Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/11e13f-4cea-44af-81f9-b2cccf0eadab/1/1-W1-yz9_UU4aKl9GG34vea7EsMQ.roa
File: 1-W1-yz9_UU4aKl9GG34vea7EsMQ.roa (raw, json)
Hash identifier: 12uN4aZj2JbNHbo/YZ3xEoVr0RFCE4zmpPq0UrwrNMY=
Subject key identifier: F9:6D:7E:CB:3F:7F:51:4E:1A:2A:5F:46:1B:7E:2F:79:AE:C4:B0:C4
Certificate issuer: /CN=333361fba8409174fb3c482b8ca26f235ebd22c2
Certificate serial: 0381B169
Authority key identifier: 33:33:61:FB:A8:40:91:74:FB:3C:48:2B:8C:A2:6F:23:5E:BD:22:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MzNh-6hAkXT7PEgrjKJvI169IsI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/11e13f-4cea-44af-81f9-b2cccf0eadab/1/1-W1-yz9_UU4aKl9GG34vea7EsMQ.roa
Signing time: Sat 01 Jan 2022 15:58:04 +0000
ROA not before: Sat 01 Jan 2022 15:58:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35251
IP address blocks: 45.138.68.0/24 maxlen: 24
45.138.69.0/24 maxlen: 24
45.138.70.0/24 maxlen: 24
45.138.71.0/24 maxlen: 24
45.158.22.0/24 maxlen: 24
45.158.23.0/24 maxlen: 24
45.158.20.0/24 maxlen: 24
45.158.21.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 58831209 (0x381b169)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=333361fba8409174fb3c482b8ca26f235ebd22c2
Validity
Not Before: Jan 1 15:58:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f96d7ecb3f7f514e1a2a5f461b7e2f79aec4b0c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:81:31:06:a9:e8:57:00:c4:44:60:7f:4c:46:
02:a0:aa:54:94:2c:58:4b:d1:ff:6d:94:cd:7b:ef:
ee:b8:54:4d:73:10:6a:54:08:84:b7:d4:ee:d3:b0:
1d:27:f2:3f:27:d9:05:2e:e8:6c:16:59:4c:0e:2a:
81:64:cc:c9:94:3a:5e:89:be:bf:78:06:7c:a1:54:
97:6b:f9:50:87:fa:a5:b7:e3:b2:a1:d9:f7:da:c7:
bb:1d:0a:03:8d:e1:59:4a:4b:c2:cf:7d:0b:58:91:
de:f6:30:45:78:2a:27:c7:8c:00:a3:3c:f8:9f:48:
61:da:fc:32:3e:72:f2:91:1c:cf:7c:b6:45:55:e6:
db:4f:a4:3c:51:c8:45:6e:9e:9e:fc:20:49:eb:65:
17:c4:41:14:ef:bd:21:7c:33:47:4b:82:cb:7e:02:
44:ae:16:1b:ae:ea:33:2c:66:a6:57:1d:15:d7:65:
0b:55:c7:40:16:7f:8c:c4:7e:fe:ed:51:60:1e:e8:
f3:c3:6d:ef:a6:a5:84:c7:98:b8:00:f9:cc:b1:dc:
f9:13:a2:f2:25:91:bb:99:d2:48:56:df:a0:8e:5d:
ea:e4:3f:4c:41:ea:f9:f9:31:32:ff:5d:68:8b:3b:
7b:5e:94:9e:85:55:68:48:34:62:aa:33:dc:b6:19:
45:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:6D:7E:CB:3F:7F:51:4E:1A:2A:5F:46:1B:7E:2F:79:AE:C4:B0:C4
X509v3 Authority Key Identifier:
keyid:33:33:61:FB:A8:40:91:74:FB:3C:48:2B:8C:A2:6F:23:5E:BD:22:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MzNh-6hAkXT7PEgrjKJvI169IsI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/11e13f-4cea-44af-81f9-b2cccf0eadab/1/1-W1-yz9_UU4aKl9GG34vea7EsMQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/11e13f-4cea-44af-81f9-b2cccf0eadab/1/MzNh-6hAkXT7PEgrjKJvI169IsI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.138.68.0/22
45.158.20.0/22
Signature Algorithm: sha256WithRSAEncryption
16:71:99:31:cd:7b:8f:36:b0:5d:d3:25:1f:fd:09:2e:fe:ed:
e5:67:dc:7f:e2:cb:e8:85:8a:b5:1c:e4:2e:e3:bc:67:b0:ec:
76:40:fe:9d:53:25:0c:cc:5a:ef:55:f0:75:0c:39:c7:45:62:
a3:cc:27:fa:a8:d2:dc:51:ac:26:8a:ce:f1:aa:66:5a:2e:ad:
ec:c8:42:ed:6e:8c:5e:6b:1e:6b:17:f7:f0:5d:b1:4d:d3:eb:
68:60:8b:14:69:ab:a5:7d:d3:1d:bd:0d:a7:ec:69:e4:13:b2:
f7:7c:37:1e:76:47:1c:ba:c4:d2:c7:e1:c3:44:70:ac:32:c6:
9f:4a:2b:eb:88:06:13:32:96:64:8c:3b:25:4c:a4:a1:c4:87:
56:a3:7f:09:20:b0:15:31:48:d0:24:90:0c:8d:dc:b2:2b:8a:
6c:d2:fe:e3:61:fc:a8:1a:4c:93:06:22:78:75:3a:d6:3d:45:
21:97:04:ae:3d:1d:47:36:1f:12:21:bc:18:5b:b9:1d:46:a0:
61:38:82:84:2e:2c:b5:8e:d9:7f:1e:60:03:11:22:f8:ae:5e:
cc:90:c4:8f:f4:b1:29:4d:46:1d:86:2e:51:17:dc:6b:ab:75:
f5:8d:52:6e:21:1f:e1:6f:22:b1:52:47:36:04:4f:ef:f9:66:
77:fc:77:ab
-----BEGIN CERTIFICATE-----
MIIE9jCCA96gAwIBAgIEA4GxaTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
MzMzNjFmYmE4NDA5MTc0ZmIzYzQ4MmI4Y2EyNmYyMzVlYmQyMmMyMB4XDTIyMDEw
MTE1NTgwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjk2ZDdlY2IzZjdm
NTE0ZTFhMmE1ZjQ2MWI3ZTJmNzlhZWM0YjBjNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALKBMQap6FcAxERgf0xGAqCqVJQsWEvR/22UzXvv7rhUTXMQ
alQIhLfU7tOwHSfyPyfZBS7obBZZTA4qgWTMyZQ6Xom+v3gGfKFUl2v5UIf6pbfj
sqHZ99rHux0KA43hWUpLws99C1iR3vYwRXgqJ8eMAKM8+J9IYdr8Mj5y8pEcz3y2
RVXm20+kPFHIRW6envwgSetlF8RBFO+9IXwzR0uCy34CRK4WG67qMyxmplcdFddl
C1XHQBZ/jMR+/u1RYB7o88Nt76alhMeYuAD5zLHc+ROi8iWRu5nSSFbfoI5d6uQ/
TEHq+fkxMv9daIs7e16UnoVVaEg0Yqoz3LYZRWUCAwEAAaOCAhAwggIMMB0GA1Ud
DgQWBBT5bX7LP39RThoqX0Ybfi95rsSwxDAfBgNVHSMEGDAWgBQzM2H7qECRdPs8
SCuMom8jXr0iwjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L016TmgtNmhBa1hUN1BFZ3JqS0p2STE2OUlzSS5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWYvMTFlMTNmLTRjZWEtNDRhZi04MWY5LWIyY2NjZjBlYWRhYi8x
LzEtVzEteXo5X1VVNGFLbDlHRzM0dmVhN0VzTVEucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Vm
LzExZTEzZi00Y2VhLTQ0YWYtODFmOS1iMmNjY2YwZWFkYWIvMS9Nek5oLTZoQWtY
VDdQRWdyaktKdkkxNjlJc0kuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
JQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBAItikQDBAItnhQwDQYJKoZIhvcN
AQELBQADggEBABZxmTHNe482sF3TJR/9CS7+7eVn3H/iy+iFirUc5C7jvGew7HZA
/p1TJQzMWu9V8HUMOcdFYqPMJ/qo0txRrCaKzvGqZlourezIQu1ujF5rHmsX9/Bd
sU3T62hgixRpq6V90x29DafsaeQTsvd8Nx52Rxy6xNLH4cNEcKwyxp9KK+uIBhMy
lmSMOyVMpKHEh1ajfwkgsBUxSNAkkAyN3LIrimzS/uNh/KgaTJMGInh1OtY9RSGX
BK49HUc2HxIhvBhbuR1GoGE4goQuLLWO2X8eYAMRIviuXsyQxI/0sSlNRh2GLlEX
3GurdfWNUm4hH+FvIrFSRzYET+/5Znf8d6s=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:41 2023 by rpki-client on console.sobornost.net