Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/55a74f-49ca-4a63-9eda-517eff908975/1/zXAJcI7qRP_YgQtH8FlHf21R790.roa
File: zXAJcI7qRP_YgQtH8FlHf21R790.roa (raw, json)
Hash identifier: tL6a95nzlYzHjtqbu0+y2JwaOqCPfVBKJCtJEUZxnHo=
Subject key identifier: CD:70:09:70:8E:EA:44:FF:D8:81:0B:47:F0:59:47:7F:6D:51:EF:DD
Certificate issuer: /CN=be125cad7dd4c5f0201ee2a21deac387366981c4
Certificate serial: 159AEFBD
Authority key identifier: BE:12:5C:AD:7D:D4:C5:F0:20:1E:E2:A2:1D:EA:C3:87:36:69:81:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vhJcrX3UxfAgHuKiHerDhzZpgcQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/55a74f-49ca-4a63-9eda-517eff908975/1/zXAJcI7qRP_YgQtH8FlHf21R790.roa
Signing time: Sat 01 Jan 2022 03:56:20 +0000
ROA not before: Sat 01 Jan 2022 03:56:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41202
IP address blocks: 185.183.240.0/22 maxlen: 22
185.183.240.0/23 maxlen: 23
185.183.240.0/24 maxlen: 24
185.183.242.0/23 maxlen: 23
37.110.208.0/24 maxlen: 24
37.110.210.0/24 maxlen: 24
37.110.212.0/22 maxlen: 22
37.110.208.0/22 maxlen: 22
37.110.208.0/21 maxlen: 21
37.110.215.0/24 maxlen: 24
37.110.214.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 362475453 (0x159aefbd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be125cad7dd4c5f0201ee2a21deac387366981c4
Validity
Not Before: Jan 1 03:56:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cd7009708eea44ffd8810b47f059477f6d51efdd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:8f:62:ff:27:ca:a2:bf:07:53:16:cd:4a:e6:
81:4e:0c:a1:a1:de:10:03:fd:dc:35:0c:4a:8d:d5:
3d:bd:52:61:5f:fd:b6:0f:87:52:66:f9:02:13:6b:
fd:87:c5:6c:89:30:f0:0c:35:8a:32:ce:39:32:13:
f0:54:d1:ee:e7:56:f8:bd:a1:c6:97:17:e5:a6:70:
2c:7d:08:e3:fd:3e:44:18:0b:cf:2a:f3:9e:14:b5:
f5:3a:7c:3d:1a:a3:89:57:fe:23:d9:11:f8:b5:0f:
89:eb:bd:b6:44:56:18:cb:8a:97:da:f5:0d:2e:c7:
61:2c:be:e7:27:ea:0f:ac:5c:1e:ed:9c:09:c8:32:
25:01:5d:53:de:ec:02:41:2d:e3:ce:15:ba:66:fe:
9f:ec:3c:e1:e7:4a:5d:43:b6:bb:ce:80:68:fb:32:
9f:85:6d:f1:f1:1c:0e:eb:ba:85:23:b4:64:78:57:
33:27:c0:c0:d4:8d:47:b1:ea:fb:33:fa:4a:00:d5:
9c:94:9c:a3:21:5c:8b:9c:57:07:64:98:8f:33:b9:
e2:5a:8c:c6:df:7d:72:41:7e:cc:0a:ab:4a:05:2b:
99:5c:39:6f:cd:f6:de:03:99:60:06:a1:64:7d:de:
e3:b2:79:bb:d0:8b:be:50:49:a2:81:04:7a:a1:7d:
04:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:70:09:70:8E:EA:44:FF:D8:81:0B:47:F0:59:47:7F:6D:51:EF:DD
X509v3 Authority Key Identifier:
keyid:BE:12:5C:AD:7D:D4:C5:F0:20:1E:E2:A2:1D:EA:C3:87:36:69:81:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vhJcrX3UxfAgHuKiHerDhzZpgcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/55a74f-49ca-4a63-9eda-517eff908975/1/zXAJcI7qRP_YgQtH8FlHf21R790.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/55a74f-49ca-4a63-9eda-517eff908975/1/vhJcrX3UxfAgHuKiHerDhzZpgcQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.110.208.0/21
185.183.240.0/22
Signature Algorithm: sha256WithRSAEncryption
05:ec:21:d2:c1:5c:82:b6:c9:61:d7:5c:04:1a:cf:e4:e3:8e:
25:46:9a:05:a0:89:ce:60:9f:4a:93:0c:57:26:9e:ca:dd:90:
70:87:45:ac:d0:10:64:2d:29:70:52:02:b2:6f:55:41:aa:cd:
ce:3d:39:ca:a8:74:9c:72:96:08:d5:63:7b:d5:3d:74:5f:f6:
89:66:da:f1:9d:af:63:77:a2:92:be:5f:0e:1b:45:7e:c1:a1:
67:08:d3:44:a4:e4:d0:13:d4:e5:a6:4c:de:1d:bf:9f:73:6e:
30:91:1a:dd:63:47:92:c1:9c:c3:20:f3:9b:76:fa:84:86:08:
bc:eb:cf:f3:05:e8:f2:85:38:06:f6:60:f5:a3:05:3f:8b:e3:
b4:4b:15:f1:b4:e4:91:eb:1b:88:0f:1b:e3:78:0d:bd:ab:5e:
f6:56:cb:b0:40:85:05:09:d0:b5:24:4f:0c:88:06:fb:95:cb:
4c:ee:b2:39:6f:10:d4:b5:60:bb:43:80:95:67:6d:b4:b8:36:
aa:1e:2e:16:fb:7b:cf:27:31:8d:35:d3:72:ee:84:f8:c5:1e:
70:15:b0:84:80:23:d7:34:1a:b4:89:5d:bd:8b:1b:7c:24:69:
a1:d1:91:d7:2f:cc:2c:c1:b1:3b:33:29:a2:df:c0:ae:f3:73:
03:e9:85:05
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEFZrvvTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
ZTEyNWNhZDdkZDRjNWYwMjAxZWUyYTIxZGVhYzM4NzM2Njk4MWM0MB4XDTIyMDEw
MTAzNTYyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2Q3MDA5NzA4ZWVh
NDRmZmQ4ODEwYjQ3ZjA1OTQ3N2Y2ZDUxZWZkZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALOPYv8nyqK/B1MWzUrmgU4MoaHeEAP93DUMSo3VPb1SYV/9
tg+HUmb5AhNr/YfFbIkw8Aw1ijLOOTIT8FTR7udW+L2hxpcX5aZwLH0I4/0+RBgL
zyrznhS19Tp8PRqjiVf+I9kR+LUPieu9tkRWGMuKl9r1DS7HYSy+5yfqD6xcHu2c
CcgyJQFdU97sAkEt484Vumb+n+w84edKXUO2u86AaPsyn4Vt8fEcDuu6hSO0ZHhX
MyfAwNSNR7Hq+zP6SgDVnJScoyFci5xXB2SYjzO54lqMxt99ckF+zAqrSgUrmVw5
b8323gOZYAahZH3e47J5u9CLvlBJooEEeqF9BB0CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTNcAlwjupE/9iBC0fwWUd/bVHv3TAfBgNVHSMEGDAWgBS+ElytfdTF8CAe
4qId6sOHNmmBxDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3ZoSmNyWDNVeGZBZ0h1S2lIZXJEaHpacGdjUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDcvNTVhNzRmLTQ5Y2EtNGE2My05ZWRhLTUxN2VmZjkwODk3NS8x
L3pYQUpjSTdxUlBfWWdRdEg4RmxIZjIxUjc5MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDcv
NTVhNzRmLTQ5Y2EtNGE2My05ZWRhLTUxN2VmZjkwODk3NS8xL3ZoSmNyWDNVeGZB
Z0h1S2lIZXJEaHpacGdjUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAyVu0AMEArm38DANBgkqhkiG9w0B
AQsFAAOCAQEABewh0sFcgrbJYddcBBrP5OOOJUaaBaCJzmCfSpMMVyaeyt2QcIdF
rNAQZC0pcFICsm9VQarNzj05yqh0nHKWCNVje9U9dF/2iWba8Z2vY3eikr5fDhtF
fsGhZwjTRKTk0BPU5aZM3h2/n3NuMJEa3WNHksGcwyDzm3b6hIYIvOvP8wXo8oU4
BvZg9aMFP4vjtEsV8bTkkesbiA8b43gNvate9lbLsECFBQnQtSRPDIgG+5XLTO6y
OW8Q1LVgu0OAlWdttLg2qh4uFvt7zycxjTXTcu6E+MUecBWwhIAj1zQatIldvYsb
fCRpodGR1y/MLMGxOzMpot/ArvNzA+mFBQ==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:37 2023 by rpki-client on console.sobornost.net