Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/4b7ef8-8643-4dbb-92aa-0740115b5a52/1/aQO06wYLO3ZCgiV9ROuTmaOYF54.roa
File: aQO06wYLO3ZCgiV9ROuTmaOYF54.roa (raw, json)
Hash identifier: +lS1OiinxOP4la0D5f4bb8+angJhW71rujJ3nHjjp3w=
Subject key identifier: 69:03:B4:EB:06:0B:3B:76:42:82:25:7D:44:EB:93:99:A3:98:17:9E
Certificate issuer: /CN=e32bcd40c6774677d2c3702ef59edf49d0b36c6c
Certificate serial: 18A3E4CE
Authority key identifier: E3:2B:CD:40:C6:77:46:77:D2:C3:70:2E:F5:9E:DF:49:D0:B3:6C:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4yvNQMZ3RnfSw3Au9Z7fSdCzbGw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/4b7ef8-8643-4dbb-92aa-0740115b5a52/1/aQO06wYLO3ZCgiV9ROuTmaOYF54.roa
Signing time: Tue 15 Feb 2022 06:50:04 +0000
ROA not before: Tue 15 Feb 2022 06:50:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6453
IP address blocks: 89.148.0.0/18 maxlen: 18
185.165.176.0/22 maxlen: 22
84.255.128.0/18 maxlen: 18
77.69.128.0/17 maxlen: 17
82.194.32.0/19 maxlen: 19
77.69.148.0/24 maxlen: 24
88.201.0.0/17 maxlen: 17
193.188.96.0/19 maxlen: 19
217.17.224.0/19 maxlen: 19
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 413394126 (0x18a3e4ce)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e32bcd40c6774677d2c3702ef59edf49d0b36c6c
Validity
Not Before: Feb 15 06:50:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6903b4eb060b3b764282257d44eb9399a398179e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:e7:34:d1:d8:35:dc:cb:99:d4:54:1a:06:5b:
0f:ab:a7:e1:2f:a4:15:46:97:46:ac:b0:1c:e4:48:
e6:ca:a3:ab:12:55:66:85:85:1f:e8:14:19:bd:37:
0e:1c:70:12:50:6b:af:89:89:45:df:f8:76:0a:f9:
89:e1:e7:67:6b:e7:2f:88:24:a8:ee:98:94:ea:62:
13:f3:49:90:84:7c:0e:10:13:df:1c:4d:9e:5f:25:
7f:97:e1:27:5e:15:78:54:1b:83:0b:39:c6:9f:c5:
ed:e9:d5:c8:80:36:7b:be:6c:02:07:b1:de:ea:6a:
48:78:02:74:78:f0:71:44:72:d1:23:9e:55:9c:56:
c2:02:05:21:ee:47:45:dc:22:5a:0f:18:fd:6d:2a:
94:09:4c:ed:8e:8c:89:b6:f2:0e:12:11:0d:2d:18:
fe:bf:0a:bb:ee:50:68:75:5a:cb:a7:f8:94:23:d4:
a5:b6:8a:f6:a7:c3:fd:2e:ef:2a:66:a9:34:14:51:
e1:0d:d6:df:d4:f6:44:6f:a6:b9:2b:e7:d2:89:90:
48:b3:3a:23:ae:18:d3:dc:e5:0d:a2:f2:ff:c1:6a:
38:43:ad:01:eb:2e:37:40:2f:ae:32:d0:39:cc:28:
75:a3:80:2d:61:77:4f:aa:a8:ce:b0:02:88:76:da:
0a:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:03:B4:EB:06:0B:3B:76:42:82:25:7D:44:EB:93:99:A3:98:17:9E
X509v3 Authority Key Identifier:
keyid:E3:2B:CD:40:C6:77:46:77:D2:C3:70:2E:F5:9E:DF:49:D0:B3:6C:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4yvNQMZ3RnfSw3Au9Z7fSdCzbGw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/4b7ef8-8643-4dbb-92aa-0740115b5a52/1/aQO06wYLO3ZCgiV9ROuTmaOYF54.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/4b7ef8-8643-4dbb-92aa-0740115b5a52/1/4yvNQMZ3RnfSw3Au9Z7fSdCzbGw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.69.128.0/17
82.194.32.0/19
84.255.128.0/18
88.201.0.0/17
89.148.0.0/18
185.165.176.0/22
193.188.96.0/19
217.17.224.0/19
Signature Algorithm: sha256WithRSAEncryption
63:63:84:c6:3c:dc:08:68:ce:4b:f6:33:3b:36:f1:2c:22:e0:
9f:8a:0e:be:95:c9:29:59:d1:ae:1a:f4:fe:e8:e6:1f:a1:2b:
a2:87:41:da:ea:86:4a:2c:0a:de:5c:30:5b:31:91:e3:70:fc:
10:9b:47:43:06:0d:39:d7:25:e7:d4:9d:0d:f6:ee:20:b2:80:
2c:f6:7c:95:7a:3e:37:2c:f8:1d:f0:0e:86:92:be:d8:54:78:
d6:4e:0d:4f:7e:e0:1b:40:fb:25:d7:c0:fb:a8:aa:79:62:c1:
91:e6:68:4e:68:f3:4c:b0:87:32:1a:e2:5d:07:18:f8:3c:91:
2c:18:47:06:25:33:ae:3f:cc:44:57:da:b6:cd:c4:10:82:cd:
dc:39:99:6a:9c:05:ea:13:f0:f5:2a:75:c2:e7:ff:aa:c3:c2:
88:40:ac:44:e6:e8:e8:06:a2:c1:39:af:e5:0e:6a:25:01:01:
68:64:35:1c:17:8e:27:bf:e3:a7:40:19:c4:22:4c:e2:55:68:
96:47:eb:7c:03:59:43:7f:d9:15:03:4c:0a:12:b5:50:ad:98:
48:86:89:37:14:39:2f:f4:a1:b4:75:29:d7:fd:17:c9:7a:ab:
af:1b:94:3e:bc:f1:c6:a9:d8:51:3c:f5:55:87:aa:e9:1e:ff:
44:42:b7:35
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgIEGKPkzjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
MzJiY2Q0MGM2Nzc0Njc3ZDJjMzcwMmVmNTllZGY0OWQwYjM2YzZjMB4XDTIyMDIx
NTA2NTAwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjkwM2I0ZWIwNjBi
M2I3NjQyODIyNTdkNDRlYjkzOTlhMzk4MTc5ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK7nNNHYNdzLmdRUGgZbD6un4S+kFUaXRqywHORI5sqjqxJV
ZoWFH+gUGb03DhxwElBrr4mJRd/4dgr5ieHnZ2vnL4gkqO6YlOpiE/NJkIR8DhAT
3xxNnl8lf5fhJ14VeFQbgws5xp/F7enVyIA2e75sAgex3upqSHgCdHjwcURy0SOe
VZxWwgIFIe5HRdwiWg8Y/W0qlAlM7Y6MibbyDhIRDS0Y/r8Ku+5QaHVay6f4lCPU
pbaK9qfD/S7vKmapNBRR4Q3W39T2RG+muSvn0omQSLM6I64Y09zlDaLy/8FqOEOt
AesuN0AvrjLQOcwodaOALWF3T6qozrACiHbaCkcCAwEAAaOCAjMwggIvMB0GA1Ud
DgQWBBRpA7TrBgs7dkKCJX1E65OZo5gXnjAfBgNVHSMEGDAWgBTjK81AxndGd9LD
cC71nt9J0LNsbDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzR5dk5RTVozUm5mU3czQXU5WjdmU2RDemJHdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmYvNGI3ZWY4LTg2NDMtNGRiYi05MmFhLTA3NDAxMTViNWE1Mi8x
L2FRTzA2d1lMTzNaQ2dpVjlST3VUbWFPWUY1NC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmYv
NGI3ZWY4LTg2NDMtNGRiYi05MmFhLTA3NDAxMTViNWE1Mi8xLzR5dk5RTVozUm5m
U3czQXU5WjdmU2RDemJHdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBJ
BggrBgEFBQcBBwEB/wQ6MDgwNgQCAAEwMAMEB01FgAMEBVLCIAMEBlT/gAMEB1jJ
AAMEBlmUAAMEArmlsAMEBcG8YAMEBdkR4DANBgkqhkiG9w0BAQsFAAOCAQEAY2OE
xjzcCGjOS/YzOzbxLCLgn4oOvpXJKVnRrhr0/ujmH6EroodB2uqGSiwK3lwwWzGR
43D8EJtHQwYNOdcl59SdDfbuILKALPZ8lXo+Nyz4HfAOhpK+2FR41k4NT37gG0D7
JdfA+6iqeWLBkeZoTmjzTLCHMhriXQcY+DyRLBhHBiUzrj/MRFfats3EEILN3DmZ
apwF6hPw9Sp1wuf/qsPCiECsRObo6AaiwTmv5Q5qJQEBaGQ1HBeOJ7/jp0AZxCJM
4lVolkfrfANZQ3/ZFQNMChK1UK2YSIaJNxQ5L/ShtHUp1/0XyXqrrxuUPrzxxqnY
UTz1VYeq6R7/REK3NQ==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:48 2023 by rpki-client on console.sobornost.net