Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/dJRz5FkCLs5z_olJOdcfFvsAxS4.roa
File: dJRz5FkCLs5z_olJOdcfFvsAxS4.roa (raw, json)
Hash identifier: m6ipmXLivf44nshzf0Uhc7hjAQvRGfiAtnwDDiOJa5Y=
Subject key identifier: 74:94:73:E4:59:02:2E:CE:73:FE:89:49:39:D7:1F:16:FB:00:C5:2E
Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Certificate serial: 43D0FAC3
Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/dJRz5FkCLs5z_olJOdcfFvsAxS4.roa
Signing time: Thu 17 Feb 2022 07:28:55 +0000
ROA not before: Thu 17 Feb 2022 07:28:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57169
IP address blocks: 37.235.50.0/23 maxlen: 23
37.235.48.0/20 maxlen: 20
37.235.56.0/24 maxlen: 24
37.235.57.0/24 maxlen: 24
37.235.58.0/24 maxlen: 24
37.235.52.0/24 maxlen: 24
37.235.59.0/24 maxlen: 24
37.235.60.0/24 maxlen: 24
37.235.61.0/24 maxlen: 24
37.235.62.0/24 maxlen: 24
37.235.63.0/24 maxlen: 24
158.255.211.0/24 maxlen: 24
158.255.212.0/24 maxlen: 24
158.255.209.0/24 maxlen: 24
158.255.210.0/24 maxlen: 24
185.26.237.0/24 maxlen: 24
149.154.152.0/24 maxlen: 24
149.154.153.0/24 maxlen: 24
149.154.154.0/24 maxlen: 24
149.154.155.0/24 maxlen: 24
149.154.156.0/24 maxlen: 24
91.227.204.0/23 maxlen: 23
91.227.204.0/24 maxlen: 24
91.227.205.0/24 maxlen: 24
151.236.0.0/19 maxlen: 19
151.236.0.0/24 maxlen: 24
151.236.1.0/24 maxlen: 24
151.236.2.0/24 maxlen: 24
151.236.3.0/24 maxlen: 24
151.236.4.0/24 maxlen: 24
151.236.5.0/24 maxlen: 24
151.236.6.0/24 maxlen: 24
151.236.7.0/24 maxlen: 24
151.236.8.0/24 maxlen: 24
151.236.9.0/24 maxlen: 24
151.236.10.0/24 maxlen: 24
151.236.11.0/24 maxlen: 24
151.236.12.0/24 maxlen: 24
151.236.13.0/24 maxlen: 24
151.236.20.0/24 maxlen: 24
151.236.26.0/23 maxlen: 23
151.236.30.0/24 maxlen: 24
2a03:f80:56::/48 maxlen: 48
2a03:f80:ed16::/48 maxlen: 48
2a03:f80:ed31::/48 maxlen: 48
2a03:f87:ffff::/48 maxlen: 48
2a03:f80::/29 maxlen: 29
2a03:f80:ed17::/48 maxlen: 48
2a03:f80:354::/48 maxlen: 48
2a03:f80:ad15::/48 maxlen: 48
2a03:f80:ed15::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1137769155 (0x43d0fac3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Validity
Not Before: Feb 17 07:28:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=749473e459022ece73fe894939d71f16fb00c52e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:86:43:e6:cc:f9:88:d3:b7:c2:b5:73:fb:11:
e2:05:91:d7:8f:8f:f7:61:ab:f8:0d:1a:7e:ab:d3:
2e:49:ea:84:5b:8b:3a:4d:98:3d:d3:62:ae:e5:dc:
25:f2:c7:6e:c8:9e:5c:49:cc:c4:d1:78:65:86:b5:
32:a2:e1:db:a0:df:9e:38:2c:95:2c:c6:cd:fb:ba:
16:75:8e:a6:18:07:48:32:89:e2:1f:ba:70:d8:dc:
32:d0:c3:5e:25:96:f3:f6:8a:c3:64:10:31:99:b7:
ca:c9:05:65:e4:01:90:e1:90:89:b9:54:ae:d7:13:
90:02:ec:ea:f6:38:09:16:21:15:78:7e:f7:d4:93:
e7:05:56:46:48:d1:d3:24:b1:d1:7b:62:87:d2:1b:
b9:6d:27:c3:fe:42:e6:ed:c3:25:9f:ed:c9:eb:3e:
0c:5c:36:09:c7:32:45:28:90:6a:07:2b:be:02:63:
04:33:05:26:1d:97:d5:7a:31:c4:e8:e3:21:8a:cd:
a7:29:d5:5d:5b:6d:7f:83:e1:8c:ed:76:db:8a:ab:
99:8a:20:82:0a:44:f1:4f:e0:67:c0:a2:22:26:c8:
e3:0c:12:e9:96:34:32:e1:5c:15:72:ef:11:94:7a:
57:ef:25:e7:f7:c0:50:e3:83:a5:50:73:a8:54:0b:
27:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:94:73:E4:59:02:2E:CE:73:FE:89:49:39:D7:1F:16:FB:00:C5:2E
X509v3 Authority Key Identifier:
keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/dJRz5FkCLs5z_olJOdcfFvsAxS4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.235.48.0/20
91.227.204.0/23
149.154.152.0-149.154.156.255
151.236.0.0/19
158.255.209.0-158.255.212.255
185.26.237.0/24
IPv6:
2a03:f80::/29
Signature Algorithm: sha256WithRSAEncryption
20:c9:12:04:6c:ce:24:a8:85:f5:ba:de:59:78:3b:a9:1c:02:
20:79:54:c4:aa:6f:ac:7e:97:ff:8a:2f:8a:36:9a:c3:03:1e:
ea:6b:f6:8b:e7:c3:31:ad:cb:7e:8a:0a:a0:4e:9a:1c:b4:c2:
27:69:2f:23:d3:3d:4b:d6:e8:02:be:48:ce:34:f4:67:e3:0e:
c0:fd:8c:4a:99:1c:f9:11:02:3f:b5:5b:d0:97:11:f6:1e:b8:
76:c5:88:fc:14:bb:32:94:ef:10:cc:15:73:12:d2:d0:aa:47:
cd:7d:32:40:3d:55:8d:74:3b:09:ee:aa:60:57:e0:e9:07:79:
24:f3:ee:42:15:11:0d:0f:7f:48:e2:de:40:1f:19:88:7f:1b:
33:5d:1a:2a:31:58:2b:c0:eb:3a:a4:aa:f0:8e:60:52:bd:ae:
28:11:ef:1e:a9:3b:04:de:a6:ee:74:f5:90:6d:5f:db:4a:92:
ce:64:20:20:7a:c9:d4:e1:12:6e:54:78:82:6f:54:fb:f4:b1:
66:95:e0:0c:f8:8e:9c:33:ce:00:fc:2b:e5:e6:6d:e6:08:23:
d7:33:91:f0:ba:07:65:0e:25:38:73:25:56:40:62:3d:18:89:
6f:07:0a:1d:e0:29:c4:ff:f4:65:5d:25:95:a5:a8:5b:58:09:
00:da:96:e4
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgIEQ9D6wzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MjE3YjQ3MmM4NDFjMWQ2ODU1MGEyNGYxOTM2ZDI5Y2M2YzI4ZjZhMB4XDTIyMDIx
NzA3Mjg1NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzQ5NDczZTQ1OTAy
MmVjZTczZmU4OTQ5MzlkNzFmMTZmYjAwYzUyZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANGGQ+bM+YjTt8K1c/sR4gWR14+P92Gr+A0afqvTLknqhFuL
Ok2YPdNiruXcJfLHbsieXEnMxNF4ZYa1MqLh26DfnjgslSzGzfu6FnWOphgHSDKJ
4h+6cNjcMtDDXiWW8/aKw2QQMZm3yskFZeQBkOGQiblUrtcTkALs6vY4CRYhFXh+
99ST5wVWRkjR0ySx0Xtih9IbuW0nw/5C5u3DJZ/tyes+DFw2CccyRSiQagcrvgJj
BDMFJh2X1XoxxOjjIYrNpynVXVttf4PhjO1224qrmYogggpE8U/gZ8CiIibI4wwS
6ZY0MuFcFXLvEZR6V+8l5/fAUOODpVBzqFQLJyECAwEAAaOCAkYwggJCMB0GA1Ud
DgQWBBR0lHPkWQIuznP+iUk51x8W+wDFLjAfBgNVHSMEGDAWgBTSF7RyyEHB1oVQ
ok8ZNtKcxsKPajAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzBoZTBjc2hCd2RhRlVLSlBHVGJTbk1iQ2oyby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTAvMjkwZTQ0LWI0NzktNDZjZi1hYjRiLWIzOGUyNjc3YjNkYy8x
L2RKUno1RmtDTHM1el9vbEpPZGNmRnZzQXhTNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTAv
MjkwZTQ0LWI0NzktNDZjZi1hYjRiLWIzOGUyNjc3YjNkYy8xLzBoZTBjc2hCd2Rh
RlVLSlBHVGJTbk1iQ2oyby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBc
BggrBgEFBQcBBwEB/wRNMEswOgQCAAEwNAMEBCXrMAMEAVvjzDAMAwQDlZqYAwQA
lZqcAwQFl+wAMAwDBACe/9EDBACe/9QDBAC5Gu0wDQQCAAIwBwMFAyoDD4AwDQYJ
KoZIhvcNAQELBQADggEBACDJEgRsziSohfW63ll4O6kcAiB5VMSqb6x+l/+KL4o2
msMDHupr9ovnwzGty36KCqBOmhy0widpLyPTPUvW6AK+SM409GfjDsD9jEqZHPkR
Aj+1W9CXEfYeuHbFiPwUuzKU7xDMFXMS0tCqR819MkA9VY10OwnuqmBX4OkHeSTz
7kIVEQ0Pf0ji3kAfGYh/GzNdGioxWCvA6zqkqvCOYFK9rigR7x6pOwTepu509ZBt
X9tKks5kICB6ydThEm5UeIJvVPv0sWaV4Az4jpwzzgD8K+XmbeYII9czkfC6B2UO
JThzJVZAYj0YiW8HCh3gKcT/9GVdJZWlqFtYCQDaluQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:28 2024 by rpki-client on console-fra.rpki-client.org