Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/f66b6b-cdde-40cb-a182-c5229863aeba/1/81UbJfCnzZAz3b3E_EZ2lR_CAP0.roa
File: 81UbJfCnzZAz3b3E_EZ2lR_CAP0.roa (raw, json)
Hash identifier: dzuwlQYh15yRf3wgNQFloKD7nRLk8mNthpLWJLojvzg=
Subject key identifier: F3:55:1B:25:F0:A7:CD:90:33:DD:BD:C4:FC:46:76:95:1F:C2:00:FD
Certificate issuer: /CN=bb2b48f64358011c7842d3cec5cb2d47068b836d
Certificate serial: 0B3AA41A
Authority key identifier: BB:2B:48:F6:43:58:01:1C:78:42:D3:CE:C5:CB:2D:47:06:8B:83:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uytI9kNYARx4QtPOxcstRwaLg20.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/f66b6b-cdde-40cb-a182-c5229863aeba/1/81UbJfCnzZAz3b3E_EZ2lR_CAP0.roa
Signing time: Sat 01 Jan 2022 05:53:23 +0000
ROA not before: Sat 01 Jan 2022 05:53:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12824
IP address blocks: 46.41.128.0/18 maxlen: 18
62.129.245.0/24 maxlen: 24
62.129.250.0/24 maxlen: 24
89.161.253.0/24 maxlen: 24
212.85.96.0/24 maxlen: 24
212.85.96.0/19 maxlen: 19
89.161.254.0/24 maxlen: 24
46.41.159.0/24 maxlen: 24
46.242.144.0/24 maxlen: 24
79.96.0.0/16 maxlen: 16
46.242.150.0/24 maxlen: 24
62.129.192.0/18 maxlen: 18
188.128.244.0/24 maxlen: 24
89.161.128.0/17 maxlen: 17
46.242.128.0/17 maxlen: 17
188.128.128.0/17 maxlen: 17
188.128.128.0/24 maxlen: 24
188.128.130.0/24 maxlen: 24
188.128.129.0/24 maxlen: 24
2a02:25a8:dead::/48 maxlen: 48
2a02:25a8::/32 maxlen: 32
2a02:25a8::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 188392474 (0xb3aa41a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb2b48f64358011c7842d3cec5cb2d47068b836d
Validity
Not Before: Jan 1 05:53:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f3551b25f0a7cd9033ddbdc4fc4676951fc200fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:20:95:6d:b0:43:89:65:58:75:06:fe:f0:26:
ae:b3:d9:a9:e5:bb:66:a8:f5:f3:11:80:5b:51:f0:
c9:fa:cb:a9:22:e8:f4:d5:b4:16:ee:8b:75:ab:d1:
99:6b:af:6a:da:49:83:bd:93:2d:ae:eb:61:85:74:
97:70:a4:ba:4c:14:a4:f9:62:d8:b4:04:5f:26:99:
6d:d4:b6:12:28:f8:48:5e:f2:90:69:31:18:54:80:
c5:e2:f8:c3:a9:87:01:95:78:6c:c1:3a:ee:4c:e4:
e8:b6:20:40:e7:49:87:2a:96:71:83:0f:37:d2:26:
7a:af:5e:bd:d0:72:d3:73:8b:32:d8:e1:11:29:a2:
06:f9:fa:f3:e4:0c:b1:ac:8a:9c:e0:40:b8:54:ae:
a9:84:66:d7:ee:2a:6c:68:26:83:e2:e1:29:64:90:
2f:a0:c6:15:15:bc:27:d2:05:99:22:57:39:84:85:
55:d0:03:94:ed:00:72:9d:32:5d:32:8d:1b:da:65:
4c:2c:87:b8:86:2e:2a:cc:93:28:85:b0:7f:29:8c:
8f:a4:44:a5:da:06:fc:9a:8d:ac:09:c2:30:3e:df:
cb:49:95:e2:dd:ce:79:a3:74:42:ab:5c:70:e0:e8:
92:73:42:c6:fc:68:b5:bb:6f:76:8f:1b:e8:24:e0:
ea:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:55:1B:25:F0:A7:CD:90:33:DD:BD:C4:FC:46:76:95:1F:C2:00:FD
X509v3 Authority Key Identifier:
keyid:BB:2B:48:F6:43:58:01:1C:78:42:D3:CE:C5:CB:2D:47:06:8B:83:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uytI9kNYARx4QtPOxcstRwaLg20.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/f66b6b-cdde-40cb-a182-c5229863aeba/1/81UbJfCnzZAz3b3E_EZ2lR_CAP0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/f66b6b-cdde-40cb-a182-c5229863aeba/1/uytI9kNYARx4QtPOxcstRwaLg20.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.41.128.0/18
46.242.128.0/17
62.129.192.0/18
79.96.0.0/16
89.161.128.0/17
188.128.128.0/17
212.85.96.0/19
IPv6:
2a02:25a8::/29
Signature Algorithm: sha256WithRSAEncryption
41:29:17:73:66:18:e9:47:f4:dd:de:60:82:7b:f5:eb:f9:68:
6d:27:0f:68:8d:e5:43:07:1a:a8:c9:95:38:07:07:0e:4e:68:
93:a0:76:2e:17:2d:b5:92:89:f0:c9:e2:65:05:16:8b:99:a2:
46:aa:13:1a:bd:95:23:ef:83:e9:df:29:c2:88:7b:74:8a:bb:
26:45:c1:8a:77:12:2c:1a:ce:b8:10:ad:51:65:9f:02:68:56:
b0:89:13:56:f5:1f:82:a9:40:26:b4:7a:63:a5:e9:0a:a6:06:
14:78:b0:7e:be:02:3e:80:14:7b:a1:da:d2:4d:a3:dd:57:83:
eb:54:fd:df:18:f8:12:8c:54:83:4c:10:44:40:9e:8f:62:ca:
cc:1c:c9:39:07:07:e8:38:2d:a9:4e:9e:66:46:61:47:09:7e:
cb:f6:b8:7b:32:c8:63:31:25:56:e9:26:3d:2d:60:14:31:09:
e1:0e:34:d1:d4:e3:c5:1e:14:c5:3d:f7:00:24:2c:8a:76:8e:
da:58:dd:92:8c:2d:23:36:d5:93:9b:02:a8:22:5e:74:92:40:
af:97:d9:a8:91:cb:aa:5e:33:83:da:89:c7:59:7d:0d:4e:d7:
65:2e:09:15:36:9f:d7:56:bb:c5:60:38:de:2f:74:02:e1:7c:
6b:91:71:a0
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgIECzqkGjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
YjJiNDhmNjQzNTgwMTFjNzg0MmQzY2VjNWNiMmQ0NzA2OGI4MzZkMB4XDTIyMDEw
MTA1NTMyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjM1NTFiMjVmMGE3
Y2Q5MDMzZGRiZGM0ZmM0Njc2OTUxZmMyMDBmZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI8glW2wQ4llWHUG/vAmrrPZqeW7Zqj18xGAW1HwyfrLqSLo
9NW0Fu6LdavRmWuvatpJg72TLa7rYYV0l3CkukwUpPli2LQEXyaZbdS2Eij4SF7y
kGkxGFSAxeL4w6mHAZV4bME67kzk6LYgQOdJhyqWcYMPN9Imeq9evdBy03OLMtjh
ESmiBvn68+QMsayKnOBAuFSuqYRm1+4qbGgmg+LhKWSQL6DGFRW8J9IFmSJXOYSF
VdADlO0Acp0yXTKNG9plTCyHuIYuKsyTKIWwfymMj6REpdoG/JqNrAnCMD7fy0mV
4t3OeaN0QqtccODoknNCxvxotbtvdo8b6CTg6nkCAwEAAaOCAjswggI3MB0GA1Ud
DgQWBBTzVRsl8KfNkDPdvcT8RnaVH8IA/TAfBgNVHSMEGDAWgBS7K0j2Q1gBHHhC
087Fyy1HBouDbTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3V5dEk5a05ZQVJ4NFF0UE94Y3N0UndhTGcyMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWIvZjY2YjZiLWNkZGUtNDBjYi1hMTgyLWM1MjI5ODYzYWViYS8x
LzgxVWJKZkNuelpBejNiM0VfRVoybFJfQ0FQMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWIv
ZjY2YjZiLWNkZGUtNDBjYi1hMTgyLWM1MjI5ODYzYWViYS8xL3V5dEk5a05ZQVJ4
NFF0UE94Y3N0UndhTGcyMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBR
BggrBgEFBQcBBwEB/wRCMEAwLwQCAAEwKQMEBi4pgAMEBy7ygAMEBj6BwAMDAE9g
AwQHWaGAAwQHvICAAwQF1FVgMA0EAgACMAcDBQMqAiWoMA0GCSqGSIb3DQEBCwUA
A4IBAQBBKRdzZhjpR/Td3mCCe/Xr+WhtJw9ojeVDBxqoyZU4BwcOTmiToHYuFy21
konwyeJlBRaLmaJGqhMavZUj74Pp3ynCiHt0irsmRcGKdxIsGs64EK1RZZ8CaFaw
iRNW9R+CqUAmtHpjpekKpgYUeLB+vgI+gBR7odrSTaPdV4PrVP3fGPgSjFSDTBBE
QJ6PYsrMHMk5BwfoOC2pTp5mRmFHCX7L9rh7MshjMSVW6SY9LWAUMQnhDjTR1OPF
HhTFPfcAJCyKdo7aWN2SjC0jNtWTmwKoIl50kkCvl9mokcuqXjOD2onHWX0NTtdl
LgkVNp/XVrvFYDjeL3QC4XxrkXGg
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:28 2023 by rpki-client on console.sobornost.net