Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/80d9df-eaf3-48b6-8fd5-0acc892b11d2/1/M0ShD0QRYX7o0Ap9c3q7zXr5EFI.roa
File: M0ShD0QRYX7o0Ap9c3q7zXr5EFI.roa (raw, json)
Hash identifier: Qzz5ToC2OHgx3pj8NHDdmTYzgpQXYVLxmpBuAWf0KdY=
Subject key identifier: 33:44:A1:0F:44:11:61:7E:E8:D0:0A:7D:73:7A:BB:CD:7A:F9:10:52
Certificate issuer: /CN=4f36103344fcd3b5759f2db3f3c7071376f9e233
Certificate serial: 070C1A33
Authority key identifier: 4F:36:10:33:44:FC:D3:B5:75:9F:2D:B3:F3:C7:07:13:76:F9:E2:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TzYQM0T807V1ny2z88cHE3b54jM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/80d9df-eaf3-48b6-8fd5-0acc892b11d2/1/M0ShD0QRYX7o0Ap9c3q7zXr5EFI.roa
Signing time: Tue 17 May 2022 11:00:30 +0000
ROA not before: Tue 17 May 2022 11:00:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8990
IP address blocks: 212.92.0.0/19 maxlen: 19
82.150.32.0/19 maxlen: 19
91.144.64.0/18 maxlen: 24
95.171.64.0/19 maxlen: 19
109.199.32.0/19 maxlen: 24
109.199.46.0/24 maxlen: 24
109.199.57.0/24 maxlen: 24
91.144.121.0/24 maxlen: 24
109.199.58.0/24 maxlen: 24
109.199.62.0/24 maxlen: 24
109.199.61.0/24 maxlen: 24
2a03:9900:2::/48 maxlen: 48
2a03:9900:1::/48 maxlen: 48
2a03:9900::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 118233651 (0x70c1a33)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f36103344fcd3b5759f2db3f3c7071376f9e233
Validity
Not Before: May 17 11:00:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3344a10f4411617ee8d00a7d737abbcd7af91052
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:ee:0f:55:2f:f1:ab:a0:06:ca:ec:0a:7b:be:
70:52:60:7a:68:d9:58:66:d8:10:a1:bc:06:ea:94:
41:85:7b:c3:36:aa:70:b0:0c:90:f2:d5:8b:54:b3:
63:29:4f:e7:18:3e:86:eb:4b:fa:62:30:24:e3:bf:
dc:c4:32:04:cc:76:bb:c1:c3:c4:1c:29:27:40:d2:
04:6a:a9:15:39:92:9b:03:be:9f:42:a4:9c:f4:75:
0e:0d:11:ad:eb:56:a8:1b:a8:05:c4:64:46:07:6c:
54:11:f3:c9:b3:cc:79:f2:86:71:f9:2c:47:a5:a3:
95:87:ac:71:b5:05:c2:b0:a6:85:27:9b:87:42:9f:
49:40:d4:68:33:9a:00:d6:ed:c8:27:ac:02:20:e5:
f5:7b:29:43:91:0a:9f:d4:dc:2d:3c:60:ac:0f:45:
d0:b4:70:53:4c:d8:7b:d4:67:b4:4c:17:08:3b:00:
66:af:89:cc:fa:21:b6:72:6f:dd:88:9a:a9:c3:30:
65:5b:c3:ff:7f:2f:0f:6d:df:6d:10:a5:87:96:fd:
0b:59:d2:a3:79:f5:a4:cb:fa:60:4b:4c:56:05:7e:
2b:5f:16:54:e4:aa:36:5b:91:e4:67:57:de:17:9a:
de:ef:35:05:df:2c:71:7b:fd:26:d6:27:95:34:1b:
7b:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:44:A1:0F:44:11:61:7E:E8:D0:0A:7D:73:7A:BB:CD:7A:F9:10:52
X509v3 Authority Key Identifier:
keyid:4F:36:10:33:44:FC:D3:B5:75:9F:2D:B3:F3:C7:07:13:76:F9:E2:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TzYQM0T807V1ny2z88cHE3b54jM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/80d9df-eaf3-48b6-8fd5-0acc892b11d2/1/M0ShD0QRYX7o0Ap9c3q7zXr5EFI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/80d9df-eaf3-48b6-8fd5-0acc892b11d2/1/TzYQM0T807V1ny2z88cHE3b54jM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.150.32.0/19
91.144.64.0/18
95.171.64.0/19
109.199.32.0/19
212.92.0.0/19
IPv6:
2a03:9900::/32
Signature Algorithm: sha256WithRSAEncryption
0f:76:c4:79:08:3c:d7:39:45:36:45:aa:db:e5:87:b5:14:c1:
80:6c:95:cd:7b:3b:1d:8a:bf:8c:0a:1c:e6:fc:d7:be:b6:0d:
33:62:dd:6d:d5:0a:76:fc:4e:d0:a8:a9:08:a5:c7:ec:64:dd:
1f:9a:e3:56:2e:55:75:0d:eb:e1:67:21:81:78:65:ca:f3:af:
75:00:aa:c6:d7:cc:44:19:07:ee:1f:78:61:22:a6:38:f5:79:
18:c9:a7:46:ef:cb:83:c7:67:95:e3:99:77:fb:4f:b3:b5:89:
af:da:d3:e8:04:a7:bc:69:e7:2f:08:f6:7b:b7:79:71:39:c9:
67:02:e9:56:ae:df:e4:c0:2f:19:96:a6:96:59:c8:98:c3:d5:
34:89:62:2e:a2:be:b4:28:db:0f:4d:4d:17:f3:32:2a:b2:f4:
49:f0:ca:7e:4d:27:01:28:33:1a:c2:2f:49:98:00:fa:be:dc:
84:a2:26:1a:61:7e:d1:ba:bf:92:0b:d4:3f:b6:c9:2c:c8:08:
c5:86:fa:0d:70:f0:9d:df:fa:28:ba:92:c0:dd:1e:13:e5:fc:
a4:7c:33:f7:96:11:d8:df:d7:ed:13:2f:8f:9e:4c:f9:ed:9e:
fc:60:82:9c:e5:84:d7:50:48:dc:52:28:6a:03:04:78:2e:8d:
f4:1c:4b:e0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIEBwwaMzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
ZjM2MTAzMzQ0ZmNkM2I1NzU5ZjJkYjNmM2M3MDcxMzc2ZjllMjMzMB4XDTIyMDUx
NzExMDAzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzM0NGExMGY0NDEx
NjE3ZWU4ZDAwYTdkNzM3YWJiY2Q3YWY5MTA1MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK7uD1Uv8augBsrsCnu+cFJgemjZWGbYEKG8BuqUQYV7wzaq
cLAMkPLVi1SzYylP5xg+hutL+mIwJOO/3MQyBMx2u8HDxBwpJ0DSBGqpFTmSmwO+
n0KknPR1Dg0RretWqBuoBcRkRgdsVBHzybPMefKGcfksR6WjlYescbUFwrCmhSeb
h0KfSUDUaDOaANbtyCesAiDl9XspQ5EKn9TcLTxgrA9F0LRwU0zYe9RntEwXCDsA
Zq+JzPohtnJv3YiaqcMwZVvD/38vD23fbRClh5b9C1nSo3n1pMv6YEtMVgV+K18W
VOSqNluR5GdX3hea3u81Bd8scXv9JtYnlTQbe5cCAwEAAaOCAjAwggIsMB0GA1Ud
DgQWBBQzRKEPRBFhfujQCn1zervNevkQUjAfBgNVHSMEGDAWgBRPNhAzRPzTtXWf
LbPzxwcTdvniMzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1R6WVFNMFQ4MDdWMW55Mno4OGNIRTNiNTRqTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmMvODBkOWRmLWVhZjMtNDhiNi04ZmQ1LTBhY2M4OTJiMTFkMi8x
L00wU2hEMFFSWVg3bzBBcDljM3E3elhyNUVGSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmMv
ODBkOWRmLWVhZjMtNDhiNi04ZmQ1LTBhY2M4OTJiMTFkMi8xL1R6WVFNMFQ4MDdW
MW55Mno4OGNIRTNiNTRqTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBG
BggrBgEFBQcBBwEB/wQ3MDUwJAQCAAEwHgMEBVKWIAMEBluQQAMEBV+rQAMEBW3H
IAMEBdRcADANBAIAAjAHAwUAKgOZADANBgkqhkiG9w0BAQsFAAOCAQEAD3bEeQg8
1zlFNkWq2+WHtRTBgGyVzXs7HYq/jAoc5vzXvrYNM2LdbdUKdvxO0KipCKXH7GTd
H5rjVi5VdQ3r4WchgXhlyvOvdQCqxtfMRBkH7h94YSKmOPV5GMmnRu/Lg8dnleOZ
d/tPs7WJr9rT6ASnvGnnLwj2e7d5cTnJZwLpVq7f5MAvGZamllnImMPVNIliLqK+
tCjbD01NF/MyKrL0SfDKfk0nASgzGsIvSZgA+r7chKImGmF+0bq/kgvUP7bJLMgI
xYb6DXDwnd/6KLqSwN0eE+X8pHwz95YR2N/X7RMvj55M+e2e/GCCnOWE11BI3FIo
agMEeC6N9BxL4A==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:35 2023 by rpki-client on console.sobornost.net