Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/62b909-1e3e-4a1b-9e24-b01e0297b070/1/PSuyzpVIV4Vvb2PwOYonaJ0vvWY.roa
File: PSuyzpVIV4Vvb2PwOYonaJ0vvWY.roa (raw, json)
Hash identifier: FP8ervEQ2IlTzTtdb1ivdf9wqgG9xQfAuwGfFw8r6+8=
Subject key identifier: 3D:2B:B2:CE:95:48:57:85:6F:6F:63:F0:39:8A:27:68:9D:2F:BD:66
Certificate issuer: /CN=fdd2b36206439bbce15b363f09eeff1d738cecc7
Certificate serial: 0C2CC693
Authority key identifier: FD:D2:B3:62:06:43:9B:BC:E1:5B:36:3F:09:EE:FF:1D:73:8C:EC:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_dKzYgZDm7zhWzY_Ce7_HXOM7Mc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/62b909-1e3e-4a1b-9e24-b01e0297b070/1/PSuyzpVIV4Vvb2PwOYonaJ0vvWY.roa
Signing time: Sat 01 Jan 2022 00:55:14 +0000
ROA not before: Sat 01 Jan 2022 00:55:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25249
IP address blocks: 94.100.224.0/21 maxlen: 21
94.100.224.0/20 maxlen: 20
94.100.224.0/24 maxlen: 24
94.100.229.0/24 maxlen: 24
94.100.231.0/24 maxlen: 24
94.100.232.0/21 maxlen: 21
94.100.237.0/24 maxlen: 24
94.100.238.0/24 maxlen: 24
94.100.234.0/24 maxlen: 24
94.100.235.0/24 maxlen: 24
185.115.4.0/22 maxlen: 22
81.95.160.0/20 maxlen: 20
81.95.160.0/21 maxlen: 21
81.95.160.0/24 maxlen: 24
185.115.5.0/24 maxlen: 24
185.115.6.0/24 maxlen: 24
185.115.7.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 204261011 (0xc2cc693)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fdd2b36206439bbce15b363f09eeff1d738cecc7
Validity
Not Before: Jan 1 00:55:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3d2bb2ce954857856f6f63f0398a27689d2fbd66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:c5:ae:b5:d4:ed:f9:42:e8:a7:14:29:3e:9d:
42:dd:6a:b3:cb:0e:0d:ea:f2:57:fd:ee:2b:93:60:
7a:89:4f:90:52:52:13:f9:77:7c:83:b7:14:12:2b:
9c:81:95:c6:20:a3:2b:d0:4b:35:a4:3b:aa:56:11:
b1:05:28:59:b7:b5:9e:a0:99:50:41:00:3b:a8:33:
1f:0c:e1:df:8d:10:30:b0:5a:96:f6:09:7b:6f:32:
42:3d:e7:f9:73:5e:64:6a:ca:44:31:70:90:5a:43:
ad:66:d9:26:0a:4e:b3:86:68:a4:d3:81:12:c5:8e:
1b:0f:e8:3b:09:4d:42:0b:f0:2e:3b:93:0f:42:21:
df:65:6f:1d:ae:64:29:6d:5a:47:8e:94:87:28:10:
92:0f:0b:44:cb:af:f2:90:15:00:5b:3b:96:c5:c0:
f3:29:a3:7e:dd:51:19:e3:fd:9c:5f:29:d2:bb:5f:
79:fc:28:79:25:0e:4f:c0:f0:ee:fd:e3:84:40:46:
7b:91:40:ce:62:42:0f:59:02:52:eb:09:ab:a8:5f:
b8:c6:d8:e4:19:1e:26:9d:c5:81:2b:5e:0c:03:11:
7d:99:41:e9:d3:5d:5b:94:92:16:3f:48:36:57:63:
5a:da:08:0d:13:af:2e:81:40:ef:e7:38:be:41:7b:
7e:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:2B:B2:CE:95:48:57:85:6F:6F:63:F0:39:8A:27:68:9D:2F:BD:66
X509v3 Authority Key Identifier:
keyid:FD:D2:B3:62:06:43:9B:BC:E1:5B:36:3F:09:EE:FF:1D:73:8C:EC:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_dKzYgZDm7zhWzY_Ce7_HXOM7Mc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/62b909-1e3e-4a1b-9e24-b01e0297b070/1/PSuyzpVIV4Vvb2PwOYonaJ0vvWY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/62b909-1e3e-4a1b-9e24-b01e0297b070/1/_dKzYgZDm7zhWzY_Ce7_HXOM7Mc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.95.160.0/20
94.100.224.0/20
185.115.4.0/22
Signature Algorithm: sha256WithRSAEncryption
31:95:04:d7:3e:78:cd:a2:83:d8:e0:ff:3d:85:e3:41:c7:6e:
6d:76:05:94:a8:db:74:83:54:95:f8:57:9d:fd:58:08:e7:d8:
8a:80:f7:91:40:df:1d:42:9f:48:f4:f9:34:a8:e0:04:18:87:
d1:a3:e7:aa:c1:69:67:49:2b:96:7f:92:6c:22:8c:db:9d:f9:
73:59:1a:60:f5:3b:cd:46:bb:5b:6b:5b:e8:24:7f:9a:51:0d:
6f:6f:f0:c2:a4:d5:44:a7:78:bc:9f:c3:dd:51:36:ad:f8:7a:
b6:0b:13:fa:c3:b8:9b:42:df:00:62:41:cd:f8:3e:68:c7:70:
f2:ea:74:2a:3f:a3:d1:69:c3:5f:d1:66:d0:20:f9:6f:50:0f:
bf:fd:a0:23:3e:99:1d:c3:7d:eb:1c:d8:63:d3:8c:45:c6:52:
47:2a:ad:9f:13:81:6b:94:ae:c0:ff:aa:a0:52:fe:f3:96:77:
f7:1f:27:d5:52:62:d7:3a:f3:f9:a0:06:9d:9d:94:6d:1f:26:
ae:61:07:0d:cd:cf:82:8f:59:53:e6:61:3a:6f:2b:b0:e5:8f:
f3:7c:0f:dc:bc:04:1b:aa:69:8e:2a:c7:04:49:5a:8a:ed:b9:
d0:5a:dd:44:c2:a7:ac:27:dd:57:f9:2e:82:e0:3b:aa:7e:f3:
e9:63:a5:5f
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEDCzGkzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ZGQyYjM2MjA2NDM5YmJjZTE1YjM2M2YwOWVlZmYxZDczOGNlY2M3MB4XDTIyMDEw
MTAwNTUxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2QyYmIyY2U5NTQ4
NTc4NTZmNmY2M2YwMzk4YTI3Njg5ZDJmYmQ2NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKnFrrXU7flC6KcUKT6dQt1qs8sODeryV/3uK5NgeolPkFJS
E/l3fIO3FBIrnIGVxiCjK9BLNaQ7qlYRsQUoWbe1nqCZUEEAO6gzHwzh340QMLBa
lvYJe28yQj3n+XNeZGrKRDFwkFpDrWbZJgpOs4ZopNOBEsWOGw/oOwlNQgvwLjuT
D0Ih32VvHa5kKW1aR46UhygQkg8LRMuv8pAVAFs7lsXA8ymjft1RGeP9nF8p0rtf
efwoeSUOT8Dw7v3jhEBGe5FAzmJCD1kCUusJq6hfuMbY5BkeJp3FgSteDAMRfZlB
6dNdW5SSFj9INldjWtoIDROvLoFA7+c4vkF7fhkCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBQ9K7LOlUhXhW9vY/A5iidonS+9ZjAfBgNVHSMEGDAWgBT90rNiBkObvOFb
Nj8J7v8dc4zsxzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L19kS3pZZ1pEbTd6aFd6WV9DZTdfSFhPTTdNYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDkvNjJiOTA5LTFlM2UtNGExYi05ZTI0LWIwMWUwMjk3YjA3MC8x
L1BTdXl6cFZJVjRWdmIyUHdPWW9uYUowdnZXWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDkv
NjJiOTA5LTFlM2UtNGExYi05ZTI0LWIwMWUwMjk3YjA3MC8xL19kS3pZZ1pEbTd6
aFd6WV9DZTdfSFhPTTdNYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEBFFfoAMEBF5k4AMEArlzBDANBgkq
hkiG9w0BAQsFAAOCAQEAMZUE1z54zaKD2OD/PYXjQcdubXYFlKjbdINUlfhXnf1Y
COfYioD3kUDfHUKfSPT5NKjgBBiH0aPnqsFpZ0krln+SbCKM2535c1kaYPU7zUa7
W2tb6CR/mlENb2/wwqTVRKd4vJ/D3VE2rfh6tgsT+sO4m0LfAGJBzfg+aMdw8up0
Kj+j0WnDX9Fm0CD5b1APv/2gIz6ZHcN96xzYY9OMRcZSRyqtnxOBa5SuwP+qoFL+
85Z39x8n1VJi1zrz+aAGnZ2UbR8mrmEHDc3Pgo9ZU+ZhOm8rsOWP83wP3LwEG6pp
jirHBElaiu250FrdRMKnrCfdV/kuguA7qn7z6WOlXw==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:17 2023 by rpki-client on console.sobornost.net