Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/10edef-253d-49b1-969e-5ca8ac18096d/1/bbt7eHaJWog9rP0IY50ljVZXNjA.roa
File: bbt7eHaJWog9rP0IY50ljVZXNjA.roa (raw, json)
Hash identifier: jfPuQ287isuOcH3wjri/PritlZ1IuXkMdSpzGlsvOoU=
Subject key identifier: 6D:BB:7B:78:76:89:5A:88:3D:AC:FD:08:63:9D:25:8D:56:57:36:30
Certificate issuer: /CN=50ea5acb447b2ceb932a03f290082dc76f8e40e3
Certificate serial: 15C5514E
Authority key identifier: 50:EA:5A:CB:44:7B:2C:EB:93:2A:03:F2:90:08:2D:C7:6F:8E:40:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UOpay0R7LOuTKgPykAgtx2-OQOM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/10edef-253d-49b1-969e-5ca8ac18096d/1/bbt7eHaJWog9rP0IY50ljVZXNjA.roa
Signing time: Sat 01 Jan 2022 08:58:21 +0000
ROA not before: Sat 01 Jan 2022 08:58:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25512
IP address blocks: 85.13.64.0/18 maxlen: 18
195.146.96.0/19 maxlen: 19
131.117.192.0/21 maxlen: 21
212.11.96.0/19 maxlen: 19
82.117.128.0/19 maxlen: 19
85.184.16.0/20 maxlen: 20
185.134.0.0/22 maxlen: 22
213.235.128.0/18 maxlen: 18
89.203.128.0/17 maxlen: 17
82.202.64.0/18 maxlen: 18
81.19.32.0/20 maxlen: 20
2001:1a48::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 365252942 (0x15c5514e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=50ea5acb447b2ceb932a03f290082dc76f8e40e3
Validity
Not Before: Jan 1 08:58:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6dbb7b7876895a883dacfd08639d258d56573630
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:9e:a6:30:a1:c7:ec:5a:ef:7f:da:c8:32:05:
ba:7e:2b:fc:d7:63:15:e1:74:a4:6a:30:80:b2:e4:
57:2a:89:fb:76:8c:8c:34:31:96:d9:53:5c:d7:53:
83:e9:24:bf:da:f0:42:83:97:ba:bc:bf:bf:3e:f3:
74:83:d3:27:a6:d4:1a:cc:31:92:af:87:a9:12:c1:
74:e2:48:00:3b:9b:eb:c2:d5:96:42:99:31:8c:d4:
6d:d5:a3:43:10:33:34:4f:a6:76:ca:a7:8d:93:f4:
a2:7c:16:db:c0:2d:51:95:bb:7a:01:68:ef:fb:03:
37:3c:4d:d8:71:10:42:cd:9a:e8:9f:7d:49:e8:4f:
2f:2f:9d:9e:88:60:71:22:d2:3b:e8:82:4f:5f:4c:
ce:ec:9f:75:15:c0:e5:8a:91:ea:27:99:08:0b:3c:
dd:87:fd:3d:e0:a5:e9:04:06:d5:c6:ad:08:f2:18:
0f:8c:a1:c6:c9:60:73:ab:4b:2e:25:94:98:2a:2d:
3d:61:34:c8:9c:fa:ad:2c:13:e0:b2:27:74:cb:af:
18:29:d7:3e:1d:90:56:c8:93:69:26:7e:95:0e:0c:
ab:d7:a1:11:33:e1:c9:cb:0b:69:ff:53:fc:5c:19:
1d:ab:e5:7c:51:fa:6c:13:bf:bf:1a:18:fd:2f:23:
9c:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:BB:7B:78:76:89:5A:88:3D:AC:FD:08:63:9D:25:8D:56:57:36:30
X509v3 Authority Key Identifier:
keyid:50:EA:5A:CB:44:7B:2C:EB:93:2A:03:F2:90:08:2D:C7:6F:8E:40:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UOpay0R7LOuTKgPykAgtx2-OQOM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/10edef-253d-49b1-969e-5ca8ac18096d/1/bbt7eHaJWog9rP0IY50ljVZXNjA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/10edef-253d-49b1-969e-5ca8ac18096d/1/UOpay0R7LOuTKgPykAgtx2-OQOM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.32.0/20
82.117.128.0/19
82.202.64.0/18
85.13.64.0/18
85.184.16.0/20
89.203.128.0/17
131.117.192.0/21
185.134.0.0/22
195.146.96.0/19
212.11.96.0/19
213.235.128.0/18
IPv6:
2001:1a48::/32
Signature Algorithm: sha256WithRSAEncryption
6c:a7:e0:44:88:11:47:f1:83:c5:b5:7e:4a:0c:dc:eb:82:a6:
0b:17:a9:f1:a7:d2:f2:64:05:db:3e:6c:81:6b:d9:23:ee:32:
93:57:5d:ec:83:3d:ca:70:85:a6:1e:e6:c0:9a:30:f9:51:b6:
01:b6:01:32:10:e8:7c:fc:44:74:89:5c:18:2e:0c:cb:81:dc:
b4:f2:6c:5b:8d:c3:12:2e:68:de:bd:84:27:3e:bf:e7:ce:2d:
43:b3:e6:b3:2a:db:64:5f:e3:66:30:4e:41:42:dd:ef:79:2c:
57:8f:ab:91:d6:9e:10:01:ad:8d:c0:5d:bc:57:a4:4f:2f:48:
ed:86:44:6a:4c:26:44:56:e9:96:00:c1:67:32:30:d0:e1:81:
a4:0b:e0:b4:79:7f:66:e3:30:71:81:8c:54:9d:cf:fb:d2:11:
12:5d:4f:96:0e:68:91:36:0a:8f:b5:83:c7:65:53:c0:12:86:
0c:03:80:3d:9f:79:36:2d:59:5d:8d:f8:be:ce:9a:34:51:d3:
6d:d6:ab:a0:b9:1b:46:88:e7:ff:74:a6:92:28:23:3c:fc:c7:
ee:7e:e8:5a:d1:fb:70:ae:4d:f5:c6:59:a0:d6:3c:f9:c2:f4:
70:70:ad:ef:95:16:16:70:01:cd:e3:89:ed:bd:d7:a3:34:9f:
36:1f:96:d7
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIEFcVRTjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
MGVhNWFjYjQ0N2IyY2ViOTMyYTAzZjI5MDA4MmRjNzZmOGU0MGUzMB4XDTIyMDEw
MTA4NTgyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmRiYjdiNzg3Njg5
NWE4ODNkYWNmZDA4NjM5ZDI1OGQ1NjU3MzYzMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMSepjChx+xa73/ayDIFun4r/NdjFeF0pGowgLLkVyqJ+3aM
jDQxltlTXNdTg+kkv9rwQoOXury/vz7zdIPTJ6bUGswxkq+HqRLBdOJIADub68LV
lkKZMYzUbdWjQxAzNE+mdsqnjZP0onwW28AtUZW7egFo7/sDNzxN2HEQQs2a6J99
SehPLy+dnohgcSLSO+iCT19MzuyfdRXA5YqR6ieZCAs83Yf9PeCl6QQG1catCPIY
D4yhxslgc6tLLiWUmCotPWE0yJz6rSwT4LIndMuvGCnXPh2QVsiTaSZ+lQ4Mq9eh
ETPhycsLaf9T/FwZHavlfFH6bBO/vxoY/S8jnNECAwEAAaOCAlQwggJQMB0GA1Ud
DgQWBBRtu3t4dolaiD2s/QhjnSWNVlc2MDAfBgNVHSMEGDAWgBRQ6lrLRHss65Mq
A/KQCC3Hb45A4zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1VPcGF5MFI3TE91VEtnUHlrQWd0eDItT1FPTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmYvMTBlZGVmLTI1M2QtNDliMS05NjllLTVjYThhYzE4MDk2ZC8x
L2JidDdlSGFKV29nOXJQMElZNTBsalZaWE5qQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmYv
MTBlZGVmLTI1M2QtNDliMS05NjllLTVjYThhYzE4MDk2ZC8xL1VPcGF5MFI3TE91
VEtnUHlrQWd0eDItT1FPTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBq
BggrBgEFBQcBBwEB/wRbMFkwSAQCAAEwQgMEBFETIAMEBVJ1gAMEBlLKQAMEBlUN
QAMEBFW4EAMEB1nLgAMEA4N1wAMEArmGAAMEBcOSYAMEBdQLYAMEBtXrgDANBAIA
AjAHAwUAIAEaSDANBgkqhkiG9w0BAQsFAAOCAQEAbKfgRIgRR/GDxbV+Sgzc64Km
Cxep8afS8mQF2z5sgWvZI+4yk1dd7IM9ynCFph7mwJow+VG2AbYBMhDofPxEdIlc
GC4My4HctPJsW43DEi5o3r2EJz6/584tQ7PmsyrbZF/jZjBOQULd73ksV4+rkdae
EAGtjcBdvFekTy9I7YZEakwmRFbplgDBZzIw0OGBpAvgtHl/ZuMwcYGMVJ3P+9IR
El1Plg5okTYKj7WDx2VTwBKGDAOAPZ95Ni1ZXY34vs6aNFHTbdaroLkbRojn/3Sm
kigjPPzH7n7oWtH7cK5N9cZZoNY8+cL0cHCt75UWFnABzeOJ7b3XozSfNh+W1w==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:46 2023 by rpki-client on console.sobornost.net