Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/37e363-84d1-470e-96a2-0ef1cac7418d/1/4t-aEsLamX2V080Jed4pcHd0NrM.roa
File: 4t-aEsLamX2V080Jed4pcHd0NrM.roa (raw, json)
Hash identifier: M6KZqSNZtPuoRL813YdbCFY94kPJR22BP5i/R5lWAFk=
Subject key identifier: E2:DF:9A:12:C2:DA:99:7D:95:D3:CD:09:79:DE:29:70:77:74:36:B3
Certificate issuer: /CN=c3b4351e0a495c26efdc6e415f0bb189fbbd6edf
Certificate serial: 1AA77DE7
Authority key identifier: C3:B4:35:1E:0A:49:5C:26:EF:DC:6E:41:5F:0B:B1:89:FB:BD:6E:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w7Q1HgpJXCbv3G5BXwuxifu9bt8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/37e363-84d1-470e-96a2-0ef1cac7418d/1/4t-aEsLamX2V080Jed4pcHd0NrM.roa
Signing time: Sat 01 Jan 2022 15:59:23 +0000
ROA not before: Sat 01 Jan 2022 15:59:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50910
IP address blocks: 109.232.152.0/21 maxlen: 21
109.232.152.0/22 maxlen: 22
109.232.155.0/24 maxlen: 24
109.232.159.0/24 maxlen: 24
109.232.158.0/24 maxlen: 24
109.232.156.0/23 maxlen: 23
80.85.213.0/24 maxlen: 24
80.85.212.0/22 maxlen: 22
80.85.212.0/24 maxlen: 24
80.85.210.0/23 maxlen: 23
80.85.209.0/24 maxlen: 24
80.85.208.0/24 maxlen: 24
80.85.219.0/24 maxlen: 24
80.85.216.0/21 maxlen: 21
80.85.216.0/22 maxlen: 22
80.85.214.0/23 maxlen: 23
80.85.220.0/23 maxlen: 23
80.85.223.0/24 maxlen: 24
80.85.222.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 447184359 (0x1aa77de7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3b4351e0a495c26efdc6e415f0bb189fbbd6edf
Validity
Not Before: Jan 1 15:59:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e2df9a12c2da997d95d3cd0979de2970777436b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:01:b8:06:b9:e3:df:0b:42:a0:b1:ba:76:fb:
b5:95:cb:8a:8b:77:6e:74:1f:61:70:2f:e3:8f:e5:
99:a9:88:ef:84:27:b3:ba:3f:d1:3c:43:e7:b1:1f:
83:20:2e:24:ce:90:44:49:e9:e1:d9:a9:d7:8b:22:
04:8f:8f:52:ee:48:40:26:75:7d:c1:f5:71:f1:ea:
0e:87:6f:7c:03:62:7a:54:99:bc:3c:82:12:ba:cf:
fa:6a:17:da:52:38:95:b5:ff:c4:29:e5:82:28:19:
bb:d0:4f:f9:06:9d:d7:83:35:3d:73:1c:04:67:bd:
71:2f:d1:e7:e0:77:cd:7b:19:8a:2a:34:32:aa:59:
c6:45:81:3e:74:30:3e:76:9e:2c:02:4c:af:4f:78:
46:c9:06:6b:90:4b:62:72:20:ba:36:cd:61:b4:0f:
3e:67:10:0f:00:74:87:cf:0d:57:47:af:bd:e6:74:
d8:32:8c:d9:67:7f:4e:8b:5e:81:94:ca:e0:5b:74:
66:70:ab:92:10:4d:e4:25:37:3e:cc:c5:5e:5c:a6:
d2:0b:f2:5d:8f:14:07:eb:29:d5:18:41:e6:2c:ce:
1f:fb:d7:c5:5e:0c:e9:f5:49:eb:e1:ce:56:c7:eb:
ed:03:cc:3a:40:6e:2a:b6:fb:cf:cd:f9:9f:ca:f2:
a4:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:DF:9A:12:C2:DA:99:7D:95:D3:CD:09:79:DE:29:70:77:74:36:B3
X509v3 Authority Key Identifier:
keyid:C3:B4:35:1E:0A:49:5C:26:EF:DC:6E:41:5F:0B:B1:89:FB:BD:6E:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w7Q1HgpJXCbv3G5BXwuxifu9bt8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/37e363-84d1-470e-96a2-0ef1cac7418d/1/4t-aEsLamX2V080Jed4pcHd0NrM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/37e363-84d1-470e-96a2-0ef1cac7418d/1/w7Q1HgpJXCbv3G5BXwuxifu9bt8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.85.208.0/20
109.232.152.0/21
Signature Algorithm: sha256WithRSAEncryption
46:61:42:d2:33:d4:d5:e1:e7:c6:e8:6d:90:1c:47:98:2b:2a:
25:e5:a4:13:4a:5f:f6:1f:d5:d6:01:34:a8:09:a4:0a:03:3d:
b7:37:24:d9:66:cc:bb:88:cf:d6:38:93:eb:d1:8a:8a:b2:80:
bb:cf:cb:e3:af:1a:f8:67:29:b5:9e:1e:8d:2d:3d:be:13:27:
09:ff:0d:23:a9:fd:67:eb:08:bd:a3:4a:89:f9:f8:d0:cd:48:
d4:af:b8:37:82:38:2a:bc:da:88:93:eb:36:d0:19:54:94:bb:
c6:18:11:c7:26:f7:25:5c:35:09:83:77:76:ca:e5:a3:ef:64:
5e:21:6b:5d:14:75:f6:75:30:54:b6:42:c7:25:bf:ae:e7:b2:
17:60:b9:b0:e9:d8:95:20:40:05:9a:fc:24:cf:5f:fb:3e:8c:
df:12:cf:18:a5:5c:6f:53:22:f9:77:7f:09:6f:d3:ba:39:73:
4c:3a:86:4e:54:5a:ba:28:6d:b3:1d:f4:d3:f4:96:14:23:f5:
06:5e:aa:83:c9:d5:dd:96:a9:70:03:eb:15:c2:27:bd:7d:f5:
a0:a1:fa:58:1e:37:f1:01:24:8e:cb:a0:6b:06:c1:d1:00:c4:
b6:84:f2:50:85:9b:63:3f:20:8e:03:e0:73:2b:77:ff:9e:0e:
54:2c:72:84
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEGqd95zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
M2I0MzUxZTBhNDk1YzI2ZWZkYzZlNDE1ZjBiYjE4OWZiYmQ2ZWRmMB4XDTIyMDEw
MTE1NTkyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTJkZjlhMTJjMmRh
OTk3ZDk1ZDNjZDA5NzlkZTI5NzA3Nzc0MzZiMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ8BuAa5498LQqCxunb7tZXLiot3bnQfYXAv44/lmamI74Qn
s7o/0TxD57EfgyAuJM6QREnp4dmp14siBI+PUu5IQCZ1fcH1cfHqDodvfANielSZ
vDyCErrP+moX2lI4lbX/xCnlgigZu9BP+Qad14M1PXMcBGe9cS/R5+B3zXsZiio0
MqpZxkWBPnQwPnaeLAJMr094RskGa5BLYnIgujbNYbQPPmcQDwB0h88NV0evveZ0
2DKM2Wd/TotegZTK4Ft0ZnCrkhBN5CU3PszFXlym0gvyXY8UB+sp1RhB5izOH/vX
xV4M6fVJ6+HOVsfr7QPMOkBuKrb7z835n8rypAkCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTi35oSwtqZfZXTzQl53ilwd3Q2szAfBgNVHSMEGDAWgBTDtDUeCklcJu/c
bkFfC7GJ+71u3zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3c3UTFIZ3BKWENidjNHNUJYd3V4aWZ1OWJ0OC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTQvMzdlMzYzLTg0ZDEtNDcwZS05NmEyLTBlZjFjYWM3NDE4ZC8x
LzR0LWFFc0xhbVgyVjA4MEplZDRwY0hkME5yTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTQv
MzdlMzYzLTg0ZDEtNDcwZS05NmEyLTBlZjFjYWM3NDE4ZC8xL3c3UTFIZ3BKWENi
djNHNUJYd3V4aWZ1OWJ0OC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEBFBV0AMEA23omDANBgkqhkiG9w0B
AQsFAAOCAQEARmFC0jPU1eHnxuhtkBxHmCsqJeWkE0pf9h/V1gE0qAmkCgM9tzck
2WbMu4jP1jiT69GKirKAu8/L468a+GcptZ4ejS09vhMnCf8NI6n9Z+sIvaNKifn4
0M1I1K+4N4I4KrzaiJPrNtAZVJS7xhgRxyb3JVw1CYN3dsrlo+9kXiFrXRR19nUw
VLZCxyW/rueyF2C5sOnYlSBABZr8JM9f+z6M3xLPGKVcb1Mi+Xd/CW/TujlzTDqG
TlRauihtsx300/SWFCP1Bl6qg8nV3ZapcAPrFcInvX31oKH6WB438QEkjsugawbB
0QDEtoTyUIWbYz8gjgPgcyt3/54OVCxyhA==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:20 2023 by rpki-client on console.sobornost.net