Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/c27fa6-b2b0-4dcb-a899-1030cdbe6bd4/1/kMgZDYYwK2eNm777mL9L4bL6jNE.roa
File: kMgZDYYwK2eNm777mL9L4bL6jNE.roa (raw, json)
Hash identifier: cSaX+5GrkFgBZGrHmSogJHelH5xfU9BQo5daBJkXZFk=
Subject key identifier: 90:C8:19:0D:86:30:2B:67:8D:9B:BE:FB:98:BF:4B:E1:B2:FA:8C:D1
Certificate issuer: /CN=43015654082578c4946cd27be1e89a3dd7562fa4
Certificate serial: 018539130A4D962503CBC0149B75F8FD8DE9
Authority key identifier: 43:01:56:54:08:25:78:C4:94:6C:D2:7B:E1:E8:9A:3D:D7:56:2F:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwFWVAgleMSUbNJ74eiaPddWL6Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/c27fa6-b2b0-4dcb-a899-1030cdbe6bd4/1/kMgZDYYwK2eNm777mL9L4bL6jNE.roa
Signing time: Thu 22 Dec 2022 09:03:47 +0000
ROA not before: Thu 22 Dec 2022 09:03:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49981
IP address blocks: 217.23.0.0/20 maxlen: 20
185.132.132.0/22 maxlen: 22
185.184.192.0/22 maxlen: 22
185.183.32.0/22 maxlen: 22
185.182.192.0/22 maxlen: 22
185.182.192.0/24 maxlen: 24
62.112.8.0/22 maxlen: 24
185.165.240.0/22 maxlen: 22
185.21.60.0/22 maxlen: 22
185.21.63.0/24 maxlen: 24
45.14.132.0/22 maxlen: 22
178.218.196.0/22 maxlen: 22
80.79.4.0/22 maxlen: 22
185.100.232.0/22 maxlen: 22
185.185.48.0/22 maxlen: 22
185.185.51.0/24 maxlen: 24
91.232.105.0/24 maxlen: 24
185.132.176.0/22 maxlen: 22
89.38.96.0/22 maxlen: 22
45.82.64.0/22 maxlen: 22
193.200.164.0/24 maxlen: 24
93.190.136.0/21 maxlen: 22
93.190.140.0/22 maxlen: 22
91.229.23.0/24 maxlen: 24
185.173.160.0/22 maxlen: 22
185.2.80.0/22 maxlen: 22
185.177.124.0/22 maxlen: 22
178.132.0.0/21 maxlen: 21
185.180.220.0/22 maxlen: 22
89.39.104.0/22 maxlen: 22
185.191.0.0/22 maxlen: 22
2.59.168.0/22 maxlen: 22
194.88.104.0/22 maxlen: 22
212.8.240.0/24 maxlen: 24
212.8.242.0/23 maxlen: 23
109.236.80.0/20 maxlen: 20
212.8.252.0/23 maxlen: 23
212.8.248.0/23 maxlen: 23
212.8.250.0/24 maxlen: 24
185.172.88.0/22 maxlen: 22
2a00:7c82::/32 maxlen: 32
2a00:7c81::/32 maxlen: 32
2a00:7c83::/32 maxlen: 32
2a00:7c80::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:39:13:0a:4d:96:25:03:cb:c0:14:9b:75:f8:fd:8d:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43015654082578c4946cd27be1e89a3dd7562fa4
Validity
Not Before: Dec 22 09:03:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=90c8190d86302b678d9bbefb98bf4be1b2fa8cd1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:9c:5b:42:27:72:80:40:4f:8b:05:be:bf:a1:
fc:fe:ad:fa:d1:d5:9c:b3:1f:99:79:c7:3f:fa:90:
61:ab:27:97:68:20:d7:2b:4b:de:3e:d7:13:48:fc:
a8:bb:4c:b4:7c:a6:e0:60:d9:53:28:e6:e2:ac:2e:
84:2d:21:13:7c:f8:10:0d:73:b3:62:48:34:82:b1:
9e:51:1a:70:f8:cc:0c:89:c5:1d:3d:49:d2:1a:59:
f5:fe:60:28:42:d8:ff:b1:1b:7a:47:d5:74:06:8b:
94:cc:9f:19:c4:12:c2:b9:01:90:f8:7f:ad:68:60:
0d:cb:5b:ab:88:40:09:df:99:62:d4:4a:13:6d:2d:
ab:f5:b6:11:28:eb:cd:02:5a:11:9b:a7:31:e0:be:
e3:fa:c3:b2:eb:56:b9:69:9e:a3:d9:71:af:38:df:
10:80:19:93:68:3a:cf:b6:2d:bf:06:3a:f1:a1:a5:
c0:4b:36:4f:b5:e3:bb:f2:50:5a:ae:96:88:12:0f:
1d:cf:19:7c:db:45:5d:36:73:09:2d:82:9e:2e:c1:
f0:46:06:ba:0a:b6:82:07:e3:c7:0c:7e:eb:07:75:
75:2d:c9:56:83:b5:4b:2d:17:f1:b5:1c:5f:52:93:
c9:bc:13:97:d0:0c:09:85:3b:c0:9b:40:7e:ac:ab:
d0:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:C8:19:0D:86:30:2B:67:8D:9B:BE:FB:98:BF:4B:E1:B2:FA:8C:D1
X509v3 Authority Key Identifier:
keyid:43:01:56:54:08:25:78:C4:94:6C:D2:7B:E1:E8:9A:3D:D7:56:2F:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwFWVAgleMSUbNJ74eiaPddWL6Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/c27fa6-b2b0-4dcb-a899-1030cdbe6bd4/1/kMgZDYYwK2eNm777mL9L4bL6jNE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/c27fa6-b2b0-4dcb-a899-1030cdbe6bd4/1/QwFWVAgleMSUbNJ74eiaPddWL6Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.168.0/22
45.14.132.0/22
45.82.64.0/22
62.112.8.0/22
80.79.4.0/22
89.38.96.0/22
89.39.104.0/22
91.229.23.0/24
91.232.105.0/24
93.190.136.0/21
109.236.80.0/20
178.132.0.0/21
178.218.196.0/22
185.2.80.0/22
185.21.60.0/22
185.100.232.0/22
185.132.132.0/22
185.132.176.0/22
185.165.240.0/22
185.172.88.0/22
185.173.160.0/22
185.177.124.0/22
185.180.220.0/22
185.182.192.0/22
185.183.32.0/22
185.184.192.0/22
185.185.48.0/22
185.191.0.0/22
193.200.164.0/24
194.88.104.0/22
212.8.240.0/24
212.8.242.0/23
212.8.248.0-212.8.250.255
212.8.252.0/23
217.23.0.0/20
IPv6:
2a00:7c80::/29
Signature Algorithm: sha256WithRSAEncryption
09:e8:e8:0b:4b:d9:13:b0:84:86:13:61:03:3e:9a:5b:ad:6f:
e0:ae:76:92:c9:69:aa:6f:c1:b5:79:c1:17:0f:f2:35:a5:a8:
0b:45:5d:77:72:18:28:e9:cf:40:ab:9d:2b:9f:6d:4f:28:7d:
b9:a3:37:85:1f:87:51:a2:bc:d8:d4:84:90:9f:b2:69:ea:29:
41:e8:81:37:26:25:ae:f0:a8:e2:5b:27:c4:c2:68:0b:0f:40:
68:79:72:ec:71:80:82:c4:d5:84:44:ad:8b:dc:d1:7e:8c:58:
86:ba:b9:60:e9:42:4c:32:88:06:6a:f7:64:1b:4a:ff:b4:f7:
f4:d7:54:fd:01:97:41:40:c9:19:0b:14:90:b1:8f:10:05:5b:
d6:42:0c:9a:c7:70:6e:75:c3:c6:4a:d4:3e:f6:02:d4:ac:0c:
0e:22:d7:b6:7c:94:c1:cf:d3:7d:11:45:c2:e6:d0:7f:31:74:
0a:0f:fb:32:c6:a5:29:f3:d2:76:a4:27:b3:03:12:10:c8:54:
2d:d9:19:9d:d9:ad:0f:f6:7a:42:61:31:5e:00:8a:c0:d9:71:
1d:9f:8c:71:04:f1:b7:69:a2:b1:85:f8:ad:76:d5:e3:e1:3b:
59:19:a7:66:8a:12:da:d3:a0:71:a3:3e:79:78:63:89:6c:c7:
ef:2b:f2:5e
-----BEGIN CERTIFICATE-----
MIIF5jCCBM6gAwIBAgISAYU5EwpNliUDy8AUm3X4/Y3pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDE1NjU0MDgyNTc4YzQ5NDZjZDI3YmUxZTg5YTNkZDc1
NjJmYTQwHhcNMjIxMjIyMDkwMzQ3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGM4MTkwZDg2MzAyYjY3OGQ5YmJlZmI5OGJmNGJlMWIyZmE4Y2QxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqZxbQidygEBPiwW+v6H8/q360dWc
sx+Zecc/+pBhqyeXaCDXK0vePtcTSPyou0y0fKbgYNlTKObirC6ELSETfPgQDXOz
Ykg0grGeURpw+MwMicUdPUnSGln1/mAoQtj/sRt6R9V0BouUzJ8ZxBLCuQGQ+H+t
aGANy1uriEAJ35li1EoTbS2r9bYRKOvNAloRm6cx4L7j+sOy61a5aZ6j2XGvON8Q
gBmTaDrPti2/BjrxoaXASzZPteO78lBarpaIEg8dzxl820VdNnMJLYKeLsHwRga6
CraCB+PHDH7rB3V1LclWg7VLLRfxtRxfUpPJvBOX0AwJhTvAm0B+rKvQSwIDAQAB
o4IC8jCCAu4wHQYDVR0OBBYEFJDIGQ2GMCtnjZu++5i/S+Gy+ozRMB8GA1UdIwQY
MBaAFEMBVlQIJXjElGzSe+Homj3XVi+kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdGV1ZBZ2xlTVNVYk5KNzRlaWFQZGRXTDZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9jMjdmYTYtYjJiMC00ZGNiLWE4OTkt
MTAzMGNkYmU2YmQ0LzEva01nWkRZWXdLMmVObTc3N21MOUw0Ykw2ak5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9jMjdmYTYtYjJiMC00ZGNiLWE4OTktMTAzMGNkYmU2YmQ0
LzEvUXdGV1ZBZ2xlTVNVYk5KNzRlaWFQZGRXTDZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBBgYIKwYBBQUHAQcBAf8EgfYwgfMwgeEEAgABMIHaAwQC
AjuoAwQCLQ6EAwQCLVJAAwQCPnAIAwQCUE8EAwQCWSZgAwQCWSdoAwQAW+UXAwQA
W+hpAwQDXb6IAwQEbexQAwQDsoQAAwQCstrEAwQCuQJQAwQCuRU8AwQCuWToAwQC
uYSEAwQCuYSwAwQCuaXwAwQCuaxYAwQCua2gAwQCubF8AwQCubTcAwQCubbAAwQC
ubcgAwQCubjAAwQCubkwAwQCub8AAwQAwcikAwQCwlhoAwQA1AjwAwQB1AjyMAwD
BAPUCPgDBADUCPoDBAHUCPwDBATZFwAwDQQCAAIwBwMFAyoAfIAwDQYJKoZIhvcN
AQELBQADggEBAAno6AtL2ROwhIYTYQM+mlutb+CudpLJaapvwbV5wRcP8jWlqAtF
XXdyGCjpz0CrnSufbU8ofbmjN4Ufh1GivNjUhJCfsmnqKUHogTcmJa7wqOJbJ8TC
aAsPQGh5cuxxgILE1YRErYvc0X6MWIa6uWDpQkwyiAZq92QbSv+09/TXVP0Bl0FA
yRkLFJCxjxAFW9ZCDJrHcG51w8ZK1D72AtSsDA4i17Z8lMHP030RRcLm0H8xdAoP
+zLGpSnz0nakJ7MDEhDIVC3ZGZ3ZrQ/2ekJhMV4AisDZcR2fjHEE8bdporGF+K12
1ePhO1kZp2aKEtrToHGjPnl4Y4lsx+8r8l4=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:40 2023 by rpki-client on console.sobornost.net