Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/9151c0-3326-4801-9363-c7d19930d66d/1/KV2OAwwc0l-J39RNMsJk9n4Nh3c.roa
File: KV2OAwwc0l-J39RNMsJk9n4Nh3c.roa (raw, json)
Hash identifier: ZfSNaDwR/dz7wbKbdTOQxdMz4uf5Idy8Wa22H+3BjJ4=
Subject key identifier: 29:5D:8E:03:0C:1C:D2:5F:89:DF:D4:4D:32:C2:64:F6:7E:0D:87:77
Certificate issuer: /CN=b4e82ba1715d6aeae5b0102725ffe0c834735d7d
Certificate serial: 4F6A3D
Authority key identifier: B4:E8:2B:A1:71:5D:6A:EA:E5:B0:10:27:25:FF:E0:C8:34:73:5D:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tOgroXFdaurlsBAnJf_gyDRzXX0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/9151c0-3326-4801-9363-c7d19930d66d/1/KV2OAwwc0l-J39RNMsJk9n4Nh3c.roa
Signing time: Fri 04 Mar 2022 06:46:18 +0000
ROA not before: Fri 04 Mar 2022 06:46:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57675
IP address blocks: 37.32.64.0/24 maxlen: 24
37.32.70.0/24 maxlen: 24
37.32.68.0/24 maxlen: 24
37.32.69.0/24 maxlen: 24
37.32.66.0/24 maxlen: 24
37.32.67.0/24 maxlen: 24
37.32.71.0/24 maxlen: 24
37.32.65.0/24 maxlen: 24
37.32.77.0/24 maxlen: 24
37.32.76.0/24 maxlen: 24
37.32.73.0/24 maxlen: 24
2a0f:1300::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5204541 (0x4f6a3d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4e82ba1715d6aeae5b0102725ffe0c834735d7d
Validity
Not Before: Mar 4 06:46:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=295d8e030c1cd25f89dfd44d32c264f67e0d8777
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:df:43:d4:98:c2:e6:4d:28:ef:59:c7:59:40:
1a:5d:94:cf:81:3d:a1:d9:2d:13:10:8b:e9:89:12:
b5:86:b1:04:22:f1:a3:33:ef:0c:78:71:8f:d6:cf:
8c:92:ad:31:06:54:7f:37:25:e8:37:52:51:4f:0a:
6c:23:62:6a:4d:62:87:11:b0:55:c8:48:fd:a9:9c:
c1:da:4b:30:41:fb:8d:1b:23:59:bb:f8:e7:27:c8:
e0:6b:e5:6a:34:7d:bf:2d:a2:f9:b0:1a:6a:34:86:
f8:c5:b4:17:8a:89:e0:82:7d:5b:c4:e9:35:ef:7e:
58:e3:33:42:04:d7:c5:21:e8:d9:81:13:d9:b1:ee:
d7:80:c6:e0:af:27:bf:52:9e:75:d7:56:c8:d0:60:
3c:53:d3:5f:3d:4c:e2:fa:a8:b3:1c:c3:cd:62:5d:
d5:ff:c5:d3:28:01:fa:7d:11:b9:4d:a8:fb:7e:b0:
f4:74:2f:3b:9d:16:56:41:47:f3:81:7b:9b:13:17:
85:fc:63:1c:19:40:72:fa:28:bf:76:b1:ba:62:1e:
62:40:d0:89:d2:18:cb:be:01:0a:b5:ff:f7:db:66:
70:6e:f6:6a:98:b2:ce:52:28:96:98:09:d4:3d:4f:
74:cc:2b:98:1c:a1:3e:f0:60:de:5d:de:c5:e7:b8:
3e:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:5D:8E:03:0C:1C:D2:5F:89:DF:D4:4D:32:C2:64:F6:7E:0D:87:77
X509v3 Authority Key Identifier:
keyid:B4:E8:2B:A1:71:5D:6A:EA:E5:B0:10:27:25:FF:E0:C8:34:73:5D:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tOgroXFdaurlsBAnJf_gyDRzXX0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/9151c0-3326-4801-9363-c7d19930d66d/1/KV2OAwwc0l-J39RNMsJk9n4Nh3c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/9151c0-3326-4801-9363-c7d19930d66d/1/tOgroXFdaurlsBAnJf_gyDRzXX0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.32.64.0/21
37.32.73.0/24
37.32.76.0/23
IPv6:
2a0f:1300::/29
Signature Algorithm: sha256WithRSAEncryption
97:6f:29:e8:2e:a2:5b:04:b2:10:72:e1:ac:da:8e:d5:ec:f8:
de:03:35:22:79:c3:90:e1:68:ca:17:16:ec:dd:25:58:2d:cd:
a8:6c:e9:00:17:25:f6:76:58:9c:20:5c:b7:09:d0:6d:a1:a5:
2b:cd:85:f9:13:81:e1:be:8d:69:e1:11:2e:8a:a6:76:17:dd:
9a:c9:f3:9d:f7:da:b1:72:1e:ff:0b:fa:ef:84:f8:fb:75:b2:
97:f1:2e:01:dc:79:d9:68:e2:28:05:01:12:4e:53:3d:4d:f1:
66:b0:d7:6c:3c:79:ba:31:56:de:98:f2:06:82:4a:f3:4c:e0:
eb:a9:18:df:72:5e:85:45:32:44:c2:cc:44:eb:6d:3b:42:f6:
97:c9:81:37:e6:f5:cf:45:58:a7:1c:09:26:f9:b0:f8:a0:0f:
c8:74:3b:a8:20:77:66:18:64:88:dd:df:fb:be:c9:4d:e6:bb:
50:df:10:a5:06:52:46:ab:21:24:6a:a6:6a:10:d4:b9:04:0b:
2b:f5:b0:f6:f3:aa:b2:4c:94:d0:cd:0e:12:cd:b4:be:a7:93:
9e:9b:45:03:4c:73:f1:98:6a:e0:5c:40:26:4b:3d:3c:fc:61:
c6:98:c8:ad:e5:d3:01:f7:c5:bb:9f:89:5d:d7:7a:fa:f9:e8:
06:90:0b:35
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIDT2o9MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGI0
ZTgyYmExNzE1ZDZhZWFlNWIwMTAyNzI1ZmZlMGM4MzQ3MzVkN2QwHhcNMjIwMzA0
MDY0NjE4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygyOTVkOGUwMzBjMWNk
MjVmODlkZmQ0NGQzMmMyNjRmNjdlMGQ4Nzc3MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAqd9D1JjC5k0o71nHWUAaXZTPgT2h2S0TEIvpiRK1hrEEIvGj
M+8MeHGP1s+Mkq0xBlR/NyXoN1JRTwpsI2JqTWKHEbBVyEj9qZzB2kswQfuNGyNZ
u/jnJ8jga+VqNH2/LaL5sBpqNIb4xbQXionggn1bxOk1735Y4zNCBNfFIejZgRPZ
se7XgMbgrye/Up5111bI0GA8U9NfPUzi+qizHMPNYl3V/8XTKAH6fRG5Taj7frD0
dC87nRZWQUfzgXubExeF/GMcGUBy+ii/drG6Yh5iQNCJ0hjLvgEKtf/322ZwbvZq
mLLOUiiWmAnUPU90zCuYHKE+8GDeXd7F57g+FQIDAQABo4ICJDCCAiAwHQYDVR0O
BBYEFCldjgMMHNJfid/UTTLCZPZ+DYd3MB8GA1UdIwQYMBaAFLToK6FxXWrq5bAQ
JyX/4Mg0c119MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
dE9ncm9YRmRhdXJsc0JBbkpmX2d5RFJ6WFgwLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9hNy85MTUxYzAtMzMyNi00ODAxLTkzNjMtYzdkMTk5MzBkNjZkLzEv
S1YyT0F3d2MwbC1KMzlSTk1zSms5bjROaDNjLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy85
MTUxYzAtMzMyNi00ODAxLTkzNjMtYzdkMTk5MzBkNjZkLzEvdE9ncm9YRmRhdXJs
c0JBbkpmX2d5RFJ6WFgwLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDoG
CCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDJSBAAwQAJSBJAwQBJSBMMA0EAgAC
MAcDBQMqDxMAMA0GCSqGSIb3DQEBCwUAA4IBAQCXbynoLqJbBLIQcuGs2o7V7Pje
AzUiecOQ4WjKFxbs3SVYLc2obOkAFyX2dlicIFy3CdBtoaUrzYX5E4Hhvo1p4REu
iqZ2F92ayfOd99qxch7/C/rvhPj7dbKX8S4B3HnZaOIoBQESTlM9TfFmsNdsPHm6
MVbemPIGgkrzTODrqRjfcl6FRTJEwsxE6207QvaXyYE35vXPRVinHAkm+bD4oA/I
dDuoIHdmGGSI3d/7vslN5rtQ3xClBlJGqyEkaqZqENS5BAsr9bD286qyTJTQzQ4S
zbS+p5Oem0UDTHPxmGrgXEAmSz08/GHGmMit5dMB98W7n4ld13r6+egGkAs1
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:46 2024 by rpki-client on console-fra.rpki-client.org