Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/3394e3-736e-4879-b8db-89aaea36285e/1/qvqY8ZrN8y-ewsp9R15RHaxspfg.roa
File: qvqY8ZrN8y-ewsp9R15RHaxspfg.roa (raw, json)
Hash identifier: K92Jdvqn5jswrub6tpWEZaXADQYzuj8xyDsbRxqrP44=
Subject key identifier: AA:FA:98:F1:9A:CD:F3:2F:9E:C2:CA:7D:47:5E:51:1D:AC:6C:A5:F8
Certificate issuer: /CN=e85b83c87c4a3d8315025379f72987520bb5d046
Certificate serial: 0185632278431A44CB2221AC129BAFE73003
Authority key identifier: E8:5B:83:C8:7C:4A:3D:83:15:02:53:79:F7:29:87:52:0B:B5:D0:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6FuDyHxKPYMVAlN59ymHUgu10EY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/3394e3-736e-4879-b8db-89aaea36285e/1/qvqY8ZrN8y-ewsp9R15RHaxspfg.roa
Signing time: Fri 30 Dec 2022 13:04:41 +0000
ROA not before: Fri 30 Dec 2022 13:04:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20910
IP address blocks: 89.191.96.0/19 maxlen: 32
91.188.32.0/19 maxlen: 32
185.7.236.0/22 maxlen: 32
85.115.96.0/19 maxlen: 32
79.132.64.0/19 maxlen: 32
93.177.192.0/18 maxlen: 32
62.84.0.0/19 maxlen: 32
80.255.224.0/20 maxlen: 20
188.112.128.0/18 maxlen: 32
77.38.128.0/17 maxlen: 32
89.18.192.0/19 maxlen: 32
195.244.128.0/20 maxlen: 32
91.123.64.0/20 maxlen: 32
62.205.192.0/18 maxlen: 18
87.226.0.0/17 maxlen: 32
217.198.224.0/20 maxlen: 32
213.180.96.0/19 maxlen: 32
195.62.128.0/19 maxlen: 32
94.30.128.0/17 maxlen: 32
217.199.96.0/19 maxlen: 32
217.24.64.0/20 maxlen: 32
188.64.176.0/21 maxlen: 21
37.148.168.0/21 maxlen: 32
80.254.208.0/20 maxlen: 32
85.234.160.0/19 maxlen: 32
109.110.0.0/19 maxlen: 32
91.142.0.0/20 maxlen: 32
136.169.0.0/17 maxlen: 17
89.201.0.0/17 maxlen: 32
2a00:f4a0::/29 maxlen: 29
2a00:9000::/29 maxlen: 32
2a03:6740::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:63:22:78:43:1a:44:cb:22:21:ac:12:9b:af:e7:30:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e85b83c87c4a3d8315025379f72987520bb5d046
Validity
Not Before: Dec 30 13:04:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=aafa98f19acdf32f9ec2ca7d475e511dac6ca5f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:f9:3a:1f:20:7d:b9:a1:9b:c1:8c:2f:34:6f:
c0:08:ca:ac:39:25:d0:ec:d9:f7:8f:75:58:ec:b8:
95:00:57:4d:65:25:d0:b5:a7:d7:9c:c6:77:a2:01:
f6:50:82:0d:51:dc:e6:72:a0:71:41:a8:52:da:ed:
77:61:2d:42:a7:81:e0:93:75:3d:15:e1:77:d4:ee:
1b:09:12:62:53:cd:b8:01:e1:ac:af:8b:19:60:71:
85:c9:f5:14:34:f1:cf:86:16:bc:29:34:96:6c:6c:
69:07:fd:37:bf:3b:22:df:be:6a:8e:f7:7e:57:80:
5d:be:36:47:0f:63:78:61:c2:2a:e8:3f:df:8f:b2:
97:eb:62:68:fc:cf:c7:c1:fd:9b:c4:04:46:a0:5e:
ec:01:a2:ba:1e:52:cd:a0:00:9f:60:9a:a8:3a:db:
2f:08:0f:5e:82:7e:53:15:e1:1d:67:24:1a:28:0f:
d2:ab:04:f9:58:1d:f6:27:ea:fa:ab:ce:aa:f2:1e:
93:1c:0a:75:ae:ee:57:22:57:b5:e3:1b:6d:e6:4c:
ff:38:46:fb:f3:1b:43:0b:af:9d:f4:12:2c:99:75:
da:a7:ab:e1:01:ac:e6:26:1c:16:35:4a:72:cc:1f:
e7:bd:7d:a0:4f:b2:8a:23:5e:00:c1:f1:23:58:f6:
6e:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:FA:98:F1:9A:CD:F3:2F:9E:C2:CA:7D:47:5E:51:1D:AC:6C:A5:F8
X509v3 Authority Key Identifier:
keyid:E8:5B:83:C8:7C:4A:3D:83:15:02:53:79:F7:29:87:52:0B:B5:D0:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6FuDyHxKPYMVAlN59ymHUgu10EY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/3394e3-736e-4879-b8db-89aaea36285e/1/qvqY8ZrN8y-ewsp9R15RHaxspfg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/3394e3-736e-4879-b8db-89aaea36285e/1/6FuDyHxKPYMVAlN59ymHUgu10EY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.148.168.0/21
62.84.0.0/19
62.205.192.0/18
77.38.128.0/17
79.132.64.0/19
80.254.208.0/20
80.255.224.0/20
85.115.96.0/19
85.234.160.0/19
87.226.0.0/17
89.18.192.0/19
89.191.96.0/19
89.201.0.0/17
91.123.64.0/20
91.142.0.0/20
91.188.32.0/19
93.177.192.0/18
94.30.128.0/17
109.110.0.0/19
136.169.0.0/17
185.7.236.0/22
188.64.176.0/21
188.112.128.0/18
195.62.128.0/19
195.244.128.0/20
213.180.96.0/19
217.24.64.0/20
217.198.224.0/20
217.199.96.0/19
IPv6:
2a00:9000::/29
2a00:f4a0::/29
2a03:6740::/29
Signature Algorithm: sha256WithRSAEncryption
71:d3:fd:b6:39:3a:13:5b:d3:d0:95:6e:c4:50:80:9c:8a:03:
eb:59:cb:45:a9:3f:e3:c3:a4:28:f4:3b:e4:15:33:42:6b:fc:
e5:a0:12:39:05:06:d8:8b:e5:88:97:4a:b2:aa:54:2f:25:6a:
b2:66:ec:b0:76:70:85:d7:12:f3:f4:9d:ee:a7:62:1b:ab:d8:
dc:fb:84:df:95:18:5d:2d:04:e0:1d:18:05:d4:6d:b3:b8:31:
18:fb:36:c1:47:2c:01:d4:f5:07:b4:eb:54:f6:20:21:ac:01:
5a:5a:be:29:e7:fa:98:db:29:d7:50:17:a5:f2:d4:74:7b:f6:
4e:55:02:02:cd:9b:22:82:30:83:9c:cc:0f:38:3d:a8:fb:fe:
d5:fe:2b:00:47:f2:f0:5f:19:49:7d:df:4c:40:20:97:86:a3:
e8:8d:5b:00:d6:e8:0c:6a:58:49:56:e4:b5:e2:2c:0b:37:58:
5c:dc:ac:e9:24:79:71:b7:0d:53:f5:91:b9:03:a8:92:db:35:
4d:b5:af:51:b0:0a:a1:f6:7a:31:58:2f:d4:18:d0:03:a0:6e:
9c:3a:f2:75:03:db:79:90:d7:0a:b0:08:2a:b4:d3:4a:5d:13:
9a:6b:2a:f2:e0:54:eb:7c:5d:b3:ae:c2:82:d3:76:3a:bb:37:
93:dc:ad:ab
-----BEGIN CERTIFICATE-----
MIIFxzCCBK+gAwIBAgISAYVjInhDGkTLIiGsEpuv5zADMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4NWI4M2M4N2M0YTNkODMxNTAyNTM3OWY3Mjk4NzUyMGJi
NWQwNDYwHhcNMjIxMjMwMTMwNDQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYWZhOThmMTlhY2RmMzJmOWVjMmNhN2Q0NzVlNTExZGFjNmNhNWY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzPk6HyB9uaGbwYwvNG/ACMqsOSXQ
7Nn3j3VY7LiVAFdNZSXQtafXnMZ3ogH2UIINUdzmcqBxQahS2u13YS1Cp4Hgk3U9
FeF31O4bCRJiU824AeGsr4sZYHGFyfUUNPHPhha8KTSWbGxpB/03vzsi375qjvd+
V4BdvjZHD2N4YcIq6D/fj7KX62Jo/M/Hwf2bxARGoF7sAaK6HlLNoACfYJqoOtsv
CA9egn5TFeEdZyQaKA/SqwT5WB32J+r6q86q8h6THAp1ru5XIle14xtt5kz/OEb7
8xtDC6+d9BIsmXXap6vhAazmJhwWNUpyzB/nvX2gT7KKI14AwfEjWPZu5QIDAQAB
o4IC0zCCAs8wHQYDVR0OBBYEFKr6mPGazfMvnsLKfUdeUR2sbKX4MB8GA1UdIwQY
MBaAFOhbg8h8Sj2DFQJTefcph1ILtdBGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkZ1RHlIeEtQWU1WQWxONTl5bUhVZ3UxMEVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC8zMzk0ZTMtNzM2ZS00ODc5LWI4ZGIt
ODlhYWVhMzYyODVlLzEvcXZxWThack44eS1ld3NwOVIxNVJIYXhzcGZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC8zMzk0ZTMtNzM2ZS00ODc5LWI4ZGItODlhYWVhMzYyODVl
LzEvNkZ1RHlIeEtQWU1WQWxONTl5bUhVZ3UxMEVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHoBggrBgEFBQcBBwEB/wSB2DCB1TCBtQQCAAEwga4DBAMl
lKgDBAU+VAADBAY+zcADBAdNJoADBAVPhEADBARQ/tADBARQ/+ADBAVVc2ADBAVV
6qADBAdX4gADBAVZEsADBAVZv2ADBAdZyQADBARbe0ADBARbjgADBAVbvCADBAZd
scADBAdeHoADBAVtbgADBAeIqQADBAK5B+wDBAO8QLADBAa8cIADBAXDPoADBATD
9IADBAXVtGADBATZGEADBATZxuADBAXZx2AwGwQCAAIwFQMFAyoAkAADBQMqAPSg
AwUDKgNnQDANBgkqhkiG9w0BAQsFAAOCAQEAcdP9tjk6E1vT0JVuxFCAnIoD61nL
Rak/48OkKPQ75BUzQmv85aASOQUG2IvliJdKsqpULyVqsmbssHZwhdcS8/Sd7qdi
G6vY3PuE35UYXS0E4B0YBdRts7gxGPs2wUcsAdT1B7TrVPYgIawBWlq+Kef6mNsp
11AXpfLUdHv2TlUCAs2bIoIwg5zMDzg9qPv+1f4rAEfy8F8ZSX3fTEAgl4aj6I1b
ANboDGpYSVbkteIsCzdYXNys6SR5cbcNU/WRuQOokts1TbWvUbAKofZ6MVgv1BjQ
A6BunDrydQPbeZDXCrAIKrTTSl0Tmmsq8uBU63xds67CgtN2Ors3k9ytqw==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:23 2023 by rpki-client on console.sobornost.net