54:72:67:1e:45:88:ea:ca:5a:bd:ac:96:76:14:47:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7299ce64a0f1624d7bb2d2969e5c11adbaa5485c
Validity
Not Before: Dec 27 16:37:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=46fef96e11f1b6008e7b720631f64b9a1d68667e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:e5:6d:6c:6d:d9:f3:b9:1f:36:07:e8:26:83:
28:67:af:85:71:58:ba:6a:29:26:53:f5:a8:cd:c6:
65:b9:d9:2f:01:81:5c:45:86:bd:ce:24:ee:e6:b9:
b3:ab:a4:d0:60:7d:d5:a3:b3:2c:e3:3d:02:d1:7d:
06:45:23:0f:9c:77:53:11:af:bc:91:d8:05:40:11:
fb:9c:25:7b:d3:4a:db:d7:da:58:68:38:1c:f8:eb:
6c:36:6d:c7:98:27:d7:31:77:bf:e1:a9:b4:ab:11:
0a:fe:66:ca:a8:01:2e:e7:5c:e5:52:c7:97:3f:1f:
b6:0e:19:39:a1:b3:ce:79:f4:46:df:56:97:9a:53:
5b:61:51:db:13:bb:b8:50:47:28:ab:40:db:0c:94:
60:4a:46:86:be:a2:96:b3:ef:49:76:ff:92:64:f4:
72:eb:b3:87:97:74:83:51:79:fe:63:13:3a:95:7c:
4b:38:c8:eb:c8:f2:81:8a:54:1c:ab:e2:62:52:49:
28:73:b6:54:b2:f8:67:57:b0:97:d2:a5:66:77:42:
a5:bc:e3:9a:2f:8f:25:14:ed:8f:1b:b5:b2:86:f4:
08:f7:5f:43:7a:a0:22:db:b3:61:74:4a:9e:70:e0:
99:62:4d:5d:d5:8c:ed:35:c7:08:93:2d:88:81:69:
bd:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:FE:F9:6E:11:F1:B6:00:8E:7B:72:06:31:F6:4B:9A:1D:68:66:7E
X509v3 Authority Key Identifier:
keyid:72:99:CE:64:A0:F1:62:4D:7B:B2:D2:96:9E:5C:11:AD:BA:A5:48:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cpnOZKDxYk17stKWnlwRrbqlSFw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/c20fba-5b67-438c-ab00-c7eb34e2dca6/1/Rv75bhHxtgCOe3IGMfZLmh1oZn4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/c20fba-5b67-438c-ab00-c7eb34e2dca6/1/cpnOZKDxYk17stKWnlwRrbqlSFw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.223.113.0/24
185.92.232.0/22
IPv6:
2a13:6b40::/29
Signature Algorithm: sha256WithRSAEncryption
5d:0d:93:52:a1:d6:09:14:61:18:64:d3:0b:4b:1d:74:9e:92:
4f:fb:00:6e:9b:54:c7:d5:f5:d9:d0:34:80:7e:4e:14:58:f9:
c3:ea:6a:26:7d:9c:4c:f1:c3:90:b5:d6:5e:e5:05:b0:a8:23:
c1:77:33:99:ca:d1:31:c3:f6:ea:9e:2d:dd:ba:0c:c1:39:e1:
07:62:c9:37:03:52:32:75:9b:09:e1:a2:8b:ef:6e:e1:f3:98:
b0:fd:d0:02:c7:20:a2:88:e9:df:39:f3:13:b8:19:59:d1:78:
3d:31:74:01:f0:ec:f9:57:e3:be:fd:4a:85:a9:bf:35:ef:e4:
a3:8c:84:15:4c:d3:d7:72:aa:a8:a6:72:75:a4:1a:1d:fe:50:
f9:9c:ad:b7:1e:70:52:c4:53:c8:4b:b6:5f:e8:ed:7a:a3:b5:
21:3c:e0:2e:3b:b2:e5:5d:3a:1e:79:88:cd:3c:cf:dd:e4:8d:
89:6e:1e:b4:3a:92:1e:b3:84:b6:b9:4b:1f:64:fc:1f:ff:1b:
c9:8a:e9:f7:80:a0:40:ed:7e:9d:96:10:6b:3c:26:52:f8:1e:
e3:3b:f0:47:66:1b:cd:fc:21:31:ce:39:bb:26:d1:73:71:5f:
c4:eb:36:0c:a5:6d:b2:e4:bf:a7:85:db:a4:2a:f8:51:57:31:
99:f3:f6:7c
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVUcmceRYjqylq9rJZ2FEebMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyOTljZTY0YTBmMTYyNGQ3YmIyZDI5NjllNWMxMWFkYmFh
NTQ4NWMwHhcNMjIxMjI3MTYzNzQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NmZlZjk2ZTExZjFiNjAwOGU3YjcyMDYzMWY2NGI5YTFkNjg2NjdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgeVtbG3Z87kfNgfoJoMoZ6+FcVi6
aikmU/WozcZludkvAYFcRYa9ziTu5rmzq6TQYH3Vo7Ms4z0C0X0GRSMPnHdTEa+8
kdgFQBH7nCV700rb19pYaDgc+OtsNm3HmCfXMXe/4am0qxEK/mbKqAEu51zlUseX
Px+2Dhk5obPOefRG31aXmlNbYVHbE7u4UEcoq0DbDJRgSkaGvqKWs+9Jdv+SZPRy
67OHl3SDUXn+YxM6lXxLOMjryPKBilQcq+JiUkkoc7ZUsvhnV7CX0qVmd0KlvOOa
L48lFO2PG7WyhvQI919DeqAi27NhdEqecOCZYk1d1YztNccIky2IgWm9JQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFEb++W4R8bYAjntyBjH2S5odaGZ+MB8GA1UdIwQY
MBaAFHKZzmSg8WJNe7LSlp5cEa26pUhcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3BuT1pLRHhZazE3c3RLV25sd1JyYnFsU0Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi9jMjBmYmEtNWI2Ny00MzhjLWFiMDAt
YzdlYjM0ZTJkY2E2LzEvUnY3NWJoSHh0Z0NPZTNJR01mWkxtaDFvWm40LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi9jMjBmYmEtNWI2Ny00MzhjLWFiMDAtYzdlYjM0ZTJkY2E2
LzEvY3BuT1pLRHhZazE3c3RLV25sd1JyYnFsU0Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAW99xAwQC
uVzoMA0EAgACMAcDBQMqE2tAMA0GCSqGSIb3DQEBCwUAA4IBAQBdDZNSodYJFGEY
ZNMLSx10npJP+wBum1TH1fXZ0DSAfk4UWPnD6momfZxM8cOQtdZe5QWwqCPBdzOZ
ytExw/bqni3dugzBOeEHYsk3A1IydZsJ4aKL727h85iw/dACxyCiiOnfOfMTuBlZ
0Xg9MXQB8Oz5V+O+/UqFqb817+SjjIQVTNPXcqqopnJ1pBod/lD5nK23HnBSxFPI
S7Zf6O16o7UhPOAuO7LlXToeeYjNPM/d5I2Jbh60OpIes4S2uUsfZPwf/xvJiun3
gKBA7X6dlhBrPCZS+B7jO/BHZhvN/CExzjm7JtFzcV/E6zYMpW2y5L+nhdukKvhR
VzGZ8/Z8
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:35 2023 by rpki-client on console.sobornost.net