Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/009fb7-9ed0-44ff-b7db-9e07b56b57b8/1/2LlYQiDEDQSbNQI8bJRUZdUiVx8.roa
File: 2LlYQiDEDQSbNQI8bJRUZdUiVx8.roa (raw, json)
Hash identifier: oxQcjaBsHJXFHuLLEMsHSygDKab07Ko0i+vy+zuLmhc=
Subject key identifier: D8:B9:58:42:20:C4:0D:04:9B:35:02:3C:6C:94:54:65:D5:22:57:1F
Certificate issuer: /CN=148a0c4067ca33ac76573fc86cfd75b7ecd200ff
Certificate serial: 084FD219
Authority key identifier: 14:8A:0C:40:67:CA:33:AC:76:57:3F:C8:6C:FD:75:B7:EC:D2:00:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FIoMQGfKM6x2Vz_IbP11t-zSAP8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/009fb7-9ed0-44ff-b7db-9e07b56b57b8/1/2LlYQiDEDQSbNQI8bJRUZdUiVx8.roa
Signing time: Sat 01 Jan 2022 02:55:21 +0000
ROA not before: Sat 01 Jan 2022 02:55:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15617
IP address blocks: 212.152.112.0/20 maxlen: 20
188.73.232.0/21 maxlen: 21
212.152.66.0/24 maxlen: 24
212.152.64.0/18 maxlen: 22
188.73.244.0/22 maxlen: 22
212.152.68.0/23 maxlen: 23
212.152.72.0/21 maxlen: 22
188.73.249.0/24 maxlen: 24
188.73.252.0/22 maxlen: 22
212.152.76.0/22 maxlen: 22
188.73.248.0/24 maxlen: 24
212.152.82.0/23 maxlen: 24
212.152.80.0/22 maxlen: 23
212.152.91.0/24 maxlen: 24
212.152.96.0/19 maxlen: 19
188.73.192.0/22 maxlen: 22
188.73.192.0/18 maxlen: 24
188.73.196.0/22 maxlen: 22
2a00:a880::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 139448857 (0x84fd219)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=148a0c4067ca33ac76573fc86cfd75b7ecd200ff
Validity
Not Before: Jan 1 02:55:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d8b9584220c40d049b35023c6c945465d522571f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:6a:3c:31:09:d2:e6:54:e2:fe:73:98:79:9b:
2e:bc:a0:e2:fd:78:06:da:99:f5:e3:b4:c6:41:37:
63:95:d2:ee:be:be:59:d1:e5:e3:9e:75:d9:06:6f:
ea:a1:90:9c:fb:10:12:73:38:10:82:6d:d8:1f:9b:
7c:b6:92:4e:f2:5f:28:5b:7f:24:ee:82:81:d2:60:
0e:df:a2:05:69:b6:0d:08:94:73:87:0d:64:ef:43:
7e:cf:99:da:7e:43:6e:37:be:02:34:d4:0b:df:a4:
cd:eb:fb:c9:76:9b:7b:e8:ac:80:79:63:95:8e:8c:
c9:71:40:75:ba:88:6b:85:c7:28:d9:f1:ab:5a:f8:
d6:21:b4:97:4b:40:b9:14:a7:3a:33:de:98:5e:6d:
d5:2d:63:fa:7a:6a:7c:b7:60:78:17:2c:53:17:2a:
33:61:18:fa:e2:2a:8a:b4:73:e6:5b:c8:ee:2e:d3:
18:08:0b:5f:99:7e:87:01:1d:9f:94:f1:96:f4:9d:
42:8f:45:06:6d:1e:98:3b:30:5c:7b:8a:84:35:ad:
37:8e:26:a4:dd:da:32:65:76:8e:2d:cc:37:cd:ed:
41:55:76:16:e2:1c:00:dd:80:fa:9c:5f:fc:3a:ed:
51:ce:a8:e6:6f:5a:22:9d:81:f0:da:16:dc:db:57:
08:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:B9:58:42:20:C4:0D:04:9B:35:02:3C:6C:94:54:65:D5:22:57:1F
X509v3 Authority Key Identifier:
keyid:14:8A:0C:40:67:CA:33:AC:76:57:3F:C8:6C:FD:75:B7:EC:D2:00:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FIoMQGfKM6x2Vz_IbP11t-zSAP8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/009fb7-9ed0-44ff-b7db-9e07b56b57b8/1/2LlYQiDEDQSbNQI8bJRUZdUiVx8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/009fb7-9ed0-44ff-b7db-9e07b56b57b8/1/FIoMQGfKM6x2Vz_IbP11t-zSAP8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.73.192.0/18
212.152.64.0/18
IPv6:
2a00:a880::/32
Signature Algorithm: sha256WithRSAEncryption
b4:65:d5:a6:71:fd:0a:f2:dc:2f:92:79:74:76:bc:1c:23:4c:
33:88:c1:a7:38:e3:9e:f9:2f:98:a2:7d:42:c9:bf:d1:a1:40:
d9:44:e8:4f:fd:b6:40:dd:1d:57:22:85:6b:69:b9:1a:9c:b8:
ed:0f:74:06:c6:21:b8:e5:db:67:5d:7c:d6:ad:32:a4:dd:be:
a7:c1:6a:ea:bd:fe:a0:42:45:d4:9c:14:54:52:94:ad:07:e0:
e8:3f:a0:89:b4:57:26:99:a2:f2:f1:31:18:c9:71:94:72:a9:
86:12:a7:80:55:17:17:bf:2c:1e:64:2f:46:f4:c9:ba:90:11:
dd:c5:1b:4a:3e:5d:12:d7:0a:4b:5e:eb:d2:b3:10:ff:48:ac:
c4:99:a2:e9:fc:15:28:12:8f:88:af:ad:07:05:8b:fc:c8:e5:
2f:b7:a1:66:d0:49:65:6b:3c:64:d1:24:2d:39:b8:37:55:e9:
34:67:81:af:4d:b7:8f:10:07:58:30:b6:61:6f:1f:6d:db:cb:
f4:6f:0a:6c:7f:aa:ca:6a:de:45:fe:19:7b:17:21:92:ad:f0:
e6:de:01:8d:81:80:94:97:69:a1:4c:58:db:f8:4f:53:c6:f9:
74:48:62:fd:ca:22:6e:82:54:a2:5e:fa:22:2e:c9:50:8b:db:
fa:6d:72:f8
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIECE/SGTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
NDhhMGM0MDY3Y2EzM2FjNzY1NzNmYzg2Y2ZkNzViN2VjZDIwMGZmMB4XDTIyMDEw
MTAyNTUyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDhiOTU4NDIyMGM0
MGQwNDliMzUwMjNjNmM5NDU0NjVkNTIyNTcxZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALNqPDEJ0uZU4v5zmHmbLryg4v14BtqZ9eO0xkE3Y5XS7r6+
WdHl45512QZv6qGQnPsQEnM4EIJt2B+bfLaSTvJfKFt/JO6CgdJgDt+iBWm2DQiU
c4cNZO9Dfs+Z2n5Dbje+AjTUC9+kzev7yXabe+isgHljlY6MyXFAdbqIa4XHKNnx
q1r41iG0l0tAuRSnOjPemF5t1S1j+npqfLdgeBcsUxcqM2EY+uIqirRz5lvI7i7T
GAgLX5l+hwEdn5TxlvSdQo9FBm0emDswXHuKhDWtN44mpN3aMmV2ji3MN83tQVV2
FuIcAN2A+pxf/DrtUc6o5m9aIp2B8NoW3NtXCHUCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBTYuVhCIMQNBJs1AjxslFRl1SJXHzAfBgNVHSMEGDAWgBQUigxAZ8ozrHZX
P8hs/XW37NIA/zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0ZJb01RR2ZLTTZ4MlZ6X0liUDExdC16U0FQOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDEvMDA5ZmI3LTllZDAtNDRmZi1iN2RiLTllMDdiNTZiNTdiOC8x
LzJMbFlRaURFRFFTYk5RSThiSlJVWmRVaVZ4OC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDEv
MDA5ZmI3LTllZDAtNDRmZi1iN2RiLTllMDdiNTZiNTdiOC8xL0ZJb01RR2ZLTTZ4
MlZ6X0liUDExdC16U0FQOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEBrxJwAMEBtSYQDANBAIAAjAHAwUA
KgCogDANBgkqhkiG9w0BAQsFAAOCAQEAtGXVpnH9CvLcL5J5dHa8HCNMM4jBpzjj
nvkvmKJ9Qsm/0aFA2UToT/22QN0dVyKFa2m5Gpy47Q90BsYhuOXbZ1181q0ypN2+
p8Fq6r3+oEJF1JwUVFKUrQfg6D+gibRXJpmi8vExGMlxlHKphhKngFUXF78sHmQv
RvTJupAR3cUbSj5dEtcKS17r0rMQ/0isxJmi6fwVKBKPiK+tBwWL/MjlL7ehZtBJ
ZWs8ZNEkLTm4N1XpNGeBr023jxAHWDC2YW8fbdvL9G8KbH+qymreRf4Zexchkq3w
5t4BjYGAlJdpoUxY2/hPU8b5dEhi/coiboJUol76Ii7JUIvb+m1y+A==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:37 2023 by rpki-client on console.sobornost.net