Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/8233f2-d3c0-4501-a9c7-138c8417ae93/1/qLc8TpY_t_bu3rvrzDMBSrz80tg.roa
File: qLc8TpY_t_bu3rvrzDMBSrz80tg.roa (raw, json)
Hash identifier: 2CnMhHfTlT7Za7KCW6JSKNBUWrfBKyQmm6dcYgCQ9FE=
Subject key identifier: A8:B7:3C:4E:96:3F:B7:F6:EE:DE:BB:EB:CC:33:01:4A:BC:FC:D2:D8
Certificate issuer: /CN=72633388a7a5cfe9a7ca19fd74c922dcb12569d3
Certificate serial: 018368FBFE6F9B075C20289B20345976AA80
Authority key identifier: 72:63:33:88:A7:A5:CF:E9:A7:CA:19:FD:74:C9:22:DC:B1:25:69:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cmMziKelz-mnyhn9dMki3LEladM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/8233f2-d3c0-4501-a9c7-138c8417ae93/1/qLc8TpY_t_bu3rvrzDMBSrz80tg.roa
Signing time: Fri 23 Sep 2022 06:14:48 +0000
ROA not before: Fri 23 Sep 2022 06:14:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34863
IP address blocks: 85.204.24.0/23 maxlen: 23
85.204.21.0/24 maxlen: 24
85.204.20.0/23 maxlen: 23
85.204.25.0/24 maxlen: 24
81.23.34.0/24 maxlen: 24
81.23.32.0/20 maxlen: 20
89.35.96.0/20 maxlen: 20
185.63.48.0/22 maxlen: 22
185.252.195.0/24 maxlen: 24
46.226.128.0/21 maxlen: 21
185.2.252.0/22 maxlen: 22
188.94.202.0/23 maxlen: 23
188.94.201.0/24 maxlen: 24
188.94.200.0/24 maxlen: 24
188.94.200.0/21 maxlen: 21
188.94.206.0/24 maxlen: 24
188.94.204.0/22 maxlen: 22
2a00:fc8::/32 maxlen: 32
2a00:7820::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:68:fb:fe:6f:9b:07:5c:20:28:9b:20:34:59:76:aa:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72633388a7a5cfe9a7ca19fd74c922dcb12569d3
Validity
Not Before: Sep 23 06:14:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a8b73c4e963fb7f6eedebbebcc33014abcfcd2d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:11:c8:5c:ee:b7:40:40:b4:c4:b4:be:f2:ad:
bc:3a:41:e8:08:ce:e8:25:6e:f2:f2:a1:59:d9:7b:
9a:3e:7a:0e:90:1d:d1:81:21:1f:d3:18:ee:dc:49:
66:47:4e:f4:39:fe:cb:7f:7a:be:33:bf:8c:ee:77:
26:21:0b:c2:e1:34:85:9c:d3:36:cb:7b:4e:68:74:
55:bf:11:03:c9:94:43:53:c3:e6:56:af:cb:e9:27:
2a:7e:52:57:f7:6b:86:d3:47:35:de:fc:63:ed:d2:
cc:b3:0c:dd:d3:f6:aa:7d:dd:49:28:85:ba:5b:13:
f2:44:81:3c:ca:09:0b:63:65:ca:5e:02:e5:16:57:
21:34:30:b0:2a:64:d0:bc:62:25:de:35:d9:02:dc:
d1:77:60:8b:b4:5c:8f:ff:99:27:aa:c2:7b:e5:c0:
30:e6:39:6b:6e:d3:2f:3f:5b:98:d8:d1:b3:b7:fd:
5b:d3:22:c9:f6:41:bb:01:7a:a9:b2:91:d2:38:62:
81:30:3e:c0:ee:c0:73:c9:7c:4f:75:1c:ae:67:29:
b1:4f:ac:cb:6e:32:54:61:c6:60:e3:5f:4d:87:fe:
56:42:d8:dc:63:e1:6e:33:31:1c:2f:6f:84:55:77:
97:d8:15:8b:ed:02:7f:40:bc:0b:ac:2e:a0:d1:52:
6a:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:B7:3C:4E:96:3F:B7:F6:EE:DE:BB:EB:CC:33:01:4A:BC:FC:D2:D8
X509v3 Authority Key Identifier:
keyid:72:63:33:88:A7:A5:CF:E9:A7:CA:19:FD:74:C9:22:DC:B1:25:69:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cmMziKelz-mnyhn9dMki3LEladM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/8233f2-d3c0-4501-a9c7-138c8417ae93/1/qLc8TpY_t_bu3rvrzDMBSrz80tg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/8233f2-d3c0-4501-a9c7-138c8417ae93/1/cmMziKelz-mnyhn9dMki3LEladM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.226.128.0/21
81.23.32.0/20
85.204.20.0/23
85.204.24.0/23
89.35.96.0/20
185.2.252.0/22
185.63.48.0/22
185.252.195.0/24
188.94.200.0/21
IPv6:
2a00:fc8::/32
2a00:7820::/32
Signature Algorithm: sha256WithRSAEncryption
7e:4e:0b:6b:38:73:0a:85:f2:3b:53:18:49:d9:45:75:16:57:
66:77:c8:1e:ec:8d:da:cc:bd:7a:8f:11:6c:0b:26:35:77:de:
73:40:bf:0b:8b:45:52:05:1c:44:1d:b5:34:ed:0c:5a:a8:82:
2a:ac:b5:03:46:d7:0b:06:4f:15:98:f9:c7:45:9d:81:1c:72:
b0:e5:fc:c8:c5:14:bb:39:a3:ca:8a:43:dd:d7:cd:3c:3f:4e:
98:3e:48:f4:f0:b4:7e:de:50:62:ab:37:90:c3:2e:43:f4:a3:
0d:ba:7a:dd:d4:39:d3:c2:3c:a2:4b:c5:e3:9e:34:9a:05:96:
da:33:f8:8e:84:92:7a:68:6d:2e:ea:d3:0b:c2:95:05:10:e4:
0e:a8:d5:4d:b9:94:ba:8c:c8:90:1e:4c:45:da:d8:d2:f5:83:
9a:1e:2b:b4:3f:96:b0:50:f2:27:b8:60:a5:0c:90:01:8c:ba:
b1:04:eb:e7:8d:19:91:f6:70:29:5d:d6:df:e6:73:69:06:0f:
f4:5c:ba:31:7c:27:da:53:ce:df:27:44:2e:b4:a5:ba:ad:02:
8b:5d:94:73:16:24:a7:91:54:ae:af:af:5e:79:02:0b:62:92:
e5:39:e9:a4:d5:89:f5:25:d4:9f:c0:77:8c:79:b3:37:10:9b:
80:a0:d3:1c
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAYNo+/5vmwdcICibIDRZdqqAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyNjMzMzg4YTdhNWNmZTlhN2NhMTlmZDc0YzkyMmRjYjEy
NTY5ZDMwHhcNMjIwOTIzMDYxNDQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGI3M2M0ZTk2M2ZiN2Y2ZWVkZWJiZWJjYzMzMDE0YWJjZmNkMmQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwRHIXO63QEC0xLS+8q28OkHoCM7o
JW7y8qFZ2XuaPnoOkB3RgSEf0xju3ElmR070Of7Lf3q+M7+M7ncmIQvC4TSFnNM2
y3tOaHRVvxEDyZRDU8PmVq/L6ScqflJX92uG00c13vxj7dLMswzd0/aqfd1JKIW6
WxPyRIE8ygkLY2XKXgLlFlchNDCwKmTQvGIl3jXZAtzRd2CLtFyP/5knqsJ75cAw
5jlrbtMvP1uY2NGzt/1b0yLJ9kG7AXqpspHSOGKBMD7A7sBzyXxPdRyuZymxT6zL
bjJUYcZg419Nh/5WQtjcY+FuMzEcL2+EVXeX2BWL7QJ/QLwLrC6g0VJqkQIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFKi3PE6WP7f27t6768wzAUq8/NLYMB8GA1UdIwQY
MBaAFHJjM4inpc/pp8oZ/XTJItyxJWnTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY21NemlLZWx6LW1ueWhuOWRNa2kzTEVsYWRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS84MjMzZjItZDNjMC00NTAxLWE5Yzct
MTM4Yzg0MTdhZTkzLzEvcUxjOFRwWV90X2J1M3J2cnpETUJTcno4MHRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS84MjMzZjItZDNjMC00NTAxLWE5YzctMTM4Yzg0MTdhZTkz
LzEvY21NemlLZWx6LW1ueWhuOWRNa2kzTEVsYWRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDA8BAIAATA2AwQDLuKAAwQE
URcgAwQBVcwUAwQBVcwYAwQEWSNgAwQCuQL8AwQCuT8wAwQAufzDAwQDvF7IMBQE
AgACMA4DBQAqAA/IAwUAKgB4IDANBgkqhkiG9w0BAQsFAAOCAQEAfk4LazhzCoXy
O1MYSdlFdRZXZnfIHuyN2sy9eo8RbAsmNXfec0C/C4tFUgUcRB21NO0MWqiCKqy1
A0bXCwZPFZj5x0WdgRxysOX8yMUUuzmjyopD3dfNPD9OmD5I9PC0ft5QYqs3kMMu
Q/SjDbp63dQ508I8okvF4540mgWW2jP4joSSemhtLurTC8KVBRDkDqjVTbmUuozI
kB5MRdrY0vWDmh4rtD+WsFDyJ7hgpQyQAYy6sQTr540ZkfZwKV3W3+ZzaQYP9Fy6
MXwn2lPO3ydELrSluq0Ci12UcxYkp5FUrq+vXnkCC2KS5TnppNWJ9SXUn8B3jHmz
NxCbgKDTHA==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:56 2023 by rpki-client on console.sobornost.net