Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/28d600-a869-4ab1-9b2e-446019966a19/1/U6gCHRLKz2epyHaR8n7lm8vRDYo.roa
File: U6gCHRLKz2epyHaR8n7lm8vRDYo.roa (raw, json)
Hash identifier: 7HroDLp2jLSPbiEDNU2puumB6vkvakppYUJ2YRuENLs=
Subject key identifier: 53:A8:02:1D:12:CA:CF:67:A9:C8:76:91:F2:7E:E5:9B:CB:D1:0D:8A
Certificate issuer: /CN=e0574c2878d6b536139b895f08c9c6db18e12a9b
Certificate serial: 151BF1A0
Authority key identifier: E0:57:4C:28:78:D6:B5:36:13:9B:89:5F:08:C9:C6:DB:18:E1:2A:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4FdMKHjWtTYTm4lfCMnG2xjhKps.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/28d600-a869-4ab1-9b2e-446019966a19/1/U6gCHRLKz2epyHaR8n7lm8vRDYo.roa
Signing time: Sat 01 Jan 2022 13:58:52 +0000
ROA not before: Sat 01 Jan 2022 13:58:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 21500
IP address blocks: 92.118.136.0/22 maxlen: 22
195.69.184.0/22 maxlen: 24
81.17.130.0/24 maxlen: 24
85.90.200.0/22 maxlen: 22
81.17.142.0/24 maxlen: 24
81.17.140.0/24 maxlen: 24
195.234.220.0/22 maxlen: 22
92.118.224.0/24 maxlen: 24
92.118.225.0/24 maxlen: 24
92.118.226.0/24 maxlen: 24
2a06:6200::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 354152864 (0x151bf1a0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e0574c2878d6b536139b895f08c9c6db18e12a9b
Validity
Not Before: Jan 1 13:58:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=53a8021d12cacf67a9c87691f27ee59bcbd10d8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:38:98:c0:5e:b0:04:23:05:93:50:33:4c:db:
4e:b5:9a:c6:f1:86:ed:00:0f:47:00:d7:5f:6b:a0:
f7:c5:7e:78:21:0b:f2:93:ae:1f:39:29:ee:0f:9c:
14:51:56:86:71:34:8d:8a:cd:70:7c:ee:9f:b1:bc:
c4:85:7d:24:e7:83:29:1b:8d:97:2a:c6:b8:ae:7a:
0d:89:c1:86:e5:33:5e:b3:eb:20:8f:ec:da:89:0d:
14:e4:19:74:08:68:bf:89:9d:96:95:c1:9c:78:6c:
b0:88:89:5e:e1:94:ee:f8:5e:de:bc:e7:f6:cf:24:
b0:14:9a:1d:e4:63:7a:3e:02:2b:a6:65:48:38:6d:
0a:42:e2:60:e2:4f:6c:35:13:04:3c:ef:66:50:5a:
20:37:ff:42:ad:4b:d0:0f:20:d6:a3:be:1b:98:80:
28:75:9a:e4:50:82:b5:e1:d2:ed:fa:f5:2b:f1:3d:
d7:09:9d:44:2c:a2:58:6c:75:ae:f1:2f:8a:0d:7f:
a2:a6:77:91:0d:f1:37:a2:4b:98:f7:07:9c:68:95:
32:76:5c:a5:37:4a:35:9f:5c:4a:b5:34:c1:8f:36:
b7:b5:9e:80:cb:dc:16:38:44:e1:aa:59:af:32:39:
f4:87:9a:09:44:6f:c1:12:63:08:fd:be:fb:33:49:
0d:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:A8:02:1D:12:CA:CF:67:A9:C8:76:91:F2:7E:E5:9B:CB:D1:0D:8A
X509v3 Authority Key Identifier:
keyid:E0:57:4C:28:78:D6:B5:36:13:9B:89:5F:08:C9:C6:DB:18:E1:2A:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4FdMKHjWtTYTm4lfCMnG2xjhKps.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/28d600-a869-4ab1-9b2e-446019966a19/1/U6gCHRLKz2epyHaR8n7lm8vRDYo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/28d600-a869-4ab1-9b2e-446019966a19/1/4FdMKHjWtTYTm4lfCMnG2xjhKps.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.17.130.0/24
81.17.140.0/24
81.17.142.0/24
85.90.200.0/22
92.118.136.0/22
92.118.224.0-92.118.226.255
195.69.184.0/22
195.234.220.0/22
IPv6:
2a06:6200::/29
Signature Algorithm: sha256WithRSAEncryption
4e:64:b7:fb:c2:f2:61:4a:eb:9c:05:e6:59:05:1b:5e:5f:c8:
b1:cd:32:69:ff:3b:db:e6:46:89:e1:ca:57:d2:32:8c:b1:c0:
89:05:41:b6:00:5b:2a:ce:57:2c:63:01:28:39:21:70:bf:f1:
a7:19:e1:78:f8:e6:61:6a:53:a2:d6:79:3a:00:32:21:5f:1c:
60:83:d3:d9:d4:da:47:07:cd:ed:32:69:bc:e9:28:04:75:bc:
62:00:20:fe:55:9a:c9:02:53:bb:58:58:48:98:21:0f:35:37:
d6:17:3d:c5:06:4b:e9:70:dc:c4:61:58:ce:6f:1c:0b:df:06:
52:cf:b9:03:13:29:7a:1f:af:0e:73:1c:58:61:c7:9c:05:0d:
78:4a:cb:f4:66:a9:ec:3a:a9:6a:4e:46:e4:f6:ee:2b:dc:b6:
2c:f9:1b:70:f3:22:7a:cd:c9:c8:cb:62:cc:ee:36:a9:fa:06:
cf:3c:83:8b:f2:07:fc:b5:bb:e9:d9:10:8c:34:11:fb:2b:b3:
a3:04:ce:2f:79:f4:31:6a:d6:7f:80:85:9e:4d:07:be:cd:eb:
64:ac:7a:c1:ec:c2:4e:c5:28:5f:d2:e2:6b:aa:5b:14:d8:fe:
85:20:ba:bd:00:d4:8d:b2:c8:8b:96:12:ce:da:f0:05:e1:e5:
67:4e:6e:3d
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgIEFRvxoDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
MDU3NGMyODc4ZDZiNTM2MTM5Yjg5NWYwOGM5YzZkYjE4ZTEyYTliMB4XDTIyMDEw
MTEzNTg1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTNhODAyMWQxMmNh
Y2Y2N2E5Yzg3NjkxZjI3ZWU1OWJjYmQxMGQ4YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMQ4mMBesAQjBZNQM0zbTrWaxvGG7QAPRwDXX2ug98V+eCEL
8pOuHzkp7g+cFFFWhnE0jYrNcHzun7G8xIV9JOeDKRuNlyrGuK56DYnBhuUzXrPr
II/s2okNFOQZdAhov4mdlpXBnHhssIiJXuGU7vhe3rzn9s8ksBSaHeRjej4CK6Zl
SDhtCkLiYOJPbDUTBDzvZlBaIDf/Qq1L0A8g1qO+G5iAKHWa5FCCteHS7fr1K/E9
1wmdRCyiWGx1rvEvig1/oqZ3kQ3xN6JLmPcHnGiVMnZcpTdKNZ9cSrU0wY82t7We
gMvcFjhE4apZrzI59IeaCURvwRJjCP2++zNJDd8CAwEAAaOCAkowggJGMB0GA1Ud
DgQWBBRTqAIdEsrPZ6nIdpHyfuWby9ENijAfBgNVHSMEGDAWgBTgV0woeNa1NhOb
iV8IycbbGOEqmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzRGZE1LSGpXdFRZVG00bGZDTW5HMnhqaEtwcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTQvMjhkNjAwLWE4NjktNGFiMS05YjJlLTQ0NjAxOTk2NmExOS8x
L1U2Z0NIUkxLejJlcHlIYVI4bjdsbTh2UkRZby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTQv
MjhkNjAwLWE4NjktNGFiMS05YjJlLTQ0NjAxOTk2NmExOS8xLzRGZE1LSGpXdFRZ
VG00bGZDTW5HMnhqaEtwcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBg
BggrBgEFBQcBBwEB/wRRME8wPgQCAAEwOAMEAFERggMEAFERjAMEAFERjgMEAlVa
yAMEAlx2iDAMAwQFXHbgAwQAXHbiAwQCw0W4AwQCw+rcMA0EAgACMAcDBQMqBmIA
MA0GCSqGSIb3DQEBCwUAA4IBAQBOZLf7wvJhSuucBeZZBRteX8ixzTJp/zvb5kaJ
4cpX0jKMscCJBUG2AFsqzlcsYwEoOSFwv/GnGeF4+OZhalOi1nk6ADIhXxxgg9PZ
1NpHB83tMmm86SgEdbxiACD+VZrJAlO7WFhImCEPNTfWFz3FBkvpcNzEYVjObxwL
3wZSz7kDEyl6H68OcxxYYcecBQ14Ssv0ZqnsOqlqTkbk9u4r3LYs+Rtw8yJ6zcnI
y2LM7jap+gbPPIOL8gf8tbvp2RCMNBH7K7OjBM4vefQxatZ/gIWeTQe+zetkrHrB
7MJOxShf0uJrqlsU2P6FILq9ANSNssiLlhLO2vAF4eVnTm49
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:46 2023 by rpki-client on console.sobornost.net