Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/b19811-fa23-47b0-b577-17698f88c3bd/1/b0i--yzibNC__gCPOHI9FS3PmXc.roa
File: b0i--yzibNC__gCPOHI9FS3PmXc.roa (raw, json)
Hash identifier: vwZmf8aqnnpak1fgZVkckNjWcrfaKjQL/C32T2ZHyU4=
Subject key identifier: 6F:48:BE:FB:2C:E2:6C:D0:BF:FE:00:8F:38:72:3D:15:2D:CF:99:77
Certificate issuer: /CN=2aa14bff83480d10cd0fbebb80b2cb5091fcf82f
Certificate serial: 08E6BEA4
Authority key identifier: 2A:A1:4B:FF:83:48:0D:10:CD:0F:BE:BB:80:B2:CB:50:91:FC:F8:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KqFL_4NIDRDND767gLLLUJH8-C8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/b19811-fa23-47b0-b577-17698f88c3bd/1/b0i--yzibNC__gCPOHI9FS3PmXc.roa
Signing time: Sat 01 Jan 2022 06:54:39 +0000
ROA not before: Sat 01 Jan 2022 06:54:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47562
IP address blocks: 94.198.32.0/21 maxlen: 24
62.122.144.0/21 maxlen: 24
185.46.96.0/22 maxlen: 24
93.91.112.0/20 maxlen: 24
46.175.192.0/21 maxlen: 24
2a03:ce80::/32 maxlen: 56
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 149339812 (0x8e6bea4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2aa14bff83480d10cd0fbebb80b2cb5091fcf82f
Validity
Not Before: Jan 1 06:54:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6f48befb2ce26cd0bffe008f38723d152dcf9977
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:bf:e8:5a:91:2d:19:f4:ff:c8:a2:85:f1:c2:
22:b2:85:2b:6d:2b:f9:dc:e4:d7:a9:80:84:54:7b:
2a:a1:74:04:27:f8:0d:98:44:9e:98:6b:e8:b6:50:
4b:38:9f:37:34:fa:9f:68:cd:a8:19:3d:0f:1f:53:
39:36:a8:34:5d:d4:63:cf:c0:2c:90:0c:a6:38:94:
83:66:3a:c5:ca:21:dc:94:48:06:0a:10:81:fa:b1:
bf:1c:51:cc:dd:e4:e7:0e:c4:af:56:53:16:c8:31:
dc:79:fb:5a:0c:05:52:4f:66:b8:2b:a5:83:7f:e0:
e9:0d:28:e8:8a:c0:05:76:ad:90:a1:e4:3b:73:99:
c9:46:19:ed:df:0e:cb:01:d0:b4:75:24:a2:b9:25:
53:cd:85:b5:c9:38:ef:b0:5c:2a:e8:0f:9a:a6:1f:
02:7f:ec:1b:97:e8:eb:70:17:84:3d:6a:a4:53:d1:
04:3b:65:8d:b0:81:8e:5a:6a:cb:9b:46:6b:6d:f8:
c8:9c:56:7f:f8:de:ec:ed:35:08:d7:06:28:f4:bc:
46:e6:54:02:15:2b:a3:b2:af:a4:d6:86:46:9a:14:
cf:3d:89:31:cd:01:3f:56:e9:66:63:ae:ec:4c:13:
43:7c:b1:a5:de:8e:7e:59:20:8f:79:54:ac:93:7e:
44:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:48:BE:FB:2C:E2:6C:D0:BF:FE:00:8F:38:72:3D:15:2D:CF:99:77
X509v3 Authority Key Identifier:
keyid:2A:A1:4B:FF:83:48:0D:10:CD:0F:BE:BB:80:B2:CB:50:91:FC:F8:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KqFL_4NIDRDND767gLLLUJH8-C8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/b19811-fa23-47b0-b577-17698f88c3bd/1/b0i--yzibNC__gCPOHI9FS3PmXc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/b19811-fa23-47b0-b577-17698f88c3bd/1/KqFL_4NIDRDND767gLLLUJH8-C8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.175.192.0/21
62.122.144.0/21
93.91.112.0/20
94.198.32.0/21
185.46.96.0/22
IPv6:
2a03:ce80::/32
Signature Algorithm: sha256WithRSAEncryption
0e:ab:07:e6:3a:4b:ac:3d:16:2c:16:01:1c:eb:1b:7f:d6:2b:
5f:74:f0:b5:08:19:0d:f1:05:42:46:46:7a:4f:26:57:9e:27:
bf:a5:05:5e:59:06:0a:83:92:23:e1:a7:57:4e:b4:23:fc:12:
81:80:e9:e5:19:6f:ca:c3:82:8b:d8:0a:cb:e2:9a:fe:a2:20:
9b:e0:44:14:38:e2:2a:77:eb:e6:70:96:6e:50:32:4f:9c:17:
e1:a6:cb:df:a7:6a:46:60:6e:ae:7a:83:0c:18:ea:04:f4:fa:
da:77:cc:27:1c:1a:03:41:35:25:2e:1c:96:8a:39:e6:5a:a6:
10:ed:04:81:8f:71:7a:3e:1b:cf:9a:77:8e:45:7f:c9:58:52:
25:13:48:8f:9f:0b:9f:83:7b:28:a5:97:68:dd:18:30:cd:a4:
01:d5:07:43:c2:7b:40:e0:05:ec:d5:bf:0d:ed:00:e5:5a:9a:
3d:56:99:66:8d:5b:b6:c2:81:53:2d:c6:27:5f:b5:b5:8f:55:
5f:1a:3d:0c:dc:1b:a9:00:1d:8f:cf:90:0b:b0:60:1e:3b:06:
75:f4:f3:a8:9f:9b:58:7b:63:79:02:b3:cf:77:47:2e:48:79:
14:77:da:1b:9b:42:45:de:be:18:5c:22:bd:08:12:41:2f:e8:
21:09:90:78
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIECOa+pDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
YWExNGJmZjgzNDgwZDEwY2QwZmJlYmI4MGIyY2I1MDkxZmNmODJmMB4XDTIyMDEw
MTA2NTQzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmY0OGJlZmIyY2Uy
NmNkMGJmZmUwMDhmMzg3MjNkMTUyZGNmOTk3NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN6/6FqRLRn0/8iihfHCIrKFK20r+dzk16mAhFR7KqF0BCf4
DZhEnphr6LZQSzifNzT6n2jNqBk9Dx9TOTaoNF3UY8/ALJAMpjiUg2Y6xcoh3JRI
BgoQgfqxvxxRzN3k5w7Er1ZTFsgx3Hn7WgwFUk9muCulg3/g6Q0o6IrABXatkKHk
O3OZyUYZ7d8OywHQtHUkorklU82Ftck477BcKugPmqYfAn/sG5fo63AXhD1qpFPR
BDtljbCBjlpqy5tGa234yJxWf/je7O01CNcGKPS8RuZUAhUro7KvpNaGRpoUzz2J
Mc0BP1bpZmOu7EwTQ3yxpd6Oflkgj3lUrJN+RIkCAwEAAaOCAjAwggIsMB0GA1Ud
DgQWBBRvSL77LOJs0L/+AI84cj0VLc+ZdzAfBgNVHSMEGDAWgBQqoUv/g0gNEM0P
vruAsstQkfz4LzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0txRkxfNE5JRFJETkQ3NjdnTExMVUpIOC1DOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjIvYjE5ODExLWZhMjMtNDdiMC1iNTc3LTE3Njk4Zjg4YzNiZC8x
L2IwaS0teXppYk5DX19nQ1BPSEk5RlMzUG1YYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjIv
YjE5ODExLWZhMjMtNDdiMC1iNTc3LTE3Njk4Zjg4YzNiZC8xL0txRkxfNE5JRFJE
TkQ3NjdnTExMVUpIOC1DOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBG
BggrBgEFBQcBBwEB/wQ3MDUwJAQCAAEwHgMEAy6vwAMEAz56kAMEBF1bcAMEA17G
IAMEArkuYDANBAIAAjAHAwUAKgPOgDANBgkqhkiG9w0BAQsFAAOCAQEADqsH5jpL
rD0WLBYBHOsbf9YrX3TwtQgZDfEFQkZGek8mV54nv6UFXlkGCoOSI+GnV060I/wS
gYDp5RlvysOCi9gKy+Ka/qIgm+BEFDjiKnfr5nCWblAyT5wX4abL36dqRmBurnqD
DBjqBPT62nfMJxwaA0E1JS4cloo55lqmEO0EgY9xej4bz5p3jkV/yVhSJRNIj58L
n4N7KKWXaN0YMM2kAdUHQ8J7QOAF7NW/De0A5VqaPVaZZo1btsKBUy3GJ1+1tY9V
Xxo9DNwbqQAdj8+QC7BgHjsGdfTzqJ+bWHtjeQKzz3dHLkh5FHfaG5tCRd6+GFwi
vQgSQS/oIQmQeA==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:39 2023 by rpki-client on console.sobornost.net