Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/767933-4a73-4b2f-ac84-daca26de6f7b/1/j-eLIh3ofvjErw77jy2VTzoH1J8.roa
File: j-eLIh3ofvjErw77jy2VTzoH1J8.roa (raw, json)
Hash identifier: S/q8CxcIWvanwpDdnuUJ7xLMGHa0hdPKcWo7F7MDY/8=
Subject key identifier: 8F:E7:8B:22:1D:E8:7E:F8:C4:AF:0E:FB:8F:2D:95:4F:3A:07:D4:9F
Certificate issuer: /CN=353e3f28e647e92ac8a710c305c2e21b623edc1c
Certificate serial: 2931F32C
Authority key identifier: 35:3E:3F:28:E6:47:E9:2A:C8:A7:10:C3:05:C2:E2:1B:62:3E:DC:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NT4_KOZH6SrIpxDDBcLiG2I-3Bw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/767933-4a73-4b2f-ac84-daca26de6f7b/1/j-eLIh3ofvjErw77jy2VTzoH1J8.roa
Signing time: Sat 01 Jan 2022 03:57:26 +0000
ROA not before: Sat 01 Jan 2022 03:57:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57970
IP address blocks: 37.152.128.0/24 maxlen: 24
37.152.129.0/24 maxlen: 24
37.152.128.0/19 maxlen: 24
37.152.130.0/24 maxlen: 24
37.152.131.0/24 maxlen: 24
37.152.132.0/24 maxlen: 24
37.152.138.0/24 maxlen: 24
37.152.139.0/24 maxlen: 24
37.152.133.0/24 maxlen: 24
37.152.134.0/24 maxlen: 24
37.152.135.0/24 maxlen: 24
37.152.136.0/23 maxlen: 23
37.152.140.0/24 maxlen: 24
37.152.141.0/24 maxlen: 24
37.152.142.0/24 maxlen: 24
37.152.144.0/21 maxlen: 21
37.152.143.0/24 maxlen: 24
37.152.152.0/22 maxlen: 22
37.152.156.0/24 maxlen: 24
37.152.157.0/24 maxlen: 24
37.152.158.0/24 maxlen: 24
37.152.159.0/24 maxlen: 24
185.86.72.0/22 maxlen: 22
185.86.72.0/24 maxlen: 24
185.86.73.0/24 maxlen: 24
185.86.74.0/24 maxlen: 24
185.86.75.0/24 maxlen: 24
185.88.0.0/24 maxlen: 24
185.88.1.0/24 maxlen: 24
185.88.2.0/24 maxlen: 24
185.88.3.0/24 maxlen: 24
185.88.0.0/22 maxlen: 22
185.20.192.0/24 maxlen: 24
185.20.192.0/22 maxlen: 22
185.20.193.0/24 maxlen: 24
185.20.194.0/24 maxlen: 24
185.20.195.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 691139372 (0x2931f32c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=353e3f28e647e92ac8a710c305c2e21b623edc1c
Validity
Not Before: Jan 1 03:57:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8fe78b221de87ef8c4af0efb8f2d954f3a07d49f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:62:30:9d:b5:8b:bb:4a:45:f2:aa:d9:ab:da:
f0:63:d4:32:c2:0c:d0:1e:39:8d:03:ad:24:e8:96:
8e:c0:b4:9f:36:48:e8:8f:5a:e0:7a:64:2a:82:f8:
6d:4e:db:e0:52:eb:95:36:f9:ae:2d:c7:fe:80:5c:
92:74:cd:0a:9b:a2:a0:04:9b:82:d4:e1:3f:88:27:
c9:62:01:46:38:c2:1c:fa:89:1f:a5:6d:25:2d:1f:
ad:77:34:4a:ab:05:b6:ea:20:e3:9c:37:d7:60:4d:
22:c6:db:f1:cf:4f:53:46:5e:bd:b5:ef:12:46:6c:
71:bb:41:e1:af:fa:eb:21:83:00:fe:b7:28:a7:30:
d9:86:08:6a:9f:ba:ab:1b:af:90:e8:16:3f:51:06:
4b:6e:4f:22:7c:2b:b8:74:68:61:62:08:87:a0:e7:
97:a1:45:e1:ae:bb:c4:a3:85:a5:15:fc:fb:73:10:
a9:a9:10:ec:40:d4:dc:80:65:d2:ac:cf:d5:32:32:
df:d3:fc:f2:66:e7:aa:d1:b9:b2:84:11:c6:bb:f0:
61:84:38:94:f6:62:b9:2e:9b:da:93:15:4c:56:19:
cb:04:1e:4c:2b:0c:5f:85:ed:f4:97:27:db:97:c5:
4c:f4:68:75:00:9f:be:ac:d1:b8:bd:14:56:c9:ed:
ad:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:E7:8B:22:1D:E8:7E:F8:C4:AF:0E:FB:8F:2D:95:4F:3A:07:D4:9F
X509v3 Authority Key Identifier:
keyid:35:3E:3F:28:E6:47:E9:2A:C8:A7:10:C3:05:C2:E2:1B:62:3E:DC:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NT4_KOZH6SrIpxDDBcLiG2I-3Bw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/767933-4a73-4b2f-ac84-daca26de6f7b/1/j-eLIh3ofvjErw77jy2VTzoH1J8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/767933-4a73-4b2f-ac84-daca26de6f7b/1/NT4_KOZH6SrIpxDDBcLiG2I-3Bw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.152.128.0/19
185.20.192.0/22
185.86.72.0/22
185.88.0.0/22
Signature Algorithm: sha256WithRSAEncryption
89:6d:fa:e0:50:5e:5a:2a:34:d0:cb:77:ef:f1:ca:ef:54:28:
6a:9b:ea:c8:a1:25:97:05:10:16:a7:60:73:84:db:df:ce:1d:
28:b8:8f:42:6f:4a:cf:ff:b7:19:99:b3:8d:ec:29:ec:71:91:
2c:a1:90:24:0d:3d:93:04:b9:61:f9:04:8c:37:60:75:38:8f:
1f:66:ae:77:39:d0:90:ba:e9:b3:a5:62:d8:e8:ee:7a:74:90:
8d:83:48:07:3f:23:ee:40:fd:d7:24:32:9a:c5:e0:dc:d6:a4:
d7:7b:48:74:6e:9a:46:36:ad:34:33:80:57:e6:b7:1e:83:7d:
b4:7d:ec:3e:83:ba:73:ba:54:47:a6:24:3f:d5:dc:05:04:4d:
d6:fd:c0:08:79:1a:d0:66:d6:0a:e1:55:e9:da:0d:df:60:b9:
d8:9f:2a:ab:bd:9e:fa:c1:7e:1d:3d:bc:36:65:bd:0e:d0:0a:
95:ed:36:91:90:6c:28:95:78:29:fa:61:9c:ef:d8:d2:2f:0b:
12:a8:6b:75:0f:0c:ea:58:bb:52:c6:0d:b9:f2:89:1a:79:0d:
db:29:cf:83:92:00:b4:0d:ca:c6:ae:d8:b0:4b:b4:8d:60:b3:
e7:1e:2a:34:49:5c:89:86:db:35:b1:dd:6a:6c:04:23:55:c0:
be:12:1c:e6
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEKTHzLDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NTNlM2YyOGU2NDdlOTJhYzhhNzEwYzMwNWMyZTIxYjYyM2VkYzFjMB4XDTIyMDEw
MTAzNTcyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGZlNzhiMjIxZGU4
N2VmOGM0YWYwZWZiOGYyZDk1NGYzYTA3ZDQ5ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAONiMJ21i7tKRfKq2ava8GPUMsIM0B45jQOtJOiWjsC0nzZI
6I9a4HpkKoL4bU7b4FLrlTb5ri3H/oBcknTNCpuioASbgtThP4gnyWIBRjjCHPqJ
H6VtJS0frXc0SqsFtuog45w312BNIsbb8c9PU0ZevbXvEkZscbtB4a/66yGDAP63
KKcw2YYIap+6qxuvkOgWP1EGS25PInwruHRoYWIIh6Dnl6FF4a67xKOFpRX8+3MQ
qakQ7EDU3IBl0qzP1TIy39P88mbnqtG5soQRxrvwYYQ4lPZiuS6b2pMVTFYZywQe
TCsMX4Xt9Jcn25fFTPRodQCfvqzRuL0UVsntrekCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBSP54siHeh++MSvDvuPLZVPOgfUnzAfBgNVHSMEGDAWgBQ1Pj8o5kfpKsin
EMMFwuIbYj7cHDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05UNF9LT1pINlNySXB4RERCY0xpRzJJLTNCdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmYvNzY3OTMzLTRhNzMtNGIyZi1hYzg0LWRhY2EyNmRlNmY3Yi8x
L2otZUxJaDNvZnZqRXJ3NzdqeTJWVHpvSDFKOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmYv
NzY3OTMzLTRhNzMtNGIyZi1hYzg0LWRhY2EyNmRlNmY3Yi8xL05UNF9LT1pINlNy
SXB4RERCY0xpRzJJLTNCdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEBSWYgAMEArkUwAMEArlWSAMEArlY
ADANBgkqhkiG9w0BAQsFAAOCAQEAiW364FBeWio00Mt37/HK71QoapvqyKEllwUQ
Fqdgc4Tb384dKLiPQm9Kz/+3GZmzjewp7HGRLKGQJA09kwS5YfkEjDdgdTiPH2au
dznQkLrps6Vi2OjuenSQjYNIBz8j7kD91yQymsXg3Nak13tIdG6aRjatNDOAV+a3
HoN9tH3sPoO6c7pUR6YkP9XcBQRN1v3ACHka0GbWCuFV6doN32C52J8qq72e+sF+
HT28NmW9DtAKle02kZBsKJV4KfphnO/Y0i8LEqhrdQ8M6li7UsYNufKJGnkN2ynP
g5IAtA3Kxq7YsEu0jWCz5x4qNElciYbbNbHdamwEI1XAvhIc5g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:07 2024 by rpki-client on console-ams.rpki-client.org