Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/42217e-ead0-46be-8ad0-05f90ad24f3e/1/M_pd0cmYAjVK-0iii3YnpQRi9-g.roa
File: M_pd0cmYAjVK-0iii3YnpQRi9-g.roa (raw, json)
Hash identifier: 1RPbIk7kmlt9axuD8V6VoCn5+iNBGRsj7xVDuS3j1zg=
Subject key identifier: 33:FA:5D:D1:C9:98:02:35:4A:FB:48:A2:8B:76:27:A5:04:62:F7:E8
Certificate issuer: /CN=e97592f1eb41d6c893cd0dd72b63fc34ee553533
Certificate serial: 35AA49E4
Authority key identifier: E9:75:92:F1:EB:41:D6:C8:93:CD:0D:D7:2B:63:FC:34:EE:55:35:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6XWS8etB1siTzQ3XK2P8NO5VNTM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/42217e-ead0-46be-8ad0-05f90ad24f3e/1/M_pd0cmYAjVK-0iii3YnpQRi9-g.roa
Signing time: Sat 01 Jan 2022 08:59:56 +0000
ROA not before: Sat 01 Jan 2022 08:59:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16083
IP address blocks: 91.106.112.0/21 maxlen: 24
81.16.208.0/22 maxlen: 22
81.16.208.0/23 maxlen: 23
217.73.192.0/20 maxlen: 24
178.209.192.0/19 maxlen: 24
2a00:eb9::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 900352484 (0x35aa49e4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e97592f1eb41d6c893cd0dd72b63fc34ee553533
Validity
Not Before: Jan 1 08:59:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=33fa5dd1c99802354afb48a28b7627a50462f7e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:9a:d0:0f:14:83:b5:c2:8f:e6:b4:fa:e8:2c:
5b:79:c0:7b:fd:87:22:89:6c:ea:6f:21:c4:fe:61:
09:31:2a:5d:05:56:16:57:4b:73:38:87:16:63:74:
c9:a9:48:49:b6:5f:1a:d6:1a:a2:78:23:e6:71:c2:
14:43:94:79:87:4b:5b:3f:23:6d:a4:28:c2:2d:42:
ee:12:21:bb:40:ce:89:bd:32:a6:ad:9b:24:fb:9e:
ca:06:0b:0a:37:15:24:8e:74:39:3d:0d:a0:bc:6a:
67:69:37:90:f3:b1:8e:fc:a5:1b:7a:d4:ed:d3:7a:
79:4d:4b:9d:29:67:ed:4e:19:b6:f7:7d:88:0a:05:
28:e9:82:e2:16:3c:1e:13:9b:58:ef:39:ff:08:6c:
a0:37:d5:f5:c6:cd:e6:a7:d0:3b:74:ff:43:76:b5:
25:f8:32:ae:11:64:2c:c7:f5:78:ff:a4:8d:fd:b7:
72:5b:76:2c:4e:44:df:9f:69:ea:32:8a:7d:a1:7f:
04:d9:86:d9:f7:b2:78:e1:89:18:95:10:f6:a0:d6:
6a:e3:d2:22:eb:7a:fa:73:4b:1b:49:8f:a2:d3:a3:
c7:4d:45:23:96:fc:3c:0c:ce:be:3e:6c:7c:fb:5c:
63:19:40:3b:62:5c:ec:ae:e4:6d:fd:ac:77:81:73:
e7:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:FA:5D:D1:C9:98:02:35:4A:FB:48:A2:8B:76:27:A5:04:62:F7:E8
X509v3 Authority Key Identifier:
keyid:E9:75:92:F1:EB:41:D6:C8:93:CD:0D:D7:2B:63:FC:34:EE:55:35:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6XWS8etB1siTzQ3XK2P8NO5VNTM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/42217e-ead0-46be-8ad0-05f90ad24f3e/1/M_pd0cmYAjVK-0iii3YnpQRi9-g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/42217e-ead0-46be-8ad0-05f90ad24f3e/1/6XWS8etB1siTzQ3XK2P8NO5VNTM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.16.208.0/22
91.106.112.0/21
178.209.192.0/19
217.73.192.0/20
IPv6:
2a00:eb9::/32
Signature Algorithm: sha256WithRSAEncryption
7c:8f:fb:e9:5e:9e:8c:0e:8f:c6:44:b1:09:19:8e:03:19:38:
34:e9:a7:07:20:76:b7:d0:b5:a4:83:fd:eb:ed:3a:e8:ca:5b:
ea:80:55:28:a1:c7:66:0e:a2:f2:ae:48:fa:56:63:36:42:ed:
78:a4:4e:18:9f:78:4c:08:3e:cc:19:09:57:07:7f:87:75:95:
14:b2:98:bf:6a:aa:03:31:35:10:64:15:06:0d:18:1d:ff:37:
80:ee:bf:4a:fd:6e:88:16:29:44:f8:da:e6:90:c1:7e:c2:98:
af:9e:c7:8b:36:12:50:56:60:da:e0:14:d6:09:91:bb:46:9a:
0a:00:b3:7b:8f:e4:bd:c6:c6:83:c0:21:cb:ba:56:bd:78:ee:
0d:84:cb:07:b7:7a:8b:c3:3c:52:19:5e:87:f8:81:e0:89:34:
eb:d3:00:77:38:3e:1d:22:5b:6b:ad:7c:e9:c9:dc:cc:ef:b3:
f4:fc:be:8b:00:b7:15:b1:78:f6:9c:2a:58:9d:0e:76:47:aa:
1f:19:1f:2f:4b:26:65:12:a0:66:05:7d:76:24:14:a3:43:d8:
dc:27:0a:fa:bd:4b:74:6a:d8:be:81:bd:27:5a:9e:ee:7c:0e:
a4:1a:a9:23:ff:1c:f8:e9:d3:36:78:34:4d:1b:8f:1b:84:24:
37:c6:bb:7e
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIENapJ5DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
OTc1OTJmMWViNDFkNmM4OTNjZDBkZDcyYjYzZmMzNGVlNTUzNTMzMB4XDTIyMDEw
MTA4NTk1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzNmYTVkZDFjOTk4
MDIzNTRhZmI0OGEyOGI3NjI3YTUwNDYyZjdlODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL6a0A8Ug7XCj+a0+ugsW3nAe/2HIols6m8hxP5hCTEqXQVW
FldLcziHFmN0yalISbZfGtYaongj5nHCFEOUeYdLWz8jbaQowi1C7hIhu0DOib0y
pq2bJPueygYLCjcVJI50OT0NoLxqZ2k3kPOxjvylG3rU7dN6eU1LnSln7U4Ztvd9
iAoFKOmC4hY8HhObWO85/whsoDfV9cbN5qfQO3T/Q3a1JfgyrhFkLMf1eP+kjf23
clt2LE5E359p6jKKfaF/BNmG2feyeOGJGJUQ9qDWauPSIut6+nNLG0mPotOjx01F
I5b8PAzOvj5sfPtcYxlAO2Jc7K7kbf2sd4Fz55ECAwEAAaOCAiowggImMB0GA1Ud
DgQWBBQz+l3RyZgCNUr7SKKLdielBGL36DAfBgNVHSMEGDAWgBTpdZLx60HWyJPN
DdcrY/w07lU1MzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzZYV1M4ZXRCMXNpVHpRM1hLMlA4Tk81Vk5UTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzAvNDIyMTdlLWVhZDAtNDZiZS04YWQwLTA1ZjkwYWQyNGYzZS8x
L01fcGQwY21ZQWpWSy0waWlpM1lucFFSaTktZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzAv
NDIyMTdlLWVhZDAtNDZiZS04YWQwLTA1ZjkwYWQyNGYzZS8xLzZYV1M4ZXRCMXNp
VHpRM1hLMlA4Tk81Vk5UTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEAlEQ0AMEA1tqcAMEBbLRwAMEBNlJ
wDANBAIAAjAHAwUAKgAOuTANBgkqhkiG9w0BAQsFAAOCAQEAfI/76V6ejA6PxkSx
CRmOAxk4NOmnByB2t9C1pIP96+066Mpb6oBVKKHHZg6i8q5I+lZjNkLteKROGJ94
TAg+zBkJVwd/h3WVFLKYv2qqAzE1EGQVBg0YHf83gO6/Sv1uiBYpRPja5pDBfsKY
r57HizYSUFZg2uAU1gmRu0aaCgCze4/kvcbGg8Ahy7pWvXjuDYTLB7d6i8M8Uhle
h/iB4Ik069MAdzg+HSJba6186cnczO+z9Py+iwC3FbF49pwqWJ0OdkeqHxkfL0sm
ZRKgZgV9diQUo0PY3CcK+r1LdGrYvoG9J1qe7nwOpBqpI/8c+OnTNng0TRuPG4Qk
N8a7fg==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:47 2023 by rpki-client on console.sobornost.net