Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/DBpWOqeQ95_PA-7I7pvwz02HJ10.roa
File: DBpWOqeQ95_PA-7I7pvwz02HJ10.roa (raw, json)
Hash identifier: PW0fqDi+O6iS7dGzAL3infUKkIxc7cLDFPLvPz7FbZw=
Subject key identifier: 0C:1A:56:3A:A7:90:F7:9F:CF:03:EE:C8:EE:9B:F0:CF:4D:87:27:5D
Certificate issuer: /CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
Certificate serial: 1F8ECBAC
Authority key identifier: 29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/DBpWOqeQ95_PA-7I7pvwz02HJ10.roa
Signing time: Sat 01 Jan 2022 14:06:37 +0000
ROA not before: Sat 01 Jan 2022 14:06:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41944
IP address blocks: 185.14.92.0/24 maxlen: 24
185.14.93.0/24 maxlen: 24
43.251.161.0/24 maxlen: 24
43.251.160.0/24 maxlen: 24
176.100.37.0/24 maxlen: 24
176.100.36.0/24 maxlen: 24
176.100.38.0/24 maxlen: 24
37.114.33.0/24 maxlen: 24
37.114.42.0/24 maxlen: 24
37.114.43.0/24 maxlen: 24
37.114.44.0/24 maxlen: 24
37.114.48.0/24 maxlen: 24
37.114.50.0/24 maxlen: 24
37.114.49.0/24 maxlen: 24
37.114.51.0/24 maxlen: 24
37.114.45.0/24 maxlen: 24
37.114.55.0/24 maxlen: 24
37.114.54.0/24 maxlen: 24
37.114.63.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 529451948 (0x1f8ecbac)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
Validity
Not Before: Jan 1 14:06:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0c1a563aa790f79fcf03eec8ee9bf0cf4d87275d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:24:bb:cc:c4:a9:c1:f0:dd:c0:0a:16:73:f8:
b9:17:74:f4:a1:93:11:e4:f6:e4:01:fe:1a:f1:12:
2f:e0:7f:e2:77:02:4a:ce:2c:cf:34:01:82:17:48:
91:d8:51:5e:cd:b1:94:5a:93:07:46:11:e6:69:06:
d3:8d:04:29:90:c7:8b:96:6a:47:bd:d2:05:a1:ad:
22:52:3f:06:c1:a9:f0:2c:e1:5b:21:95:5b:09:ce:
fd:d3:31:28:27:0f:4c:7b:aa:fb:16:e6:59:88:04:
1d:5b:89:ec:a8:8b:aa:2c:5e:98:df:fb:0a:aa:44:
62:37:04:29:4b:a4:e2:86:10:ec:e0:40:71:83:b9:
bb:af:ed:5c:ed:d5:1f:2d:5c:fc:a5:8c:3e:b2:96:
54:79:e1:85:98:c2:22:09:7d:6e:b3:f2:64:61:3d:
5e:f0:2b:c2:eb:cb:36:72:0d:c7:8d:98:67:84:4f:
c8:74:a0:43:53:0a:11:18:1c:22:5f:f2:ba:f3:37:
f6:d6:a8:85:f8:a6:90:59:69:26:c5:7e:37:fe:71:
a6:37:02:72:a5:5a:06:a2:d2:42:16:0c:58:0e:3f:
a4:23:6a:ae:cd:d2:a7:0b:38:a7:95:dc:97:24:de:
45:75:4a:09:2a:aa:47:6d:3d:ce:28:ac:d7:de:ee:
e0:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:1A:56:3A:A7:90:F7:9F:CF:03:EE:C8:EE:9B:F0:CF:4D:87:27:5D
X509v3 Authority Key Identifier:
keyid:29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/DBpWOqeQ95_PA-7I7pvwz02HJ10.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/KWWTt0fnalZJJRG7NhLk1eTL5-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.114.33.0/24
37.114.42.0-37.114.45.255
37.114.48.0/22
37.114.54.0/23
37.114.63.0/24
43.251.160.0/23
176.100.36.0-176.100.38.255
185.14.92.0/23
Signature Algorithm: sha256WithRSAEncryption
22:de:b7:4b:a6:76:54:4f:b6:e8:86:29:0f:20:a6:bf:90:0d:
88:c5:bf:14:35:23:32:43:27:45:bb:f7:8c:f6:06:38:55:64:
9b:d4:63:03:0a:83:28:58:9a:13:6d:d7:6a:d3:eb:e0:2a:9a:
e4:59:3c:b3:19:01:71:13:7b:2b:1f:7f:4d:b3:49:f3:ce:34:
20:cd:40:8f:af:56:2d:50:b1:6d:a7:6a:fa:13:1d:c6:4e:ef:
86:4a:c9:46:ea:08:0d:72:ab:5a:d9:34:0c:b1:69:87:0a:9e:
1c:bd:99:6e:87:b7:77:a7:79:f0:b2:23:ab:3f:14:9f:2e:b4:
fa:e7:de:7d:1b:a0:06:79:b2:cd:e7:81:e8:50:73:c2:b5:92:
3b:f6:62:bc:52:6a:0f:25:7a:ea:43:fc:04:72:1e:e9:ea:a1:
fd:4d:6d:ef:ff:c5:2b:de:02:70:80:3c:cc:fb:99:05:a6:40:
fc:72:5f:0f:1d:40:e3:12:ec:37:13:be:f8:91:5a:42:1d:9c:
69:72:e8:0f:f3:80:71:7b:c4:90:f6:6d:a0:ad:c1:a2:59:9b:
6b:f2:55:b6:ae:94:2f:47:61:ab:b8:8d:5b:d1:20:25:33:ee:
d0:dd:9b:40:89:21:36:8c:5a:34:36:5e:5c:6d:4f:85:18:c9:
0c:bf:de:c3
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgIEH47LrDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
OTY1OTNiNzQ3ZTc2YTU2NDkyNTExYmIzNjEyZTRkNWU0Y2JlN2VjMB4XDTIyMDEw
MTE0MDYzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGMxYTU2M2FhNzkw
Zjc5ZmNmMDNlZWM4ZWU5YmYwY2Y0ZDg3Mjc1ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJwku8zEqcHw3cAKFnP4uRd09KGTEeT25AH+GvESL+B/4ncC
Ss4szzQBghdIkdhRXs2xlFqTB0YR5mkG040EKZDHi5ZqR73SBaGtIlI/BsGp8Czh
WyGVWwnO/dMxKCcPTHuq+xbmWYgEHVuJ7KiLqixemN/7CqpEYjcEKUuk4oYQ7OBA
cYO5u6/tXO3VHy1c/KWMPrKWVHnhhZjCIgl9brPyZGE9XvArwuvLNnINx42YZ4RP
yHSgQ1MKERgcIl/yuvM39taohfimkFlpJsV+N/5xpjcCcqVaBqLSQhYMWA4/pCNq
rs3Spws4p5XclyTeRXVKCSqqR209ziis197u4IcCAwEAAaOCAkMwggI/MB0GA1Ud
DgQWBBQMGlY6p5D3n88D7sjum/DPTYcnXTAfBgNVHSMEGDAWgBQpZZO3R+dqVkkl
Ebs2EuTV5Mvn7DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tXV1R0MGZuYWxaSkpSRzdOaExrMWVUTDUtdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGUvYzU4YmRjLTE0ZTctNDk5Yy05ZDljLTFiN2NiYjA4ZDczZi8x
L0RCcFdPcWVROTVfUEEtN0k3cHZ3ejAySEoxMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGUv
YzU4YmRjLTE0ZTctNDk5Yy05ZDljLTFiN2NiYjA4ZDczZi8xL0tXV1R0MGZuYWxa
SkpSRzdOaExrMWVUTDUtdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZ
BggrBgEFBQcBBwEB/wRKMEgwRgQCAAEwQAMEACVyITAMAwQBJXIqAwQBJXIsAwQC
JXIwAwQBJXI2AwQAJXI/AwQBK/ugMAwDBAKwZCQDBACwZCYDBAG5DlwwDQYJKoZI
hvcNAQELBQADggEBACLet0umdlRPtuiGKQ8gpr+QDYjFvxQ1IzJDJ0W794z2BjhV
ZJvUYwMKgyhYmhNt12rT6+AqmuRZPLMZAXETeysff02zSfPONCDNQI+vVi1QsW2n
avoTHcZO74ZKyUbqCA1yq1rZNAyxaYcKnhy9mW6Ht3enefCyI6s/FJ8utPrn3n0b
oAZ5ss3ngehQc8K1kjv2YrxSag8leupD/ARyHunqof1Nbe//xSveAnCAPMz7mQWm
QPxyXw8dQOMS7DcTvviRWkIdnGly6A/zgHF7xJD2baCtwaJZm2vyVbaulC9HYau4
jVvRICUz7tDdm0CJITaMWjQ2XlxtT4UYyQy/3sM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:17 2024 by rpki-client on console-ams.rpki-client.org