Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ec44ea-ef43-4b3a-a69a-b4cb637da8c3/1/mNM7cGZOfyETXg19IQ8_MKJIym8.roa
File: mNM7cGZOfyETXg19IQ8_MKJIym8.roa (raw, json)
Hash identifier: LZQl9/zfMMbBdRfxGF0jleL0JbjvyfrxkRESN6ICABU=
Subject key identifier: 98:D3:3B:70:66:4E:7F:21:13:5E:0D:7D:21:0F:3F:30:A2:48:CA:6F
Certificate issuer: /CN=a2b12e8df3abd5559f9cf9680af65dd16589de86
Certificate serial: 0182588BA5CBB0ABC2D1EE8E81D825ABF1A1
Authority key identifier: A2:B1:2E:8D:F3:AB:D5:55:9F:9C:F9:68:0A:F6:5D:D1:65:89:DE:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/orEujfOr1VWfnPloCvZd0WWJ3oY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ec44ea-ef43-4b3a-a69a-b4cb637da8c3/1/mNM7cGZOfyETXg19IQ8_MKJIym8.roa
Signing time: Mon 01 Aug 2022 08:35:23 +0000
ROA not before: Mon 01 Aug 2022 08:35:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8820
IP address blocks: 81.92.0.0/20 maxlen: 24
195.8.254.2/31 maxlen: 32
212.60.128.0/19 maxlen: 24
78.41.48.0/22 maxlen: 24
82.139.192.0/18 maxlen: 24
195.8.224.0/19 maxlen: 24
213.240.128.0/18 maxlen: 24
46.236.192.0/18 maxlen: 24
195.8.253.0/24 maxlen: 24
212.17.224.0/19 maxlen: 24
2a01:170:1000::/36 maxlen: 48
2a01:170::/32 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:58:8b:a5:cb:b0:ab:c2:d1:ee:8e:81:d8:25:ab:f1:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a2b12e8df3abd5559f9cf9680af65dd16589de86
Validity
Not Before: Aug 1 08:35:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=98d33b70664e7f21135e0d7d210f3f30a248ca6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:9e:90:97:b6:35:a1:64:4e:8d:71:28:db:09:
1e:75:fa:f4:38:d6:c0:3c:af:18:22:33:98:e1:bc:
0c:d5:f9:73:49:4b:fc:81:b1:9b:cc:ab:60:02:23:
97:f3:3e:a6:5b:51:08:29:12:67:cb:8c:30:ae:90:
34:ce:fd:31:6c:25:72:60:95:c4:72:c1:61:d5:63:
f6:fe:bb:ad:b4:40:d1:07:55:93:2c:e3:02:39:78:
6c:6a:cd:c3:5d:36:da:05:8f:5b:d0:40:ec:6b:38:
3e:38:d2:01:9f:9b:2c:29:3c:8e:e2:f8:1b:fd:22:
1e:f5:c6:01:d5:7c:8c:75:0f:f9:5e:21:de:91:8f:
80:ee:1c:ea:38:da:33:5c:40:f0:79:3e:2d:17:0c:
cf:db:78:de:a0:42:59:bb:34:f0:f4:32:41:8f:56:
80:8a:80:54:9d:69:ca:9c:fe:81:b0:10:92:07:b8:
58:b4:f3:1a:6b:cd:6a:f3:e3:b8:a0:02:1b:23:62:
3d:b5:0a:3c:cf:11:8b:9f:d2:5c:13:ca:e7:ea:06:
8f:fb:53:8f:e7:9f:fd:f2:8e:8b:8a:5b:0f:d9:d6:
85:51:14:d2:24:6a:cb:65:9f:39:db:0a:96:ee:1c:
99:44:c4:05:71:13:70:88:e2:c1:d7:27:73:e4:3b:
05:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:D3:3B:70:66:4E:7F:21:13:5E:0D:7D:21:0F:3F:30:A2:48:CA:6F
X509v3 Authority Key Identifier:
keyid:A2:B1:2E:8D:F3:AB:D5:55:9F:9C:F9:68:0A:F6:5D:D1:65:89:DE:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/orEujfOr1VWfnPloCvZd0WWJ3oY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ec44ea-ef43-4b3a-a69a-b4cb637da8c3/1/mNM7cGZOfyETXg19IQ8_MKJIym8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ec44ea-ef43-4b3a-a69a-b4cb637da8c3/1/orEujfOr1VWfnPloCvZd0WWJ3oY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.236.192.0/18
78.41.48.0/22
81.92.0.0/20
82.139.192.0/18
195.8.224.0/19
212.17.224.0/19
212.60.128.0/19
213.240.128.0/18
IPv6:
2a01:170::/32
Signature Algorithm: sha256WithRSAEncryption
33:f7:ed:96:ac:48:64:51:90:91:45:fe:73:8b:0c:96:27:1a:
47:68:a8:a5:62:52:2a:20:e7:08:7a:b7:1c:6b:8c:e1:d8:a1:
61:b0:e7:af:5b:dd:3e:44:9a:a9:1d:7b:1b:b1:29:7a:ed:34:
1d:22:0b:6c:0b:4e:90:c7:a1:dd:bb:ce:73:46:aa:17:f6:14:
96:f2:fd:39:82:44:ec:75:7e:8c:20:d9:74:57:8a:c1:63:47:
30:fd:2f:87:85:2c:32:9e:9a:c0:da:b2:53:24:1e:43:e2:56:
c3:3c:4f:97:93:49:9c:f2:67:96:43:52:c5:1e:ba:58:7c:1b:
b9:53:ee:ce:5c:69:e1:fb:65:e9:6d:05:5e:35:b1:11:45:a8:
95:c4:a0:4c:03:38:bd:22:07:4f:8a:47:2a:fd:1d:99:93:08:
27:07:7c:a4:77:aa:df:20:46:34:b7:70:f5:81:f6:bc:10:06:
7b:d4:f2:84:7b:dc:cd:b5:f5:94:ee:95:0e:3f:16:58:c3:de:
2c:06:32:87:48:6a:19:f4:26:4e:ad:01:c1:fa:7c:8e:18:1b:
65:10:78:4c:12:a0:25:46:f7:65:9e:d7:fe:7b:d5:24:8e:5e:
df:c0:3b:a1:55:68:a7:a9:af:81:4b:17:0e:28:1e:72:4f:40:
b9:04:d3:89
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYJYi6XLsKvC0e6Ogdglq/GhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyYjEyZThkZjNhYmQ1NTU5ZjljZjk2ODBhZjY1ZGQxNjU4
OWRlODYwHhcNMjIwODAxMDgzNTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGQzM2I3MDY2NGU3ZjIxMTM1ZTBkN2QyMTBmM2YzMGEyNDhjYTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArZ6Ql7Y1oWROjXEo2wkedfr0ONbA
PK8YIjOY4bwM1flzSUv8gbGbzKtgAiOX8z6mW1EIKRJny4wwrpA0zv0xbCVyYJXE
csFh1WP2/ruttEDRB1WTLOMCOXhsas3DXTbaBY9b0EDsazg+ONIBn5ssKTyO4vgb
/SIe9cYB1XyMdQ/5XiHekY+A7hzqONozXEDweT4tFwzP23jeoEJZuzTw9DJBj1aA
ioBUnWnKnP6BsBCSB7hYtPMaa81q8+O4oAIbI2I9tQo8zxGLn9JcE8rn6gaP+1OP
55/98o6LilsP2daFURTSJGrLZZ852wqW7hyZRMQFcRNwiOLB1ydz5DsFQwIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFJjTO3BmTn8hE14NfSEPPzCiSMpvMB8GA1UdIwQY
MBaAFKKxLo3zq9VVn5z5aAr2XdFlid6GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3JFdWpmT3IxVldmblBsb0N2WmQwV1dKM29ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9lYzQ0ZWEtZWY0My00YjNhLWE2OWEt
YjRjYjYzN2RhOGMzLzEvbU5NN2NHWk9meUVUWGcxOUlROF9NS0pJeW04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9lYzQ0ZWEtZWY0My00YjNhLWE2OWEtYjRjYjYzN2RhOGMz
LzEvb3JFdWpmT3IxVldmblBsb0N2WmQwV1dKM29ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQGLuzAAwQC
TikwAwQEUVwAAwQGUovAAwQFwwjgAwQF1BHgAwQF1DyAAwQG1fCAMA0EAgACMAcD
BQAqAQFwMA0GCSqGSIb3DQEBCwUAA4IBAQAz9+2WrEhkUZCRRf5ziwyWJxpHaKil
YlIqIOcIercca4zh2KFhsOevW90+RJqpHXsbsSl67TQdIgtsC06Qx6Hdu85zRqoX
9hSW8v05gkTsdX6MINl0V4rBY0cw/S+HhSwynprA2rJTJB5D4lbDPE+Xk0mc8meW
Q1LFHrpYfBu5U+7OXGnh+2XpbQVeNbERRaiVxKBMAzi9IgdPikcq/R2ZkwgnB3yk
d6rfIEY0t3D1gfa8EAZ71PKEe9zNtfWU7pUOPxZYw94sBjKHSGoZ9CZOrQHB+nyO
GBtlEHhMEqAlRvdlntf+e9Ukjl7fwDuhVWinqa+BSxcOKB5yT0C5BNOJ
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:00 2023 by rpki-client on console.sobornost.net