Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/325c8d-d368-4eee-9ca8-929f7d635f4b/1/pW-k-c4QlVJ7AlLTWs5hmKzLVtk.roa
File: pW-k-c4QlVJ7AlLTWs5hmKzLVtk.roa (raw, json)
Hash identifier: ZPvPGfxjsZNp7ucO2MeAJrIyuzlLzf4XgTMZLviwpTc=
Subject key identifier: A5:6F:A4:F9:CE:10:95:52:7B:02:52:D3:5A:CE:61:98:AC:CB:56:D9
Certificate issuer: /CN=adac830ccaa74783dd961fab241a228d7cc6f808
Certificate serial: 0BFFFC52
Authority key identifier: AD:AC:83:0C:CA:A7:47:83:DD:96:1F:AB:24:1A:22:8D:7C:C6:F8:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rayDDMqnR4Pdlh-rJBoijXzG-Ag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/325c8d-d368-4eee-9ca8-929f7d635f4b/1/pW-k-c4QlVJ7AlLTWs5hmKzLVtk.roa
Signing time: Mon 23 May 2022 18:50:48 +0000
ROA not before: Mon 23 May 2022 18:50:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20485
IP address blocks: 217.150.32.0/19 maxlen: 19
83.234.0.0/16 maxlen: 16
145.255.136.0/21 maxlen: 21
80.237.0.0/17 maxlen: 17
151.237.240.0/21 maxlen: 21
188.43.0.0/16 maxlen: 16
80.82.160.0/19 maxlen: 19
62.33.111.0/24 maxlen: 24
185.13.160.0/22 maxlen: 22
62.33.0.0/16 maxlen: 16
2a00:1e48::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 201325650 (0xbfffc52)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=adac830ccaa74783dd961fab241a228d7cc6f808
Validity
Not Before: May 23 18:50:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a56fa4f9ce1095527b0252d35ace6198accb56d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:49:97:83:44:0b:8a:24:c9:fd:4c:8a:e6:68:
81:df:bb:05:49:c8:04:b6:46:8b:b5:54:c0:a0:a8:
3a:54:08:c5:03:8b:40:ed:c5:78:0e:36:d2:c3:fb:
5c:68:64:c3:31:22:36:0c:fe:fd:8f:44:1f:f3:39:
42:8d:31:6b:9a:ac:4a:46:b0:3c:39:ff:07:fd:a1:
3a:30:56:3d:02:37:a4:cf:2b:bc:b0:d5:2e:d6:bc:
7a:7b:7a:e3:40:0b:d6:8f:e9:a6:ef:ba:6b:56:7a:
7e:45:32:8c:7b:90:74:9e:b1:3f:4e:e4:5b:90:2d:
2d:83:08:fa:09:7a:78:17:9b:86:79:30:02:44:48:
fa:85:a5:8d:46:ca:b1:af:77:dd:b4:5e:af:76:0b:
52:d7:28:76:5a:8d:24:a3:fe:79:09:93:d1:bb:c8:
66:0c:af:08:17:3a:15:4c:35:5d:15:36:c1:39:c2:
7d:71:83:e4:9b:79:90:69:20:77:01:52:f4:65:75:
1f:9b:1e:25:4b:76:17:5e:75:80:5d:08:7b:da:f2:
69:cf:39:79:49:15:c2:be:2c:13:2a:c6:c8:19:ee:
b5:f3:02:c0:43:c4:81:dc:e6:13:9e:d1:a0:c6:a8:
5e:1c:33:d0:58:a6:b1:46:89:67:2c:8c:3c:4c:3c:
9b:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:6F:A4:F9:CE:10:95:52:7B:02:52:D3:5A:CE:61:98:AC:CB:56:D9
X509v3 Authority Key Identifier:
keyid:AD:AC:83:0C:CA:A7:47:83:DD:96:1F:AB:24:1A:22:8D:7C:C6:F8:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rayDDMqnR4Pdlh-rJBoijXzG-Ag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/325c8d-d368-4eee-9ca8-929f7d635f4b/1/pW-k-c4QlVJ7AlLTWs5hmKzLVtk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/325c8d-d368-4eee-9ca8-929f7d635f4b/1/rayDDMqnR4Pdlh-rJBoijXzG-Ag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.33.0.0/16
80.82.160.0/19
80.237.0.0/17
83.234.0.0/16
145.255.136.0/21
151.237.240.0/21
185.13.160.0/22
188.43.0.0/16
217.150.32.0/19
IPv6:
2a00:1e48::/32
Signature Algorithm: sha256WithRSAEncryption
bc:3b:48:5f:0a:14:55:e5:58:0d:ed:2b:07:6c:59:14:8b:14:
f2:ed:48:64:76:09:97:1d:df:50:d5:18:9f:39:9f:53:02:04:
38:a4:f7:e8:ff:4c:38:5f:9f:6c:b5:6d:fd:33:59:05:ea:79:
bd:ac:a4:c7:b8:8f:f9:b6:b8:05:d3:3c:94:41:bc:5e:9c:3e:
fe:22:f5:c8:7f:fb:4b:1d:41:35:1d:d9:6a:aa:08:3a:2f:a4:
43:4a:5d:7f:fe:f9:14:7a:51:1c:85:51:1a:a5:06:73:b7:df:
4e:5d:d5:72:b2:22:09:25:ae:bd:5c:8d:9a:50:e4:18:73:fd:
7b:ed:46:99:75:85:56:37:08:4d:b8:95:be:a6:de:0f:0a:0c:
1e:87:e0:19:2a:45:ab:72:42:13:30:41:76:0f:d1:32:ba:60:
a2:32:8c:e7:ea:5e:43:86:ed:af:79:ee:21:7c:0f:77:ca:9b:
5c:a2:4e:a8:92:38:ef:28:b5:69:52:78:bd:e0:c0:68:40:c0:
b9:95:02:59:e6:03:4d:d5:41:fa:34:d5:5c:23:4c:09:d9:89:
21:3e:54:b9:d6:31:61:58:cf:f6:c0:3c:a8:ff:00:79:7d:5e:
4a:43:bd:89:62:81:ad:e7:fa:bb:b0:26:3e:0c:49:a1:26:88:
cc:ac:53:c5
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIEC//8UjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ZGFjODMwY2NhYTc0NzgzZGQ5NjFmYWIyNDFhMjI4ZDdjYzZmODA4MB4XDTIyMDUy
MzE4NTA0OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTU2ZmE0ZjljZTEw
OTU1MjdiMDI1MmQzNWFjZTYxOThhY2NiNTZkOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALlJl4NEC4okyf1MiuZogd+7BUnIBLZGi7VUwKCoOlQIxQOL
QO3FeA420sP7XGhkwzEiNgz+/Y9EH/M5Qo0xa5qsSkawPDn/B/2hOjBWPQI3pM8r
vLDVLta8ent640AL1o/ppu+6a1Z6fkUyjHuQdJ6xP07kW5AtLYMI+gl6eBebhnkw
AkRI+oWljUbKsa933bRer3YLUtcodlqNJKP+eQmT0bvIZgyvCBc6FUw1XRU2wTnC
fXGD5Jt5kGkgdwFS9GV1H5seJUt2F151gF0Ie9ryac85eUkVwr4sEyrGyBnutfMC
wEPEgdzmE57RoMaoXhwz0FimsUaJZyyMPEw8m4UCAwEAAaOCAkUwggJBMB0GA1Ud
DgQWBBSlb6T5zhCVUnsCUtNazmGYrMtW2TAfBgNVHSMEGDAWgBStrIMMyqdHg92W
H6skGiKNfMb4CDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3JheURETXFuUjRQZGxoLXJKQm9palh6Ry1BZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODIvMzI1YzhkLWQzNjgtNGVlZS05Y2E4LTkyOWY3ZDYzNWY0Yi8x
L3BXLWstYzRRbFZKN0FsTFRXczVobUt6TFZ0ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODIv
MzI1YzhkLWQzNjgtNGVlZS05Y2E4LTkyOWY3ZDYzNWY0Yi8xL3JheURETXFuUjRQ
ZGxoLXJKQm9palh6Ry1BZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBb
BggrBgEFBQcBBwEB/wRMMEowOQQCAAEwMwMDAD4hAwQFUFKgAwQHUO0AAwMAU+oD
BAOR/4gDBAOX7fADBAK5DaADAwC8KwMEBdmWIDANBAIAAjAHAwUAKgAeSDANBgkq
hkiG9w0BAQsFAAOCAQEAvDtIXwoUVeVYDe0rB2xZFIsU8u1IZHYJlx3fUNUYnzmf
UwIEOKT36P9MOF+fbLVt/TNZBep5vaykx7iP+ba4BdM8lEG8Xpw+/iL1yH/7Sx1B
NR3ZaqoIOi+kQ0pdf/75FHpRHIVRGqUGc7ffTl3VcrIiCSWuvVyNmlDkGHP9e+1G
mXWFVjcITbiVvqbeDwoMHofgGSpFq3JCEzBBdg/RMrpgojKM5+peQ4btr3nuIXwP
d8qbXKJOqJI47yi1aVJ4veDAaEDAuZUCWeYDTdVB+jTVXCNMCdmJIT5UudYxYVjP
9sA8qP8AeX1eSkO9iWKBref6u7AmPgxJoSaIzKxTxQ==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:22 2023 by rpki-client on console.sobornost.net