Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/1e1a97-f276-4a51-b1b5-8c10909a485c/1/f2mfC2-s0JkUXqsrffXVcoW1Ems.roa
File: f2mfC2-s0JkUXqsrffXVcoW1Ems.roa (raw, json)
Hash identifier: QFesNsqqPXe3tps7PZtZOK4rGMWc8D0YNR8FpMOFfoQ=
Subject key identifier: 7F:69:9F:0B:6F:AC:D0:99:14:5E:AB:2B:7D:F5:D5:72:85:B5:12:6B
Certificate issuer: /CN=0b9d86096a49110cf9bf670240b519315b66abcb
Certificate serial: 0B8C0E05
Authority key identifier: 0B:9D:86:09:6A:49:11:0C:F9:BF:67:02:40:B5:19:31:5B:66:AB:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C52GCWpJEQz5v2cCQLUZMVtmq8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/1e1a97-f276-4a51-b1b5-8c10909a485c/1/f2mfC2-s0JkUXqsrffXVcoW1Ems.roa
Signing time: Fri 25 Feb 2022 14:58:30 +0000
ROA not before: Fri 25 Feb 2022 14:58:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20559
IP address blocks: 185.122.116.0/22 maxlen: 22
194.213.112.0/23 maxlen: 23
5.172.40.0/21 maxlen: 24
31.200.208.0/21 maxlen: 21
91.224.248.0/23 maxlen: 23
45.13.164.0/22 maxlen: 22
46.226.88.0/21 maxlen: 21
185.51.56.0/22 maxlen: 22
45.133.196.0/22 maxlen: 22
193.37.204.0/22 maxlen: 22
185.46.64.0/22 maxlen: 22
193.187.188.0/22 maxlen: 22
45.146.124.0/22 maxlen: 22
88.218.152.0/22 maxlen: 22
185.113.84.0/22 maxlen: 22
46.19.216.0/21 maxlen: 21
91.218.148.0/22 maxlen: 22
93.186.176.0/20 maxlen: 20
85.209.108.0/22 maxlen: 22
2a03:3400::/32 maxlen: 48
2a00:d10::/32 maxlen: 48
2a06:6940::/29 maxlen: 48
2a04:a840::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 193728005 (0xb8c0e05)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b9d86096a49110cf9bf670240b519315b66abcb
Validity
Not Before: Feb 25 14:58:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7f699f0b6facd099145eab2b7df5d57285b5126b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:2e:1f:19:02:c8:28:d2:0e:98:0b:4a:d1:f6:
89:4d:28:58:18:9e:e4:52:0e:59:18:ff:90:9e:a8:
12:02:db:4f:5c:b7:90:c7:98:29:dd:0a:e5:15:0d:
2d:4d:55:bf:a0:bd:10:d1:62:9a:7b:2e:ea:6b:57:
73:da:50:7d:10:b2:02:68:63:3e:77:9e:04:89:ba:
80:49:18:3d:7c:a3:ea:33:e4:57:cc:00:83:9c:31:
d7:1c:90:82:31:73:2f:ff:4c:bf:08:fc:ad:04:8d:
24:a6:75:a1:d1:4b:ce:a4:9e:5a:a7:f9:9a:b5:f8:
ea:4a:c5:dd:02:00:06:66:64:8c:ad:32:a3:7a:43:
41:47:f4:9a:b6:1c:4f:7f:3c:2d:02:05:e2:4f:1e:
9c:86:9f:58:06:71:4b:ee:d4:93:c4:da:dc:a8:86:
e9:85:e0:d6:13:42:3a:36:3b:7b:82:6e:ea:62:4e:
26:f5:eb:be:67:5f:29:28:8a:b3:41:b0:b9:ce:9a:
e3:62:bd:02:a7:35:41:78:07:96:01:3f:63:b5:5c:
c4:93:59:2b:75:c0:7b:66:52:c1:65:ec:3a:af:be:
5c:9a:47:9e:72:08:66:28:84:05:ae:66:98:84:7c:
cf:0f:6f:5e:f4:9e:2f:88:cc:25:ee:1d:ab:96:4e:
62:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:69:9F:0B:6F:AC:D0:99:14:5E:AB:2B:7D:F5:D5:72:85:B5:12:6B
X509v3 Authority Key Identifier:
keyid:0B:9D:86:09:6A:49:11:0C:F9:BF:67:02:40:B5:19:31:5B:66:AB:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C52GCWpJEQz5v2cCQLUZMVtmq8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/1e1a97-f276-4a51-b1b5-8c10909a485c/1/f2mfC2-s0JkUXqsrffXVcoW1Ems.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/1e1a97-f276-4a51-b1b5-8c10909a485c/1/C52GCWpJEQz5v2cCQLUZMVtmq8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.172.40.0/21
31.200.208.0/21
45.13.164.0/22
45.133.196.0/22
45.146.124.0/22
46.19.216.0/21
46.226.88.0/21
85.209.108.0/22
88.218.152.0/22
91.218.148.0/22
91.224.248.0/23
93.186.176.0/20
185.46.64.0/22
185.51.56.0/22
185.113.84.0/22
185.122.116.0/22
193.37.204.0/22
193.187.188.0/22
194.213.112.0/23
IPv6:
2a00:d10::/32
2a03:3400::/32
2a04:a840::/29
2a06:6940::/29
Signature Algorithm: sha256WithRSAEncryption
6d:bd:86:29:f3:55:52:f6:d3:0f:2a:ae:4a:3d:34:2c:14:af:
c6:dd:6d:04:df:94:47:a5:50:87:5e:40:e6:83:80:01:60:d4:
fc:65:08:04:ca:e7:bf:35:00:82:61:50:ca:e8:cf:31:8b:1f:
1c:3a:43:fd:5a:8b:e7:69:64:44:a9:73:27:c9:e2:b4:3a:c5:
b4:b8:10:10:c4:8b:b1:d0:f8:55:b3:73:38:83:fa:cc:db:3d:
39:f5:d6:e9:0d:6f:18:23:22:cc:b6:d5:59:bb:51:96:aa:f2:
a8:55:70:30:51:07:ac:f9:0d:d6:27:ac:25:71:3d:86:56:c0:
d6:22:b6:71:b5:4c:dc:31:b9:9a:de:94:50:3c:28:6a:25:f6:
92:a2:08:bf:4a:1b:9c:9b:04:3e:2c:4b:6f:14:b8:0f:b6:40:
af:cf:2d:25:aa:6c:a0:1f:9d:6c:c4:af:6f:10:5c:03:dd:fa:
99:20:f9:0a:5d:ad:9c:ea:26:81:39:6b:9e:bf:5a:80:3b:15:
4a:5c:94:84:84:78:17:4c:88:bd:11:79:39:74:89:95:47:4c:
00:29:04:4d:ce:0b:e0:e8:2f:4e:6a:6b:2b:3f:70:6c:b5:ce:
8a:ba:23:51:c2:9e:43:0e:e5:57:f7:ae:e7:b7:a8:03:56:55:
c2:ff:c6:c7
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIEC4wOBTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
YjlkODYwOTZhNDkxMTBjZjliZjY3MDI0MGI1MTkzMTViNjZhYmNiMB4XDTIyMDIy
NTE0NTgzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2Y2OTlmMGI2ZmFj
ZDA5OTE0NWVhYjJiN2RmNWQ1NzI4NWI1MTI2YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALouHxkCyCjSDpgLStH2iU0oWBie5FIOWRj/kJ6oEgLbT1y3
kMeYKd0K5RUNLU1Vv6C9ENFimnsu6mtXc9pQfRCyAmhjPneeBIm6gEkYPXyj6jPk
V8wAg5wx1xyQgjFzL/9Mvwj8rQSNJKZ1odFLzqSeWqf5mrX46krF3QIABmZkjK0y
o3pDQUf0mrYcT388LQIF4k8enIafWAZxS+7Uk8Ta3KiG6YXg1hNCOjY7e4Ju6mJO
JvXrvmdfKSiKs0Gwuc6a42K9Aqc1QXgHlgE/Y7VcxJNZK3XAe2ZSwWXsOq++XJpH
nnIIZiiEBa5mmIR8zw9vXvSeL4jMJe4dq5ZOYqECAwEAAaOCApwwggKYMB0GA1Ud
DgQWBBR/aZ8Lb6zQmRReqyt99dVyhbUSazAfBgNVHSMEGDAWgBQLnYYJakkRDPm/
ZwJAtRkxW2aryzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0M1MkdDV3BKRVF6NXYyY0NRTFVaTVZ0bXE4cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2UvMWUxYTk3LWYyNzYtNGE1MS1iMWI1LThjMTA5MDlhNDg1Yy8x
L2YybWZDMi1zMEprVVhxc3JmZlhWY29XMUVtcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Uv
MWUxYTk3LWYyNzYtNGE1MS1iMWI1LThjMTA5MDlhNDg1Yy8xL0M1MkdDV3BKRVF6
NXYyY0NRTFVaTVZ0bXE4cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
sQYIKwYBBQUHAQcBAf8EgaEwgZ4weAQCAAEwcgMEAwWsKAMEAx/I0AMEAi0NpAME
Ai2FxAMEAi2SfAMEAy4T2AMEAy7iWAMEAlXRbAMEAljamAMEAlvalAMEAVvg+AME
BF26sAMEArkuQAMEArkzOAMEArlxVAMEArl6dAMEAsElzAMEAsG7vAMEAcLVcDAi
BAIAAjAcAwUAKgANEAMFACoDNAADBQMqBKhAAwUDKgZpQDANBgkqhkiG9w0BAQsF
AAOCAQEAbb2GKfNVUvbTDyquSj00LBSvxt1tBN+UR6VQh15A5oOAAWDU/GUIBMrn
vzUAgmFQyujPMYsfHDpD/VqL52lkRKlzJ8nitDrFtLgQEMSLsdD4VbNzOIP6zNs9
OfXW6Q1vGCMizLbVWbtRlqryqFVwMFEHrPkN1iesJXE9hlbA1iK2cbVM3DG5mt6U
UDwoaiX2kqIIv0obnJsEPixLbxS4D7ZAr88tJapsoB+dbMSvbxBcA936mSD5Cl2t
nOomgTlrnr9agDsVSlyUhIR4F0yIvRF5OXSJlUdMACkETc4L4OgvTmprKz9wbLXO
irojUcKeQw7lV/eu57eoA1ZVwv/Gxw==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:43 2023 by rpki-client on console.sobornost.net