Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/cJIKM1fd7gKA5CeVg6xcibkNvuo.roa
File: cJIKM1fd7gKA5CeVg6xcibkNvuo.roa (raw, json)
Hash identifier: T0OgdGCOSepby4itKGVMD4OpjVteXxAKnJ9c2k+WDDs=
Subject key identifier: 70:92:0A:33:57:DD:EE:02:80:E4:27:95:83:AC:5C:89:B9:0D:BE:EA
Certificate issuer: /CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Certificate serial: 018495467ECBBDAC683086121E1E18AAC643
Authority key identifier: 48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/cJIKM1fd7gKA5CeVg6xcibkNvuo.roa
Signing time: Sun 20 Nov 2022 13:42:15 +0000
ROA not before: Sun 20 Nov 2022 13:42:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209737
IP address blocks: 194.116.229.0/24 maxlen: 24
194.116.237.0/24 maxlen: 24
194.116.236.0/24 maxlen: 24
77.83.201.0/24 maxlen: 24
77.83.202.0/24 maxlen: 24
77.83.200.0/24 maxlen: 24
77.83.203.0/24 maxlen: 24
194.146.36.0/24 maxlen: 24
194.146.47.0/24 maxlen: 24
5.180.104.0/24 maxlen: 24
2a09:8780::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:95:46:7e:cb:bd:ac:68:30:86:12:1e:1e:18:aa:c6:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Validity
Not Before: Nov 20 13:42:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=70920a3357ddee0280e4279583ac5c89b90dbeea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:07:a2:ac:ec:0e:04:34:bf:e7:b5:2d:8b:88:
52:aa:6a:92:ec:b9:b6:04:0b:7f:3f:9d:69:ec:9b:
31:6b:52:e0:1d:e6:61:47:43:a9:9e:c4:23:19:85:
f8:8a:57:a4:ac:5a:04:f0:dc:7f:bc:ce:49:30:82:
78:05:50:d0:f6:d3:9f:0b:05:df:0c:eb:f3:7a:e3:
d1:23:10:be:73:e5:2a:46:da:d1:d6:ef:2d:1c:e8:
42:0d:87:32:c6:84:59:ca:d6:80:aa:38:b4:02:93:
9c:a5:d6:1a:bf:38:25:48:47:3e:ac:7e:c1:df:41:
59:5c:de:8e:db:e1:b7:f4:c1:dd:a1:b5:9b:bd:88:
24:1c:a7:da:84:ae:8e:60:1c:3e:38:a0:61:1b:17:
35:da:8a:14:f3:65:d3:45:1a:a1:34:26:30:2f:81:
fe:13:27:7d:7f:8b:1a:dd:a6:e0:cc:f8:cf:5e:e6:
d2:75:0f:d8:66:8d:e7:06:c5:2d:28:87:73:81:00:
eb:c8:98:ca:4b:cd:df:e5:57:17:48:bd:7d:7f:8a:
88:6f:2f:c2:a6:b0:0c:0e:10:12:fb:f5:f4:3c:80:
f7:62:c8:79:b0:4d:16:b5:b5:90:dd:26:a2:04:4d:
15:48:54:e3:0a:c0:c4:65:49:d1:c9:56:af:cc:17:
10:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:92:0A:33:57:DD:EE:02:80:E4:27:95:83:AC:5C:89:B9:0D:BE:EA
X509v3 Authority Key Identifier:
keyid:48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/cJIKM1fd7gKA5CeVg6xcibkNvuo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.104.0/24
77.83.200.0/22
194.116.229.0/24
194.116.236.0/23
194.146.36.0/24
194.146.47.0/24
IPv6:
2a09:8780::/29
Signature Algorithm: sha256WithRSAEncryption
40:50:49:73:45:73:de:25:7f:31:2c:4d:1b:ae:24:a7:dd:59:
58:74:d9:82:c6:fc:fd:88:ec:9f:08:54:46:f8:79:c4:07:15:
c9:25:07:1b:2f:0c:24:61:a9:26:1d:75:ce:2f:5b:c9:dd:c6:
8e:28:e2:a0:60:97:be:a1:4f:ad:17:12:67:a8:0a:44:6c:18:
af:bd:bf:f6:a7:5e:ad:15:ee:1d:08:62:1a:d0:b8:1d:60:06:
bb:c2:27:88:ba:47:45:45:a8:fe:92:a4:bf:80:ac:49:0c:3d:
8a:7a:6e:45:9c:a6:5e:f9:c6:76:de:94:3a:96:69:b8:d5:65:
78:61:e7:0d:69:b0:d6:30:55:c5:3d:eb:ea:d9:28:1e:df:8c:
ff:02:e7:b7:d2:0a:8a:43:10:a0:4f:1c:3b:e0:10:f9:33:99:
ac:cc:1a:18:c7:e9:73:12:94:8c:8a:fe:4a:89:a1:4b:43:ce:
c8:f2:36:2d:ac:e2:9a:80:50:01:14:b1:15:88:07:b5:1b:e0:
51:c8:87:ff:45:85:65:63:7a:50:74:31:29:1f:47:78:0a:7a:
ff:d6:a9:bb:74:43:5c:96:92:6f:eb:d1:2c:e3:07:e5:a1:b6:
93:ce:30:95:4a:df:52:bb:30:8c:75:74:52:99:40:25:a2:47:
71:6f:e7:be
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYSVRn7LvaxoMIYSHh4YqsZDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4MDVmMTdjMmQ3MTMzZDJkYWQzYThkZjdlMzUzMTVlMzdl
ZjVkYWYwHhcNMjIxMTIwMTM0MjE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDkyMGEzMzU3ZGRlZTAyODBlNDI3OTU4M2FjNWM4OWI5MGRiZWVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQeirOwOBDS/57Uti4hSqmqS7Lm2
BAt/P51p7Jsxa1LgHeZhR0OpnsQjGYX4ilekrFoE8Nx/vM5JMIJ4BVDQ9tOfCwXf
DOvzeuPRIxC+c+UqRtrR1u8tHOhCDYcyxoRZytaAqji0ApOcpdYavzglSEc+rH7B
30FZXN6O2+G39MHdobWbvYgkHKfahK6OYBw+OKBhGxc12ooU82XTRRqhNCYwL4H+
Eyd9f4sa3abgzPjPXubSdQ/YZo3nBsUtKIdzgQDryJjKS83f5VcXSL19f4qIby/C
prAMDhAS+/X0PID3Ysh5sE0WtbWQ3SaiBE0VSFTjCsDEZUnRyVavzBcQXwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFHCSCjNX3e4CgOQnlYOsXIm5Db7qMB8GA1UdIwQY
MBaAFEgF8XwtcTPS2tOo3341MV43712vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUt
NWRkNmUyMmViYWIwLzEvY0pJS00xZmQ3Z0tBNUNlVmc2eGNpYmtOdnVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUtNWRkNmUyMmViYWIw
LzEvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQABbRoAwQC
TVPIAwQAwnTlAwQBwnTsAwQAwpIkAwQAwpIvMA0EAgACMAcDBQMqCYeAMA0GCSqG
SIb3DQEBCwUAA4IBAQBAUElzRXPeJX8xLE0briSn3VlYdNmCxvz9iOyfCFRG+HnE
BxXJJQcbLwwkYakmHXXOL1vJ3caOKOKgYJe+oU+tFxJnqApEbBivvb/2p16tFe4d
CGIa0LgdYAa7wieIukdFRaj+kqS/gKxJDD2Kem5FnKZe+cZ23pQ6lmm41WV4YecN
abDWMFXFPevq2Sge34z/Aue30gqKQxCgTxw74BD5M5mszBoYx+lzEpSMiv5KiaFL
Q87I8jYtrOKagFABFLEViAe1G+BRyIf/RYVlY3pQdDEpH0d4Cnr/1qm7dENclpJv
69Es4wflobaTzjCVSt9SuzCMdXRSmUAlokdxb+e+
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:26 2023 by rpki-client on console.sobornost.net