Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/5b0cd9-e279-46aa-81da-1bb17a8b26fe/1/iAMkQYFg1ZQTC_gj4HiRzWYoZrA.roa
File: iAMkQYFg1ZQTC_gj4HiRzWYoZrA.roa (raw, json)
Hash identifier: AEZOUVaZsenCldEm54DmwPIiaVMwhcjbNTJUFMQ+6z8=
Subject key identifier: 88:03:24:41:81:60:D5:94:13:0B:F8:23:E0:78:91:CD:66:28:66:B0
Certificate issuer: /CN=f5c371f3a34abf1957d1895df8063f4d6207ec02
Certificate serial: 0182EFDAB02862C9CA5899AA9FDF74D1AA58
Authority key identifier: F5:C3:71:F3:A3:4A:BF:19:57:D1:89:5D:F8:06:3F:4D:62:07:EC:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9cNx86NKvxlX0Yld-AY_TWIH7AI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/5b0cd9-e279-46aa-81da-1bb17a8b26fe/1/iAMkQYFg1ZQTC_gj4HiRzWYoZrA.roa
Signing time: Tue 30 Aug 2022 17:44:22 +0000
ROA not before: Tue 30 Aug 2022 17:44:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202468
IP address blocks: 37.152.176.0/20 maxlen: 24
37.152.184.0/24 maxlen: 24
185.206.92.0/22 maxlen: 22
185.231.180.0/22 maxlen: 22
185.228.238.0/24 maxlen: 24
185.228.239.0/24 maxlen: 24
185.228.236.0/24 maxlen: 24
185.228.236.0/22 maxlen: 22
185.228.237.0/24 maxlen: 24
185.97.116.0/22 maxlen: 22
188.121.120.0/21 maxlen: 24
185.239.104.0/24 maxlen: 24
185.239.105.0/24 maxlen: 24
185.220.224.0/24 maxlen: 24
185.220.224.0/22 maxlen: 22
185.220.225.0/24 maxlen: 24
185.220.226.0/24 maxlen: 24
185.239.106.0/23 maxlen: 23
185.220.227.0/24 maxlen: 24
37.32.24.0/22 maxlen: 22
193.176.240.0/22 maxlen: 24
37.32.20.0/22 maxlen: 22
37.32.28.0/22 maxlen: 24
193.176.242.0/23 maxlen: 23
188.121.96.0/19 maxlen: 24
188.121.104.0/22 maxlen: 22
188.121.108.0/22 maxlen: 22
94.101.176.0/20 maxlen: 24
94.101.184.0/21 maxlen: 24
94.101.180.0/23 maxlen: 23
94.101.180.0/24 maxlen: 24
94.101.182.0/24 maxlen: 24
185.143.232.0/22 maxlen: 24
185.226.116.0/22 maxlen: 22
2a0c:a7c0:1::/48 maxlen: 48
2a0c:a7c0:3::/48 maxlen: 48
2a0c:a7c0::/48 maxlen: 48
2a07:3900::/29 maxlen: 29
2a0c:a7c0:2::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:ef:da:b0:28:62:c9:ca:58:99:aa:9f:df:74:d1:aa:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f5c371f3a34abf1957d1895df8063f4d6207ec02
Validity
Not Before: Aug 30 17:44:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=880324418160d594130bf823e07891cd662866b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:1f:c3:e9:1b:94:10:52:25:df:14:0c:8e:a9:
63:68:9d:79:f0:63:84:ea:bb:33:54:a4:05:a4:f1:
88:69:29:a2:44:a6:59:d0:82:2e:ab:32:ab:14:d7:
d5:da:a6:ae:71:58:13:68:b4:c0:f9:da:1c:92:11:
10:50:56:80:d0:e6:76:dd:17:84:63:43:7d:97:9f:
99:47:67:80:72:87:fc:62:af:00:93:2f:46:1e:bc:
08:7e:b2:7b:ee:7c:b6:06:28:12:2e:ab:49:eb:91:
ba:83:60:e0:43:2b:5c:30:b4:b5:37:fb:c8:46:99:
bc:87:dc:2b:5a:c8:52:08:58:43:73:9d:68:78:68:
61:80:6a:3f:12:61:67:a2:31:28:fe:7e:b2:52:58:
99:42:f8:1c:ae:f9:92:78:e4:42:42:f3:c2:03:38:
92:09:18:e8:d2:3d:d6:e8:43:11:be:7b:2d:f0:db:
7f:d6:5b:46:ed:c2:35:4f:6e:d9:6d:15:67:8b:3e:
fa:04:f9:b8:41:ce:42:a5:cf:c1:78:d9:6a:0c:6c:
0d:ff:38:fc:bc:a6:2c:4f:99:08:f2:4a:68:19:12:
ec:a6:29:fa:4f:c6:70:a3:ac:bf:00:d5:1c:de:bc:
55:6c:5d:20:d9:1c:7d:5e:15:c6:30:90:e3:35:98:
b8:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:03:24:41:81:60:D5:94:13:0B:F8:23:E0:78:91:CD:66:28:66:B0
X509v3 Authority Key Identifier:
keyid:F5:C3:71:F3:A3:4A:BF:19:57:D1:89:5D:F8:06:3F:4D:62:07:EC:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9cNx86NKvxlX0Yld-AY_TWIH7AI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/5b0cd9-e279-46aa-81da-1bb17a8b26fe/1/iAMkQYFg1ZQTC_gj4HiRzWYoZrA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/5b0cd9-e279-46aa-81da-1bb17a8b26fe/1/9cNx86NKvxlX0Yld-AY_TWIH7AI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.32.20.0-37.32.31.255
37.152.176.0/20
94.101.176.0/20
185.97.116.0/22
185.143.232.0/22
185.206.92.0/22
185.220.224.0/22
185.226.116.0/22
185.228.236.0/22
185.231.180.0/22
185.239.104.0/22
188.121.96.0/19
193.176.240.0/22
IPv6:
2a07:3900::/29
2a0c:a7c0::/46
Signature Algorithm: sha256WithRSAEncryption
18:a7:0f:1e:56:84:59:71:9d:ae:6d:0e:11:02:6f:01:66:3f:
86:86:df:29:63:5a:da:8f:12:51:3e:47:fc:56:23:e1:4c:39:
d8:b8:af:93:bc:d4:4c:e5:72:15:4c:13:32:2c:97:0e:70:fb:
92:3a:7b:ef:66:11:03:55:c8:0f:8f:a2:3e:e7:16:b2:3d:41:
d3:78:50:d3:e8:be:a8:2f:8c:97:22:b3:1c:8d:9d:de:89:1b:
62:0c:c8:1d:0d:ec:a4:09:5b:ee:0b:45:ad:63:3b:70:4f:37:
a6:14:a3:32:f7:83:7e:89:c4:05:aa:62:c3:cd:6f:79:cf:fc:
0c:b3:bf:37:5a:93:da:f7:f5:38:7a:97:05:ee:90:a8:f5:9b:
66:d9:ff:ae:e6:48:20:23:c9:92:87:e9:11:c4:5a:e8:5a:a4:
75:ef:6d:5b:e3:22:29:97:cd:aa:b2:9d:a4:1c:ca:02:b7:29:
ef:ec:42:a3:5c:ab:c0:92:09:ed:e7:42:95:c7:76:24:14:be:
3c:47:0f:1a:c5:a2:09:ee:c9:f3:20:0c:a3:e7:a3:56:c2:14:
ef:c0:a1:c8:78:e6:8b:fc:be:9a:d7:52:03:9e:a1:52:68:9d:
b8:f0:e5:de:2a:d1:19:dd:01:75:50:12:db:69:9c:20:36:f0:
16:f2:0c:e9
-----BEGIN CERTIFICATE-----
MIIFZjCCBE6gAwIBAgISAYLv2rAoYsnKWJmqn9900apYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1YzM3MWYzYTM0YWJmMTk1N2QxODk1ZGY4MDYzZjRkNjIw
N2VjMDIwHhcNMjIwODMwMTc0NDIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODAzMjQ0MTgxNjBkNTk0MTMwYmY4MjNlMDc4OTFjZDY2Mjg2NmIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlx/D6RuUEFIl3xQMjqljaJ158GOE
6rszVKQFpPGIaSmiRKZZ0IIuqzKrFNfV2qaucVgTaLTA+dockhEQUFaA0OZ23ReE
Y0N9l5+ZR2eAcof8Yq8Aky9GHrwIfrJ77ny2BigSLqtJ65G6g2DgQytcMLS1N/vI
Rpm8h9wrWshSCFhDc51oeGhhgGo/EmFnojEo/n6yUliZQvgcrvmSeORCQvPCAziS
CRjo0j3W6EMRvnst8Nt/1ltG7cI1T27ZbRVniz76BPm4Qc5Cpc/BeNlqDGwN/zj8
vKYsT5kI8kpoGRLspin6T8Zwo6y/ANUc3rxVbF0g2Rx9XhXGMJDjNZi4ewIDAQAB
o4ICcjCCAm4wHQYDVR0OBBYEFIgDJEGBYNWUEwv4I+B4kc1mKGawMB8GA1UdIwQY
MBaAFPXDcfOjSr8ZV9GJXfgGP01iB+wCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWNOeDg2Tkt2eGxYMFlsZC1BWV9UV0lIN0FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS81YjBjZDktZTI3OS00NmFhLTgxZGEt
MWJiMTdhOGIyNmZlLzEvaUFNa1FZRmcxWlFUQ19najRIaVJ6V1lvWnJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS81YjBjZDktZTI3OS00NmFhLTgxZGEtMWJiMTdhOGIyNmZl
LzEvOWNOeDg2Tkt2eGxYMFlsZC1BWV9UV0lIN0FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGHBggrBgEFBQcBBwEB/wR4MHYwXAQCAAEwVjAMAwQCJSAU
AwQFJSAAAwQEJZiwAwQEXmWwAwQCuWF0AwQCuY/oAwQCuc5cAwQCudzgAwQCueJ0
AwQCueTsAwQCuee0AwQCue9oAwQFvHlgAwQCwbDwMBYEAgACMBADBQMqBzkAAwcC
KgynwAAAMA0GCSqGSIb3DQEBCwUAA4IBAQAYpw8eVoRZcZ2ubQ4RAm8BZj+Ght8p
Y1rajxJRPkf8ViPhTDnYuK+TvNRM5XIVTBMyLJcOcPuSOnvvZhEDVcgPj6I+5xay
PUHTeFDT6L6oL4yXIrMcjZ3eiRtiDMgdDeykCVvuC0WtYztwTzemFKMy94N+icQF
qmLDzW95z/wMs783WpPa9/U4epcF7pCo9Ztm2f+u5kggI8mSh+kRxFroWqR1721b
4yIpl82qsp2kHMoCtynv7EKjXKvAkgnt50KVx3YkFL48Rw8axaIJ7snzIAyj56NW
whTvwKHIeOaL/L6a11IDnqFSaJ248OXeKtEZ3QF1UBLbaZwgNvAW8gzp
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:51 2023 by rpki-client on console.sobornost.net