Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/7e1d94-1854-473d-8753-18ded80b4b5d/1/REKJtq2HsdePnbee2lUf4z3A6Fg.roa
File: REKJtq2HsdePnbee2lUf4z3A6Fg.roa (raw, json)
Hash identifier: RUe5sTCYSzuQTlUo9QGyBH9KOpfiVRiyLgblvWgAT5U=
Subject key identifier: 44:42:89:B6:AD:87:B1:D7:8F:9D:B7:9E:DA:55:1F:E3:3D:C0:E8:58
Certificate issuer: /CN=36574be6ae76cd523b33787cfbdb69264263d074
Certificate serial: 1900F708
Authority key identifier: 36:57:4B:E6:AE:76:CD:52:3B:33:78:7C:FB:DB:69:26:42:63:D0:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NldL5q52zVI7M3h8-9tpJkJj0HQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/7e1d94-1854-473d-8753-18ded80b4b5d/1/REKJtq2HsdePnbee2lUf4z3A6Fg.roa
Signing time: Sat 01 Jan 2022 02:54:28 +0000
ROA not before: Sat 01 Jan 2022 02:54:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62007
IP address blocks: 185.36.53.0/24 maxlen: 24
185.36.52.0/22 maxlen: 22
185.36.52.0/24 maxlen: 24
185.36.55.0/24 maxlen: 24
185.36.54.0/24 maxlen: 24
84.246.144.0/24 maxlen: 24
84.246.144.0/22 maxlen: 22
84.246.145.0/24 maxlen: 24
84.246.150.0/24 maxlen: 24
84.246.149.0/24 maxlen: 24
84.246.151.0/24 maxlen: 24
84.246.146.0/24 maxlen: 24
84.246.148.0/22 maxlen: 22
84.246.148.0/24 maxlen: 24
84.246.147.0/24 maxlen: 24
37.221.96.0/22 maxlen: 22
37.221.96.0/24 maxlen: 24
37.221.98.0/24 maxlen: 24
37.221.97.0/24 maxlen: 24
185.67.239.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 419493640 (0x1900f708)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36574be6ae76cd523b33787cfbdb69264263d074
Validity
Not Before: Jan 1 02:54:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=444289b6ad87b1d78f9db79eda551fe33dc0e858
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:04:8c:b4:77:7f:b1:33:a1:60:a1:4e:76:4b:
f8:c0:73:a6:8e:e6:1e:33:a5:42:2e:47:57:c8:27:
28:52:dd:a5:ff:30:95:da:e8:ef:39:92:dc:84:74:
40:ce:cb:6b:02:7e:15:7c:9d:08:16:bb:9a:56:43:
40:65:64:85:15:6e:ed:f4:83:07:1b:56:76:58:9e:
f5:5f:36:47:45:40:b7:31:47:ac:b9:f9:0b:3b:5e:
91:90:78:cb:c4:59:52:91:b1:a5:04:25:a0:b1:f5:
88:d6:08:df:cf:2d:99:d7:f1:3f:04:2e:fa:c2:36:
c6:ce:1f:3d:6b:46:00:0d:90:a1:a5:ea:6d:f1:e5:
2c:a4:c9:02:fa:50:16:0a:b1:9d:20:24:71:0a:ee:
44:91:e9:02:9e:c7:fc:50:10:62:6d:74:0a:18:a9:
95:08:7a:e3:ed:ea:b7:b1:96:9d:fd:2e:d4:e1:60:
27:68:42:f5:fc:95:ea:94:83:68:4d:86:e2:c4:fa:
ce:7a:87:a7:42:41:d8:5c:50:e8:e6:35:6d:62:b6:
a1:f3:e7:c6:9a:54:29:fc:fd:03:71:92:bf:9c:af:
df:71:3c:e7:50:63:ed:5b:8c:01:e8:e8:83:56:8c:
d0:98:53:eb:b5:74:44:e7:b5:64:16:43:d6:1c:ab:
d5:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:42:89:B6:AD:87:B1:D7:8F:9D:B7:9E:DA:55:1F:E3:3D:C0:E8:58
X509v3 Authority Key Identifier:
keyid:36:57:4B:E6:AE:76:CD:52:3B:33:78:7C:FB:DB:69:26:42:63:D0:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NldL5q52zVI7M3h8-9tpJkJj0HQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/7e1d94-1854-473d-8753-18ded80b4b5d/1/REKJtq2HsdePnbee2lUf4z3A6Fg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/7e1d94-1854-473d-8753-18ded80b4b5d/1/NldL5q52zVI7M3h8-9tpJkJj0HQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.221.96.0/22
84.246.144.0/21
185.36.52.0/22
185.67.239.0/24
Signature Algorithm: sha256WithRSAEncryption
cf:ca:32:91:a8:a8:fe:b0:77:02:8e:cf:e4:17:52:1d:f9:d0:
5f:54:fb:56:4a:e9:a5:97:ff:9b:21:90:78:cc:4f:77:f3:cd:
4a:39:74:1b:48:f5:06:5b:15:18:90:c8:6a:bc:e9:4e:68:47:
7d:29:6c:b8:c8:3a:76:c4:92:bb:9f:0a:ce:a3:b2:17:e3:5e:
80:0a:24:2e:30:a9:57:17:d7:cc:9f:55:e4:01:3a:12:7c:7a:
43:c5:04:18:ea:a4:2d:71:aa:78:9a:46:7f:98:66:26:85:59:
bf:f0:9e:a8:6d:96:c0:7b:c2:ff:a1:93:1a:92:7f:2a:c9:c3:
dc:ae:c8:73:40:49:99:da:98:d0:5f:11:23:db:85:d8:4b:b0:
c2:3b:72:9d:31:26:e0:f5:3c:b3:2a:15:31:26:23:df:de:fb:
fd:9c:8d:3a:ab:aa:32:96:cd:1e:d5:67:86:79:c2:ac:83:1b:
5b:8a:78:ec:5a:5c:5a:05:07:f3:9c:4f:43:1d:2f:b5:e1:43:
7c:ab:60:93:fb:57:e1:9b:9e:ec:0e:15:ee:6e:d3:fb:91:2f:
27:83:67:e8:aa:73:7a:8b:0b:2f:8e:6f:0f:e0:b8:8c:2f:8d:
8a:77:b7:f1:98:04:86:1d:97:6d:76:c7:af:d2:f8:0e:1f:d9:
7f:58:4b:c2
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEGQD3CDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NjU3NGJlNmFlNzZjZDUyM2IzMzc4N2NmYmRiNjkyNjQyNjNkMDc0MB4XDTIyMDEw
MTAyNTQyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDQ0Mjg5YjZhZDg3
YjFkNzhmOWRiNzllZGE1NTFmZTMzZGMwZTg1ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMcEjLR3f7EzoWChTnZL+MBzpo7mHjOlQi5HV8gnKFLdpf8w
ldro7zmS3IR0QM7LawJ+FXydCBa7mlZDQGVkhRVu7fSDBxtWdlie9V82R0VAtzFH
rLn5CztekZB4y8RZUpGxpQQloLH1iNYI388tmdfxPwQu+sI2xs4fPWtGAA2QoaXq
bfHlLKTJAvpQFgqxnSAkcQruRJHpAp7H/FAQYm10ChiplQh64+3qt7GWnf0u1OFg
J2hC9fyV6pSDaE2G4sT6znqHp0JB2FxQ6OY1bWK2ofPnxppUKfz9A3GSv5yv33E8
51Bj7VuMAejog1aM0JhT67V0ROe1ZBZD1hyr1ecCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBREQom2rYex14+dt57aVR/jPcDoWDAfBgNVHSMEGDAWgBQ2V0vmrnbNUjsz
eHz722kmQmPQdDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05sZEw1cTUyelZJN00zaDgtOXRwSmtKajBIUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTkvN2UxZDk0LTE4NTQtNDczZC04NzUzLTE4ZGVkODBiNGI1ZC8x
L1JFS0p0cTJIc2RlUG5iZWUybFVmNHozQTZGZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTkv
N2UxZDk0LTE4NTQtNDczZC04NzUzLTE4ZGVkODBiNGI1ZC8xL05sZEw1cTUyelZJ
N00zaDgtOXRwSmtKajBIUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAiXdYAMEA1T2kAMEArkkNAMEALlD
7zANBgkqhkiG9w0BAQsFAAOCAQEAz8oykaio/rB3Ao7P5BdSHfnQX1T7VkrppZf/
myGQeMxPd/PNSjl0G0j1BlsVGJDIarzpTmhHfSlsuMg6dsSSu58KzqOyF+NegAok
LjCpVxfXzJ9V5AE6Enx6Q8UEGOqkLXGqeJpGf5hmJoVZv/CeqG2WwHvC/6GTGpJ/
KsnD3K7Ic0BJmdqY0F8RI9uF2EuwwjtynTEm4PU8syoVMSYj3977/ZyNOquqMpbN
HtVnhnnCrIMbW4p47FpcWgUH85xPQx0vteFDfKtgk/tX4Zue7A4V7m7T+5EvJ4Nn
6KpzeosLL45vD+C4jC+Nine38ZgEhh2XbXbHr9L4Dh/Zf1hLwg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:56:18 2024 by rpki-client on console-ams.rpki-client.org