Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/3d3a2d-a039-46f4-8687-057817ba9fb7/1/H_tcw_bh25LslINhlxAarOfbsvg.roa
File: H_tcw_bh25LslINhlxAarOfbsvg.roa (raw, json)
Hash identifier: OuV1D5LjykBPMqS+hSBuv5QddkrvwDS2eqNXXCrADVc=
Subject key identifier: 1F:FB:5C:C3:F6:E1:DB:92:EC:94:83:61:97:10:1A:AC:E7:DB:B2:F8
Certificate issuer: /CN=04cbe5b4623dab42f15a905002db7ce62e854f29
Certificate serial: 03EE9B94
Authority key identifier: 04:CB:E5:B4:62:3D:AB:42:F1:5A:90:50:02:DB:7C:E6:2E:85:4F:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BMvltGI9q0LxWpBQAtt85i6FTyk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/3d3a2d-a039-46f4-8687-057817ba9fb7/1/H_tcw_bh25LslINhlxAarOfbsvg.roa
Signing time: Sat 01 Jan 2022 03:01:56 +0000
ROA not before: Sat 01 Jan 2022 03:01:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25188
IP address blocks: 37.202.8.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65969044 (0x3ee9b94)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=04cbe5b4623dab42f15a905002db7ce62e854f29
Validity
Not Before: Jan 1 03:01:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1ffb5cc3f6e1db92ec94836197101aace7dbb2f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:73:7d:64:23:15:65:33:4c:19:c1:0c:d1:ff:
d4:6b:fb:c9:12:4e:b2:4a:11:87:09:42:b4:ad:96:
96:9f:6f:21:53:12:cb:c1:f6:86:3c:c2:3b:e8:1b:
20:e5:00:b9:a9:86:5e:9b:f4:80:32:86:c7:40:04:
49:92:8b:ca:52:8f:a8:a3:27:6e:fc:f1:00:fb:6d:
b5:bb:c1:db:6b:25:07:47:9a:80:35:3d:07:62:c4:
02:d4:64:c8:51:30:aa:06:de:a8:19:e8:3b:71:42:
47:0a:82:02:61:ab:eb:ca:de:6a:8a:93:f2:4e:ae:
10:04:e0:a7:c8:96:e1:e3:e9:2a:64:cc:d1:ad:b0:
f3:ef:5a:cb:16:74:43:a0:dd:1e:69:e4:44:2c:71:
01:a3:b9:3f:89:2d:3f:30:37:e7:78:5f:79:58:fe:
9d:b2:ba:f6:11:60:67:1b:4b:e1:e4:ea:0e:29:d8:
53:b7:27:8e:5d:70:a6:85:2f:82:c8:9a:46:33:98:
cd:22:44:eb:a1:38:68:09:06:70:92:68:96:e9:80:
ef:dd:1c:0e:bc:2d:28:6a:fa:97:9d:f9:8e:e5:a6:
aa:26:82:69:ac:95:fd:29:07:2e:6b:ac:fc:57:db:
e9:18:36:70:9c:3e:b0:cc:c4:f4:aa:50:3d:94:55:
47:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:FB:5C:C3:F6:E1:DB:92:EC:94:83:61:97:10:1A:AC:E7:DB:B2:F8
X509v3 Authority Key Identifier:
keyid:04:CB:E5:B4:62:3D:AB:42:F1:5A:90:50:02:DB:7C:E6:2E:85:4F:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BMvltGI9q0LxWpBQAtt85i6FTyk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/3d3a2d-a039-46f4-8687-057817ba9fb7/1/H_tcw_bh25LslINhlxAarOfbsvg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/3d3a2d-a039-46f4-8687-057817ba9fb7/1/BMvltGI9q0LxWpBQAtt85i6FTyk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.8.0/22
Signature Algorithm: sha256WithRSAEncryption
50:b7:35:7d:5a:8b:f6:9f:be:0d:bb:ef:29:bb:d6:35:39:9f:
14:0b:d8:8e:f4:d2:5d:0c:14:f7:59:2f:fd:10:ee:a8:7d:e4:
39:c2:73:c1:6e:4c:a3:f7:ec:45:d1:59:43:28:2f:37:8e:47:
d0:de:cd:bf:bc:b7:af:e9:4a:a6:d1:c7:43:d4:ba:0b:5b:5f:
d5:fa:25:3b:34:57:e6:5c:7b:89:02:8b:5b:b8:b1:6d:19:69:
76:fc:41:c6:a1:fd:8a:0a:03:c9:d1:fc:5e:cd:0b:8d:52:5a:
75:be:0c:bd:66:d7:9d:77:3f:5e:f5:ee:d6:f0:46:3b:2c:77:
fd:c9:7e:99:ea:da:a2:7f:50:3e:5d:7c:45:b0:c0:e5:e9:6e:
cd:ac:f4:2a:74:5a:9d:5a:49:99:5c:31:70:3b:ed:b2:ed:85:
60:f5:f4:2c:14:d9:bf:a9:4b:e6:36:d4:97:51:e1:93:03:ae:
a6:76:71:76:ff:35:24:4a:37:bc:17:fc:75:ef:0e:3e:9d:1d:
87:e1:5a:62:e6:45:d7:1e:f5:1e:c4:8d:61:3f:db:53:90:74:
56:be:73:48:ec:94:92:9b:23:b8:ad:77:0a:27:2a:ab:cf:41:
12:3c:d8:64:47:f7:99:75:4b:59:ce:4c:63:97:38:6e:b9:ea:
41:99:51:11
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA+6blDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NGNiZTViNDYyM2RhYjQyZjE1YTkwNTAwMmRiN2NlNjJlODU0ZjI5MB4XDTIyMDEw
MTAzMDE1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWZmYjVjYzNmNmUx
ZGI5MmVjOTQ4MzYxOTcxMDFhYWNlN2RiYjJmODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOpzfWQjFWUzTBnBDNH/1Gv7yRJOskoRhwlCtK2Wlp9vIVMS
y8H2hjzCO+gbIOUAuamGXpv0gDKGx0AESZKLylKPqKMnbvzxAPtttbvB22slB0ea
gDU9B2LEAtRkyFEwqgbeqBnoO3FCRwqCAmGr68reaoqT8k6uEATgp8iW4ePpKmTM
0a2w8+9ayxZ0Q6DdHmnkRCxxAaO5P4ktPzA353hfeVj+nbK69hFgZxtL4eTqDinY
U7cnjl1wpoUvgsiaRjOYzSJE66E4aAkGcJJolumA790cDrwtKGr6l535juWmqiaC
aayV/SkHLmus/Ffb6Rg2cJw+sMzE9KpQPZRVR0kCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQf+1zD9uHbkuyUg2GXEBqs59uy+DAfBgNVHSMEGDAWgBQEy+W0Yj2rQvFa
kFAC23zmLoVPKTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JNdmx0R0k5cTBMeFdwQlFBdHQ4NWk2RlR5ay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzEvM2QzYTJkLWEwMzktNDZmNC04Njg3LTA1NzgxN2JhOWZiNy8x
L0hfdGN3X2JoMjVMc2xJTmhseEFhck9mYnN2Zy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzEv
M2QzYTJkLWEwMzktNDZmNC04Njg3LTA1NzgxN2JhOWZiNy8xL0JNdmx0R0k5cTBM
eFdwQlFBdHQ4NWk2RlR5ay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAiXKCDANBgkqhkiG9w0BAQsFAAOC
AQEAULc1fVqL9p++DbvvKbvWNTmfFAvYjvTSXQwU91kv/RDuqH3kOcJzwW5Mo/fs
RdFZQygvN45H0N7Nv7y3r+lKptHHQ9S6C1tf1folOzRX5lx7iQKLW7ixbRlpdvxB
xqH9igoDydH8Xs0LjVJadb4MvWbXnXc/XvXu1vBGOyx3/cl+meraon9QPl18RbDA
5eluzaz0KnRanVpJmVwxcDvtsu2FYPX0LBTZv6lL5jbUl1HhkwOupnZxdv81JEo3
vBf8de8OPp0dh+FaYuZF1x71HsSNYT/bU5B0Vr5zSOyUkpsjuK13Cicqq89BEjzY
ZEf3mXVLWc5MY5c4brnqQZlREQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:33 2024 by rpki-client on console-fra.rpki-client.org