Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/KZ_p2JMb6zcIIY0xKAl9ieimkco.roa
File: KZ_p2JMb6zcIIY0xKAl9ieimkco.roa (raw, json)
Hash identifier: 4iqwD/SruLS45gEtLln+2ito0zhSiuRm4pPBXk+vfpo=
Subject key identifier: 29:9F:E9:D8:93:1B:EB:37:08:21:8D:31:28:09:7D:89:E8:A6:91:CA
Certificate issuer: /CN=0ef5cb2f590d041654f4dfdb60a28f9a1544f444
Certificate serial: 01840ABCD0BB77D1C1A1C02B33DC02FD975F
Authority key identifier: 0E:F5:CB:2F:59:0D:04:16:54:F4:DF:DB:60:A2:8F:9A:15:44:F4:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/KZ_p2JMb6zcIIY0xKAl9ieimkco.roa
Signing time: Mon 24 Oct 2022 16:04:17 +0000
ROA not before: Mon 24 Oct 2022 16:04:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 58061
IP address blocks: 37.252.3.0/24 maxlen: 24
37.252.14.0/23 maxlen: 23
37.252.13.0/24 maxlen: 24
213.142.146.0/23 maxlen: 23
185.238.170.0/23 maxlen: 23
185.238.168.0/23 maxlen: 23
37.1.200.0/21 maxlen: 21
37.1.216.0/21 maxlen: 21
5.45.72.0/22 maxlen: 22
5.45.76.0/22 maxlen: 22
5.45.84.0/22 maxlen: 22
5.45.88.0/22 maxlen: 22
5.45.92.0/22 maxlen: 22
46.102.106.0/24 maxlen: 24
5.61.48.0/22 maxlen: 22
5.61.56.0/22 maxlen: 22
5.61.52.0/22 maxlen: 22
5.45.64.0/21 maxlen: 21
45.136.48.0/22 maxlen: 22
2a02:c6c3::/32 maxlen: 32
2a02:c6c1:2::/48 maxlen: 48
2a02:c6c2::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:0a:bc:d0:bb:77:d1:c1:a1:c0:2b:33:dc:02:fd:97:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ef5cb2f590d041654f4dfdb60a28f9a1544f444
Validity
Not Before: Oct 24 16:04:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=299fe9d8931beb3708218d3128097d89e8a691ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:f3:e4:09:67:83:7c:76:07:75:02:04:a5:1b:
22:15:17:0f:4c:de:ff:24:2b:0e:2e:b0:0b:e1:4b:
4c:53:99:4b:c2:44:af:3c:72:c8:40:7a:af:fa:4c:
51:a4:2c:d9:15:5c:db:e7:d0:5b:35:45:08:89:8d:
99:12:2d:a2:4c:81:5a:f3:c5:42:65:a7:23:5c:df:
7e:9e:c6:da:c9:09:20:ef:17:53:e6:14:02:58:2e:
c3:85:17:2d:03:ed:b0:63:aa:82:ed:a7:b6:08:cd:
35:cc:cd:3e:7a:99:ef:f0:c6:28:9f:31:e1:3c:f9:
76:e7:4d:aa:9b:ec:24:ac:26:e3:4d:7c:41:5d:f0:
79:24:96:a7:41:13:6b:9d:bb:52:54:9f:71:e5:13:
df:b6:1e:3b:7e:ea:ae:e4:51:57:e1:f4:0d:a2:58:
21:64:6a:74:c8:f7:d2:c9:1d:9f:12:d8:b5:10:bc:
08:7e:0f:69:73:aa:2b:a2:fb:3b:45:ce:eb:a9:63:
2c:df:e4:6a:e2:74:27:3c:da:f6:d3:cc:8a:da:67:
50:ba:30:29:ea:9b:a5:d5:c3:3a:4c:94:1e:17:dd:
7b:eb:7b:6d:11:73:d0:34:11:63:49:be:05:ba:c7:
56:e1:bf:8d:02:e0:42:a7:ac:fb:b4:aa:34:70:af:
e9:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:9F:E9:D8:93:1B:EB:37:08:21:8D:31:28:09:7D:89:E8:A6:91:CA
X509v3 Authority Key Identifier:
keyid:0E:F5:CB:2F:59:0D:04:16:54:F4:DF:DB:60:A2:8F:9A:15:44:F4:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/KZ_p2JMb6zcIIY0xKAl9ieimkco.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.45.64.0/20
5.45.84.0-5.45.95.255
5.61.48.0-5.61.59.255
37.1.200.0/21
37.1.216.0/21
37.252.3.0/24
37.252.13.0-37.252.15.255
45.136.48.0/22
46.102.106.0/24
185.238.168.0/22
213.142.146.0/23
IPv6:
2a02:c6c1:2::/48
2a02:c6c2::/31
Signature Algorithm: sha256WithRSAEncryption
a2:9b:aa:c3:ad:5c:9d:94:90:aa:17:e7:14:d7:43:16:45:af:
5f:36:2f:0c:9b:48:b9:da:8b:42:87:bc:9a:6f:bf:63:36:0a:
ee:fc:b1:10:99:21:24:fe:f3:a9:26:1b:da:a3:f4:53:2b:c7:
c4:ba:77:c8:8f:af:8d:3e:66:9a:95:a0:24:59:f5:c0:6d:70:
b1:e0:99:c2:a6:86:e3:42:5b:89:22:32:ad:c0:50:66:a2:4e:
ae:5f:35:64:09:96:5a:29:ea:45:38:30:b0:5d:76:b0:59:7c:
06:98:60:80:7e:48:33:30:8c:b1:05:ef:2d:ce:8e:b1:45:e9:
7c:49:11:85:fc:8e:50:9b:65:88:b9:91:e2:d6:3e:da:a6:57:
02:1b:9c:f6:c2:af:c9:df:8d:25:2a:cd:8b:cd:26:75:bf:94:
40:c9:bc:3a:b6:78:cc:20:8f:89:ee:6f:50:fb:e3:3c:fc:41:
bc:d9:00:17:9d:ed:35:c4:85:40:e3:44:05:98:50:61:42:c9:
fd:a1:18:60:fe:ad:11:3b:c2:11:b2:0c:d4:17:4c:d5:94:ca:
bf:e4:7b:0f:58:f0:b4:59:f6:43:fb:95:5f:e4:be:60:11:a7:
68:be:c5:54:41:86:cd:9b:a7:25:69:7a:dc:18:e0:c8:e5:17:
38:3b:b9:f6
-----BEGIN CERTIFICATE-----
MIIFajCCBFKgAwIBAgISAYQKvNC7d9HBocArM9wC/ZdfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlZjVjYjJmNTkwZDA0MTY1NGY0ZGZkYjYwYTI4ZjlhMTU0
NGY0NDQwHhcNMjIxMDI0MTYwNDE3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTlmZTlkODkzMWJlYjM3MDgyMThkMzEyODA5N2Q4OWU4YTY5MWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7PPkCWeDfHYHdQIEpRsiFRcPTN7/
JCsOLrAL4UtMU5lLwkSvPHLIQHqv+kxRpCzZFVzb59BbNUUIiY2ZEi2iTIFa88VC
ZacjXN9+nsbayQkg7xdT5hQCWC7DhRctA+2wY6qC7ae2CM01zM0+epnv8MYonzHh
PPl2502qm+wkrCbjTXxBXfB5JJanQRNrnbtSVJ9x5RPfth47fuqu5FFX4fQNolgh
ZGp0yPfSyR2fEti1ELwIfg9pc6orovs7Rc7rqWMs3+Rq4nQnPNr208yK2mdQujAp
6pul1cM6TJQeF91763ttEXPQNBFjSb4FusdW4b+NAuBCp6z7tKo0cK/ptwIDAQAB
o4ICdjCCAnIwHQYDVR0OBBYEFCmf6diTG+s3CCGNMSgJfYnoppHKMB8GA1UdIwQY
MBaAFA71yy9ZDQQWVPTf22Cij5oVRPREMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHZYTEwxa05CQlpVOU5fYllLS1BtaFZFOUVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8yMjZmMDQtZjdkYi00OTFhLWJhZmIt
ZWU0MzVkM2NkNTg1LzEvS1pfcDJKTWI2emNJSVkweEtBbDlpZWlta2NvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny8yMjZmMDQtZjdkYi00OTFhLWJhZmItZWU0MzVkM2NkNTg1
LzEvRHZYTEwxa05CQlpVOU5fYllLS1BtaFZFOUVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGLBggrBgEFBQcBBwEB/wR8MHowYAQCAAEwWgMEBAUtQDAM
AwQCBS1UAwQFBS1AMAwDBAQFPTADBAIFPTgDBAMlAcgDBAMlAdgDBAAl/AMwDAME
ACX8DQMEBCX8AAMEAi2IMAMEAC5magMEArnuqAMEAdWOkjAWBAIAAjAQAwcAKgLG
wQACAwUBKgLGwjANBgkqhkiG9w0BAQsFAAOCAQEAopuqw61cnZSQqhfnFNdDFkWv
XzYvDJtIudqLQoe8mm+/YzYK7vyxEJkhJP7zqSYb2qP0UyvHxLp3yI+vjT5mmpWg
JFn1wG1wseCZwqaG40JbiSIyrcBQZqJOrl81ZAmWWinqRTgwsF12sFl8BphggH5I
MzCMsQXvLc6OsUXpfEkRhfyOUJtliLmR4tY+2qZXAhuc9sKvyd+NJSrNi80mdb+U
QMm8OrZ4zCCPie5vUPvjPPxBvNkAF53tNcSFQONEBZhQYULJ/aEYYP6tETvCEbIM
1BdM1ZTKv+R7D1jwtFn2Q/uVX+S+YBGnaL7FVEGGzZunJWl63BjgyOUXODu59g==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:57 2023 by rpki-client on console-fra.rpki-client.org