Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/964848-1028-4d22-9345-18f34a7dbdd9/1/OfpejjArG2RGtPFDNKvMl6bPqwU.roa
File: OfpejjArG2RGtPFDNKvMl6bPqwU.roa (raw, json)
Hash identifier: vV35WHwlige4bbElrcXghIEKd24ynFrSikRSW3zyDhU=
Subject key identifier: 39:FA:5E:8E:30:2B:1B:64:46:B4:F1:43:34:AB:CC:97:A6:CF:AB:05
Certificate issuer: /CN=6f3c5408b2f67233f60d63f749ac483eb66ae7c8
Certificate serial: 3396F98C
Authority key identifier: 6F:3C:54:08:B2:F6:72:33:F6:0D:63:F7:49:AC:48:3E:B6:6A:E7:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bzxUCLL2cjP2DWP3SaxIPrZq58g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/964848-1028-4d22-9345-18f34a7dbdd9/1/OfpejjArG2RGtPFDNKvMl6bPqwU.roa
Signing time: Sat 01 Jan 2022 10:01:01 +0000
ROA not before: Sat 01 Jan 2022 10:01:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198672
IP address blocks: 37.230.32.0/21 maxlen: 21
37.230.32.0/24 maxlen: 24
37.230.35.0/24 maxlen: 24
37.230.33.0/24 maxlen: 24
185.59.129.0/24 maxlen: 24
185.59.128.0/22 maxlen: 22
185.59.128.0/24 maxlen: 24
185.59.131.0/24 maxlen: 24
185.59.130.0/24 maxlen: 24
2a00:baa0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 865532300 (0x3396f98c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f3c5408b2f67233f60d63f749ac483eb66ae7c8
Validity
Not Before: Jan 1 10:01:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=39fa5e8e302b1b6446b4f14334abcc97a6cfab05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:1a:d7:a7:38:ad:5b:63:ff:eb:58:93:be:82:
05:7f:dc:ae:55:80:0b:9f:e8:60:f6:d2:ff:d2:85:
a7:9c:51:93:e8:f4:44:41:72:9d:2a:98:bb:26:7c:
8a:9a:20:cc:76:c0:81:c0:a7:ba:24:8a:af:c0:ac:
9b:03:97:5c:d9:1f:4d:5a:9b:6e:a6:47:5c:37:30:
2a:53:00:84:14:39:2a:c7:61:43:9d:4b:65:41:98:
75:09:21:2f:7f:aa:4d:0b:e9:5f:4c:27:39:d0:23:
d7:22:00:db:fd:e9:04:58:fe:4c:4f:f0:8f:35:29:
57:8a:80:e9:99:04:8d:32:17:fd:c0:d4:df:fc:0f:
ac:38:1c:6d:31:f7:62:e7:88:49:49:12:e3:48:eb:
c6:07:9e:55:2f:5c:4f:f0:12:c2:73:c8:cd:8f:2c:
df:85:2e:19:d8:4a:bd:ad:f4:4e:b1:85:5e:f2:93:
24:3e:b4:5a:c6:a3:d3:d7:fa:57:c2:26:8c:1d:ab:
7f:c1:75:96:d7:59:48:36:73:0f:13:a2:ef:e0:79:
dd:f6:ba:ea:c0:e3:08:ad:f5:d8:5f:bb:21:26:a3:
3d:a2:8b:3c:28:df:a8:e0:a7:3d:f3:46:05:e3:dd:
81:7c:6d:b8:53:06:6a:bf:26:aa:64:13:43:26:60:
ea:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:FA:5E:8E:30:2B:1B:64:46:B4:F1:43:34:AB:CC:97:A6:CF:AB:05
X509v3 Authority Key Identifier:
keyid:6F:3C:54:08:B2:F6:72:33:F6:0D:63:F7:49:AC:48:3E:B6:6A:E7:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bzxUCLL2cjP2DWP3SaxIPrZq58g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/964848-1028-4d22-9345-18f34a7dbdd9/1/OfpejjArG2RGtPFDNKvMl6bPqwU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/964848-1028-4d22-9345-18f34a7dbdd9/1/bzxUCLL2cjP2DWP3SaxIPrZq58g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.230.32.0/21
185.59.128.0/22
IPv6:
2a00:baa0::/32
Signature Algorithm: sha256WithRSAEncryption
0f:c7:d9:db:21:b9:bf:a5:3a:7e:fc:23:91:2f:6c:b5:c0:48:
6b:c2:f8:08:4b:45:41:95:d5:bb:bf:ce:43:b9:61:d9:77:0c:
30:79:fd:d7:50:f4:00:b2:81:14:56:69:2f:c4:92:94:b6:a3:
39:90:6f:5e:68:16:9b:24:83:03:77:18:0a:38:56:f8:dc:03:
c7:64:c8:72:7c:0b:70:16:b7:5f:03:f5:44:b5:56:45:a5:b0:
40:d8:5a:3c:a3:e2:22:0e:46:79:39:6c:60:68:f2:cc:c8:01:
00:dc:57:30:5d:bc:6a:57:8d:fc:82:90:7f:ce:8c:4f:1b:0b:
1a:8c:e8:57:e6:aa:55:8b:0b:5f:9a:bc:38:3f:1e:3d:6c:5a:
aa:74:3b:bb:a2:77:48:41:cf:60:42:ba:86:5e:95:bb:42:dc:
3a:fd:b0:b7:8e:58:53:e0:93:a8:9c:71:4e:13:39:05:eb:8e:
b0:73:23:33:dd:5f:8a:eb:2e:76:8f:36:f7:a0:13:20:3a:9b:
f2:95:0a:ca:74:38:d0:e2:11:33:04:8e:51:c3:75:5a:54:ec:
35:b8:ef:75:62:49:bd:b4:ff:73:0e:31:31:5d:12:a5:ce:a0:
18:f7:87:38:27:6e:64:71:9b:06:b0:26:58:a2:50:7a:bf:43:
90:e3:dc:dc
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEM5b5jDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
ZjNjNTQwOGIyZjY3MjMzZjYwZDYzZjc0OWFjNDgzZWI2NmFlN2M4MB4XDTIyMDEw
MTEwMDEwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzlmYTVlOGUzMDJi
MWI2NDQ2YjRmMTQzMzRhYmNjOTdhNmNmYWIwNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOMa16c4rVtj/+tYk76CBX/crlWAC5/oYPbS/9KFp5xRk+j0
REFynSqYuyZ8ipogzHbAgcCnuiSKr8CsmwOXXNkfTVqbbqZHXDcwKlMAhBQ5Ksdh
Q51LZUGYdQkhL3+qTQvpX0wnOdAj1yIA2/3pBFj+TE/wjzUpV4qA6ZkEjTIX/cDU
3/wPrDgcbTH3YueISUkS40jrxgeeVS9cT/ASwnPIzY8s34UuGdhKva30TrGFXvKT
JD60Wsaj09f6V8ImjB2rf8F1ltdZSDZzDxOi7+B53fa66sDjCK312F+7ISajPaKL
PCjfqOCnPfNGBePdgXxtuFMGar8mqmQTQyZg6tUCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBQ5+l6OMCsbZEa08UM0q8yXps+rBTAfBgNVHSMEGDAWgBRvPFQIsvZyM/YN
Y/dJrEg+tmrnyDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2J6eFVDTEwyY2pQMkRXUDNTYXhJUHJacTU4Zy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzAvOTY0ODQ4LTEwMjgtNGQyMi05MzQ1LTE4ZjM0YTdkYmRkOS8x
L09mcGVqakFyRzJSR3RQRkROS3ZNbDZiUHF3VS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzAv
OTY0ODQ4LTEwMjgtNGQyMi05MzQ1LTE4ZjM0YTdkYmRkOS8xL2J6eFVDTEwyY2pQ
MkRXUDNTYXhJUHJacTU4Zy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAyXmIAMEArk7gDANBAIAAjAHAwUA
KgC6oDANBgkqhkiG9w0BAQsFAAOCAQEAD8fZ2yG5v6U6fvwjkS9stcBIa8L4CEtF
QZXVu7/OQ7lh2XcMMHn911D0ALKBFFZpL8SSlLajOZBvXmgWmySDA3cYCjhW+NwD
x2TIcnwLcBa3XwP1RLVWRaWwQNhaPKPiIg5GeTlsYGjyzMgBANxXMF28aleN/IKQ
f86MTxsLGozoV+aqVYsLX5q8OD8ePWxaqnQ7u6J3SEHPYEK6hl6Vu0LcOv2wt45Y
U+CTqJxxThM5BeuOsHMjM91fiusudo8296ATIDqb8pUKynQ40OIRMwSOUcN1WlTs
NbjvdWJJvbT/cw4xMV0Spc6gGPeHOCduZHGbBrAmWKJQer9DkOPc3A==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:49 2023 by rpki-client on console.sobornost.net