Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/f8e803-41f5-4668-afa5-db13abbe4e9a/1/4y16ER911dFbGL1q1skdk1vTFT4.roa
File: 4y16ER911dFbGL1q1skdk1vTFT4.roa (raw, json)
Hash identifier: x4bqfpz8Ajeu+PrIQ14XyA+xlntcn+DjD/Hssr7PXZ0=
Subject key identifier: E3:2D:7A:11:1F:75:D5:D1:5B:18:BD:6A:D6:C9:1D:93:5B:D3:15:3E
Certificate issuer: /CN=1fd7bbb1de6809df7f6e573f9abb64e603613ca1
Certificate serial: 15737AAF
Authority key identifier: 1F:D7:BB:B1:DE:68:09:DF:7F:6E:57:3F:9A:BB:64:E6:03:61:3C:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H9e7sd5oCd9_blc_mrtk5gNhPKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/f8e803-41f5-4668-afa5-db13abbe4e9a/1/4y16ER911dFbGL1q1skdk1vTFT4.roa
Signing time: Sat 01 Jan 2022 10:03:26 +0000
ROA not before: Sat 01 Jan 2022 10:03:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15692
IP address blocks: 89.37.69.0/24 maxlen: 24
89.37.68.0/23 maxlen: 23
89.37.68.0/24 maxlen: 24
188.215.28.0/23 maxlen: 23
188.215.28.0/24 maxlen: 24
188.215.29.0/24 maxlen: 24
94.177.130.0/24 maxlen: 24
193.169.192.0/23 maxlen: 23
185.13.244.0/22 maxlen: 22
93.115.8.0/24 maxlen: 24
86.105.0.0/24 maxlen: 24
89.40.44.0/23 maxlen: 23
86.105.225.0/24 maxlen: 24
2a02:f540::/30 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 359889583 (0x15737aaf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1fd7bbb1de6809df7f6e573f9abb64e603613ca1
Validity
Not Before: Jan 1 10:03:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e32d7a111f75d5d15b18bd6ad6c91d935bd3153e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:a2:a7:ad:e4:00:b1:bb:98:33:1a:40:ab:28:
26:d7:da:f9:78:da:9a:78:e5:d4:92:7d:9c:37:05:
28:99:bb:03:b6:88:53:92:b2:05:90:9e:0b:11:10:
79:d4:b2:ea:4d:65:75:b4:92:d0:e9:0f:b2:d0:ca:
5c:08:af:b4:5e:4c:78:f9:a1:b6:a1:1b:9d:19:b9:
c4:32:f1:49:3a:2f:a5:a2:ad:53:59:2b:bc:b2:6e:
d0:12:e5:43:65:c3:46:a1:9b:9b:b1:82:fc:a6:22:
9f:5a:8c:0d:fb:3b:af:0d:af:fc:7c:e3:c6:0b:6c:
dc:0a:8e:bd:a6:98:fc:88:46:14:9c:c8:4c:8e:eb:
5d:6a:e4:d4:f4:44:04:fa:67:f6:0d:51:6b:7b:3a:
56:34:37:7e:2f:29:47:ac:33:b5:c4:b4:f7:87:62:
d1:70:4b:43:da:20:2a:53:9f:b8:44:b3:20:89:91:
5a:bf:9f:5d:16:60:c5:c6:29:65:12:2e:14:6f:8e:
c3:88:9c:bf:77:13:62:88:a5:e7:56:b7:d0:9d:ac:
0f:cc:5b:cb:6c:ea:2d:c3:9e:b5:16:e5:6e:94:07:
e2:53:9c:f6:65:42:86:25:9f:f8:64:98:1b:71:b5:
2a:a9:d0:92:be:65:7b:95:1d:7f:e9:b0:be:81:85:
96:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:2D:7A:11:1F:75:D5:D1:5B:18:BD:6A:D6:C9:1D:93:5B:D3:15:3E
X509v3 Authority Key Identifier:
keyid:1F:D7:BB:B1:DE:68:09:DF:7F:6E:57:3F:9A:BB:64:E6:03:61:3C:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H9e7sd5oCd9_blc_mrtk5gNhPKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/f8e803-41f5-4668-afa5-db13abbe4e9a/1/4y16ER911dFbGL1q1skdk1vTFT4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/f8e803-41f5-4668-afa5-db13abbe4e9a/1/H9e7sd5oCd9_blc_mrtk5gNhPKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.105.0.0/24
86.105.225.0/24
89.37.68.0/23
89.40.44.0/23
93.115.8.0/24
94.177.130.0/24
185.13.244.0/22
188.215.28.0/23
193.169.192.0/23
IPv6:
2a02:f540::/30
Signature Algorithm: sha256WithRSAEncryption
15:78:de:c0:f7:7f:7b:48:a2:a1:1f:b4:b4:fd:3f:f9:fc:c6:
7b:cb:2b:04:3b:c1:b5:3e:2f:cd:bb:94:5a:a1:d9:7d:c7:39:
fd:f6:21:b5:90:dd:b1:ba:85:66:44:b1:66:aa:73:05:91:31:
b2:25:b9:24:a0:a7:48:57:7f:39:12:18:be:0b:4e:00:ae:b3:
61:1c:17:0a:83:46:2b:7d:9d:d9:1a:63:ca:ea:6c:f0:87:8e:
dc:7b:d8:fa:3a:f6:90:e6:d5:03:81:01:d0:54:04:7a:8a:0f:
9a:6c:37:b0:3f:c9:63:08:7b:96:f5:e8:a8:36:8c:76:a6:1d:
bc:d3:a9:3d:bd:4e:a3:37:de:7b:d8:4d:d3:c3:a7:6a:c8:76:
e6:ad:05:3e:33:65:64:04:c9:69:36:6f:09:54:35:08:c1:8c:
06:5a:6b:ce:df:b6:22:7f:f5:6e:0b:d9:76:c1:9d:27:04:84:
f5:c5:8d:24:a3:c3:17:dc:ff:e5:c2:b4:2d:08:30:7e:8f:00:
bf:4b:6f:1b:a6:77:e6:17:1a:5e:ea:11:bd:ca:13:b2:31:ea:
f1:ef:77:0e:f9:76:7e:37:ae:72:0b:db:86:5c:ba:1b:52:8b:
9f:de:16:18:81:5c:9c:0f:e7:75:16:af:79:25:42:1e:11:34:
97:d2:0d:58
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgIEFXN6rzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ZmQ3YmJiMWRlNjgwOWRmN2Y2ZTU3M2Y5YWJiNjRlNjAzNjEzY2ExMB4XDTIyMDEw
MTEwMDMyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTMyZDdhMTExZjc1
ZDVkMTViMThiZDZhZDZjOTFkOTM1YmQzMTUzZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPWip63kALG7mDMaQKsoJtfa+Xjamnjl1JJ9nDcFKJm7A7aI
U5KyBZCeCxEQedSy6k1ldbSS0OkPstDKXAivtF5MePmhtqEbnRm5xDLxSTovpaKt
U1krvLJu0BLlQ2XDRqGbm7GC/KYin1qMDfs7rw2v/Hzjxgts3AqOvaaY/IhGFJzI
TI7rXWrk1PREBPpn9g1Ra3s6VjQ3fi8pR6wztcS094di0XBLQ9ogKlOfuESzIImR
Wr+fXRZgxcYpZRIuFG+Ow4icv3cTYoil51a30J2sD8xby2zqLcOetRblbpQH4lOc
9mVChiWf+GSYG3G1KqnQkr5le5Udf+mwvoGFlrcCAwEAAaOCAkgwggJEMB0GA1Ud
DgQWBBTjLXoRH3XV0VsYvWrWyR2TW9MVPjAfBgNVHSMEGDAWgBQf17ux3mgJ339u
Vz+au2TmA2E8oTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0g5ZTdzZDVvQ2Q5X2JsY19tcnRrNWdOaFBLRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDYvZjhlODAzLTQxZjUtNDY2OC1hZmE1LWRiMTNhYmJlNGU5YS8x
LzR5MTZFUjkxMWRGYkdMMXExc2tkazF2VEZUNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDYv
ZjhlODAzLTQxZjUtNDY2OC1hZmE1LWRiMTNhYmJlNGU5YS8xL0g5ZTdzZDVvQ2Q5
X2JsY19tcnRrNWdOaFBLRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBe
BggrBgEFBQcBBwEB/wRPME0wPAQCAAEwNgMEAFZpAAMEAFZp4QMEAVklRAMEAVko
LAMEAF1zCAMEAF6xggMEArkN9AMEAbzXHAMEAcGpwDANBAIAAjAHAwUCKgL1QDAN
BgkqhkiG9w0BAQsFAAOCAQEAFXjewPd/e0iioR+0tP0/+fzGe8srBDvBtT4vzbuU
WqHZfcc5/fYhtZDdsbqFZkSxZqpzBZExsiW5JKCnSFd/ORIYvgtOAK6zYRwXCoNG
K32d2Rpjyups8IeO3HvY+jr2kObVA4EB0FQEeooPmmw3sD/JYwh7lvXoqDaMdqYd
vNOpPb1Oozfee9hN08Onash25q0FPjNlZATJaTZvCVQ1CMGMBlprzt+2In/1bgvZ
dsGdJwSE9cWNJKPDF9z/5cK0LQgwfo8Av0tvG6Z35hcaXuoRvcoTsjHq8e93Dvl2
fjeucgvbhly6G1KLn94WGIFcnA/ndRaveSVCHhE0l9INWA==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:14 2023 by rpki-client on console.sobornost.net