Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/5b0cd9-e279-46aa-81da-1bb17a8b26fe/1/t8SDsYtIM0PlyZFCYa6kCNOMcfU.roa
File: t8SDsYtIM0PlyZFCYa6kCNOMcfU.roa (raw, json)
Hash identifier: kDg9SBKE3fvkgVp63e4W75DDIaSOkCvPV3Rlo63djGg=
Subject key identifier: B7:C4:83:B1:8B:48:33:43:E5:C9:91:42:61:AE:A4:08:D3:8C:71:F5
Certificate issuer: /CN=f5c371f3a34abf1957d1895df8063f4d6207ec02
Certificate serial: 0184BDD060CCC4F418771C144328B236099D
Authority key identifier: F5:C3:71:F3:A3:4A:BF:19:57:D1:89:5D:F8:06:3F:4D:62:07:EC:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9cNx86NKvxlX0Yld-AY_TWIH7AI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/5b0cd9-e279-46aa-81da-1bb17a8b26fe/1/t8SDsYtIM0PlyZFCYa6kCNOMcfU.roa
Signing time: Mon 28 Nov 2022 10:37:40 +0000
ROA not before: Mon 28 Nov 2022 10:37:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208006
IP address blocks: 37.152.177.0/24 maxlen: 24
37.152.179.0/24 maxlen: 24
37.152.178.0/24 maxlen: 24
37.152.176.0/24 maxlen: 24
37.152.186.0/24 maxlen: 24
37.152.185.0/24 maxlen: 24
37.152.181.0/24 maxlen: 24
37.152.180.0/24 maxlen: 24
37.152.183.0/24 maxlen: 24
37.152.182.0/24 maxlen: 24
37.152.191.0/24 maxlen: 24
37.152.190.0/24 maxlen: 24
37.152.188.0/24 maxlen: 24
37.152.187.0/24 maxlen: 24
37.152.189.0/24 maxlen: 24
193.176.240.0/24 maxlen: 24
193.176.243.0/24 maxlen: 24
193.176.242.0/24 maxlen: 24
193.176.241.0/24 maxlen: 24
185.143.232.0/22 maxlen: 24
185.143.232.0/24 maxlen: 24
185.143.235.0/24 maxlen: 24
185.97.116.0/22 maxlen: 22
2a0c:a7c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:bd:d0:60:cc:c4:f4:18:77:1c:14:43:28:b2:36:09:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f5c371f3a34abf1957d1895df8063f4d6207ec02
Validity
Not Before: Nov 28 10:37:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b7c483b18b483343e5c9914261aea408d38c71f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:24:fd:fc:cf:5c:8d:f9:f2:31:be:98:9e:d5:
c8:3f:a5:4f:40:a7:f9:88:42:38:e9:bf:5b:cf:44:
ef:39:fe:c9:23:13:5f:3e:67:fe:77:5c:1c:24:f8:
29:e5:eb:14:79:2b:9d:81:ef:c2:29:c9:f5:0c:a5:
28:90:f4:6f:60:93:64:f4:39:39:66:d7:ee:3b:29:
dd:ff:b1:bb:5f:6e:97:18:b6:b1:df:a0:39:d2:17:
72:8c:63:b9:f5:14:03:0a:45:ef:e0:ea:3f:2b:ba:
fc:bd:2d:73:bd:96:b7:87:12:11:85:84:f6:61:38:
a7:56:89:d2:3c:2d:e2:3d:12:f7:00:95:6b:75:52:
48:b6:23:4c:43:c2:9b:cb:7f:ca:68:50:25:c0:c8:
34:bc:ee:1b:0e:88:da:5c:9c:55:bd:58:59:62:96:
57:f0:aa:1a:d5:8f:5f:9d:27:e2:f7:79:20:c9:79:
8b:8a:44:95:0d:ef:69:ee:98:e4:8c:99:68:c8:47:
39:fc:d3:c9:b1:36:0f:a6:8b:9f:e9:de:b9:81:9d:
53:4d:4a:63:f5:9b:ea:4d:13:f3:6f:11:7e:9f:52:
a0:15:84:14:d8:de:f9:7d:05:07:1e:b6:55:d5:80:
e0:b5:02:b9:66:f6:72:6b:0a:88:bc:f5:31:e8:d1:
ff:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:C4:83:B1:8B:48:33:43:E5:C9:91:42:61:AE:A4:08:D3:8C:71:F5
X509v3 Authority Key Identifier:
keyid:F5:C3:71:F3:A3:4A:BF:19:57:D1:89:5D:F8:06:3F:4D:62:07:EC:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9cNx86NKvxlX0Yld-AY_TWIH7AI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/5b0cd9-e279-46aa-81da-1bb17a8b26fe/1/t8SDsYtIM0PlyZFCYa6kCNOMcfU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/5b0cd9-e279-46aa-81da-1bb17a8b26fe/1/9cNx86NKvxlX0Yld-AY_TWIH7AI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.152.176.0/21
37.152.185.0-37.152.191.255
185.97.116.0/22
185.143.232.0/22
193.176.240.0/22
IPv6:
2a0c:a7c0::/29
Signature Algorithm: sha256WithRSAEncryption
21:3f:01:68:27:be:3d:dc:8e:c2:f9:c5:8e:be:a0:25:b7:f2:
39:9b:a0:bd:71:e3:f7:34:a6:45:bd:6e:bf:30:79:70:ba:cd:
72:63:19:d5:be:f4:26:bf:66:52:72:70:9c:cf:90:6c:ee:64:
ff:32:dd:6f:35:9e:40:48:3b:6b:26:ee:3a:98:22:3e:ae:d4:
4b:d6:f8:d8:ba:24:ac:f7:8f:dc:bf:3c:6d:66:62:91:73:bc:
91:53:37:d1:4c:9f:09:d3:a3:77:d1:3e:77:61:17:e4:eb:80:
53:b4:7f:be:e1:cc:39:a1:3d:53:68:c9:f1:48:2c:df:91:b3:
3f:f8:ea:62:8e:44:9c:fd:1a:9e:94:62:cd:ae:9b:3b:f1:33:
16:eb:e1:c2:be:7d:c6:ce:23:78:17:3f:80:65:57:57:a6:f4:
c1:13:55:4a:6d:07:c0:9e:f0:00:6a:4b:ad:12:69:73:28:22:
01:58:f3:60:ac:f1:ae:e5:1c:6c:bf:e5:79:2d:35:8d:cd:cf:
eb:c1:37:92:0d:3f:45:8a:47:0f:fc:84:70:d6:9a:86:1c:d1:
b6:fd:0b:e6:69:f1:f2:d3:f7:38:64:b2:54:c2:bc:d3:56:34:
56:60:ee:bd:ad:49:91:30:4a:c4:18:88:12:69:87:02:f8:f3:
16:9f:89:ef
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYS90GDMxPQYdxwUQyiyNgmdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1YzM3MWYzYTM0YWJmMTk1N2QxODk1ZGY4MDYzZjRkNjIw
N2VjMDIwHhcNMjIxMTI4MTAzNzQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiN2M0ODNiMThiNDgzMzQzZTVjOTkxNDI2MWFlYTQwOGQzOGM3MWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkST9/M9cjfnyMb6YntXIP6VPQKf5
iEI46b9bz0TvOf7JIxNfPmf+d1wcJPgp5esUeSudge/CKcn1DKUokPRvYJNk9Dk5
ZtfuOynd/7G7X26XGLax36A50hdyjGO59RQDCkXv4Oo/K7r8vS1zvZa3hxIRhYT2
YTinVonSPC3iPRL3AJVrdVJItiNMQ8Kby3/KaFAlwMg0vO4bDojaXJxVvVhZYpZX
8Koa1Y9fnSfi93kgyXmLikSVDe9p7pjkjJloyEc5/NPJsTYPpouf6d65gZ1TTUpj
9ZvqTRPzbxF+n1KgFYQU2N75fQUHHrZV1YDgtQK5ZvZyawqIvPUx6NH/RwIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFLfEg7GLSDND5cmRQmGupAjTjHH1MB8GA1UdIwQY
MBaAFPXDcfOjSr8ZV9GJXfgGP01iB+wCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWNOeDg2Tkt2eGxYMFlsZC1BWV9UV0lIN0FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS81YjBjZDktZTI3OS00NmFhLTgxZGEt
MWJiMTdhOGIyNmZlLzEvdDhTRHNZdElNMFBseVpGQ1lhNmtDTk9NY2ZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS81YjBjZDktZTI3OS00NmFhLTgxZGEtMWJiMTdhOGIyNmZl
LzEvOWNOeDg2Tkt2eGxYMFlsZC1BWV9UV0lIN0FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAsBAIAATAmAwQDJZiwMAwD
BAAlmLkDBAYlmIADBAK5YXQDBAK5j+gDBALBsPAwDQQCAAIwBwMFAyoMp8AwDQYJ
KoZIhvcNAQELBQADggEBACE/AWgnvj3cjsL5xY6+oCW38jmboL1x4/c0pkW9br8w
eXC6zXJjGdW+9Ca/ZlJycJzPkGzuZP8y3W81nkBIO2sm7jqYIj6u1EvW+Ni6JKz3
j9y/PG1mYpFzvJFTN9FMnwnTo3fRPndhF+TrgFO0f77hzDmhPVNoyfFILN+Rsz/4
6mKORJz9Gp6UYs2umzvxMxbr4cK+fcbOI3gXP4BlV1em9METVUptB8Ce8ABqS60S
aXMoIgFY82Cs8a7lHGy/5XktNY3Nz+vBN5INP0WKRw/8hHDWmoYc0bb9C+Zp8fLT
9zhkslTCvNNWNFZg7r2tSZEwSsQYiBJphwL48xafie8=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:51 2023 by rpki-client on console.sobornost.net