Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/b011d3-bdba-45cd-a8ac-e0be89c4f169/1/IIhKzEBnTAmkN7qSadX_C4DZKgo.roa
File: IIhKzEBnTAmkN7qSadX_C4DZKgo.roa (raw, json)
Hash identifier: hUoGUgt/avPUy0CRClgkLnqaBZ27BG27SNnVjZlqTvU=
Subject key identifier: 20:88:4A:CC:40:67:4C:09:A4:37:BA:92:69:D5:FF:0B:80:D9:2A:0A
Certificate issuer: /CN=b6a1654dae96c532578ce1df1ebb8221dbb68145
Certificate serial: 345DF601
Authority key identifier: B6:A1:65:4D:AE:96:C5:32:57:8C:E1:DF:1E:BB:82:21:DB:B6:81:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tqFlTa6WxTJXjOHfHruCIdu2gUU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/b011d3-bdba-45cd-a8ac-e0be89c4f169/1/IIhKzEBnTAmkN7qSadX_C4DZKgo.roa
Signing time: Sat 01 Jan 2022 15:57:40 +0000
ROA not before: Sat 01 Jan 2022 15:57:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198538
IP address blocks: 37.139.152.0/21 maxlen: 21
2a00:96c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 878573057 (0x345df601)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b6a1654dae96c532578ce1df1ebb8221dbb68145
Validity
Not Before: Jan 1 15:57:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=20884acc40674c09a437ba9269d5ff0b80d92a0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:2a:a7:f8:aa:22:b7:44:a2:27:13:69:76:b3:
98:d2:26:e3:14:9b:d6:12:fc:ee:64:51:1e:cd:08:
2a:6b:2f:55:2d:4b:42:87:e4:09:6e:e8:5b:75:8b:
8c:1b:2e:d9:ce:84:14:54:48:98:29:0a:23:47:4b:
6b:8e:be:96:ce:ce:56:18:0d:80:6c:d0:58:bb:76:
3f:2c:97:d5:06:c7:53:c5:a1:f5:f4:24:85:38:23:
12:37:98:19:cc:88:5b:ad:c5:63:3a:c6:f9:2a:cc:
e4:d0:21:0d:ee:10:c3:e2:ec:92:1c:75:62:66:cf:
45:7e:4b:24:69:10:cc:3c:4e:a5:89:4a:5c:eb:01:
0b:b9:67:f1:d0:91:9d:8a:9b:0e:b2:8c:c3:84:33:
70:9e:7e:26:92:1d:93:62:0b:49:1f:d5:8b:fe:4b:
e8:dd:4b:d4:fa:65:eb:ea:03:a4:c6:26:e7:24:4c:
1e:4a:bf:c4:db:66:6c:ec:c2:5e:f8:33:f1:9e:e5:
76:3e:c9:92:11:70:c6:1f:e9:e2:73:12:0c:9f:51:
fe:62:0f:04:3e:d9:da:72:e6:c8:06:58:43:9e:2c:
f8:7c:3b:95:ff:c7:37:4d:79:72:30:49:f3:61:6b:
b4:4e:30:7a:26:23:d4:4e:1f:78:48:62:39:b0:71:
38:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:88:4A:CC:40:67:4C:09:A4:37:BA:92:69:D5:FF:0B:80:D9:2A:0A
X509v3 Authority Key Identifier:
keyid:B6:A1:65:4D:AE:96:C5:32:57:8C:E1:DF:1E:BB:82:21:DB:B6:81:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tqFlTa6WxTJXjOHfHruCIdu2gUU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/b011d3-bdba-45cd-a8ac-e0be89c4f169/1/IIhKzEBnTAmkN7qSadX_C4DZKgo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/b011d3-bdba-45cd-a8ac-e0be89c4f169/1/tqFlTa6WxTJXjOHfHruCIdu2gUU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.139.152.0/21
IPv6:
2a00:96c0::/32
Signature Algorithm: sha256WithRSAEncryption
0d:2f:52:a8:6c:fa:91:e1:e8:d8:6e:8e:37:78:4c:45:96:2f:
99:b3:6a:e7:96:ea:f7:03:6c:10:aa:00:17:78:7b:6a:9f:07:
1f:3c:4d:0b:8f:f4:73:47:5d:bf:e9:7f:85:5c:ca:98:c5:e0:
18:80:df:6d:12:11:03:f2:4a:72:4e:73:50:73:3e:9a:24:67:
88:cb:23:c0:e6:75:c7:26:7f:84:64:9e:ec:99:7c:76:2d:59:
ad:49:ff:17:1f:f8:94:f8:04:52:7b:be:8a:4e:55:4e:36:41:
be:83:cb:87:8b:be:1d:1a:42:5a:09:a9:36:0f:82:34:f8:21:
85:49:16:14:74:78:06:79:24:16:3e:9f:15:c0:ab:31:7a:75:
ff:d9:7b:89:b6:07:16:e4:d3:fc:80:8a:0b:bd:42:02:6d:05:
37:2c:4e:9a:01:fd:a9:8c:35:ea:ac:95:68:e1:b7:d5:06:cc:
90:d4:fa:03:aa:8b:65:2d:79:10:b1:9a:6c:ed:19:dd:6b:c3:
2f:04:e4:fc:e4:ba:f3:3f:db:f1:2d:cc:c5:a8:09:fd:b1:e7:
f6:93:4a:19:ad:07:4e:b2:be:03:a0:bc:51:7e:48:c7:64:7b:
6f:f7:e4:08:9e:70:bd:04:db:0e:f5:e0:3b:38:86:f3:98:3c:
01:87:21:81
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIENF32ATANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NmExNjU0ZGFlOTZjNTMyNTc4Y2UxZGYxZWJiODIyMWRiYjY4MTQ1MB4XDTIyMDEw
MTE1NTc0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjA4ODRhY2M0MDY3
NGMwOWE0MzdiYTkyNjlkNWZmMGI4MGQ5MmEwYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKAqp/iqIrdEoicTaXazmNIm4xSb1hL87mRRHs0IKmsvVS1L
QofkCW7oW3WLjBsu2c6EFFRImCkKI0dLa46+ls7OVhgNgGzQWLt2PyyX1QbHU8Wh
9fQkhTgjEjeYGcyIW63FYzrG+SrM5NAhDe4Qw+Lskhx1YmbPRX5LJGkQzDxOpYlK
XOsBC7ln8dCRnYqbDrKMw4QzcJ5+JpIdk2ILSR/Vi/5L6N1L1Ppl6+oDpMYm5yRM
Hkq/xNtmbOzCXvgz8Z7ldj7JkhFwxh/p4nMSDJ9R/mIPBD7Z2nLmyAZYQ54s+Hw7
lf/HN015cjBJ82FrtE4weiYj1E4feEhiObBxOM8CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBQgiErMQGdMCaQ3upJp1f8LgNkqCjAfBgNVHSMEGDAWgBS2oWVNrpbFMleM
4d8eu4Ih27aBRTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RxRmxUYTZXeFRKWGpPSGZIcnVDSWR1MmdVVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGQvYjAxMWQzLWJkYmEtNDVjZC1hOGFjLWUwYmU4OWM0ZjE2OS8x
L0lJaEt6RUJuVEFta043cVNhZFhfQzREWktnby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGQv
YjAxMWQzLWJkYmEtNDVjZC1hOGFjLWUwYmU4OWM0ZjE2OS8xL3RxRmxUYTZXeFRK
WGpPSGZIcnVDSWR1MmdVVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAyWLmDANBAIAAjAHAwUAKgCWwDAN
BgkqhkiG9w0BAQsFAAOCAQEADS9SqGz6keHo2G6ON3hMRZYvmbNq55bq9wNsEKoA
F3h7ap8HHzxNC4/0c0ddv+l/hVzKmMXgGIDfbRIRA/JKck5zUHM+miRniMsjwOZ1
xyZ/hGSe7Jl8di1ZrUn/Fx/4lPgEUnu+ik5VTjZBvoPLh4u+HRpCWgmpNg+CNPgh
hUkWFHR4BnkkFj6fFcCrMXp1/9l7ibYHFuTT/ICKC71CAm0FNyxOmgH9qYw16qyV
aOG31QbMkNT6A6qLZS15ELGabO0Z3WvDLwTk/OS68z/b8S3MxagJ/bHn9pNKGa0H
TrK+A6C8UX5Ix2R7b/fkCJ5wvQTbDvXgOziG85g8AYchgQ==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:37 2023 by rpki-client on console.sobornost.net