Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/faffc2-9517-4d18-8993-f55ea48ce75a/1/6alCil5AlxLxMiDookTugC2MQFg.roa
File: 6alCil5AlxLxMiDookTugC2MQFg.roa (raw, json)
Hash identifier: KbgejbgAHAa2oSeaD6nLNwe0WNVcRq+vbrDKQUO9dhE=
Subject key identifier: E9:A9:42:8A:5E:40:97:12:F1:32:20:E8:A2:44:EE:80:2D:8C:40:58
Certificate issuer: /CN=4d13128815103574417ca7a70412da3ab3b84511
Certificate serial: 0A228D12
Authority key identifier: 4D:13:12:88:15:10:35:74:41:7C:A7:A7:04:12:DA:3A:B3:B8:45:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TRMSiBUQNXRBfKenBBLaOrO4RRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/faffc2-9517-4d18-8993-f55ea48ce75a/1/6alCil5AlxLxMiDookTugC2MQFg.roa
Signing time: Sat 01 Jan 2022 08:57:04 +0000
ROA not before: Sat 01 Jan 2022 08:57:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8587
IP address blocks: 91.209.14.0/24 maxlen: 24
91.209.22.0/24 maxlen: 24
91.209.21.0/24 maxlen: 24
195.114.224.0/20 maxlen: 20
212.104.210.0/24 maxlen: 24
91.208.251.0/24 maxlen: 24
94.247.72.0/21 maxlen: 21
2a02:ca0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 170036498 (0xa228d12)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d13128815103574417ca7a70412da3ab3b84511
Validity
Not Before: Jan 1 08:57:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e9a9428a5e409712f13220e8a244ee802d8c4058
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:a8:54:46:ef:fc:c8:6e:c3:0f:08:97:cd:d2:
13:ac:e6:b5:d9:d0:ac:e2:bd:e5:bc:eb:89:37:3e:
7a:c8:b9:7f:e4:31:dd:f0:ff:b5:00:8f:20:a9:ac:
ae:31:a3:65:44:08:14:44:01:40:76:29:aa:a0:d5:
88:cc:84:9c:4d:bd:b7:ab:10:47:e3:c2:98:7c:0d:
1c:ad:5c:1a:1d:f0:3f:f9:a9:55:aa:78:ac:33:54:
99:f6:a7:e6:18:bf:c4:69:87:1b:f1:28:5e:7d:00:
7c:58:6c:c9:dc:5e:50:2d:ff:3a:e9:7e:26:70:5a:
17:12:c4:06:22:44:5d:88:8b:f2:46:ad:88:b9:9a:
1b:77:c4:f2:ba:53:28:df:fe:34:da:c1:23:83:aa:
80:e7:f4:7f:d6:7b:b5:df:bb:c8:71:0b:08:c9:67:
06:74:f6:57:f3:76:3a:03:35:38:bb:09:a5:bd:57:
1a:63:04:01:8f:49:96:b8:fc:2a:b9:ed:c5:90:de:
9e:63:62:88:90:40:3f:63:1b:c5:6e:91:6c:9b:12:
0d:0f:6f:5b:b8:43:e4:61:05:f1:f1:cb:85:da:36:
02:39:0c:e5:cb:1a:ee:9f:e1:f0:df:3e:f7:3c:22:
68:f8:de:5a:8d:eb:fe:47:95:26:90:1e:47:b8:d1:
93:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:A9:42:8A:5E:40:97:12:F1:32:20:E8:A2:44:EE:80:2D:8C:40:58
X509v3 Authority Key Identifier:
keyid:4D:13:12:88:15:10:35:74:41:7C:A7:A7:04:12:DA:3A:B3:B8:45:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TRMSiBUQNXRBfKenBBLaOrO4RRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/faffc2-9517-4d18-8993-f55ea48ce75a/1/6alCil5AlxLxMiDookTugC2MQFg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/faffc2-9517-4d18-8993-f55ea48ce75a/1/TRMSiBUQNXRBfKenBBLaOrO4RRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.208.251.0/24
91.209.14.0/24
91.209.21.0-91.209.22.255
94.247.72.0/21
195.114.224.0/20
212.104.210.0/24
IPv6:
2a02:ca0::/32
Signature Algorithm: sha256WithRSAEncryption
5e:1a:71:86:76:59:73:55:3b:37:90:76:59:17:fc:58:31:91:
3a:bf:6d:5e:77:a8:4b:cb:99:8b:70:33:05:a4:bd:c9:ad:c0:
b4:09:85:27:94:a4:4f:85:1f:e3:e0:05:55:a8:9d:c4:aa:ff:
ce:f6:86:25:fc:0a:d7:93:cd:7f:5d:16:cf:73:5d:29:fd:ad:
d7:8c:e1:c8:b0:ae:12:52:d9:16:33:c9:31:01:30:06:e6:44:
b4:2b:b2:36:4e:91:53:53:ff:9e:ca:07:ce:67:b7:38:da:29:
e9:f5:aa:fb:a0:88:e0:59:7c:c0:83:9f:41:2a:da:c7:42:83:
e0:64:b4:7c:2a:44:68:7f:8c:85:65:b5:7a:a8:20:7e:bb:e2:
45:38:26:63:c1:93:f0:32:3f:2a:fe:cb:3b:b1:1d:b1:93:05:
cb:5d:22:60:ea:ec:01:18:9e:bb:9a:22:f7:23:6c:42:fb:d5:
6e:c1:bd:1e:d9:6e:3d:4a:15:00:ec:47:fc:da:13:2d:80:00:
b2:12:27:aa:a2:30:3c:e0:be:63:1d:c0:ac:65:40:e6:5b:c7:
01:b9:8e:99:5b:cb:ca:41:8a:64:58:f9:53:e0:d6:74:10:da:
46:0f:4b:ba:d3:e0:36:49:b5:ea:05:af:f5:14:58:f6:31:54:
2e:77:3a:82
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgIECiKNEjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
ZDEzMTI4ODE1MTAzNTc0NDE3Y2E3YTcwNDEyZGEzYWIzYjg0NTExMB4XDTIyMDEw
MTA4NTcwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTlhOTQyOGE1ZTQw
OTcxMmYxMzIyMGU4YTI0NGVlODAyZDhjNDA1ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKaoVEbv/Mhuww8Il83SE6zmtdnQrOK95bzriTc+esi5f+Qx
3fD/tQCPIKmsrjGjZUQIFEQBQHYpqqDViMyEnE29t6sQR+PCmHwNHK1cGh3wP/mp
Vap4rDNUmfan5hi/xGmHG/EoXn0AfFhsydxeUC3/Oul+JnBaFxLEBiJEXYiL8kat
iLmaG3fE8rpTKN/+NNrBI4OqgOf0f9Z7td+7yHELCMlnBnT2V/N2OgM1OLsJpb1X
GmMEAY9Jlrj8KrntxZDenmNiiJBAP2MbxW6RbJsSDQ9vW7hD5GEF8fHLhdo2AjkM
5csa7p/h8N8+9zwiaPjeWo3r/keVJpAeR7jRk7sCAwEAAaOCAj4wggI6MB0GA1Ud
DgQWBBTpqUKKXkCXEvEyIOiiRO6ALYxAWDAfBgNVHSMEGDAWgBRNExKIFRA1dEF8
p6cEEto6s7hFETAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1RSTVNpQlVRTlhSQmZLZW5CQkxhT3JPNFJSRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGQvZmFmZmMyLTk1MTctNGQxOC04OTkzLWY1NWVhNDhjZTc1YS8x
LzZhbENpbDVBbHhMeE1pRG9va1R1Z0MyTVFGZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGQv
ZmFmZmMyLTk1MTctNGQxOC04OTkzLWY1NWVhNDhjZTc1YS8xL1RSTVNpQlVRTlhS
QmZLZW5CQkxhT3JPNFJSRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBU
BggrBgEFBQcBBwEB/wRFMEMwMgQCAAEwLAMEAFvQ+wMEAFvRDjAMAwQAW9EVAwQA
W9EWAwQDXvdIAwQEw3LgAwQA1GjSMA0EAgACMAcDBQAqAgygMA0GCSqGSIb3DQEB
CwUAA4IBAQBeGnGGdllzVTs3kHZZF/xYMZE6v21ed6hLy5mLcDMFpL3JrcC0CYUn
lKRPhR/j4AVVqJ3Eqv/O9oYl/ArXk81/XRbPc10p/a3XjOHIsK4SUtkWM8kxATAG
5kS0K7I2TpFTU/+eygfOZ7c42inp9ar7oIjgWXzAg59BKtrHQoPgZLR8KkRof4yF
ZbV6qCB+u+JFOCZjwZPwMj8q/ss7sR2xkwXLXSJg6uwBGJ67miL3I2xC+9Vuwb0e
2W49ShUA7Ef82hMtgACyEieqojA84L5jHcCsZUDmW8cBuY6ZW8vKQYpkWPlT4NZ0
ENpGD0u60+A2SbXqBa/1FFj2MVQudzqC
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:38 2023 by rpki-client on console.sobornost.net