Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/37e363-84d1-470e-96a2-0ef1cac7418d/1/MCBuh9KIKLjiNEyvZdYLiSzch8k.roa
File: MCBuh9KIKLjiNEyvZdYLiSzch8k.roa (raw, json)
Hash identifier: djYM4fXVvHhwO3THQwOFQ+MIw4pKCwz8OtIIF7Ysle0=
Subject key identifier: 30:20:6E:87:D2:88:28:B8:E2:34:4C:AF:65:D6:0B:89:2C:DC:87:C9
Certificate issuer: /CN=c3b4351e0a495c26efdc6e415f0bb189fbbd6edf
Certificate serial: 1B7E51BA
Authority key identifier: C3:B4:35:1E:0A:49:5C:26:EF:DC:6E:41:5F:0B:B1:89:FB:BD:6E:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w7Q1HgpJXCbv3G5BXwuxifu9bt8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/37e363-84d1-470e-96a2-0ef1cac7418d/1/MCBuh9KIKLjiNEyvZdYLiSzch8k.roa
Signing time: Tue 12 Apr 2022 15:53:53 +0000
ROA not before: Tue 12 Apr 2022 15:53:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50910
IP address blocks: 109.232.152.0/21 maxlen: 21
109.232.152.0/22 maxlen: 22
109.232.152.0/24 maxlen: 24
109.232.155.0/24 maxlen: 24
109.232.154.0/24 maxlen: 24
109.232.153.0/24 maxlen: 24
109.232.159.0/24 maxlen: 24
109.232.158.0/24 maxlen: 24
109.232.156.0/23 maxlen: 23
80.85.213.0/24 maxlen: 24
80.85.212.0/22 maxlen: 22
80.85.212.0/24 maxlen: 24
80.85.210.0/23 maxlen: 23
80.85.209.0/24 maxlen: 24
80.85.208.0/24 maxlen: 24
80.85.219.0/24 maxlen: 24
80.85.216.0/21 maxlen: 21
80.85.216.0/22 maxlen: 22
80.85.214.0/23 maxlen: 23
80.85.220.0/23 maxlen: 23
80.85.223.0/24 maxlen: 24
80.85.222.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 461263290 (0x1b7e51ba)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3b4351e0a495c26efdc6e415f0bb189fbbd6edf
Validity
Not Before: Apr 12 15:53:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=30206e87d28828b8e2344caf65d60b892cdc87c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:e1:fb:31:e9:db:00:a4:7d:91:0b:8a:c1:75:
55:a1:9a:dc:86:8a:88:5a:79:e4:61:9a:71:8d:ac:
38:ad:7a:de:18:45:ca:95:0f:81:9e:37:29:4a:05:
d9:1a:9d:04:03:73:40:a5:23:df:fe:8d:05:77:3d:
14:85:bf:4d:1f:24:80:5f:63:d1:66:fc:79:39:04:
28:82:2c:c3:9a:87:c3:f5:70:11:8b:84:47:e9:e9:
3b:ea:f7:98:25:9c:29:25:e3:47:cd:73:2a:6d:10:
99:55:8f:42:28:df:40:88:77:77:95:42:e9:74:fa:
d3:ad:0d:da:08:75:c7:5e:8a:a9:dc:a1:b1:4e:15:
85:11:a7:91:92:62:2d:90:b0:58:27:2f:01:1e:35:
ec:24:1f:7f:6e:e6:74:ff:7b:1f:61:68:59:fc:63:
74:38:90:8c:30:05:61:b0:04:30:32:f8:85:47:cb:
e9:29:aa:57:3c:fe:ac:bf:9e:c9:8e:25:d1:66:ba:
d2:0e:62:75:1b:de:13:d4:02:e2:fc:02:22:67:a7:
26:b3:5a:32:58:12:ad:f2:d9:0e:84:34:87:ad:5a:
e4:4e:f0:cb:3a:de:27:02:2d:67:6b:72:67:d9:48:
db:fd:79:f0:aa:36:6c:9e:5e:56:d1:eb:9a:7b:4b:
32:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:20:6E:87:D2:88:28:B8:E2:34:4C:AF:65:D6:0B:89:2C:DC:87:C9
X509v3 Authority Key Identifier:
keyid:C3:B4:35:1E:0A:49:5C:26:EF:DC:6E:41:5F:0B:B1:89:FB:BD:6E:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w7Q1HgpJXCbv3G5BXwuxifu9bt8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/37e363-84d1-470e-96a2-0ef1cac7418d/1/MCBuh9KIKLjiNEyvZdYLiSzch8k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/37e363-84d1-470e-96a2-0ef1cac7418d/1/w7Q1HgpJXCbv3G5BXwuxifu9bt8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.85.208.0/20
109.232.152.0/21
Signature Algorithm: sha256WithRSAEncryption
9e:4e:45:a4:34:72:49:f7:a9:cd:f6:09:a4:d5:62:19:93:4f:
b1:0e:7c:32:d1:b2:ac:e1:a9:00:77:8f:ce:77:1a:f7:69:93:
df:c5:7f:fe:d8:6b:01:a7:c5:f6:d8:15:20:6a:92:37:55:7c:
03:cd:3a:31:34:af:be:68:96:c2:5d:c3:4a:51:8e:7f:d5:a5:
ec:70:6a:cc:b8:9f:d6:77:75:5d:26:6f:51:6d:09:40:35:df:
b0:fe:06:52:85:03:88:80:fb:f0:3d:0e:12:12:f9:63:28:b5:
bf:bc:f2:61:1a:01:71:a9:37:ff:2c:95:71:17:4b:b4:ee:05:
77:77:ab:44:3d:14:de:ad:40:56:ea:5b:3e:db:31:f5:bd:da:
99:45:cb:97:3f:8e:31:d5:78:b0:28:6c:67:17:8e:75:08:05:
8b:5c:97:e5:f7:1e:bd:83:96:2a:32:92:53:8b:55:ec:52:3a:
8a:a2:bd:34:83:8d:92:d8:51:83:70:41:ed:6f:c4:a9:d5:b4:
9a:b9:4f:50:bb:1c:f3:ad:44:22:35:86:f7:3a:c2:d4:2c:d1:
82:69:e9:99:5b:44:ff:9c:62:12:26:45:73:66:c0:b2:02:c5:
35:2a:22:d8:c5:e8:e1:8f:3a:23:de:00:fd:ad:e7:a6:95:57:
91:b2:2c:22
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEG35RujANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
M2I0MzUxZTBhNDk1YzI2ZWZkYzZlNDE1ZjBiYjE4OWZiYmQ2ZWRmMB4XDTIyMDQx
MjE1NTM1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzAyMDZlODdkMjg4
MjhiOGUyMzQ0Y2FmNjVkNjBiODkyY2RjODdjOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKnh+zHp2wCkfZELisF1VaGa3IaKiFp55GGacY2sOK163hhF
ypUPgZ43KUoF2RqdBANzQKUj3/6NBXc9FIW/TR8kgF9j0Wb8eTkEKIIsw5qHw/Vw
EYuER+npO+r3mCWcKSXjR81zKm0QmVWPQijfQIh3d5VC6XT6060N2gh1x16Kqdyh
sU4VhRGnkZJiLZCwWCcvAR417CQff27mdP97H2FoWfxjdDiQjDAFYbAEMDL4hUfL
6SmqVzz+rL+eyY4l0Wa60g5idRveE9QC4vwCImenJrNaMlgSrfLZDoQ0h61a5E7w
yzreJwItZ2tyZ9lI2/158Ko2bJ5eVtHrmntLMlcCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQwIG6H0ogouOI0TK9l1guJLNyHyTAfBgNVHSMEGDAWgBTDtDUeCklcJu/c
bkFfC7GJ+71u3zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3c3UTFIZ3BKWENidjNHNUJYd3V4aWZ1OWJ0OC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTQvMzdlMzYzLTg0ZDEtNDcwZS05NmEyLTBlZjFjYWM3NDE4ZC8x
L01DQnVoOUtJS0xqaU5FeXZaZFlMaVN6Y2g4ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTQv
MzdlMzYzLTg0ZDEtNDcwZS05NmEyLTBlZjFjYWM3NDE4ZC8xL3c3UTFIZ3BKWENi
djNHNUJYd3V4aWZ1OWJ0OC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEBFBV0AMEA23omDANBgkqhkiG9w0B
AQsFAAOCAQEAnk5FpDRySfepzfYJpNViGZNPsQ58MtGyrOGpAHePznca92mT38V/
/thrAafF9tgVIGqSN1V8A806MTSvvmiWwl3DSlGOf9Wl7HBqzLif1nd1XSZvUW0J
QDXfsP4GUoUDiID78D0OEhL5Yyi1v7zyYRoBcak3/yyVcRdLtO4Fd3erRD0U3q1A
VupbPtsx9b3amUXLlz+OMdV4sChsZxeOdQgFi1yX5fcevYOWKjKSU4tV7FI6iqK9
NIONkthRg3BB7W/EqdW0mrlPULsc861EIjWG9zrC1CzRgmnpmVtE/5xiEiZFc2bA
sgLFNSoi2MXo4Y86I94A/a3nppVXkbIsIg==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:20 2023 by rpki-client on console.sobornost.net