Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/c20fba-5b67-438c-ab00-c7eb34e2dca6/1/jt21Ub_rLMd0GfMGvmfHP3LHzSQ.roa
File: jt21Ub_rLMd0GfMGvmfHP3LHzSQ.roa (raw, json)
Hash identifier: +pHgnIwIxL14ezFiIRs9IQ+2DigglNxY4JEnLKn0gsA=
Subject key identifier: 8E:DD:B5:51:BF:EB:2C:C7:74:19:F3:06:BE:67:C7:3F:72:C7:CD:24
Certificate issuer: /CN=7299ce64a0f1624d7bb2d2969e5c11adbaa5485c
Certificate serial: 018563D6D68D66E87E0D9BEB79399194C3CD
Authority key identifier: 72:99:CE:64:A0:F1:62:4D:7B:B2:D2:96:9E:5C:11:AD:BA:A5:48:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cpnOZKDxYk17stKWnlwRrbqlSFw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d6/c20fba-5b67-438c-ab00-c7eb34e2dca6/1/jt21Ub_rLMd0GfMGvmfHP3LHzSQ.roa
Signing time: Fri 30 Dec 2022 16:21:42 +0000
ROA not before: Fri 30 Dec 2022 16:21:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197579
IP address blocks: 185.92.232.0/22 maxlen: 22
91.223.113.0/24 maxlen: 24
2a13:6b40::/32 maxlen: 32
2a13:6b40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:63:d6:d6:8d:66:e8:7e:0d:9b:eb:79:39:91:94:c3:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7299ce64a0f1624d7bb2d2969e5c11adbaa5485c
Validity
Not Before: Dec 30 16:21:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8eddb551bfeb2cc77419f306be67c73f72c7cd24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:04:ef:9c:69:b3:6a:52:2a:65:19:83:cd:ab:
8f:10:65:04:a4:17:dc:c3:8f:bb:34:e1:e9:b8:99:
60:93:12:96:4a:8a:01:88:a7:26:fa:07:ef:15:98:
5c:66:b7:60:43:5f:96:ef:d8:2f:69:55:df:d9:f9:
0a:bf:e6:42:bb:42:ba:60:2c:61:0c:23:6d:ab:b8:
db:40:6b:79:73:ab:9d:2f:3d:73:35:dd:9a:ce:67:
e8:43:c9:27:d1:dd:0b:b4:63:04:08:85:c6:fa:b4:
b4:65:c3:b9:bd:f5:07:61:23:26:8e:57:3c:2d:ef:
fd:1a:65:b5:9a:26:91:9f:de:72:04:b6:5d:3d:23:
5e:d0:04:14:7b:1b:b4:8d:2c:d0:f3:15:34:f5:57:
a1:b9:89:a5:a7:c9:ab:41:51:65:d5:e1:a4:ff:79:
25:b5:8d:68:76:eb:6e:a6:fe:a2:e1:47:35:0f:bb:
cc:fa:e9:9f:04:d0:e8:a6:80:7d:18:08:8c:f2:38:
b2:00:09:8b:51:07:f0:09:f2:6a:01:73:95:7f:79:
2a:7d:a2:57:46:7c:c0:a4:28:a6:fb:16:92:0e:2e:
c6:97:e1:41:2a:36:d6:47:d7:e8:21:0b:ba:a1:cd:
ce:83:59:88:72:c0:99:b4:3b:23:76:79:e6:e3:4b:
e7:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:DD:B5:51:BF:EB:2C:C7:74:19:F3:06:BE:67:C7:3F:72:C7:CD:24
X509v3 Authority Key Identifier:
keyid:72:99:CE:64:A0:F1:62:4D:7B:B2:D2:96:9E:5C:11:AD:BA:A5:48:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cpnOZKDxYk17stKWnlwRrbqlSFw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/c20fba-5b67-438c-ab00-c7eb34e2dca6/1/jt21Ub_rLMd0GfMGvmfHP3LHzSQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/c20fba-5b67-438c-ab00-c7eb34e2dca6/1/cpnOZKDxYk17stKWnlwRrbqlSFw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.223.113.0/24
185.92.232.0/22
IPv6:
2a13:6b40::/29
Signature Algorithm: sha256WithRSAEncryption
25:3b:14:e2:f1:94:7e:68:90:8d:dc:e9:6e:ce:6b:da:40:13:
ca:ac:46:11:2e:90:77:19:a5:a6:69:07:be:f5:a3:6a:86:e5:
89:14:f5:68:c6:00:b4:3d:a1:1a:20:c2:81:39:12:10:30:53:
f3:b9:10:46:99:cc:86:77:53:dc:1f:3a:c4:81:72:b2:96:66:
c7:77:32:c5:5e:65:20:6b:e3:0c:e6:8c:fb:28:de:ae:5d:78:
52:7a:31:99:73:14:27:04:8d:23:3f:66:ad:4e:c9:e8:dd:e6:
a5:62:63:d7:fd:3a:09:6d:ce:cb:dd:48:e6:e4:8b:47:30:39:
ba:ea:27:0c:4b:99:47:81:5e:a3:c8:3a:e6:59:c7:3d:a4:73:
42:c1:63:49:73:32:35:83:04:59:b4:c9:4e:ec:62:ee:ad:a4:
8e:34:f4:a3:35:19:83:6d:7b:31:09:15:48:bf:4d:f8:8e:00:
9d:ab:22:51:93:dd:4d:d2:c0:e3:1f:70:66:2c:d4:a4:38:91:
bf:a1:7f:d0:95:4d:61:aa:03:c2:ab:bb:66:7d:2f:2c:26:fc:
1d:26:72:6e:9f:3e:9b:e6:a7:ae:fb:8b:c3:ba:5c:0b:93:39:
de:09:10:c6:7d:60:21:de:4a:a1:95:b8:6f:95:c3:08:f6:ee:
9d:e0:03:4f
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVj1taNZuh+DZvreTmRlMPNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyOTljZTY0YTBmMTYyNGQ3YmIyZDI5NjllNWMxMWFkYmFh
NTQ4NWMwHhcNMjIxMjMwMTYyMTQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZWRkYjU1MWJmZWIyY2M3NzQxOWYzMDZiZTY3YzczZjcyYzdjZDI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmgTvnGmzalIqZRmDzauPEGUEpBfc
w4+7NOHpuJlgkxKWSooBiKcm+gfvFZhcZrdgQ1+W79gvaVXf2fkKv+ZCu0K6YCxh
DCNtq7jbQGt5c6udLz1zNd2azmfoQ8kn0d0LtGMECIXG+rS0ZcO5vfUHYSMmjlc8
Le/9GmW1miaRn95yBLZdPSNe0AQUexu0jSzQ8xU09VehuYmlp8mrQVFl1eGk/3kl
tY1odutupv6i4Uc1D7vM+umfBNDopoB9GAiM8jiyAAmLUQfwCfJqAXOVf3kqfaJX
RnzApCim+xaSDi7Gl+FBKjbWR9foIQu6oc3Og1mIcsCZtDsjdnnm40vnaQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFI7dtVG/6yzHdBnzBr5nxz9yx80kMB8GA1UdIwQY
MBaAFHKZzmSg8WJNe7LSlp5cEa26pUhcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3BuT1pLRHhZazE3c3RLV25sd1JyYnFsU0Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi9jMjBmYmEtNWI2Ny00MzhjLWFiMDAt
YzdlYjM0ZTJkY2E2LzEvanQyMVViX3JMTWQwR2ZNR3ZtZkhQM0xIelNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi9jMjBmYmEtNWI2Ny00MzhjLWFiMDAtYzdlYjM0ZTJkY2E2
LzEvY3BuT1pLRHhZazE3c3RLV25sd1JyYnFsU0Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAW99xAwQC
uVzoMA0EAgACMAcDBQMqE2tAMA0GCSqGSIb3DQEBCwUAA4IBAQAlOxTi8ZR+aJCN
3OluzmvaQBPKrEYRLpB3GaWmaQe+9aNqhuWJFPVoxgC0PaEaIMKBORIQMFPzuRBG
mcyGd1PcHzrEgXKylmbHdzLFXmUga+MM5oz7KN6uXXhSejGZcxQnBI0jP2atTsno
3ealYmPX/ToJbc7L3Ujm5ItHMDm66icMS5lHgV6jyDrmWcc9pHNCwWNJczI1gwRZ
tMlO7GLuraSONPSjNRmDbXsxCRVIv034jgCdqyJRk91N0sDjH3BmLNSkOJG/oX/Q
lU1hqgPCq7tmfS8sJvwdJnJunz6b5qeu+4vDulwLkzneCRDGfWAh3kqhlbhvlcMI
9u6d4ANP
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:35 2023 by rpki-client on console.sobornost.net