Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/a82f43-502b-42fb-88eb-83bd66f4e6f6/1/bo4lZ--322xpvrsi11QlqzPJU8k.roa
File: bo4lZ--322xpvrsi11QlqzPJU8k.roa (raw, json)
Hash identifier: cMhfVi+FJmixxMIPAy3rpDNjWlUsp5IGHfHUoYcFFDs=
Subject key identifier: 6E:8E:25:67:EF:B7:DB:6C:69:BE:BB:22:D7:54:25:AB:33:C9:53:C9
Certificate issuer: /CN=cec63b87a8aec093dbe47dcca92860ea841228e0
Certificate serial: 0183AC75526942B60FAF73F03661FF554E77
Authority key identifier: CE:C6:3B:87:A8:AE:C0:93:DB:E4:7D:CC:A9:28:60:EA:84:12:28:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zsY7h6iuwJPb5H3MqShg6oQSKOA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/a82f43-502b-42fb-88eb-83bd66f4e6f6/1/bo4lZ--322xpvrsi11QlqzPJU8k.roa
Signing time: Thu 06 Oct 2022 08:41:53 +0000
ROA not before: Thu 06 Oct 2022 08:41:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29513
IP address blocks: 46.31.208.0/21 maxlen: 21
89.251.48.0/20 maxlen: 20
194.180.228.0/22 maxlen: 22
146.66.144.0/21 maxlen: 21
146.66.149.0/24 maxlen: 24
37.60.184.0/21 maxlen: 21
193.105.225.0/24 maxlen: 24
217.64.48.0/20 maxlen: 20
2a06:15c0::/29 maxlen: 29
2a01:1c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:ac:75:52:69:42:b6:0f:af:73:f0:36:61:ff:55:4e:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cec63b87a8aec093dbe47dcca92860ea841228e0
Validity
Not Before: Oct 6 08:41:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6e8e2567efb7db6c69bebb22d75425ab33c953c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:99:73:07:86:a5:0e:fe:5c:e1:be:6d:f2:72:
35:29:8b:8f:56:74:fb:45:01:76:52:42:91:96:12:
69:a8:b7:99:2e:3f:78:fc:84:2e:74:a7:1d:65:62:
b4:6a:19:83:9f:45:79:df:67:8e:a5:91:6e:b3:b0:
b9:30:5b:a8:30:25:82:13:07:b6:8b:bb:0c:51:50:
4f:d2:37:65:ba:ca:1d:65:80:6a:d3:a8:04:a0:0c:
9a:2f:5b:a2:eb:64:40:d2:2b:94:4d:54:23:82:41:
99:f9:54:c8:a1:40:e2:6d:ae:a4:e2:2d:69:5c:4b:
95:3a:78:5c:ef:14:7a:73:e2:26:f0:d3:3c:0e:99:
92:94:d8:37:66:48:62:41:80:cc:35:70:f8:7d:a9:
ab:31:7f:04:bf:c2:ca:d6:1b:bd:b9:d0:cd:63:a4:
21:a9:33:fb:86:ae:f8:7e:14:15:08:d6:29:a2:47:
a5:9c:84:f1:e7:b1:7f:55:df:81:a4:5a:a0:fc:04:
07:67:31:38:05:b0:e8:47:48:bc:35:f6:b0:a5:78:
74:07:1d:48:f2:fe:24:3d:55:62:fe:b8:46:26:5a:
49:c8:be:40:0f:9e:33:b8:37:4f:5f:82:4d:12:f3:
2a:43:a5:6e:91:f4:8b:a7:e0:1a:c3:ce:6d:95:48:
dc:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:8E:25:67:EF:B7:DB:6C:69:BE:BB:22:D7:54:25:AB:33:C9:53:C9
X509v3 Authority Key Identifier:
keyid:CE:C6:3B:87:A8:AE:C0:93:DB:E4:7D:CC:A9:28:60:EA:84:12:28:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zsY7h6iuwJPb5H3MqShg6oQSKOA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/a82f43-502b-42fb-88eb-83bd66f4e6f6/1/bo4lZ--322xpvrsi11QlqzPJU8k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/a82f43-502b-42fb-88eb-83bd66f4e6f6/1/zsY7h6iuwJPb5H3MqShg6oQSKOA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.60.184.0/21
46.31.208.0/21
89.251.48.0/20
146.66.144.0/21
193.105.225.0/24
194.180.228.0/22
217.64.48.0/20
IPv6:
2a01:1c0::/32
2a06:15c0::/29
Signature Algorithm: sha256WithRSAEncryption
42:74:dc:5d:c6:1a:f1:8b:67:72:84:d7:9f:71:93:9a:de:f8:
72:ca:10:a7:40:8f:9d:1c:bc:47:3c:88:1e:af:d1:ed:6a:57:
f2:16:97:bf:9d:38:56:32:fc:48:f4:69:80:f3:83:f8:fc:52:
7d:11:97:5c:fd:26:ed:27:6e:d6:41:d6:1e:9f:84:b1:94:03:
d3:b0:f1:0f:de:18:cc:86:95:b4:a3:7f:b1:52:6f:d3:dc:b2:
1b:1c:c9:36:22:d7:85:36:73:4f:87:79:83:d6:ca:5d:5f:2f:
35:89:0e:c9:87:59:31:71:18:f7:f2:f8:95:b1:91:d4:c2:c4:
21:41:4d:8d:e6:7a:fd:84:e5:33:ec:a0:4a:ee:e0:31:2e:64:
aa:5e:3a:a8:d5:8c:58:78:48:97:7b:25:f2:36:ea:20:07:83:
4f:d9:31:fc:84:33:4a:48:6f:d4:a1:f1:89:de:b7:b9:f3:fc:
5e:f9:d0:2f:48:d6:3b:27:50:d3:44:33:05:51:24:67:88:81:
ec:36:e1:94:23:38:c9:a4:db:52:00:18:c8:88:38:8b:db:47:
8f:d2:03:14:c1:a0:43:54:fd:f6:62:8e:a7:de:99:c2:e6:02:
b6:63:68:98:da:c9:c0:16:5b:16:82:58:b7:54:2a:1e:9d:54:
57:b9:19:2c
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAYOsdVJpQrYPr3PwNmH/VU53MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlYzYzYjg3YThhZWMwOTNkYmU0N2RjY2E5Mjg2MGVhODQx
MjI4ZTAwHhcNMjIxMDA2MDg0MTUzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZThlMjU2N2VmYjdkYjZjNjliZWJiMjJkNzU0MjVhYjMzYzk1M2M5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiplzB4alDv5c4b5t8nI1KYuPVnT7
RQF2UkKRlhJpqLeZLj94/IQudKcdZWK0ahmDn0V532eOpZFus7C5MFuoMCWCEwe2
i7sMUVBP0jdlusodZYBq06gEoAyaL1ui62RA0iuUTVQjgkGZ+VTIoUDiba6k4i1p
XEuVOnhc7xR6c+Im8NM8DpmSlNg3ZkhiQYDMNXD4famrMX8Ev8LK1hu9udDNY6Qh
qTP7hq74fhQVCNYpokelnITx57F/Vd+BpFqg/AQHZzE4BbDoR0i8NfawpXh0Bx1I
8v4kPVVi/rhGJlpJyL5AD54zuDdPX4JNEvMqQ6VukfSLp+Aaw85tlUjctwIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFG6OJWfvt9tsab67ItdUJaszyVPJMB8GA1UdIwQY
MBaAFM7GO4eorsCT2+R9zKkoYOqEEijgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenNZN2g2aXV3SlBiNUgzTXFTaGc2b1FTS09BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi9hODJmNDMtNTAyYi00MmZiLTg4ZWIt
ODNiZDY2ZjRlNmY2LzEvYm80bFotLTMyMnhwdnJzaTExUWxxelBKVThrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi9hODJmNDMtNTAyYi00MmZiLTg4ZWItODNiZDY2ZjRlNmY2
LzEvenNZN2g2aXV3SlBiNUgzTXFTaGc2b1FTS09BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDAwBAIAATAqAwQDJTy4AwQD
Lh/QAwQEWfswAwQDkkKQAwQAwWnhAwQCwrTkAwQE2UAwMBQEAgACMA4DBQAqAQHA
AwUDKgYVwDANBgkqhkiG9w0BAQsFAAOCAQEAQnTcXcYa8YtncoTXn3GTmt74csoQ
p0CPnRy8RzyIHq/R7WpX8haXv504VjL8SPRpgPOD+PxSfRGXXP0m7Sdu1kHWHp+E
sZQD07DxD94YzIaVtKN/sVJv09yyGxzJNiLXhTZzT4d5g9bKXV8vNYkOyYdZMXEY
9/L4lbGR1MLEIUFNjeZ6/YTlM+ygSu7gMS5kql46qNWMWHhIl3sl8jbqIAeDT9kx
/IQzSkhv1KHxid63ufP8XvnQL0jWOydQ00QzBVEkZ4iB7DbhlCM4yaTbUgAYyIg4
i9tHj9IDFMGgQ1T99mKOp96ZwuYCtmNomNrJwBZbFoJYt1QqHp1UV7kZLA==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:31 2023 by rpki-client on console.sobornost.net