Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/9f682c-1c57-4ce5-bb98-0605c089fc38/1/4ffTD7dtvpMGRsz85hndgYHOPVY.roa
File: 4ffTD7dtvpMGRsz85hndgYHOPVY.roa (raw, json)
Hash identifier: a1y6TqhcVEhbWOjkpyTVOMc/AobkoHngYxOZ5mUHZHA=
Subject key identifier: E1:F7:D3:0F:B7:6D:BE:93:06:46:CC:FC:E6:19:DD:81:81:CE:3D:56
Certificate issuer: /CN=b38bb62a47b1a2aedb70f32f58c979ba0c777f06
Certificate serial: 15498CA8
Authority key identifier: B3:8B:B6:2A:47:B1:A2:AE:DB:70:F3:2F:58:C9:79:BA:0C:77:7F:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s4u2Kkexoq7bcPMvWMl5ugx3fwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/9f682c-1c57-4ce5-bb98-0605c089fc38/1/4ffTD7dtvpMGRsz85hndgYHOPVY.roa
Signing time: Sat 01 Jan 2022 07:57:29 +0000
ROA not before: Sat 01 Jan 2022 07:57:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34245
IP address blocks: 185.106.88.0/22 maxlen: 24
212.17.32.0/19 maxlen: 24
87.192.80.0/24 maxlen: 24
89.124.242.0/23 maxlen: 24
89.124.244.0/24 maxlen: 24
87.232.193.0/24 maxlen: 24
213.159.128.0/22 maxlen: 24
87.192.220.0/23 maxlen: 24
85.91.0.0/19 maxlen: 24
87.198.204.0/24 maxlen: 24
87.232.128.0/21 maxlen: 24
87.198.0.0/16 maxlen: 24
87.232.64.0/18 maxlen: 24
213.79.32.0/19 maxlen: 24
89.127.253.0/24 maxlen: 24
89.127.252.0/23 maxlen: 24
89.127.252.0/24 maxlen: 24
87.232.224.0/24 maxlen: 24
87.232.250.0/23 maxlen: 24
87.232.252.0/22 maxlen: 24
87.232.32.0/19 maxlen: 24
2a01:148::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 357141672 (0x15498ca8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b38bb62a47b1a2aedb70f32f58c979ba0c777f06
Validity
Not Before: Jan 1 07:57:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e1f7d30fb76dbe930646ccfce619dd8181ce3d56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:7f:63:ae:b7:99:eb:d8:a3:1d:e2:48:37:f3:
45:17:35:e1:64:75:71:95:fe:f2:c9:51:6d:93:8b:
60:92:e2:92:7d:5a:b7:f5:41:64:c3:3c:e0:84:fc:
f6:47:68:17:59:e9:f6:23:d7:04:c7:42:67:bb:9d:
f8:42:ca:69:81:86:b1:33:9f:12:b4:4c:fc:c4:67:
0c:c4:b6:f4:bc:15:6a:53:a9:d1:b5:57:ac:1f:a6:
16:22:f2:50:bb:96:6e:dc:bc:80:94:51:c0:da:64:
81:b9:c5:35:84:6e:9d:c2:9d:c9:d2:2c:93:7a:0f:
51:25:ec:35:59:9e:78:8e:43:57:bb:7d:1b:ba:9d:
e2:95:4c:15:d5:8c:e1:6e:5c:e2:9e:be:01:1e:17:
f0:6a:ea:16:5c:9a:5c:c2:a0:53:28:a4:f3:9b:3f:
c8:d1:32:a3:19:76:86:2d:c6:cc:dd:11:9d:7c:8a:
71:8d:11:75:58:17:03:58:0e:e2:48:5c:03:28:da:
99:ac:0c:6c:e4:9d:c5:0d:9f:f2:d9:ac:c6:c2:ab:
b1:8c:bb:b5:16:a0:2f:51:31:8b:8d:47:77:c1:97:
bf:d9:87:82:57:4f:c6:17:9a:8a:bc:12:a7:c2:60:
9e:e7:e9:2f:2b:44:b7:4d:1e:38:b5:13:e7:d8:34:
81:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:F7:D3:0F:B7:6D:BE:93:06:46:CC:FC:E6:19:DD:81:81:CE:3D:56
X509v3 Authority Key Identifier:
keyid:B3:8B:B6:2A:47:B1:A2:AE:DB:70:F3:2F:58:C9:79:BA:0C:77:7F:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s4u2Kkexoq7bcPMvWMl5ugx3fwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/9f682c-1c57-4ce5-bb98-0605c089fc38/1/4ffTD7dtvpMGRsz85hndgYHOPVY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/9f682c-1c57-4ce5-bb98-0605c089fc38/1/s4u2Kkexoq7bcPMvWMl5ugx3fwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.91.0.0/19
87.192.80.0/24
87.192.220.0/23
87.198.0.0/16
87.232.32.0-87.232.135.255
87.232.193.0/24
87.232.224.0/24
87.232.250.0-87.232.255.255
89.124.242.0-89.124.244.255
89.127.252.0/23
185.106.88.0/22
212.17.32.0/19
213.79.32.0/19
213.159.128.0/22
IPv6:
2a01:148::/29
Signature Algorithm: sha256WithRSAEncryption
5d:4e:1a:a9:21:d0:34:47:5c:ff:75:49:ab:72:95:78:ac:a6:
78:b9:7b:2e:c5:19:73:f4:f4:dc:46:e5:dc:68:c4:de:fd:9d:
ce:40:5e:e8:40:d6:f3:26:0e:fc:bf:45:e1:5f:ee:8c:0c:84:
a5:27:8c:5b:e7:7d:8a:c8:63:55:b0:86:c7:e2:83:36:26:ee:
f8:4f:c8:af:b7:d8:22:18:9c:4c:53:e6:21:d6:91:55:f1:1e:
e4:09:d0:ed:c9:ea:22:08:37:16:d6:d5:62:68:93:e3:c2:5a:
ff:76:a8:55:da:16:7c:29:80:a5:f2:f3:15:07:60:9a:27:2c:
a7:5f:9b:3c:dd:24:ba:7b:c1:da:44:56:09:59:b8:c1:85:58:
10:e2:cd:83:b4:40:eb:72:62:d3:83:2b:5e:2e:cd:cb:d9:39:
5c:44:e5:cf:39:5e:01:9f:20:5d:c4:60:c1:13:62:1f:c5:09:
20:d3:5a:25:51:fd:38:31:6a:69:d9:f6:5e:ce:2e:d9:89:93:
33:c7:e5:1a:b6:0d:b7:12:a4:ac:4f:84:99:ac:ff:9b:6a:b5:
6b:c4:d3:c6:2c:09:16:04:dc:9c:ec:75:4c:a4:61:86:e8:bb:
5d:b4:aa:3c:3a:b5:4f:f9:0e:91:48:dc:84:03:0f:80:68:72:
48:d7:d5:03
-----BEGIN CERTIFICATE-----
MIIFZTCCBE2gAwIBAgIEFUmMqDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MzhiYjYyYTQ3YjFhMmFlZGI3MGYzMmY1OGM5NzliYTBjNzc3ZjA2MB4XDTIyMDEw
MTA3NTcyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTFmN2QzMGZiNzZk
YmU5MzA2NDZjY2ZjZTYxOWRkODE4MWNlM2Q1NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI9/Y663mevYox3iSDfzRRc14WR1cZX+8slRbZOLYJLikn1a
t/VBZMM84IT89kdoF1np9iPXBMdCZ7ud+ELKaYGGsTOfErRM/MRnDMS29LwValOp
0bVXrB+mFiLyULuWbty8gJRRwNpkgbnFNYRuncKdydIsk3oPUSXsNVmeeI5DV7t9
G7qd4pVMFdWM4W5c4p6+AR4X8GrqFlyaXMKgUyik85s/yNEyoxl2hi3GzN0RnXyK
cY0RdVgXA1gO4khcAyjamawMbOSdxQ2f8tmsxsKrsYy7tRagL1Exi41Hd8GXv9mH
gldPxheairwSp8JgnufpLytEt00eOLUT59g0gUsCAwEAAaOCAn8wggJ7MB0GA1Ud
DgQWBBTh99MPt22+kwZGzPzmGd2Bgc49VjAfBgNVHSMEGDAWgBSzi7YqR7Girttw
8y9YyXm6DHd/BjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3M0dTJLa2V4b3E3YmNQTXZXTWw1dWd4M2Z3WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWIvOWY2ODJjLTFjNTctNGNlNS1iYjk4LTA2MDVjMDg5ZmMzOC8x
LzRmZlREN2R0dnBNR1Jzejg1aG5kZ1lIT1BWWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWIv
OWY2ODJjLTFjNTctNGNlNS1iYjk4LTA2MDVjMDg5ZmMzOC8xL3M0dTJLa2V4b3E3
YmNQTXZXTWw1dWd4M2Z3WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
lAYIKwYBBQUHAQcBAf8EgYQwgYEwcAQCAAEwagMEBVVbAAMEAFfAUAMEAVfA3AMD
AFfGMAwDBAVX6CADBANX6IADBABX6MEDBABX6OAwCwMEAVfo+gMDAFfoMAwDBAFZ
fPIDBABZfPQDBAFZf/wDBAK5algDBAXUESADBAXVTyADBALVn4AwDQQCAAIwBwMF
AyoBAUgwDQYJKoZIhvcNAQELBQADggEBAF1OGqkh0DRHXP91SatylXispni5ey7F
GXP09NxG5dxoxN79nc5AXuhA1vMmDvy/ReFf7owMhKUnjFvnfYrIY1WwhsfigzYm
7vhPyK+32CIYnExT5iHWkVXxHuQJ0O3J6iIINxbW1WJok+PCWv92qFXaFnwpgKXy
8xUHYJonLKdfmzzdJLp7wdpEVglZuMGFWBDizYO0QOtyYtODK14uzcvZOVxE5c85
XgGfIF3EYMETYh/FCSDTWiVR/TgxamnZ9l7OLtmJkzPH5Rq2DbcSpKxPhJms/5tq
tWvE08YsCRYE3JzsdUykYYbou120qjw6tU/5DpFI3IQDD4BockjX1QM=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:08 2023 by rpki-client on console.sobornost.net