Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/09aa61-87d7-4f53-9818-dec21eefa38b/1/DfiH57hnsX8x9q_o0e6XJuAgPIY.roa
File: DfiH57hnsX8x9q_o0e6XJuAgPIY.roa (raw, json)
Hash identifier: Tbktjph3EdCtG2nRq/O/rsNGLrm5KL7gJLYH5idXJY4=
Subject key identifier: 0D:F8:87:E7:B8:67:B1:7F:31:F6:AF:E8:D1:EE:97:26:E0:20:3C:86
Certificate issuer: /CN=d73492e4d25c3bbd0c5e20c5a85ecb22ec97360a
Certificate serial: 928E2C
Authority key identifier: D7:34:92:E4:D2:5C:3B:BD:0C:5E:20:C5:A8:5E:CB:22:EC:97:36:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1zSS5NJcO70MXiDFqF7LIuyXNgo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/09aa61-87d7-4f53-9818-dec21eefa38b/1/DfiH57hnsX8x9q_o0e6XJuAgPIY.roa
Signing time: Sat 01 Jan 2022 02:52:12 +0000
ROA not before: Sat 01 Jan 2022 02:52:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60341
IP address blocks: 37.140.252.0/24 maxlen: 24
185.200.132.0/22 maxlen: 22
185.200.132.0/24 maxlen: 24
185.200.132.0/23 maxlen: 23
185.200.133.0/24 maxlen: 24
185.200.135.0/24 maxlen: 24
185.200.134.0/23 maxlen: 23
185.200.134.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9604652 (0x928e2c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d73492e4d25c3bbd0c5e20c5a85ecb22ec97360a
Validity
Not Before: Jan 1 02:52:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0df887e7b867b17f31f6afe8d1ee9726e0203c86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:87:da:57:e9:a2:6e:0f:44:49:b1:e4:b9:43:
78:01:4b:3b:20:dd:6f:a1:39:4c:c2:04:c5:55:38:
15:d2:d1:af:c8:e3:b2:1a:fb:6d:dd:be:17:f9:66:
6d:17:01:bb:85:da:96:43:98:6b:62:53:21:16:f4:
40:e6:17:03:af:e2:90:a1:2d:38:98:c4:7e:07:91:
f9:5a:f6:d1:8e:a6:b5:15:78:5c:df:d7:8f:1c:01:
af:3c:6e:f3:40:99:32:43:81:7a:5e:04:1d:5f:be:
11:0d:33:78:84:c5:71:8e:14:e3:51:0e:f2:89:e3:
29:52:82:00:2d:09:a3:54:d1:0a:3b:c9:59:ee:2e:
5c:88:8e:bc:23:95:23:96:67:ae:c7:e4:59:61:cd:
88:38:05:3a:45:b3:b5:ce:d1:bf:89:37:a6:4e:1f:
9a:4d:48:6b:58:65:5a:8a:52:1d:fe:e4:c6:db:da:
8d:32:58:77:91:22:3b:2d:d7:ed:e9:ab:62:91:af:
8a:a5:0a:31:a7:41:75:ff:e7:77:86:5a:1c:b8:ac:
ff:fe:60:6f:2b:f0:3d:d1:8f:ed:24:ea:83:d4:a3:
20:c1:c3:41:f4:7b:88:33:bf:07:87:0b:75:f4:09:
3e:7a:1a:1c:80:88:87:f8:a6:44:b3:fa:93:cc:f3:
00:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:F8:87:E7:B8:67:B1:7F:31:F6:AF:E8:D1:EE:97:26:E0:20:3C:86
X509v3 Authority Key Identifier:
keyid:D7:34:92:E4:D2:5C:3B:BD:0C:5E:20:C5:A8:5E:CB:22:EC:97:36:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1zSS5NJcO70MXiDFqF7LIuyXNgo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/09aa61-87d7-4f53-9818-dec21eefa38b/1/DfiH57hnsX8x9q_o0e6XJuAgPIY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/09aa61-87d7-4f53-9818-dec21eefa38b/1/1zSS5NJcO70MXiDFqF7LIuyXNgo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.140.252.0/24
185.200.132.0/22
Signature Algorithm: sha256WithRSAEncryption
01:30:2d:dc:88:24:26:b3:91:a3:1a:cc:7a:00:c2:4b:56:e6:
5b:19:9d:ea:3b:91:12:f4:f7:62:3b:13:9d:35:3d:44:b6:fa:
21:32:ea:7a:8f:2b:b1:b8:30:19:5e:71:58:9c:05:7a:ad:bc:
3a:62:e4:44:3a:1c:0e:1d:c4:11:3d:40:20:46:e4:fa:1e:06:
a3:36:2e:08:11:91:48:57:33:9a:b0:03:ca:f6:f4:59:4d:86:
4a:dd:10:57:9f:fc:d8:5f:e6:a1:35:6c:6e:eb:27:e4:5d:03:
f5:f0:13:f2:88:34:4e:98:b0:ef:6b:65:d0:e6:eb:d4:6b:c6:
18:4d:2e:da:9a:0b:c9:f9:17:73:c3:c7:72:c2:16:7c:cb:52:
cd:01:3f:65:e2:76:67:3f:92:c9:0b:0c:66:f2:32:48:1d:45:
78:d8:8c:02:41:af:79:b3:9b:fd:eb:9d:52:13:4e:65:12:99:
bf:8d:b6:92:bf:e2:7b:00:b8:08:e8:85:40:33:ce:cb:53:31:
18:00:4d:4f:eb:56:1c:a2:ca:e3:6a:a9:33:76:a2:01:00:9b:
a8:66:01:a1:eb:21:ff:23:98:0c:87:f0:be:0a:2d:28:e8:c2:
22:33:87:e2:e6:57:6e:ec:32:82:1f:79:13:f6:ff:d2:30:56:
fd:ee:e2:da
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEAJKOLDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NzM0OTJlNGQyNWMzYmJkMGM1ZTIwYzVhODVlY2IyMmVjOTczNjBhMB4XDTIyMDEw
MTAyNTIxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGRmODg3ZTdiODY3
YjE3ZjMxZjZhZmU4ZDFlZTk3MjZlMDIwM2M4NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKyH2lfpom4PREmx5LlDeAFLOyDdb6E5TMIExVU4FdLRr8jj
shr7bd2+F/lmbRcBu4XalkOYa2JTIRb0QOYXA6/ikKEtOJjEfgeR+Vr20Y6mtRV4
XN/XjxwBrzxu80CZMkOBel4EHV++EQ0zeITFcY4U41EO8onjKVKCAC0Jo1TRCjvJ
We4uXIiOvCOVI5ZnrsfkWWHNiDgFOkWztc7Rv4k3pk4fmk1Ia1hlWopSHf7kxtva
jTJYd5EiOy3X7emrYpGviqUKMadBdf/nd4ZaHLis//5gbyvwPdGP7STqg9SjIMHD
QfR7iDO/B4cLdfQJPnoaHICIh/imRLP6k8zzADUCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQN+IfnuGexfzH2r+jR7pcm4CA8hjAfBgNVHSMEGDAWgBTXNJLk0lw7vQxe
IMWoXssi7Jc2CjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzF6U1M1TkpjTzcwTVhpREZxRjdMSXV5WE5nby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODEvMDlhYTYxLTg3ZDctNGY1My05ODE4LWRlYzIxZWVmYTM4Yi8x
L0RmaUg1N2huc1g4eDlxX28wZTZYSnVBZ1BJWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODEv
MDlhYTYxLTg3ZDctNGY1My05ODE4LWRlYzIxZWVmYTM4Yi8xLzF6U1M1TkpjTzcw
TVhpREZxRjdMSXV5WE5nby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEACWM/AMEArnIhDANBgkqhkiG9w0B
AQsFAAOCAQEAATAt3IgkJrORoxrMegDCS1bmWxmd6juREvT3YjsTnTU9RLb6ITLq
eo8rsbgwGV5xWJwFeq28OmLkRDocDh3EET1AIEbk+h4GozYuCBGRSFczmrADyvb0
WU2GSt0QV5/82F/moTVsbusn5F0D9fAT8og0Tpiw72tl0Obr1GvGGE0u2poLyfkX
c8PHcsIWfMtSzQE/ZeJ2Zz+SyQsMZvIySB1FeNiMAkGvebOb/eudUhNOZRKZv422
kr/iewC4COiFQDPOy1MxGABNT+tWHKLK42qpM3aiAQCbqGYBoesh/yOYDIfwvgot
KOjCIjOH4uZXbuwygh95E/b/0jBW/e7i2g==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:51 2023 by rpki-client on console.sobornost.net