Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/5687c1-df9f-4ae5-a4cc-ec03ebd19000/1/2qstuJQdvl2FI2GThfoTJCkbkUY.roa
File: 2qstuJQdvl2FI2GThfoTJCkbkUY.roa (raw, json)
Hash identifier: 0TuS5dRSjD+XAVxt5Da2sD9//kISWLIJNULKLWnxozw=
Subject key identifier: DA:AB:2D:B8:94:1D:BE:5D:85:23:61:93:85:FA:13:24:29:1B:91:46
Certificate issuer: /CN=4c8a7886662254be39ea1add72728e000eb2c25a
Certificate serial: 0BE0BDB1
Authority key identifier: 4C:8A:78:86:66:22:54:BE:39:EA:1A:DD:72:72:8E:00:0E:B2:C2:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TIp4hmYiVL456hrdcnKOAA6ywlo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/5687c1-df9f-4ae5-a4cc-ec03ebd19000/1/2qstuJQdvl2FI2GThfoTJCkbkUY.roa
Signing time: Sat 01 Jan 2022 14:05:31 +0000
ROA not before: Sat 01 Jan 2022 14:05:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39706
IP address blocks: 82.113.124.0/22 maxlen: 22
82.113.121.128/25 maxlen: 25
82.113.121.0/25 maxlen: 25
89.204.130.0/24 maxlen: 24
89.204.128.0/21 maxlen: 21
89.204.128.0/19 maxlen: 19
89.204.135.0/24 maxlen: 24
89.204.144.0/21 maxlen: 21
82.113.96.0/20 maxlen: 20
82.113.96.0/19 maxlen: 19
82.113.112.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 199278001 (0xbe0bdb1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c8a7886662254be39ea1add72728e000eb2c25a
Validity
Not Before: Jan 1 14:05:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=daab2db8941dbe5d8523619385fa1324291b9146
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:83:e8:e4:59:02:1c:ca:3f:cb:7a:5e:f4:f0:
f7:8f:f4:3e:22:b4:5c:54:3f:4f:02:2c:56:39:ca:
a7:b0:ba:43:62:63:44:18:63:2a:0e:fe:51:c5:8b:
ba:d2:9d:d1:89:58:1a:e0:46:31:31:be:18:a2:27:
9f:00:0e:91:05:91:c4:c5:80:6f:17:fc:e2:49:39:
49:cf:10:42:9f:d9:2a:d4:f4:47:4e:c4:73:dd:5e:
99:f2:88:c1:f7:44:00:ae:70:76:e9:7d:b0:71:6e:
b5:af:d8:2e:00:1c:be:40:a6:b2:c7:2f:a2:b7:ff:
68:20:ef:0e:b0:d2:eb:25:f6:65:6d:64:0d:3f:c6:
ce:82:01:bf:19:8b:8c:17:f8:16:5e:45:32:fb:86:
52:32:ae:a2:ae:41:4c:ef:5b:eb:4b:73:c1:9b:a6:
db:67:08:d2:6f:0a:8d:9c:e5:14:f9:4b:e9:11:23:
ba:61:a5:42:9e:2d:77:f7:62:52:1b:05:86:e9:1c:
ca:b2:60:93:7c:e1:9b:0c:5f:5a:1c:93:32:a9:6e:
d9:62:b9:21:b8:6f:0f:d4:84:ed:c5:79:5f:9c:ad:
6c:48:2c:a5:e9:71:dc:c1:a3:1b:ea:2a:46:b0:f7:
59:bf:7b:cb:57:ec:13:c4:1e:89:e2:8f:af:e6:fd:
fd:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:AB:2D:B8:94:1D:BE:5D:85:23:61:93:85:FA:13:24:29:1B:91:46
X509v3 Authority Key Identifier:
keyid:4C:8A:78:86:66:22:54:BE:39:EA:1A:DD:72:72:8E:00:0E:B2:C2:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TIp4hmYiVL456hrdcnKOAA6ywlo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/5687c1-df9f-4ae5-a4cc-ec03ebd19000/1/2qstuJQdvl2FI2GThfoTJCkbkUY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/5687c1-df9f-4ae5-a4cc-ec03ebd19000/1/TIp4hmYiVL456hrdcnKOAA6ywlo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.113.96.0/19
89.204.128.0/19
Signature Algorithm: sha256WithRSAEncryption
8b:32:69:c2:9f:0f:fb:e9:87:61:72:22:ab:44:01:25:a8:42:
80:fa:ef:66:d3:61:c6:be:40:ef:78:7b:54:04:e4:87:17:50:
1c:b7:80:2c:93:dc:64:ab:40:7a:c3:09:ea:d3:9f:6f:c2:e1:
d0:47:6c:a9:fc:a1:16:e6:b4:7f:8a:34:b9:74:a1:8f:b0:c5:
05:af:be:b1:fc:d9:18:3b:aa:ba:af:e2:85:95:86:7b:e2:d3:
df:6c:bf:1d:0d:b1:f7:f7:ee:9f:19:4d:9a:50:1f:7e:13:d9:
59:87:3a:e3:2f:0f:f3:33:2f:cd:73:a9:30:a2:85:27:74:e2:
65:6e:dd:4d:5e:55:eb:a7:cc:6e:88:eb:81:75:2b:bd:b8:f9:
e2:7d:e5:42:f6:52:4f:e7:b0:a3:7c:c9:f0:e4:fb:f1:e4:b4:
96:70:98:11:49:19:43:12:87:ac:9b:bc:dc:4a:c1:f0:c7:d2:
bd:32:79:8a:50:a1:e5:07:18:4c:f9:df:4a:ed:06:67:54:fd:
22:4d:44:0f:df:53:2c:47:6d:b7:49:1b:5e:2a:ab:e3:6c:54:
1c:2e:72:d8:0d:a7:b4:bc:13:4c:a3:cf:92:b5:03:d6:fa:5d:
00:56:e8:f6:66:9f:55:a4:2f:1f:89:00:cf:ae:c9:12:2c:de:
f1:d8:55:9e
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEC+C9sTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
YzhhNzg4NjY2MjI1NGJlMzllYTFhZGQ3MjcyOGUwMDBlYjJjMjVhMB4XDTIyMDEw
MTE0MDUzMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGFhYjJkYjg5NDFk
YmU1ZDg1MjM2MTkzODVmYTEzMjQyOTFiOTE0NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM2D6ORZAhzKP8t6XvTw94/0PiK0XFQ/TwIsVjnKp7C6Q2Jj
RBhjKg7+UcWLutKd0YlYGuBGMTG+GKInnwAOkQWRxMWAbxf84kk5Sc8QQp/ZKtT0
R07Ec91emfKIwfdEAK5wdul9sHFuta/YLgAcvkCmsscvorf/aCDvDrDS6yX2ZW1k
DT/GzoIBvxmLjBf4Fl5FMvuGUjKuoq5BTO9b60tzwZum22cI0m8KjZzlFPlL6REj
umGlQp4td/diUhsFhukcyrJgk3zhmwxfWhyTMqlu2WK5IbhvD9SE7cV5X5ytbEgs
pelx3MGjG+oqRrD3Wb97y1fsE8QeieKPr+b9/QcCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTaqy24lB2+XYUjYZOF+hMkKRuRRjAfBgNVHSMEGDAWgBRMiniGZiJUvjnq
Gt1yco4ADrLCWjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1RJcDRobVlpVkw0NTZocmRjbktPQUE2eXdsby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGMvNTY4N2MxLWRmOWYtNGFlNS1hNGNjLWVjMDNlYmQxOTAwMC8x
LzJxc3R1SlFkdmwyRkkyR1RoZm9USkNrYmtVWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGMv
NTY4N2MxLWRmOWYtNGFlNS1hNGNjLWVjMDNlYmQxOTAwMC8xL1RJcDRobVlpVkw0
NTZocmRjbktPQUE2eXdsby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEBVJxYAMEBVnMgDANBgkqhkiG9w0B
AQsFAAOCAQEAizJpwp8P++mHYXIiq0QBJahCgPrvZtNhxr5A73h7VATkhxdQHLeA
LJPcZKtAesMJ6tOfb8Lh0EdsqfyhFua0f4o0uXShj7DFBa++sfzZGDuquq/ihZWG
e+LT32y/HQ2x9/funxlNmlAffhPZWYc64y8P8zMvzXOpMKKFJ3TiZW7dTV5V66fM
bojrgXUrvbj54n3lQvZST+ewo3zJ8OT78eS0lnCYEUkZQxKHrJu83ErB8MfSvTJ5
ilCh5QcYTPnfSu0GZ1T9Ik1ED99TLEdtt0kbXiqr42xUHC5y2A2ntLwTTKPPkrUD
1vpdAFbo9mafVaQvH4kAz67JEize8dhVng==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:09 2023 by rpki-client on console.sobornost.net