Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/5be8f7-1ad0-44bf-8b3e-791c5a85390d/1/r66xaOYwtsJyHJwjI0-9wdf4xYc.roa
File: r66xaOYwtsJyHJwjI0-9wdf4xYc.roa (raw, json)
Hash identifier: WQtDuslxxKyT+twtgDcWNXAg2DerB9flioAVWB8LILw=
Subject key identifier: AF:AE:B1:68:E6:30:B6:C2:72:1C:9C:23:23:4F:BD:C1:D7:F8:C5:87
Certificate issuer: /CN=a2ed0ba8b46ef251e5a058a64a21b307d3650ddc
Certificate serial: 0A12A5E1
Authority key identifier: A2:ED:0B:A8:B4:6E:F2:51:E5:A0:58:A6:4A:21:B3:07:D3:65:0D:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ou0LqLRu8lHloFimSiGzB9NlDdw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/5be8f7-1ad0-44bf-8b3e-791c5a85390d/1/r66xaOYwtsJyHJwjI0-9wdf4xYc.roa
Signing time: Mon 07 Feb 2022 11:10:49 +0000
ROA not before: Mon 07 Feb 2022 11:10:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 5466
IP address blocks: 194.125.192.0/19 maxlen: 19
95.44.0.0/15 maxlen: 15
82.141.192.0/18 maxlen: 18
217.183.0.0/16 maxlen: 16
83.174.160.0/19 maxlen: 19
195.7.32.0/19 maxlen: 19
194.106.128.0/19 maxlen: 19
194.125.128.0/18 maxlen: 18
51.171.0.0/16 maxlen: 16
159.134.0.0/16 maxlen: 24
185.57.112.0/22 maxlen: 22
62.77.160.0/19 maxlen: 19
83.70.0.0/15 maxlen: 15
213.94.128.0/17 maxlen: 17
213.190.128.0/19 maxlen: 19
86.40.0.0/13 maxlen: 13
2001:bb0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 168994273 (0xa12a5e1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a2ed0ba8b46ef251e5a058a64a21b307d3650ddc
Validity
Not Before: Feb 7 11:10:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=afaeb168e630b6c2721c9c23234fbdc1d7f8c587
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:ac:7d:8f:86:72:14:6c:5e:46:46:fe:39:78:
9f:02:19:a3:7a:e3:80:2a:10:0c:1f:ab:35:c3:70:
d7:e7:fe:4c:5a:d5:18:b9:f2:f8:8e:53:7c:b7:33:
68:44:3d:33:4a:fc:3a:c8:12:bf:96:e8:09:fb:94:
d4:70:15:7a:e4:a7:cc:cf:63:a0:80:c5:7d:b0:93:
b6:77:05:14:42:bd:56:ab:d4:b2:87:cf:d3:4d:c3:
fa:7f:14:c5:3e:77:f4:e3:c7:59:6d:e8:eb:92:09:
3d:cc:fa:83:77:33:f8:3b:35:3f:9a:c8:0b:66:e4:
00:10:93:c7:6e:de:03:1a:ac:f8:d7:6c:45:a5:8a:
46:76:91:6a:93:0c:75:a0:7d:c1:53:4a:c8:d3:e5:
da:b4:65:3c:0b:62:35:ba:b8:e3:bb:3d:bf:2e:01:
d9:df:8f:49:45:ac:e9:92:b2:3d:16:04:94:67:11:
f5:e4:1c:f3:9d:73:eb:fa:0a:37:8d:6d:ab:f8:03:
69:a1:9f:6c:9f:08:d5:1d:72:24:9e:f3:97:1e:39:
50:c6:7c:ea:4d:d9:82:7c:88:e7:0d:82:b4:35:f9:
d0:0d:14:83:b5:56:17:d7:c5:09:76:c8:c9:2c:f4:
97:5b:cf:be:a1:06:0e:8d:72:5a:f6:02:ba:b8:b5:
18:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:AE:B1:68:E6:30:B6:C2:72:1C:9C:23:23:4F:BD:C1:D7:F8:C5:87
X509v3 Authority Key Identifier:
keyid:A2:ED:0B:A8:B4:6E:F2:51:E5:A0:58:A6:4A:21:B3:07:D3:65:0D:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ou0LqLRu8lHloFimSiGzB9NlDdw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/5be8f7-1ad0-44bf-8b3e-791c5a85390d/1/r66xaOYwtsJyHJwjI0-9wdf4xYc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/5be8f7-1ad0-44bf-8b3e-791c5a85390d/1/ou0LqLRu8lHloFimSiGzB9NlDdw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.171.0.0/16
62.77.160.0/19
82.141.192.0/18
83.70.0.0/15
83.174.160.0/19
86.40.0.0/13
95.44.0.0/15
159.134.0.0/16
185.57.112.0/22
194.106.128.0/19
194.125.128.0-194.125.223.255
195.7.32.0/19
213.94.128.0/17
213.190.128.0/19
217.183.0.0/16
IPv6:
2001:bb0::/29
Signature Algorithm: sha256WithRSAEncryption
97:2a:03:1d:92:40:f1:62:9f:81:13:74:19:b0:95:5a:c8:e7:
42:42:a9:8f:f4:f3:8d:77:25:d5:03:bb:9c:73:30:a8:c3:bb:
f6:2e:b5:db:e0:76:5d:78:a2:ea:10:df:8d:21:f9:ad:12:03:
d2:6b:c1:88:66:1d:47:06:9f:ef:59:d4:76:1c:0e:56:7c:04:
e1:4e:a6:be:05:99:0a:9d:fc:f9:ed:f8:cf:ee:c4:11:df:8c:
53:33:a9:07:59:fb:07:d5:ad:c3:a9:47:1f:23:55:ad:cf:98:
30:8d:2e:e9:3e:0a:30:54:4a:17:2c:3c:09:d8:62:b9:bc:b4:
6a:2e:d3:4c:c8:1b:ba:76:c6:12:df:ac:8e:f5:90:f4:9c:31:
de:b8:98:ed:81:d4:4e:a5:fa:19:dc:8e:ca:64:5d:84:88:92:
2f:8c:a3:f2:f2:ac:6a:f5:f8:a1:ed:33:8f:db:53:28:1d:a7:
10:47:1d:d4:5c:6f:67:7a:8e:45:c9:15:7b:83:5a:db:5e:e3:
6b:1b:5d:ee:77:13:be:ad:16:20:89:eb:68:e4:c4:eb:58:16:
2c:f1:83:00:38:6c:7e:df:a2:d7:1e:08:4e:98:83:12:eb:a4:
29:68:02:ec:f9:5e:27:1f:a2:24:d2:14:30:ee:98:38:13:1b:
85:3c:20:0f
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgIEChKl4TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
MmVkMGJhOGI0NmVmMjUxZTVhMDU4YTY0YTIxYjMwN2QzNjUwZGRjMB4XDTIyMDIw
NzExMTA0OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWZhZWIxNjhlNjMw
YjZjMjcyMWM5YzIzMjM0ZmJkYzFkN2Y4YzU4NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANysfY+GchRsXkZG/jl4nwIZo3rjgCoQDB+rNcNw1+f+TFrV
GLny+I5TfLczaEQ9M0r8OsgSv5boCfuU1HAVeuSnzM9joIDFfbCTtncFFEK9VqvU
sofP003D+n8UxT539OPHWW3o65IJPcz6g3cz+Ds1P5rIC2bkABCTx27eAxqs+Nds
RaWKRnaRapMMdaB9wVNKyNPl2rRlPAtiNbq447s9vy4B2d+PSUWs6ZKyPRYElGcR
9eQc851z6/oKN41tq/gDaaGfbJ8I1R1yJJ7zlx45UMZ86k3ZgnyI5w2CtDX50A0U
g7VWF9fFCXbIySz0l1vPvqEGDo1yWvYCuri1GGUCAwEAAaOCAm8wggJrMB0GA1Ud
DgQWBBSvrrFo5jC2wnIcnCMjT73B1/jFhzAfBgNVHSMEGDAWgBSi7QuotG7yUeWg
WKZKIbMH02UN3DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L291MExxTFJ1OGxIbG9GaW1TaUd6QjlObERkdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTAvNWJlOGY3LTFhZDAtNDRiZi04YjNlLTc5MWM1YTg1MzkwZC8x
L3I2NnhhT1l3dHNKeUhKd2pJMC05d2RmNHhZYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTAv
NWJlOGY3LTFhZDAtNDRiZi04YjNlLTc5MWM1YTg1MzkwZC8xL291MExxTFJ1OGxI
bG9GaW1TaUd6QjlObERkdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
hAYIKwYBBQUHAQcBAf8EdTBzMGIEAgABMFwDAwAzqwMEBT5NoAMEBlKNwAMDAVNG
AwQFU66gAwMDVigDAwFfLAMDAJ+GAwQCuTlwAwQFwmqAMAwDBAfCfYADBAXCfcAD
BAXDByADBAfVXoADBAXVvoADAwDZtzANBAIAAjAHAwUDIAELsDANBgkqhkiG9w0B
AQsFAAOCAQEAlyoDHZJA8WKfgRN0GbCVWsjnQkKpj/TzjXcl1QO7nHMwqMO79i61
2+B2XXii6hDfjSH5rRID0mvBiGYdRwaf71nUdhwOVnwE4U6mvgWZCp38+e34z+7E
Ed+MUzOpB1n7B9Wtw6lHHyNVrc+YMI0u6T4KMFRKFyw8Cdhiuby0ai7TTMgbunbG
Et+sjvWQ9Jwx3riY7YHUTqX6GdyOymRdhIiSL4yj8vKsavX4oe0zj9tTKB2nEEcd
1FxvZ3qORckVe4Na217jaxtd7ncTvq0WIInraOTE61gWLPGDADhsft+i1x4ITpiD
EuukKWgC7PleJx+iJNIUMO6YOBMbhTwgDw==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:28 2023 by rpki-client on console.sobornost.net