Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/a1c6c0-e754-479e-851d-0d0da0d10432/1/LcqSbErfBqph8HHIiJ8HS1-KI0M.roa
File: LcqSbErfBqph8HHIiJ8HS1-KI0M.roa (raw, json)
Hash identifier: nhO6F5GYO6uq0ng1BysZLGPNSn5jxMwc7Pgllw9XuW8=
Subject key identifier: 2D:CA:92:6C:4A:DF:06:AA:61:F0:71:C8:88:9F:07:4B:5F:8A:23:43
Certificate issuer: /CN=c1bf8f3e609072889e74dd0fb4e27f9bac47b3b0
Certificate serial: 17E15B87
Authority key identifier: C1:BF:8F:3E:60:90:72:88:9E:74:DD:0F:B4:E2:7F:9B:AC:47:B3:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wb-PPmCQcoiedN0PtOJ_m6xHs7A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/a1c6c0-e754-479e-851d-0d0da0d10432/1/LcqSbErfBqph8HHIiJ8HS1-KI0M.roa
Signing time: Sat 01 Jan 2022 04:55:19 +0000
ROA not before: Sat 01 Jan 2022 04:55:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44668
IP address blocks: 46.33.44.0/22 maxlen: 22
46.33.45.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 400644999 (0x17e15b87)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1bf8f3e609072889e74dd0fb4e27f9bac47b3b0
Validity
Not Before: Jan 1 04:55:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2dca926c4adf06aa61f071c8889f074b5f8a2343
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:ba:13:95:79:12:d6:40:ef:51:fe:44:f8:e7:
c0:d6:fb:00:09:a6:18:6f:31:78:5a:9c:ed:b5:d7:
c0:8b:51:62:43:48:f6:bd:dc:76:f2:35:8b:da:39:
6f:07:35:93:1d:45:28:25:4a:4b:1d:42:cf:3d:af:
33:5b:20:16:38:d9:81:e9:47:a5:9b:bd:03:20:85:
ea:72:31:26:1f:e4:be:04:9d:3c:5c:c8:0a:62:6e:
07:fb:c3:be:c3:64:a6:d1:24:ec:7a:9e:70:57:8f:
25:da:f4:03:f8:ca:21:9a:44:6c:54:43:97:00:df:
ea:18:bf:87:79:b1:72:d4:85:0a:d7:7c:0f:47:cb:
5f:ca:e5:44:d9:a2:06:77:8d:15:10:b6:10:7c:da:
f8:01:9c:88:89:eb:33:cd:11:10:19:1c:8a:e8:9f:
d9:9b:1a:4d:af:c7:df:1b:bc:3a:77:32:c4:08:85:
3c:16:29:64:30:47:5c:3f:b1:03:de:d3:d1:55:79:
3f:93:ce:08:83:34:ab:db:28:85:05:a3:b5:42:19:
12:fe:a3:25:c2:03:c8:a9:f6:db:02:11:60:03:47:
09:94:6a:90:c1:07:59:9c:93:51:5d:1b:7f:e4:1c:
6c:c0:20:2b:fd:27:0f:22:a7:cb:d4:ff:85:d6:d2:
b1:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:CA:92:6C:4A:DF:06:AA:61:F0:71:C8:88:9F:07:4B:5F:8A:23:43
X509v3 Authority Key Identifier:
keyid:C1:BF:8F:3E:60:90:72:88:9E:74:DD:0F:B4:E2:7F:9B:AC:47:B3:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wb-PPmCQcoiedN0PtOJ_m6xHs7A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/a1c6c0-e754-479e-851d-0d0da0d10432/1/LcqSbErfBqph8HHIiJ8HS1-KI0M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/a1c6c0-e754-479e-851d-0d0da0d10432/1/wb-PPmCQcoiedN0PtOJ_m6xHs7A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.33.44.0/22
Signature Algorithm: sha256WithRSAEncryption
85:a1:cb:cd:78:9f:4e:7b:6c:d0:81:cf:68:e2:73:1a:a8:49:
da:d1:b8:34:85:d1:fe:e1:ba:d4:ad:ef:29:50:78:b8:3f:b0:
7b:bb:d9:5c:02:e7:6c:2b:02:fc:03:e3:a0:e9:be:10:2b:b1:
bb:bc:59:07:f3:17:23:22:10:92:bd:26:03:17:73:7d:10:9a:
14:61:4a:52:48:cc:e6:04:d6:1b:ca:25:64:d0:12:77:9c:e2:
5c:c3:f1:59:b1:e1:73:5d:8b:14:a4:c4:a1:1e:fc:32:5d:32:
23:f9:ae:5d:76:49:ca:1c:c7:8e:d0:0a:fa:0c:72:7b:04:5a:
6b:8b:9b:ad:a6:86:64:e8:a8:50:d3:b7:94:4a:2a:00:f3:63:
15:b6:80:50:7d:09:3d:10:23:54:c2:a3:20:3f:fd:1f:22:5b:
d5:a2:c8:a1:0a:1c:56:ef:a0:72:f2:26:e6:42:f5:c1:ec:06:
91:a4:dc:38:b5:c6:7a:f0:4e:30:9c:4f:2f:38:fe:0e:bf:5f:
05:a4:d9:67:05:46:02:cd:95:f4:ae:0d:5e:b2:09:d2:b5:37:
c4:ce:57:f2:f5:d6:7d:5d:7b:8f:d7:82:35:ff:8d:bf:96:e5:
9d:1d:9f:97:ba:fc:c4:a0:02:0f:45:40:df:c5:df:4b:17:96:
c8:ff:17:05
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEF+FbhzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
MWJmOGYzZTYwOTA3Mjg4OWU3NGRkMGZiNGUyN2Y5YmFjNDdiM2IwMB4XDTIyMDEw
MTA0NTUxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmRjYTkyNmM0YWRm
MDZhYTYxZjA3MWM4ODg5ZjA3NGI1ZjhhMjM0MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL66E5V5EtZA71H+RPjnwNb7AAmmGG8xeFqc7bXXwItRYkNI
9r3cdvI1i9o5bwc1kx1FKCVKSx1Czz2vM1sgFjjZgelHpZu9AyCF6nIxJh/kvgSd
PFzICmJuB/vDvsNkptEk7HqecFePJdr0A/jKIZpEbFRDlwDf6hi/h3mxctSFCtd8
D0fLX8rlRNmiBneNFRC2EHza+AGciInrM80REBkciuif2ZsaTa/H3xu8OncyxAiF
PBYpZDBHXD+xA97T0VV5P5POCIM0q9sohQWjtUIZEv6jJcIDyKn22wIRYANHCZRq
kMEHWZyTUV0bf+QcbMAgK/0nDyKny9T/hdbSsfsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQtypJsSt8GqmHwcciInwdLX4ojQzAfBgNVHSMEGDAWgBTBv48+YJByiJ50
3Q+04n+brEezsDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3diLVBQbUNRY29pZWROMFB0T0pfbTZ4SHM3QS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmEvYTFjNmMwLWU3NTQtNDc5ZS04NTFkLTBkMGRhMGQxMDQzMi8x
L0xjcVNiRXJmQnFwaDhISElpSjhIUzEtS0kwTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmEv
YTFjNmMwLWU3NTQtNDc5ZS04NTFkLTBkMGRhMGQxMDQzMi8xL3diLVBQbUNRY29p
ZWROMFB0T0pfbTZ4SHM3QS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi4hLDANBgkqhkiG9w0BAQsFAAOC
AQEAhaHLzXifTnts0IHPaOJzGqhJ2tG4NIXR/uG61K3vKVB4uD+we7vZXALnbCsC
/APjoOm+ECuxu7xZB/MXIyIQkr0mAxdzfRCaFGFKUkjM5gTWG8olZNASd5ziXMPx
WbHhc12LFKTEoR78Ml0yI/muXXZJyhzHjtAK+gxyewRaa4ubraaGZOioUNO3lEoq
APNjFbaAUH0JPRAjVMKjID/9HyJb1aLIoQocVu+gcvIm5kL1wewGkaTcOLXGevBO
MJxPLzj+Dr9fBaTZZwVGAs2V9K4NXrIJ0rU3xM5X8vXWfV17j9eCNf+Nv5blnR2f
l7r8xKACD0VA38XfSxeWyP8XBQ==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:28 2023 by rpki-client on console.sobornost.net