Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/a970c6-c118-452e-a56f-ec467fa8636e/1/rkuc2ws6DRnV63rRY_sCviyj_1M.roa
File: rkuc2ws6DRnV63rRY_sCviyj_1M.roa (raw, json)
Hash identifier: GYSEUOkP1OWJu21l98H9EI36bdYCRBMT5Y8sfI4qGE0=
Subject key identifier: AE:4B:9C:DB:0B:3A:0D:19:D5:EB:7A:D1:63:FB:02:BE:2C:A3:FF:53
Certificate issuer: /CN=a6aa9cade93be6ba7c8abb3238318076317d607d
Certificate serial: 03EFE1
Authority key identifier: A6:AA:9C:AD:E9:3B:E6:BA:7C:8A:BB:32:38:31:80:76:31:7D:60:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pqqcrek75rp8irsyODGAdjF9YH0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/a970c6-c118-452e-a56f-ec467fa8636e/1/rkuc2ws6DRnV63rRY_sCviyj_1M.roa
Signing time: Mon 11 Apr 2022 07:32:41 +0000
ROA not before: Mon 11 Apr 2022 07:32:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207668
IP address blocks: 194.53.194.0/23 maxlen: 23
45.66.22.0/23 maxlen: 23
2a09:60c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 258017 (0x3efe1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a6aa9cade93be6ba7c8abb3238318076317d607d
Validity
Not Before: Apr 11 07:32:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ae4b9cdb0b3a0d19d5eb7ad163fb02be2ca3ff53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:d6:1b:6d:85:02:70:ac:1e:4d:d8:90:a9:b2:
b6:e0:50:66:c2:f2:c3:17:00:71:3d:29:37:83:23:
82:e3:65:54:46:ff:6b:30:d8:e6:d6:68:66:35:25:
e8:c5:57:1b:b6:02:ba:10:36:09:4e:8d:7f:0a:c2:
a6:0d:84:70:d1:b6:c5:52:f5:5e:35:ce:a6:5b:29:
6b:ee:3b:5a:a9:13:56:6e:27:95:5a:bd:be:30:1a:
e6:37:af:f5:ea:97:0b:28:16:14:66:aa:f2:65:03:
c9:18:02:41:9b:07:3a:1d:15:7f:a9:56:38:9b:9a:
25:c0:a8:58:12:19:27:52:50:58:ee:8c:bd:f3:78:
52:cc:15:c5:06:be:d9:72:31:a6:b2:bb:e7:a1:83:
02:34:ae:cc:da:95:38:8e:c7:61:cf:f3:bc:2d:8e:
55:c0:c6:f7:2e:a4:07:6a:fc:78:1d:02:33:84:43:
5d:4c:c3:a8:ac:82:a6:90:43:f3:23:eb:08:f6:67:
eb:e0:f9:a2:13:15:e1:bf:aa:21:98:ae:fa:02:48:
61:ef:4c:96:32:3c:0a:46:e4:3f:64:64:12:9d:37:
47:73:6d:0b:64:cf:0e:e8:04:01:a4:c6:fb:59:ec:
6c:1c:eb:f9:df:dd:ee:96:e1:7c:88:90:22:dd:ea:
cc:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:4B:9C:DB:0B:3A:0D:19:D5:EB:7A:D1:63:FB:02:BE:2C:A3:FF:53
X509v3 Authority Key Identifier:
keyid:A6:AA:9C:AD:E9:3B:E6:BA:7C:8A:BB:32:38:31:80:76:31:7D:60:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pqqcrek75rp8irsyODGAdjF9YH0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/a970c6-c118-452e-a56f-ec467fa8636e/1/rkuc2ws6DRnV63rRY_sCviyj_1M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/a970c6-c118-452e-a56f-ec467fa8636e/1/pqqcrek75rp8irsyODGAdjF9YH0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.22.0/23
194.53.194.0/23
IPv6:
2a09:60c0::/29
Signature Algorithm: sha256WithRSAEncryption
c7:57:1a:e5:3a:2f:92:79:9b:13:32:2a:22:4b:16:89:e3:80:
72:f3:46:9b:e6:d5:ea:76:16:f3:4a:f7:e4:08:f7:38:bc:13:
f8:46:5e:6d:91:a9:83:fd:b8:6b:3c:f5:29:82:12:6f:35:54:
d2:a1:cc:de:c0:83:3d:4c:59:99:0e:19:a2:62:54:b2:c1:31:
5d:14:0d:99:98:f7:d9:9f:e9:c7:88:7c:fd:a4:03:8c:4b:9a:
3a:04:4a:91:be:86:44:73:50:77:96:64:a4:ab:38:da:a6:15:
c5:67:fd:7d:ee:d0:06:e0:5b:78:6a:cf:b4:ab:09:f0:74:b6:
15:89:93:2a:6c:ff:ca:5b:b4:72:4d:b6:44:a0:ad:1b:de:89:
34:f9:c6:0f:1d:9a:57:07:fd:2e:60:82:07:08:c7:32:78:a5:
a5:2f:a4:cd:2e:c1:aa:2f:a5:c7:6c:b0:ad:46:04:cd:21:6e:
22:89:62:20:d7:55:40:71:f7:0b:14:23:37:66:6e:f1:63:e1:
ed:65:0b:6f:78:fa:cc:43:e6:83:d5:a0:9d:dd:69:35:0a:ef:
c7:63:d3:d5:ce:ec:70:a4:a6:cc:a9:82:b8:ff:5b:be:a5:4c:
a3:68:50:61:2d:0c:7a:99:07:ff:c4:12:a2:50:37:a8:dd:9a:
14:52:3c:25
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIDA+/hMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGE2
YWE5Y2FkZTkzYmU2YmE3YzhhYmIzMjM4MzE4MDc2MzE3ZDYwN2QwHhcNMjIwNDEx
MDczMjQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhhZTRiOWNkYjBiM2Ew
ZDE5ZDVlYjdhZDE2M2ZiMDJiZTJjYTNmZjUzMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAv9YbbYUCcKweTdiQqbK24FBmwvLDFwBxPSk3gyOC42VURv9r
MNjm1mhmNSXoxVcbtgK6EDYJTo1/CsKmDYRw0bbFUvVeNc6mWylr7jtaqRNWbieV
Wr2+MBrmN6/16pcLKBYUZqryZQPJGAJBmwc6HRV/qVY4m5olwKhYEhknUlBY7oy9
83hSzBXFBr7ZcjGmsrvnoYMCNK7M2pU4jsdhz/O8LY5VwMb3LqQHavx4HQIzhENd
TMOorIKmkEPzI+sI9mfr4PmiExXhv6ohmK76Akhh70yWMjwKRuQ/ZGQSnTdHc20L
ZM8O6AQBpMb7WexsHOv5393uluF8iJAi3erMcwIDAQABo4ICHjCCAhowHQYDVR0O
BBYEFK5LnNsLOg0Z1et60WP7Ar4so/9TMB8GA1UdIwQYMBaAFKaqnK3pO+a6fIq7
MjgxgHYxfWB9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
cHFxY3Jlazc1cnA4aXJzeU9ER0FkakY5WUgwLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9lZC9hOTcwYzYtYzExOC00NTJlLWE1NmYtZWM0NjdmYTg2MzZlLzEv
cmt1YzJ3czZEUm5WNjNyUllfc0N2aXlqXzFNLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC9h
OTcwYzYtYzExOC00NTJlLWE1NmYtZWM0NjdmYTg2MzZlLzEvcHFxY3Jlazc1cnA4
aXJzeU9ER0FkakY5WUgwLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQG
CCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBLUIWAwQBwjXCMA0EAgACMAcDBQMq
CWDAMA0GCSqGSIb3DQEBCwUAA4IBAQDHVxrlOi+SeZsTMioiSxaJ44By80ab5tXq
dhbzSvfkCPc4vBP4Rl5tkamD/bhrPPUpghJvNVTSoczewIM9TFmZDhmiYlSywTFd
FA2ZmPfZn+nHiHz9pAOMS5o6BEqRvoZEc1B3lmSkqzjaphXFZ/197tAG4Ft4as+0
qwnwdLYViZMqbP/KW7RyTbZEoK0b3ok0+cYPHZpXB/0uYIIHCMcyeKWlL6TNLsGq
L6XHbLCtRgTNIW4iiWIg11VAcfcLFCM3Zm7xY+HtZQtvePrMQ+aD1aCd3Wk1Cu/H
Y9PVzuxwpKbMqYK4/1u+pUyjaFBhLQx6mQf/xBKiUDeo3ZoUUjwl
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:36 2023 by rpki-client on console.sobornost.net