Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/21WXlp8UGSxxG5zDQ9cnU0krzJg.roa
File: 21WXlp8UGSxxG5zDQ9cnU0krzJg.roa (raw, json)
Hash identifier: e4Kgzoy9WDrAAEFHc/YnXVoCiE9y09U6j44CHb1nTQ8=
Subject key identifier: DB:55:97:96:9F:14:19:2C:71:1B:9C:C3:43:D7:27:53:49:2B:CC:98
Certificate issuer: /CN=7df132df13e4be53d8250c8c48420264eef6c14c
Certificate serial: 17474AB1
Authority key identifier: 7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/21WXlp8UGSxxG5zDQ9cnU0krzJg.roa
Signing time: Sat 01 Jan 2022 16:03:48 +0000
ROA not before: Sat 01 Jan 2022 16:03:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41749
IP address blocks: 89.43.54.0/24 maxlen: 24
89.44.125.0/24 maxlen: 24
89.47.42.0/24 maxlen: 24
86.106.134.0/24 maxlen: 24
188.241.188.0/23 maxlen: 23
89.47.88.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 390548145 (0x17474ab1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7df132df13e4be53d8250c8c48420264eef6c14c
Validity
Not Before: Jan 1 16:03:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=db5597969f14192c711b9cc343d72753492bcc98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:be:8b:fa:02:05:bf:37:1f:11:66:22:39:fc:
98:5e:40:82:f1:b8:13:61:f1:ce:47:fa:79:96:b8:
0b:eb:73:5f:66:39:a4:46:57:58:e3:0d:48:38:df:
e1:9a:2b:c2:b4:32:f5:45:13:dc:76:be:f4:4a:8c:
25:7c:c7:f6:63:3a:2a:f2:4e:f0:e7:fe:44:0e:47:
d6:cb:04:28:bc:ed:76:8d:d0:31:78:98:af:e8:fe:
fe:31:13:72:71:ce:11:71:06:d0:69:c8:82:42:8a:
79:02:73:da:6e:28:9c:59:3a:14:a6:c4:e4:e9:bf:
68:2e:fc:12:62:21:a1:13:3e:9b:7e:fb:b8:c0:28:
01:b4:9e:b3:65:83:a1:b7:25:1e:37:ff:fc:00:82:
2a:09:9c:89:4f:bd:65:87:3f:f6:53:24:09:7d:40:
da:3c:52:2a:a7:5c:f6:ed:02:7a:1b:7e:22:af:e0:
f9:54:57:8b:82:f4:60:e3:9a:00:54:0c:26:76:4c:
54:65:69:36:8e:7e:e7:13:15:41:96:4d:e6:01:2d:
f9:c9:97:06:8f:7f:47:c9:b6:18:0f:f6:2a:8b:24:
52:13:8c:e7:e8:79:30:e2:1e:56:e2:4a:1f:a5:a2:
ea:41:f2:0f:2e:8f:dd:45:fd:db:86:d7:da:a2:cd:
b8:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:55:97:96:9F:14:19:2C:71:1B:9C:C3:43:D7:27:53:49:2B:CC:98
X509v3 Authority Key Identifier:
keyid:7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/21WXlp8UGSxxG5zDQ9cnU0krzJg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.106.134.0/24
89.43.54.0/24
89.44.125.0/24
89.47.42.0/24
89.47.88.0/24
188.241.188.0/23
Signature Algorithm: sha256WithRSAEncryption
5a:9c:ec:75:1d:64:fa:d9:56:23:ec:58:cb:ba:64:56:5e:12:
04:09:8b:21:80:c0:3f:bc:7c:ba:07:4b:4e:39:0a:6c:04:43:
ad:af:89:7b:8a:d4:2c:15:df:94:82:7a:df:26:3d:be:dc:ab:
78:03:cb:e9:4e:5e:ba:f7:0e:87:7d:6c:c8:75:ad:3d:0e:33:
13:30:a3:54:66:98:1c:79:5a:40:0b:35:2a:48:fe:ec:51:9c:
b1:30:6f:5b:62:96:07:db:40:2d:a6:5a:a3:5a:a7:e3:18:bc:
93:4d:24:53:b7:b2:06:d3:ea:b1:1d:08:15:61:e5:50:2e:1f:
75:d6:15:91:0b:2a:2b:e6:32:a8:f7:73:28:8a:3b:2c:32:ef:
22:02:6e:90:ab:1a:a5:ec:f9:20:5f:81:f3:13:9b:cf:93:7a:
09:b8:cb:3d:aa:08:2c:06:b6:6f:9e:b5:b8:12:cf:f7:57:35:
4b:5c:18:a5:dd:fd:39:9e:2d:03:7a:76:2d:8d:83:69:40:9a:
af:f6:b6:33:d5:a2:df:99:32:42:31:58:4f:50:65:ff:b3:f9:
69:04:4d:46:c3:0c:53:5c:f2:73:01:19:14:aa:86:c7:2c:03:
c6:dd:43:d5:02:ef:e2:c1:32:86:06:94:63:d6:f2:5c:1b:0f:
90:4c:ac:63
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIEF0dKsTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
ZGYxMzJkZjEzZTRiZTUzZDgyNTBjOGM0ODQyMDI2NGVlZjZjMTRjMB4XDTIyMDEw
MTE2MDM0OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGI1NTk3OTY5ZjE0
MTkyYzcxMWI5Y2MzNDNkNzI3NTM0OTJiY2M5ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOm+i/oCBb83HxFmIjn8mF5AgvG4E2Hxzkf6eZa4C+tzX2Y5
pEZXWOMNSDjf4ZorwrQy9UUT3Ha+9EqMJXzH9mM6KvJO8Of+RA5H1ssEKLztdo3Q
MXiYr+j+/jETcnHOEXEG0GnIgkKKeQJz2m4onFk6FKbE5Om/aC78EmIhoRM+m377
uMAoAbSes2WDobclHjf//ACCKgmciU+9ZYc/9lMkCX1A2jxSKqdc9u0Ceht+Iq/g
+VRXi4L0YOOaAFQMJnZMVGVpNo5+5xMVQZZN5gEt+cmXBo9/R8m2GA/2KoskUhOM
5+h5MOIeVuJKH6Wi6kHyDy6P3UX924bX2qLNuIECAwEAAaOCAicwggIjMB0GA1Ud
DgQWBBTbVZeWnxQZLHEbnMND1ydTSSvMmDAfBgNVHSMEGDAWgBR98TLfE+S+U9gl
DIxIQgJk7vbBTDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2ZmRXkzeFBrdmxQWUpReU1TRUlDWk83MndVdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmUvYzM3NDk3LTYzNzYtNDYxZS05M2M2LTk3Nzg2NzRlZGM5Ny8x
LzIxV1hscDhVR1N4eEc1ekRROWNuVTBrcnpKZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmUv
YzM3NDk3LTYzNzYtNDYxZS05M2M2LTk3Nzg2NzRlZGM5Ny8xL2ZmRXkzeFBrdmxQ
WUpReU1TRUlDWk83MndVdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA9
BggrBgEFBQcBBwEB/wQuMCwwKgQCAAEwJAMEAFZqhgMEAFkrNgMEAFksfQMEAFkv
KgMEAFkvWAMEAbzxvDANBgkqhkiG9w0BAQsFAAOCAQEAWpzsdR1k+tlWI+xYy7pk
Vl4SBAmLIYDAP7x8ugdLTjkKbARDra+Je4rULBXflIJ63yY9vtyreAPL6U5euvcO
h31syHWtPQ4zEzCjVGaYHHlaQAs1Kkj+7FGcsTBvW2KWB9tALaZao1qn4xi8k00k
U7eyBtPqsR0IFWHlUC4fddYVkQsqK+YyqPdzKIo7LDLvIgJukKsapez5IF+B8xOb
z5N6CbjLPaoILAa2b561uBLP91c1S1wYpd39OZ4tA3p2LY2DaUCar/a2M9Wi35ky
QjFYT1Bl/7P5aQRNRsMMU1zycwEZFKqGxywDxt1D1QLv4sEyhgaUY9byXBsPkEys
Yw==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:04 2023 by rpki-client on console.sobornost.net