Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/5b0cd9-e279-46aa-81da-1bb17a8b26fe/1/t24hPbj03AannSzgSDqW_qaEVI8.roa
File: t24hPbj03AannSzgSDqW_qaEVI8.roa (raw, json)
Hash identifier: 0UDpFdTjmGfUrFxR+lR/3+Xxq5trT6o4UZcmdHNmyM4=
Subject key identifier: B7:6E:21:3D:B8:F4:DC:06:A7:9D:2C:E0:48:3A:96:FE:A6:84:54:8F
Certificate issuer: /CN=f5c371f3a34abf1957d1895df8063f4d6207ec02
Certificate serial: 0184A6157ABA65F420CC86E0D05C1ADBF630
Authority key identifier: F5:C3:71:F3:A3:4A:BF:19:57:D1:89:5D:F8:06:3F:4D:62:07:EC:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9cNx86NKvxlX0Yld-AY_TWIH7AI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/5b0cd9-e279-46aa-81da-1bb17a8b26fe/1/t24hPbj03AannSzgSDqW_qaEVI8.roa
Signing time: Wed 23 Nov 2022 20:02:16 +0000
ROA not before: Wed 23 Nov 2022 20:02:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208006
IP address blocks: 37.152.177.0/24 maxlen: 24
37.152.179.0/24 maxlen: 24
37.152.178.0/24 maxlen: 24
37.152.176.0/24 maxlen: 24
37.152.186.0/24 maxlen: 24
37.152.185.0/24 maxlen: 24
37.152.181.0/24 maxlen: 24
37.152.180.0/24 maxlen: 24
37.152.183.0/24 maxlen: 24
37.152.182.0/24 maxlen: 24
37.152.191.0/24 maxlen: 24
37.152.190.0/24 maxlen: 24
37.152.188.0/24 maxlen: 24
37.152.187.0/24 maxlen: 24
37.152.189.0/24 maxlen: 24
193.176.240.0/24 maxlen: 24
193.176.243.0/24 maxlen: 24
193.176.242.0/24 maxlen: 24
193.176.241.0/24 maxlen: 24
185.143.232.0/22 maxlen: 24
185.143.235.0/24 maxlen: 24
185.97.116.0/22 maxlen: 22
2a0c:a7c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:a6:15:7a:ba:65:f4:20:cc:86:e0:d0:5c:1a:db:f6:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f5c371f3a34abf1957d1895df8063f4d6207ec02
Validity
Not Before: Nov 23 20:02:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b76e213db8f4dc06a79d2ce0483a96fea684548f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:fd:c9:97:89:2b:26:5f:a2:93:fa:dd:ec:03:
45:7b:01:40:17:5d:e9:4e:38:a0:6a:d2:4f:6c:f6:
cf:d4:13:99:e5:82:60:a1:86:0f:ef:8e:66:b8:61:
d2:4b:b0:c2:01:99:77:53:dd:56:3e:72:f5:cb:76:
5a:1a:f9:33:e2:8c:9c:89:1f:33:99:a7:fa:5d:52:
da:0b:d6:d7:e8:c1:59:34:f2:6b:e1:80:af:c3:94:
d9:b3:df:03:45:79:a2:e9:79:f1:cc:81:05:b1:bb:
e7:ad:a1:08:2b:1f:d8:4f:e6:80:d5:55:1d:b1:0e:
85:0d:83:e6:c7:86:39:a9:bc:b9:f2:1f:c2:d2:7f:
7d:b8:c2:25:e9:2f:a2:c9:37:20:96:30:c2:7b:87:
94:da:10:44:a1:4d:4a:2d:17:3e:f3:94:3a:95:04:
2e:8b:c1:77:ac:79:b4:72:07:16:66:32:ff:3f:e8:
60:28:14:9c:2d:5e:bb:29:e4:56:96:77:d1:f8:ab:
06:e5:22:32:23:51:4f:eb:7d:eb:b9:40:3b:ad:59:
d5:14:a2:79:4e:7b:ae:d5:60:b8:1b:40:70:6a:be:
f6:1a:32:e5:39:48:0d:0e:fe:30:58:7d:6e:e4:68:
2f:c7:7d:66:04:04:d4:f6:77:4d:1b:a4:16:8d:0a:
5a:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:6E:21:3D:B8:F4:DC:06:A7:9D:2C:E0:48:3A:96:FE:A6:84:54:8F
X509v3 Authority Key Identifier:
keyid:F5:C3:71:F3:A3:4A:BF:19:57:D1:89:5D:F8:06:3F:4D:62:07:EC:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9cNx86NKvxlX0Yld-AY_TWIH7AI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/5b0cd9-e279-46aa-81da-1bb17a8b26fe/1/t24hPbj03AannSzgSDqW_qaEVI8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/5b0cd9-e279-46aa-81da-1bb17a8b26fe/1/9cNx86NKvxlX0Yld-AY_TWIH7AI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.152.176.0/21
37.152.185.0-37.152.191.255
185.97.116.0/22
185.143.232.0/22
193.176.240.0/22
IPv6:
2a0c:a7c0::/29
Signature Algorithm: sha256WithRSAEncryption
38:ed:91:71:59:73:c1:ba:7f:22:c8:a8:3a:3c:8b:41:8b:a5:
4a:e5:f1:12:02:9a:47:85:89:01:65:67:8c:e0:73:47:3f:91:
4b:d5:db:af:2d:b5:d7:a3:6d:72:91:a6:28:2c:ac:2e:bd:b5:
4f:e1:09:0a:38:01:83:38:13:31:0b:d2:3b:46:0c:d3:6e:d9:
7e:5d:0b:fb:a7:6b:bc:c9:ee:a7:52:82:a2:78:7e:60:83:a7:
15:44:df:4d:a7:d9:0d:06:b2:fc:4d:32:a9:82:b9:8d:0b:52:
cb:45:70:04:d0:97:3b:7d:55:7e:6d:96:de:b2:dc:1e:f4:b0:
0f:93:9a:5d:1b:c5:9d:e0:7a:20:b3:de:22:5e:0f:95:f0:c6:
16:10:fc:65:d4:6c:2f:a9:7a:df:4a:82:d1:56:97:47:1d:ca:
10:80:10:b8:3e:86:89:98:9f:7b:e1:55:3c:f7:7a:1f:2a:0c:
e2:b2:28:71:64:53:43:44:61:15:f2:71:3e:24:ce:45:81:e8:
72:72:a9:1c:77:af:64:b3:af:86:c0:85:3c:1c:8f:4f:40:7d:
da:f3:bf:a5:af:ef:b6:04:74:ff:3a:21:09:fa:19:2f:38:12:
9f:fa:5a:b7:98:73:53:d0:0e:1d:55:75:87:49:bd:f8:7c:87:
63:60:83:c6
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYSmFXq6ZfQgzIbg0Fwa2/YwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1YzM3MWYzYTM0YWJmMTk1N2QxODk1ZGY4MDYzZjRkNjIw
N2VjMDIwHhcNMjIxMTIzMjAwMjE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzZlMjEzZGI4ZjRkYzA2YTc5ZDJjZTA0ODNhOTZmZWE2ODQ1NDhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsP3Jl4krJl+ik/rd7ANFewFAF13p
TjigatJPbPbP1BOZ5YJgoYYP745muGHSS7DCAZl3U91WPnL1y3ZaGvkz4oyciR8z
maf6XVLaC9bX6MFZNPJr4YCvw5TZs98DRXmi6XnxzIEFsbvnraEIKx/YT+aA1VUd
sQ6FDYPmx4Y5qby58h/C0n99uMIl6S+iyTcgljDCe4eU2hBEoU1KLRc+85Q6lQQu
i8F3rHm0cgcWZjL/P+hgKBScLV67KeRWlnfR+KsG5SIyI1FP633ruUA7rVnVFKJ5
Tnuu1WC4G0Bwar72GjLlOUgNDv4wWH1u5Ggvx31mBATU9ndNG6QWjQpa2wIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFLduIT249NwGp50s4Eg6lv6mhFSPMB8GA1UdIwQY
MBaAFPXDcfOjSr8ZV9GJXfgGP01iB+wCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWNOeDg2Tkt2eGxYMFlsZC1BWV9UV0lIN0FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS81YjBjZDktZTI3OS00NmFhLTgxZGEt
MWJiMTdhOGIyNmZlLzEvdDI0aFBiajAzQWFublN6Z1NEcVdfcWFFVkk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS81YjBjZDktZTI3OS00NmFhLTgxZGEtMWJiMTdhOGIyNmZl
LzEvOWNOeDg2Tkt2eGxYMFlsZC1BWV9UV0lIN0FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAsBAIAATAmAwQDJZiwMAwD
BAAlmLkDBAYlmIADBAK5YXQDBAK5j+gDBALBsPAwDQQCAAIwBwMFAyoMp8AwDQYJ
KoZIhvcNAQELBQADggEBADjtkXFZc8G6fyLIqDo8i0GLpUrl8RICmkeFiQFlZ4zg
c0c/kUvV268ttdejbXKRpigsrC69tU/hCQo4AYM4EzEL0jtGDNNu2X5dC/una7zJ
7qdSgqJ4fmCDpxVE302n2Q0GsvxNMqmCuY0LUstFcATQlzt9VX5tlt6y3B70sA+T
ml0bxZ3geiCz3iJeD5XwxhYQ/GXUbC+pet9KgtFWl0cdyhCAELg+homYn3vhVTz3
eh8qDOKyKHFkU0NEYRXycT4kzkWB6HJyqRx3r2Szr4bAhTwcj09Afdrzv6Wv77YE
dP86IQn6GS84Ep/6WreYc1PQDh1VdYdJvfh8h2Ngg8Y=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:51 2023 by rpki-client on console.sobornost.net