Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/d815fd-cfab-4a4a-9595-4166b75b08af/1/f1QGBTA91TH7SDLHD5gAHyvNtvI.roa
File: f1QGBTA91TH7SDLHD5gAHyvNtvI.roa (raw, json)
Hash identifier: ijNloArjhhs9Dd7ArsSOIWYPpYf84G7gEQIaEAV5iKg=
Subject key identifier: 7F:54:06:05:30:3D:D5:31:FB:48:32:C7:0F:98:00:1F:2B:CD:B6:F2
Certificate issuer: /CN=e122e2b58233a193d1f72778565d6c98d76163a7
Certificate serial: 02CE2C66
Authority key identifier: E1:22:E2:B5:82:33:A1:93:D1:F7:27:78:56:5D:6C:98:D7:61:63:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4SLitYIzoZPR9yd4Vl1smNdhY6c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/d815fd-cfab-4a4a-9595-4166b75b08af/1/f1QGBTA91TH7SDLHD5gAHyvNtvI.roa
Signing time: Sat 01 Jan 2022 12:54:45 +0000
ROA not before: Sat 01 Jan 2022 12:54:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60068
IP address blocks: 31.43.172.0/24 maxlen: 24
31.43.172.0/23 maxlen: 24
31.43.173.0/24 maxlen: 24
185.242.186.0/24 maxlen: 24
2a10:9840:1::/48 maxlen: 48
2a10:9840::/29 maxlen: 48
2a10:9840:2::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 47066214 (0x2ce2c66)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e122e2b58233a193d1f72778565d6c98d76163a7
Validity
Not Before: Jan 1 12:54:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7f540605303dd531fb4832c70f98001f2bcdb6f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:59:56:cb:94:de:b0:8c:1d:36:14:66:fc:8b:
8d:ea:fc:0a:2a:df:e0:4e:c7:8e:a8:3e:55:b0:1f:
2e:f7:d5:61:be:75:42:d5:32:8d:83:68:ab:1d:1d:
3d:68:e5:16:d2:63:4f:19:c2:5a:5d:38:4d:91:6d:
c1:cf:97:91:62:a6:6d:de:1f:c6:24:3b:b5:31:d2:
c9:d3:c8:43:95:ae:3b:7f:9d:0f:e0:4c:ca:f2:c2:
8c:61:6c:28:2c:a3:a3:d9:a4:b2:02:45:cf:e6:f6:
c3:a9:1f:7b:a9:de:69:c8:f1:e1:85:cd:70:af:76:
f2:c6:35:f0:e3:61:9c:21:24:a0:99:c8:97:68:d2:
61:d6:4a:1b:4d:ef:f3:a3:ab:ce:29:c0:4c:19:33:
f4:4e:10:40:8d:ac:8d:b4:db:97:cd:11:55:b3:76:
cd:80:f7:98:b4:39:e8:c4:db:ec:04:87:46:86:13:
0e:e5:52:24:c4:c6:c9:ae:fb:00:26:67:d0:df:77:
32:40:5e:30:33:0e:52:2f:f3:7e:9e:b8:2b:ce:ce:
11:52:4c:a4:66:f8:d7:ad:4f:0c:fc:2d:4b:b6:f7:
fa:38:2a:7a:03:12:8a:dd:20:7f:d4:53:c2:6c:66:
5b:5d:a8:f0:f3:60:13:2a:63:2f:9a:a6:2c:9f:ea:
72:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:54:06:05:30:3D:D5:31:FB:48:32:C7:0F:98:00:1F:2B:CD:B6:F2
X509v3 Authority Key Identifier:
keyid:E1:22:E2:B5:82:33:A1:93:D1:F7:27:78:56:5D:6C:98:D7:61:63:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4SLitYIzoZPR9yd4Vl1smNdhY6c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/d815fd-cfab-4a4a-9595-4166b75b08af/1/f1QGBTA91TH7SDLHD5gAHyvNtvI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/d815fd-cfab-4a4a-9595-4166b75b08af/1/4SLitYIzoZPR9yd4Vl1smNdhY6c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.43.172.0/23
185.242.186.0/24
IPv6:
2a10:9840::/29
Signature Algorithm: sha256WithRSAEncryption
a0:77:d3:92:f1:fe:e6:6e:3e:38:a9:7a:ca:83:aa:f9:db:00:
e2:3d:d0:1b:02:a9:0b:f7:4c:16:bc:20:fe:94:26:35:dc:30:
71:a7:34:60:b5:42:f4:c8:94:f1:5a:01:ea:18:22:44:cf:1e:
49:da:4b:b8:b9:65:2e:35:26:7c:61:17:75:1a:cb:ba:70:96:
39:dc:b0:2e:85:82:a4:eb:1b:3c:65:14:f6:1f:70:bb:9e:79:
f3:e1:c7:64:3e:a2:c2:6b:5d:69:93:9b:7e:1d:10:e7:1c:ab:
67:01:89:69:6b:20:36:c3:ad:9d:58:c9:22:10:7c:aa:a2:2b:
bb:c9:60:90:26:bf:8a:5a:49:ee:44:95:e3:5f:d3:34:ed:6a:
b6:d6:34:f8:10:49:06:7c:03:04:6a:ae:b3:2b:40:31:21:5e:
d3:b2:c8:06:79:d9:19:a4:3e:98:e3:77:eb:5e:3f:f3:cc:5a:
74:aa:c7:20:67:78:0c:46:24:d7:57:27:44:8e:8a:0a:a4:8a:
92:ac:1b:f2:4a:97:40:0c:3e:15:0c:0b:ea:f4:a9:8e:9b:c0:
91:28:2b:09:8f:2a:2f:12:85:05:c8:46:ca:e0:86:f2:96:2c:
be:8e:c6:0b:f6:55:5b:53:f7:6b:b7:80:38:9e:77:1d:97:04:
52:b4:08:26
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEAs4sZjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
MTIyZTJiNTgyMzNhMTkzZDFmNzI3Nzg1NjVkNmM5OGQ3NjE2M2E3MB4XDTIyMDEw
MTEyNTQ0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2Y1NDA2MDUzMDNk
ZDUzMWZiNDgzMmM3MGY5ODAwMWYyYmNkYjZmMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKRZVsuU3rCMHTYUZvyLjer8Cirf4E7Hjqg+VbAfLvfVYb51
QtUyjYNoqx0dPWjlFtJjTxnCWl04TZFtwc+XkWKmbd4fxiQ7tTHSydPIQ5WuO3+d
D+BMyvLCjGFsKCyjo9mksgJFz+b2w6kfe6neacjx4YXNcK928sY18ONhnCEkoJnI
l2jSYdZKG03v86OrzinATBkz9E4QQI2sjbTbl80RVbN2zYD3mLQ56MTb7ASHRoYT
DuVSJMTGya77ACZn0N93MkBeMDMOUi/zfp64K87OEVJMpGb4161PDPwtS7b3+jgq
egMSit0gf9RTwmxmW12o8PNgEypjL5qmLJ/qcs8CAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBR/VAYFMD3VMftIMscPmAAfK8228jAfBgNVHSMEGDAWgBThIuK1gjOhk9H3
J3hWXWyY12FjpzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzRTTGl0WUl6b1pQUjl5ZDRWbDFzbU5kaFk2Yy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWEvZDgxNWZkLWNmYWItNGE0YS05NTk1LTQxNjZiNzViMDhhZi8x
L2YxUUdCVEE5MVRIN1NETEhENWdBSHl2TnR2SS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWEv
ZDgxNWZkLWNmYWItNGE0YS05NTk1LTQxNjZiNzViMDhhZi8xLzRTTGl0WUl6b1pQ
Ujl5ZDRWbDFzbU5kaFk2Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAR8rrAMEALnyujANBAIAAjAHAwUD
KhCYQDANBgkqhkiG9w0BAQsFAAOCAQEAoHfTkvH+5m4+OKl6yoOq+dsA4j3QGwKp
C/dMFrwg/pQmNdwwcac0YLVC9MiU8VoB6hgiRM8eSdpLuLllLjUmfGEXdRrLunCW
OdywLoWCpOsbPGUU9h9wu5558+HHZD6iwmtdaZObfh0Q5xyrZwGJaWsgNsOtnVjJ
IhB8qqIru8lgkCa/ilpJ7kSV41/TNO1qttY0+BBJBnwDBGqusytAMSFe07LIBnnZ
GaQ+mON3614/88xadKrHIGd4DEYk11cnRI6KCqSKkqwb8kqXQAw+FQwL6vSpjpvA
kSgrCY8qLxKFBchGyuCG8pYsvo7GC/ZVW1P3a7eAOJ53HZcEUrQIJg==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:45 2023 by rpki-client on console.sobornost.net