Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/74LJ4yN3MygkJX7A45typ62XWxk.roa
File: 74LJ4yN3MygkJX7A45typ62XWxk.roa (raw, json)
Hash identifier: 4lUOTUSUKMFYGxnPW1sF/eD3RiMRnKcjsjBrm0abTfQ=
Subject key identifier: EF:82:C9:E3:23:77:33:28:24:25:7E:C0:E3:9B:72:A7:AD:97:5B:19
Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Certificate serial: 434E4F4C
Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/74LJ4yN3MygkJX7A45typ62XWxk.roa
Signing time: Sat 01 Jan 2022 07:59:59 +0000
ROA not before: Sat 01 Jan 2022 07:59:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57169
IP address blocks: 37.235.50.0/23 maxlen: 23
37.235.48.0/20 maxlen: 20
37.235.56.0/24 maxlen: 24
37.235.57.0/24 maxlen: 24
37.235.58.0/24 maxlen: 24
37.235.52.0/24 maxlen: 24
37.235.59.0/24 maxlen: 24
37.235.60.0/24 maxlen: 24
37.235.61.0/24 maxlen: 24
37.235.62.0/24 maxlen: 24
37.235.63.0/24 maxlen: 24
158.255.211.0/24 maxlen: 24
158.255.212.0/24 maxlen: 24
158.255.208.0/24 maxlen: 24
158.255.209.0/24 maxlen: 24
158.255.210.0/24 maxlen: 24
185.26.237.0/24 maxlen: 24
149.154.152.0/24 maxlen: 24
149.154.153.0/24 maxlen: 24
149.154.154.0/24 maxlen: 24
149.154.155.0/24 maxlen: 24
149.154.156.0/24 maxlen: 24
91.227.204.0/23 maxlen: 23
91.227.204.0/24 maxlen: 24
91.227.205.0/24 maxlen: 24
151.236.0.0/19 maxlen: 19
151.236.0.0/24 maxlen: 24
151.236.1.0/24 maxlen: 24
151.236.2.0/24 maxlen: 24
151.236.3.0/24 maxlen: 24
151.236.4.0/24 maxlen: 24
151.236.5.0/24 maxlen: 24
151.236.6.0/24 maxlen: 24
151.236.7.0/24 maxlen: 24
151.236.8.0/24 maxlen: 24
151.236.9.0/24 maxlen: 24
151.236.10.0/24 maxlen: 24
151.236.11.0/24 maxlen: 24
151.236.12.0/24 maxlen: 24
151.236.13.0/24 maxlen: 24
151.236.20.0/24 maxlen: 24
151.236.26.0/23 maxlen: 23
151.236.30.0/24 maxlen: 24
2a03:f80:56::/48 maxlen: 48
2a03:f80:ed16::/48 maxlen: 48
2a03:f80:ed31::/48 maxlen: 48
2a03:f87:ffff::/48 maxlen: 48
2a03:f80::/29 maxlen: 29
2a03:f80:ed17::/48 maxlen: 48
2a03:f80:354::/48 maxlen: 48
2a03:f80:ed15::/48 maxlen: 48
2a03:f80:ad15::/48 maxlen: 48
2a03:f80:852::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1129205580 (0x434e4f4c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Validity
Not Before: Jan 1 07:59:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ef82c9e32377332824257ec0e39b72a7ad975b19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:ac:08:e3:ce:10:0e:e2:63:9b:8f:3c:a6:58:
a0:c1:e9:54:9d:9e:63:68:7d:40:f1:ec:25:c1:2d:
9c:4b:35:80:ea:27:5e:c9:59:74:ea:ed:78:9c:5d:
ac:1c:1c:6a:62:cb:9b:98:63:c2:fc:28:02:fa:76:
e7:7a:ef:71:61:9e:a3:ce:3c:10:5c:58:44:88:c5:
8d:8d:fd:62:19:1e:26:6e:42:ba:86:09:85:00:fb:
c1:a4:80:5f:b0:97:47:ea:e8:4d:1b:6b:63:e3:93:
0d:79:3a:1a:35:d7:16:97:dd:c5:62:dd:a0:4a:b2:
c5:0c:03:59:fb:17:d1:65:7f:1e:ee:2c:6b:4c:dd:
2d:c6:e5:c4:25:6e:0d:7e:8e:f7:85:46:8e:26:b9:
25:29:44:6a:e7:f4:29:3c:55:16:4c:99:69:ad:f9:
79:73:3b:12:d7:8a:76:2f:be:c5:0f:d3:9b:37:23:
0e:99:5c:c1:f4:24:09:54:08:a8:2a:65:fa:26:3c:
0f:a4:80:fd:08:00:4d:b0:ad:76:f9:a0:03:bb:99:
90:22:98:bd:56:76:1d:4c:da:6a:2c:5a:80:a3:31:
38:89:c9:31:64:43:9a:d0:e3:ee:13:da:a2:16:22:
be:2d:a6:ab:c1:76:83:8b:1b:73:e4:68:32:86:65:
6b:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:82:C9:E3:23:77:33:28:24:25:7E:C0:E3:9B:72:A7:AD:97:5B:19
X509v3 Authority Key Identifier:
keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/74LJ4yN3MygkJX7A45typ62XWxk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.235.48.0/20
91.227.204.0/23
149.154.152.0-149.154.156.255
151.236.0.0/19
158.255.208.0-158.255.212.255
185.26.237.0/24
IPv6:
2a03:f80::/29
Signature Algorithm: sha256WithRSAEncryption
18:15:56:f3:76:d0:8b:c6:97:f3:03:20:f8:7f:0f:b1:0e:b6:
af:94:76:29:22:a2:45:a3:ac:5d:42:af:21:63:bd:b2:a9:13:
27:a3:c9:0e:25:30:30:7e:1b:4f:11:a9:3d:d3:2f:dd:63:29:
e3:f4:47:58:cd:cc:a1:ba:8e:15:99:c6:e0:9d:71:71:4d:f0:
3d:fc:3f:fc:36:68:05:95:a4:d7:c5:57:55:dc:7e:0c:ab:bd:
72:6d:df:2e:20:4c:5a:fe:1f:31:f0:37:16:24:ba:b7:35:36:
96:63:aa:fe:2b:70:01:5e:6a:1c:be:e6:92:84:ee:f4:df:a0:
b6:a2:62:fd:20:28:76:d1:6e:ad:4d:1d:9c:1b:d5:10:96:b7:
bd:25:3c:df:52:cd:5a:f9:83:a9:68:82:7e:c9:eb:ea:8b:c5:
c6:ac:bc:4b:ba:59:df:42:73:95:d9:85:92:32:5d:a7:f9:ae:
5e:9b:c5:a0:46:97:eb:98:7b:3b:f8:8a:15:04:ad:9a:16:c6:
af:9d:04:6b:7d:37:1e:74:75:55:6a:32:2e:93:1c:57:32:18:
b8:dc:10:df:34:5a:15:58:53:a3:df:c4:62:2d:ea:6c:ad:0b:
cf:a9:51:f3:cc:3b:13:f2:82:f9:c9:62:df:4c:db:92:69:4e:
d0:13:d0:74
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgIEQ05PTDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MjE3YjQ3MmM4NDFjMWQ2ODU1MGEyNGYxOTM2ZDI5Y2M2YzI4ZjZhMB4XDTIyMDEw
MTA3NTk1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWY4MmM5ZTMyMzc3
MzMyODI0MjU3ZWMwZTM5YjcyYTdhZDk3NWIxOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIKsCOPOEA7iY5uPPKZYoMHpVJ2eY2h9QPHsJcEtnEs1gOon
XslZdOrteJxdrBwcamLLm5hjwvwoAvp253rvcWGeo848EFxYRIjFjY39YhkeJm5C
uoYJhQD7waSAX7CXR+roTRtrY+OTDXk6GjXXFpfdxWLdoEqyxQwDWfsX0WV/Hu4s
a0zdLcblxCVuDX6O94VGjia5JSlEauf0KTxVFkyZaa35eXM7EteKdi++xQ/Tmzcj
DplcwfQkCVQIqCpl+iY8D6SA/QgATbCtdvmgA7uZkCKYvVZ2HUzaaixagKMxOInJ
MWRDmtDj7hPaohYivi2mq8F2g4sbc+RoMoZla1sCAwEAAaOCAkYwggJCMB0GA1Ud
DgQWBBTvgsnjI3czKCQlfsDjm3KnrZdbGTAfBgNVHSMEGDAWgBTSF7RyyEHB1oVQ
ok8ZNtKcxsKPajAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzBoZTBjc2hCd2RhRlVLSlBHVGJTbk1iQ2oyby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTAvMjkwZTQ0LWI0NzktNDZjZi1hYjRiLWIzOGUyNjc3YjNkYy8x
Lzc0TEo0eU4zTXlna0pYN0E0NXR5cDYyWFd4ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTAv
MjkwZTQ0LWI0NzktNDZjZi1hYjRiLWIzOGUyNjc3YjNkYy8xLzBoZTBjc2hCd2Rh
RlVLSlBHVGJTbk1iQ2oyby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBc
BggrBgEFBQcBBwEB/wRNMEswOgQCAAEwNAMEBCXrMAMEAVvjzDAMAwQDlZqYAwQA
lZqcAwQFl+wAMAwDBASe/9ADBACe/9QDBAC5Gu0wDQQCAAIwBwMFAyoDD4AwDQYJ
KoZIhvcNAQELBQADggEBABgVVvN20IvGl/MDIPh/D7EOtq+UdikiokWjrF1CryFj
vbKpEyejyQ4lMDB+G08RqT3TL91jKeP0R1jNzKG6jhWZxuCdcXFN8D38P/w2aAWV
pNfFV1XcfgyrvXJt3y4gTFr+HzHwNxYkurc1NpZjqv4rcAFeahy+5pKE7vTfoLai
Yv0gKHbRbq1NHZwb1RCWt70lPN9SzVr5g6logn7J6+qLxcasvEu6Wd9Cc5XZhZIy
Xaf5rl6bxaBGl+uYezv4ihUErZoWxq+dBGt9Nx50dVVqMi6THFcyGLjcEN80WhVY
U6PfxGIt6mytC8+pUfPMOxPygvnJYt9M25JpTtAT0HQ=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:09 2023 by rpki-client on console-fra.rpki-client.org