Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/Rs8g0yxQ8CntmbgmmkJDLMJWN_8.roa
File: Rs8g0yxQ8CntmbgmmkJDLMJWN_8.roa (raw, json)
Hash identifier: SPAoOQzhUiYNwBayWkdemqW7oV846p6DvTXwm/ppHaI=
Subject key identifier: 46:CF:20:D3:2C:50:F0:29:ED:99:B8:26:9A:42:43:2C:C2:56:37:FF
Certificate issuer: /CN=eea02b197dbaf7deb74e0a27d9d4ecd3fae1e8ed
Certificate serial: 01840361302749403E5CED2FA92EC83DF42F
Authority key identifier: EE:A0:2B:19:7D:BA:F7:DE:B7:4E:0A:27:D9:D4:EC:D3:FA:E1:E8:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7qArGX269963Tgon2dTs0_rh6O0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/Rs8g0yxQ8CntmbgmmkJDLMJWN_8.roa
Signing time: Sun 23 Oct 2022 05:46:51 +0000
ROA not before: Sun 23 Oct 2022 05:46:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57152
IP address blocks: 185.73.128.0/22 maxlen: 24
104.247.172.0/24 maxlen: 24
104.247.171.0/24 maxlen: 24
104.247.170.0/24 maxlen: 24
104.247.175.0/24 maxlen: 24
104.247.174.0/24 maxlen: 24
104.247.173.0/24 maxlen: 24
104.247.177.0/24 maxlen: 24
104.247.176.0/24 maxlen: 24
185.137.215.0/24 maxlen: 24
2a03:a5a0:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:03:61:30:27:49:40:3e:5c:ed:2f:a9:2e:c8:3d:f4:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eea02b197dbaf7deb74e0a27d9d4ecd3fae1e8ed
Validity
Not Before: Oct 23 05:46:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=46cf20d32c50f029ed99b8269a42432cc25637ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:3a:ba:5f:c7:34:b7:aa:07:89:f3:7c:13:de:
f1:d4:f0:ae:6c:85:86:a1:4a:41:a7:50:c4:0f:30:
c7:a4:36:11:2a:97:48:c0:a8:b3:15:42:ac:fd:b5:
68:48:12:63:38:83:28:65:bb:94:c7:db:50:3a:2f:
13:bf:49:75:7e:53:8c:9f:3e:78:17:35:91:46:89:
23:67:50:21:35:65:28:3e:01:e3:6f:10:1a:93:4d:
29:50:35:3e:2c:98:fe:0f:9d:53:44:ba:58:0c:d8:
7f:39:73:7e:6b:60:a3:89:a9:b9:8a:95:6a:31:17:
4e:96:7c:26:1f:8f:07:65:dd:0d:68:57:72:a9:e2:
75:7b:9f:8f:9f:3d:c5:31:37:84:95:c5:71:0f:38:
51:0a:ab:35:42:14:19:4c:08:39:94:bc:4e:80:ca:
b6:70:a8:4f:48:d9:ca:a6:eb:9a:24:12:2e:3d:c9:
3f:41:88:4e:6f:ea:b1:8a:90:fd:80:1c:88:3f:87:
e2:c9:68:5a:9b:02:19:5c:3f:ba:47:5d:d6:b7:e3:
15:ac:2a:72:d1:df:30:7f:bc:63:ec:e8:06:a5:e9:
ac:5f:7b:25:9d:92:4e:db:a7:49:6d:21:cd:09:70:
05:1d:5e:3b:92:ba:b7:ec:b7:67:cb:c5:eb:8b:91:
e6:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:CF:20:D3:2C:50:F0:29:ED:99:B8:26:9A:42:43:2C:C2:56:37:FF
X509v3 Authority Key Identifier:
keyid:EE:A0:2B:19:7D:BA:F7:DE:B7:4E:0A:27:D9:D4:EC:D3:FA:E1:E8:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7qArGX269963Tgon2dTs0_rh6O0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/Rs8g0yxQ8CntmbgmmkJDLMJWN_8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/7qArGX269963Tgon2dTs0_rh6O0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
104.247.170.0-104.247.177.255
185.73.128.0/22
185.137.215.0/24
IPv6:
2a03:a5a0:1::/48
Signature Algorithm: sha256WithRSAEncryption
18:f4:4d:b1:b6:47:e3:78:70:96:fb:8c:85:28:b4:21:b2:2f:
5f:e5:ac:d0:bf:20:b2:2b:83:77:e8:74:47:73:0c:5d:fd:20:
05:6d:8d:e8:bd:c9:81:0c:d3:65:e6:c2:e4:fd:ea:aa:ae:c9:
3f:72:1b:50:95:9b:75:89:44:07:dc:b4:38:19:30:6b:f5:e4:
1c:6a:9f:bb:36:20:46:b6:9c:d2:c1:a3:e8:39:59:a3:98:ea:
01:b0:c4:1d:3a:0d:95:65:e6:53:6d:ec:5a:0b:24:87:a4:a4:
c8:3a:00:c5:3b:54:8e:a4:04:2e:21:e3:ce:a7:7d:bb:05:62:
67:f1:87:bd:9b:4b:34:e2:37:da:de:45:d7:7d:72:1c:26:66:
8b:99:52:07:66:6e:35:58:29:4d:ae:30:71:20:05:9e:02:f9:
c4:a0:26:52:8b:81:e5:69:76:b6:ee:b4:3c:bf:90:12:15:64:
63:b8:e9:71:ad:ed:eb:df:02:33:38:38:f5:35:a5:b6:cb:b6:
48:a3:ba:83:cd:fc:e7:82:dd:35:88:c5:09:90:4f:9a:a8:b3:
22:19:ed:1c:4a:6a:7a:21:72:b2:89:ba:4c:43:d2:95:78:db:
5d:2e:a7:c5:71:2c:49:62:9b:96:15:32:b2:03:5d:dc:45:ad:
9e:45:bd:1c
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAYQDYTAnSUA+XO0vqS7IPfQvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlYTAyYjE5N2RiYWY3ZGViNzRlMGEyN2Q5ZDRlY2QzZmFl
MWU4ZWQwHhcNMjIxMDIzMDU0NjUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NmNmMjBkMzJjNTBmMDI5ZWQ5OWI4MjY5YTQyNDMyY2MyNTYzN2ZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAizq6X8c0t6oHifN8E97x1PCubIWG
oUpBp1DEDzDHpDYRKpdIwKizFUKs/bVoSBJjOIMoZbuUx9tQOi8Tv0l1flOMnz54
FzWRRokjZ1AhNWUoPgHjbxAak00pUDU+LJj+D51TRLpYDNh/OXN+a2Cjiam5ipVq
MRdOlnwmH48HZd0NaFdyqeJ1e5+Pnz3FMTeElcVxDzhRCqs1QhQZTAg5lLxOgMq2
cKhPSNnKpuuaJBIuPck/QYhOb+qxipD9gByIP4fiyWhamwIZXD+6R13Wt+MVrCpy
0d8wf7xj7OgGpemsX3slnZJO26dJbSHNCXAFHV47krq37Ldny8Xri5HmcQIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFEbPINMsUPAp7Zm4JppCQyzCVjf/MB8GA1UdIwQY
MBaAFO6gKxl9uvfet04KJ9nU7NP64ejtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3FBckdYMjY5OTYzVGdvbjJkVHMwX3JoNk8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS85NzFiMTEtMjgwZS00Y2VkLWI5OWMt
YmJjY2FiOTEzYjVkLzEvUnM4ZzB5eFE4Q250bWJnbW1rSkRMTUpXTl84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS85NzFiMTEtMjgwZS00Y2VkLWI5OWMtYmJjY2FiOTEzYjVk
LzEvN3FBckdYMjY5OTYzVGdvbjJkVHMwX3JoNk8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEQGCCsGAQUFBwEHAQH/BDUwMzAgBAIAATAaMAwDBAFo96oD
BAFo97ADBAK5SYADBAC5idcwDwQCAAIwCQMHACoDpaAAATANBgkqhkiG9w0BAQsF
AAOCAQEAGPRNsbZH43hwlvuMhSi0IbIvX+Ws0L8gsiuDd+h0R3MMXf0gBW2N6L3J
gQzTZebC5P3qqq7JP3IbUJWbdYlEB9y0OBkwa/XkHGqfuzYgRrac0sGj6DlZo5jq
AbDEHToNlWXmU23sWgskh6SkyDoAxTtUjqQELiHjzqd9uwViZ/GHvZtLNOI32t5F
131yHCZmi5lSB2ZuNVgpTa4wcSAFngL5xKAmUouB5Wl2tu60PL+QEhVkY7jpca3t
698CMzg49TWltsu2SKO6g83854LdNYjFCZBPmqizIhntHEpqeiFysom6TEPSlXjb
XS6nxXEsSWKblhUysgNd3EWtnkW9HA==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:17 2023 by rpki-client on console.sobornost.net