Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/e7da9a-932a-467b-b2d2-97042891eb99/1/pJtrRNSFfKSmVusIM9nbesCWljo.roa
File: pJtrRNSFfKSmVusIM9nbesCWljo.roa (raw, json)
Hash identifier: alcVkEFVLUiVziwhqiZVhLcY3LTmbl/L+hN8Uz+eh8M=
Subject key identifier: A4:9B:6B:44:D4:85:7C:A4:A6:56:EB:08:33:D9:DB:7A:C0:96:96:3A
Certificate issuer: /CN=f382cb13dde12658cdac18cacae91fbbf5c58090
Certificate serial: 08B452BA
Authority key identifier: F3:82:CB:13:DD:E1:26:58:CD:AC:18:CA:CA:E9:1F:BB:F5:C5:80:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/84LLE93hJljNrBjKyukfu_XFgJA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/e7da9a-932a-467b-b2d2-97042891eb99/1/pJtrRNSFfKSmVusIM9nbesCWljo.roa
Signing time: Fri 29 Apr 2022 09:46:30 +0000
ROA not before: Fri 29 Apr 2022 09:46:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207190
IP address blocks: 178.236.43.0/24 maxlen: 24
178.236.42.0/24 maxlen: 24
178.236.44.0/24 maxlen: 24
178.236.41.0/24 maxlen: 24
178.236.40.0/24 maxlen: 24
178.236.46.0/24 maxlen: 24
178.236.45.0/24 maxlen: 24
178.236.47.0/24 maxlen: 24
193.218.38.0/24 maxlen: 24
193.203.215.0/24 maxlen: 24
193.218.39.0/24 maxlen: 24
193.203.214.0/24 maxlen: 24
45.141.71.0/24 maxlen: 24
45.141.68.0/24 maxlen: 24
45.141.70.0/24 maxlen: 24
45.141.69.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 146035386 (0x8b452ba)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f382cb13dde12658cdac18cacae91fbbf5c58090
Validity
Not Before: Apr 29 09:46:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a49b6b44d4857ca4a656eb0833d9db7ac096963a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:2b:1b:d8:5b:2c:f2:3d:e5:93:a6:99:6c:51:
ab:5e:17:ed:4b:8d:fd:17:4d:53:9c:ee:d8:13:ab:
3a:09:79:8f:c7:80:2d:a6:6b:ab:ab:22:cd:5b:fc:
1a:86:01:71:84:b1:95:72:46:af:e2:c2:a9:9f:27:
1a:3e:02:8e:77:bf:1e:d6:81:76:6c:e2:ec:95:3a:
b5:47:82:90:6a:3d:af:7f:08:1d:4c:9c:ff:0b:ef:
ed:45:4d:0b:49:5f:c2:87:75:e1:d5:8f:ef:88:c4:
f0:51:12:fc:3c:3c:79:85:ad:31:11:bd:11:15:32:
de:9e:10:50:d2:c1:14:58:7e:1b:7e:8e:81:c0:7a:
78:47:ec:fe:59:b7:aa:5b:17:bb:20:7a:2b:97:8a:
a0:10:05:6c:cd:b3:9f:15:d2:2c:c9:35:81:88:0a:
7f:02:18:95:eb:af:b9:5d:af:38:12:30:c9:0a:e3:
21:90:4a:7b:d1:47:b1:f8:65:bd:f0:dd:17:c8:75:
f2:5a:c3:8b:00:15:92:64:01:bc:4e:50:58:a1:51:
18:08:70:5d:09:3d:14:1e:12:b7:d9:f0:2d:bb:64:
9f:c5:8e:2b:3a:a8:88:7f:bf:4d:95:b7:f9:11:97:
c8:a8:19:17:9e:9c:b4:5a:a3:89:06:80:58:65:c4:
4a:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:9B:6B:44:D4:85:7C:A4:A6:56:EB:08:33:D9:DB:7A:C0:96:96:3A
X509v3 Authority Key Identifier:
keyid:F3:82:CB:13:DD:E1:26:58:CD:AC:18:CA:CA:E9:1F:BB:F5:C5:80:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/84LLE93hJljNrBjKyukfu_XFgJA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/e7da9a-932a-467b-b2d2-97042891eb99/1/pJtrRNSFfKSmVusIM9nbesCWljo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/e7da9a-932a-467b-b2d2-97042891eb99/1/84LLE93hJljNrBjKyukfu_XFgJA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.68.0/22
178.236.40.0/21
193.203.214.0/23
193.218.38.0/23
Signature Algorithm: sha256WithRSAEncryption
0e:3f:38:23:d5:e9:05:ba:38:52:85:ae:87:5a:e9:7a:5c:b1:
5e:44:6b:6b:5c:39:22:4c:42:e6:34:49:c3:5d:45:d0:29:fd:
65:e3:96:4d:ce:8a:50:be:c3:71:65:98:ea:78:7e:43:45:30:
19:b8:7e:3b:66:70:81:84:ae:cc:40:e7:ab:ed:71:93:2a:3d:
9b:18:83:85:97:ab:73:78:78:38:97:59:fa:26:45:a6:1f:55:
83:d4:18:f6:8b:82:1a:ab:e8:cc:3d:53:ee:dc:86:de:86:0c:
bb:3c:25:e9:6d:a6:84:90:0a:1a:f0:38:54:6c:27:a3:f8:ac:
0c:69:a6:81:8f:41:70:46:0c:a0:87:21:7a:48:90:f0:8a:99:
b4:bc:63:d6:b6:c4:9f:1f:a9:a7:6d:5e:10:24:ad:04:bd:95:
f3:a6:1b:ac:92:6f:fa:19:e3:94:21:43:89:70:d0:3b:1a:d6:
79:07:6f:f5:dc:8a:09:d9:a3:c8:d7:6f:a8:99:7e:78:42:52:
d8:ef:cc:4f:86:33:fa:c3:0d:ef:ed:86:57:54:f0:77:55:67:
98:89:06:02:13:97:38:0b:5b:ab:11:13:df:a6:a9:13:26:97:
07:41:f5:e9:f4:ae:85:73:05:7e:0a:60:ce:15:cb:f5:45:32:
46:3a:eb:e1
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIECLRSujANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
MzgyY2IxM2RkZTEyNjU4Y2RhYzE4Y2FjYWU5MWZiYmY1YzU4MDkwMB4XDTIyMDQy
OTA5NDYzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTQ5YjZiNDRkNDg1
N2NhNGE2NTZlYjA4MzNkOWRiN2FjMDk2OTYzYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALYrG9hbLPI95ZOmmWxRq14X7UuN/RdNU5zu2BOrOgl5j8eA
LaZrq6sizVv8GoYBcYSxlXJGr+LCqZ8nGj4Cjne/HtaBdmzi7JU6tUeCkGo9r38I
HUyc/wvv7UVNC0lfwod14dWP74jE8FES/Dw8eYWtMRG9ERUy3p4QUNLBFFh+G36O
gcB6eEfs/lm3qlsXuyB6K5eKoBAFbM2znxXSLMk1gYgKfwIYleuvuV2vOBIwyQrj
IZBKe9FHsfhlvfDdF8h18lrDiwAVkmQBvE5QWKFRGAhwXQk9FB4St9nwLbtkn8WO
KzqoiH+/TZW3+RGXyKgZF56ctFqjiQaAWGXESt8CAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBSkm2tE1IV8pKZW6wgz2dt6wJaWOjAfBgNVHSMEGDAWgBTzgssT3eEmWM2s
GMrK6R+79cWAkDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
Lzg0TExFOTNoSmxqTnJCakt5dWtmdV9YRmdKQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzIvZTdkYTlhLTkzMmEtNDY3Yi1iMmQyLTk3MDQyODkxZWI5OS8x
L3BKdHJSTlNGZktTbVZ1c0lNOW5iZXNDV2xqby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzIv
ZTdkYTlhLTkzMmEtNDY3Yi1iMmQyLTk3MDQyODkxZWI5OS8xLzg0TExFOTNoSmxq
TnJCakt5dWtmdV9YRmdKQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAi2NRAMEA7LsKAMEAcHL1gMEAcHa
JjANBgkqhkiG9w0BAQsFAAOCAQEADj84I9XpBbo4UoWuh1rpelyxXkRra1w5IkxC
5jRJw11F0Cn9ZeOWTc6KUL7DcWWY6nh+Q0UwGbh+O2ZwgYSuzEDnq+1xkyo9mxiD
hZerc3h4OJdZ+iZFph9Vg9QY9ouCGqvozD1T7tyG3oYMuzwl6W2mhJAKGvA4VGwn
o/isDGmmgY9BcEYMoIchekiQ8IqZtLxj1rbEnx+pp21eECStBL2V86YbrJJv+hnj
lCFDiXDQOxrWeQdv9dyKCdmjyNdvqJl+eEJS2O/MT4Yz+sMN7+2GV1Twd1VnmIkG
AhOXOAtbqxET36apEyaXB0H16fSuhXMFfgpgzhXL9UUyRjrr4Q==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:28 2023 by rpki-client on console.sobornost.net