Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/59d808-154f-42ae-af8f-790244508df4/1/CFCkH1R268JBy4M-_49B9fIcTYo.roa
File: CFCkH1R268JBy4M-_49B9fIcTYo.roa (raw, json)
Hash identifier: MxiNJd2DAQ7K2rjmiziBb6vgd+35utdcJAUTB+5/Tis=
Subject key identifier: 08:50:A4:1F:54:76:EB:C2:41:CB:83:3E:FF:8F:41:F5:F2:1C:4D:8A
Certificate issuer: /CN=27516d20ebefd12f072d413c4d2606bdb258691a
Certificate serial: 0184C7D86FD3E262F87F0F77A6F334D14150
Authority key identifier: 27:51:6D:20:EB:EF:D1:2F:07:2D:41:3C:4D:26:06:BD:B2:58:69:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J1FtIOvv0S8HLUE8TSYGvbJYaRo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/59d808-154f-42ae-af8f-790244508df4/1/CFCkH1R268JBy4M-_49B9fIcTYo.roa
Signing time: Wed 30 Nov 2022 09:22:41 +0000
ROA not before: Wed 30 Nov 2022 09:22:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35575
IP address blocks: 185.190.46.0/24 maxlen: 24
185.190.47.0/24 maxlen: 24
193.238.68.0/22 maxlen: 22
195.66.24.0/24 maxlen: 24
195.66.27.0/24 maxlen: 24
195.66.26.0/24 maxlen: 24
195.66.29.0/24 maxlen: 24
195.66.28.0/24 maxlen: 24
195.66.31.0/24 maxlen: 24
195.66.25.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:c7:d8:6f:d3:e2:62:f8:7f:0f:77:a6:f3:34:d1:41:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27516d20ebefd12f072d413c4d2606bdb258691a
Validity
Not Before: Nov 30 09:22:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0850a41f5476ebc241cb833eff8f41f5f21c4d8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:a5:f8:72:73:1e:67:24:46:8c:af:0c:07:73:
e1:47:f1:48:f1:b2:87:69:05:35:e7:5a:1b:ec:4d:
0e:bb:99:93:38:aa:0f:c8:7c:a1:48:5f:94:20:5f:
14:e6:52:55:5a:24:3d:51:cc:ad:c1:16:39:ee:b1:
bd:c0:a6:ff:95:c9:a9:c7:b1:94:60:62:c8:12:5c:
97:54:fa:f8:b2:51:d7:74:42:f3:bf:74:4a:e7:b2:
88:ca:e5:4e:d7:5c:98:09:66:78:27:56:c2:cb:fc:
88:46:83:5a:84:2f:65:e7:5d:1e:5a:b1:02:41:f3:
fe:0f:80:ea:1f:d0:3f:fb:94:85:7e:31:61:c7:2d:
3c:60:c9:76:17:a7:78:e3:65:c6:2b:d9:a6:f4:fe:
e9:38:dc:6b:29:4e:54:bf:fc:14:9a:40:e6:0b:9f:
b2:69:a2:7c:44:52:8f:5f:33:9f:25:4e:90:fb:69:
13:a7:c1:8b:56:26:2c:d5:a5:2e:1a:6e:78:d7:8d:
5b:32:6a:bb:6c:db:07:87:eb:d5:f2:bb:ac:f7:f1:
7b:b0:6b:9e:7a:f1:86:78:14:39:88:39:63:4a:1e:
51:ca:de:5a:0e:12:a3:91:59:83:e3:02:6e:7a:c1:
d8:3f:61:3e:80:35:8d:a2:6a:1f:b3:1d:be:34:ce:
81:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:50:A4:1F:54:76:EB:C2:41:CB:83:3E:FF:8F:41:F5:F2:1C:4D:8A
X509v3 Authority Key Identifier:
keyid:27:51:6D:20:EB:EF:D1:2F:07:2D:41:3C:4D:26:06:BD:B2:58:69:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J1FtIOvv0S8HLUE8TSYGvbJYaRo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/59d808-154f-42ae-af8f-790244508df4/1/CFCkH1R268JBy4M-_49B9fIcTYo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/59d808-154f-42ae-af8f-790244508df4/1/J1FtIOvv0S8HLUE8TSYGvbJYaRo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.190.46.0/23
193.238.68.0/22
195.66.24.0-195.66.29.255
195.66.31.0/24
Signature Algorithm: sha256WithRSAEncryption
29:cd:88:40:1e:39:34:24:a0:a2:ed:fe:32:7d:71:4d:5a:0a:
3e:ea:f2:f6:23:40:61:49:28:1c:65:a6:60:d7:75:58:be:24:
98:e6:14:e0:3e:aa:ec:ed:40:e3:33:f0:30:a3:d8:23:1d:77:
1e:33:6d:8f:8b:e7:43:ec:d6:ff:a4:29:b9:e5:ad:b4:b6:a0:
5f:13:6b:ae:39:59:c8:31:ae:77:b1:1d:ed:90:09:8d:9c:f6:
22:2d:86:7b:b9:b9:3c:61:c3:11:bb:64:f6:f7:2d:5d:9b:e1:
70:03:f3:5a:22:fc:1f:13:35:2f:14:cd:4a:e1:82:41:44:e0:
48:3d:f3:e6:91:c9:b2:db:3b:ce:15:a4:07:5e:32:59:99:39:
4e:86:11:f5:8d:9d:5c:89:1c:45:36:90:d9:bd:65:74:93:e4:
fc:38:97:91:b6:14:68:92:1e:6c:ea:82:ec:b5:66:22:df:04:
5a:bd:56:ae:47:ec:21:7d:68:5e:92:d1:9d:7e:44:19:d8:d3:
86:0e:ae:06:f6:f4:61:7b:1e:22:57:4c:1b:15:2c:1f:d6:bb:
1a:28:87:55:49:80:75:0d:81:cc:0c:d7:cf:b1:93:61:21:a1:
cc:60:c4:8d:f9:f2:0e:b1:5e:6b:0f:44:00:19:1c:74:d2:ae:
3e:d7:f6:43
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYTH2G/T4mL4fw93pvM00UFQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3NTE2ZDIwZWJlZmQxMmYwNzJkNDEzYzRkMjYwNmJkYjI1
ODY5MWEwHhcNMjIxMTMwMDkyMjQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODUwYTQxZjU0NzZlYmMyNDFjYjgzM2VmZjhmNDFmNWYyMWM0ZDhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwqX4cnMeZyRGjK8MB3PhR/FI8bKH
aQU151ob7E0Ou5mTOKoPyHyhSF+UIF8U5lJVWiQ9UcytwRY57rG9wKb/lcmpx7GU
YGLIElyXVPr4slHXdELzv3RK57KIyuVO11yYCWZ4J1bCy/yIRoNahC9l510eWrEC
QfP+D4DqH9A/+5SFfjFhxy08YMl2F6d442XGK9mm9P7pONxrKU5Uv/wUmkDmC5+y
aaJ8RFKPXzOfJU6Q+2kTp8GLViYs1aUuGm54141bMmq7bNsHh+vV8rus9/F7sGue
evGGeBQ5iDljSh5Ryt5aDhKjkVmD4wJuesHYP2E+gDWNomofsx2+NM6BawIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFAhQpB9UduvCQcuDPv+PQfXyHE2KMB8GA1UdIwQY
MBaAFCdRbSDr79EvBy1BPE0mBr2yWGkaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjFGdElPdnYwUzhITFVFOFRTWUd2YkpZYVJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy81OWQ4MDgtMTU0Zi00MmFlLWFmOGYt
NzkwMjQ0NTA4ZGY0LzEvQ0ZDa0gxUjI2OEpCeTRNLV80OUI5ZkljVFlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy81OWQ4MDgtMTU0Zi00MmFlLWFmOGYtNzkwMjQ0NTA4ZGY0
LzEvSjFGdElPdnYwUzhITFVFOFRTWUd2YkpZYVJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQBub4uAwQC
we5EMAwDBAPDQhgDBAHDQhwDBADDQh8wDQYJKoZIhvcNAQELBQADggEBACnNiEAe
OTQkoKLt/jJ9cU1aCj7q8vYjQGFJKBxlpmDXdVi+JJjmFOA+quztQOMz8DCj2CMd
dx4zbY+L50Ps1v+kKbnlrbS2oF8Ta645WcgxrnexHe2QCY2c9iIthnu5uTxhwxG7
ZPb3LV2b4XAD81oi/B8TNS8UzUrhgkFE4Eg98+aRybLbO84VpAdeMlmZOU6GEfWN
nVyJHEU2kNm9ZXST5Pw4l5G2FGiSHmzqguy1ZiLfBFq9Vq5H7CF9aF6S0Z1+RBnY
04YOrgb29GF7HiJXTBsVLB/Wuxooh1VJgHUNgcwM18+xk2EhocxgxI358g6xXmsP
RAAZHHTSrj7X9kM=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:43 2023 by rpki-client on console.sobornost.net