Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/8a344e-0ed8-42b2-a744-a9e8468710a3/1/dVSM8R-maUM6qhCOv6ahjzIOylU.roa
File: dVSM8R-maUM6qhCOv6ahjzIOylU.roa (raw, json)
Hash identifier: +ZsAcv844S3j1eQlFl5rmWQIiw1ULclOizgxeg7g11w=
Subject key identifier: 75:54:8C:F1:1F:A6:69:43:3A:AA:10:8E:BF:A6:A1:8F:32:0E:CA:55
Certificate issuer: /CN=c8d335041718b18830b1f58c15d3518510fe6118
Certificate serial: EF8CE8
Authority key identifier: C8:D3:35:04:17:18:B1:88:30:B1:F5:8C:15:D3:51:85:10:FE:61:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yNM1BBcYsYgwsfWMFdNRhRD-YRg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/8a344e-0ed8-42b2-a744-a9e8468710a3/1/dVSM8R-maUM6qhCOv6ahjzIOylU.roa
Signing time: Tue 05 Apr 2022 07:46:13 +0000
ROA not before: Tue 05 Apr 2022 07:46:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29286
IP address blocks: 37.1.168.0/21 maxlen: 21
37.252.206.0/24 maxlen: 24
37.252.205.0/24 maxlen: 24
37.252.200.0/21 maxlen: 21
37.252.207.0/24 maxlen: 24
2a03:b7c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15699176 (0xef8ce8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c8d335041718b18830b1f58c15d3518510fe6118
Validity
Not Before: Apr 5 07:46:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=75548cf11fa669433aaa108ebfa6a18f320eca55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:52:fb:b7:8f:56:bb:50:ba:dc:a3:1d:e4:b8:
5b:60:75:be:6c:bb:6c:0f:e2:64:4d:6d:d7:f3:93:
e9:89:f3:79:79:2d:43:37:fc:7e:4a:ea:e9:fd:d4:
7d:e1:39:7e:0d:00:06:30:bc:57:71:2b:7a:b9:17:
c7:21:11:f4:2e:a8:20:42:3d:ca:84:cb:74:e0:a3:
49:9d:d8:29:99:3f:42:80:1b:a2:65:7d:15:cb:86:
78:d8:44:72:80:43:7c:ed:75:4a:6e:5b:8d:60:d2:
44:33:35:1b:3e:30:a4:62:9b:8e:88:99:25:04:62:
cf:0b:99:dd:0b:be:2e:c6:38:e8:cd:d4:06:0d:85:
b7:4b:e3:16:95:aa:49:79:d4:62:1e:45:50:e9:8e:
e1:98:70:9e:bf:d7:81:85:ca:5e:bc:d4:55:5a:3c:
1a:90:da:8f:a9:8c:69:a7:b5:42:dd:bb:66:11:bb:
1b:42:47:8d:72:cb:f2:97:5b:63:be:17:8d:8e:31:
8f:c2:2b:7c:e7:b3:6f:f6:d5:ea:bd:dd:de:21:ec:
cf:90:b0:1f:5d:80:42:2f:95:de:c9:ea:a5:1c:85:
f1:cf:ed:10:71:32:9a:9e:22:be:94:70:d5:cf:91:
6c:4c:d2:dd:f0:da:e8:eb:b4:3b:40:9f:9f:8a:52:
a5:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:54:8C:F1:1F:A6:69:43:3A:AA:10:8E:BF:A6:A1:8F:32:0E:CA:55
X509v3 Authority Key Identifier:
keyid:C8:D3:35:04:17:18:B1:88:30:B1:F5:8C:15:D3:51:85:10:FE:61:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yNM1BBcYsYgwsfWMFdNRhRD-YRg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/8a344e-0ed8-42b2-a744-a9e8468710a3/1/dVSM8R-maUM6qhCOv6ahjzIOylU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/8a344e-0ed8-42b2-a744-a9e8468710a3/1/yNM1BBcYsYgwsfWMFdNRhRD-YRg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.1.168.0/21
37.252.200.0/21
IPv6:
2a03:b7c0::/32
Signature Algorithm: sha256WithRSAEncryption
1c:54:06:70:59:3c:d4:91:88:01:6e:9a:6b:ec:4d:df:7a:df:
ed:26:39:41:ab:3b:ab:c1:ef:99:c0:e3:7b:1b:49:aa:3a:96:
e7:e0:ed:9c:99:9c:6a:35:9a:e1:3b:51:61:8e:5f:90:76:2a:
f3:77:70:8f:1d:65:ee:e5:c6:08:29:b0:29:92:61:b3:76:69:
75:2e:a2:73:d4:10:e4:21:a5:2d:cb:21:75:6d:33:fb:97:7d:
5b:54:e8:a7:b4:bf:88:11:f5:34:61:c5:43:35:0e:d8:ff:e9:
e4:13:5d:7f:ca:0f:26:27:67:8e:1c:f4:2b:df:0b:99:19:88:
41:2d:8a:78:82:4c:9c:8a:8b:9c:68:0f:21:49:2b:6a:f3:7b:
53:9e:a1:93:62:23:1f:87:51:50:e8:29:06:84:ba:a4:c1:f1:
75:5c:64:fd:a1:03:24:22:a9:1e:08:7d:3e:0e:c3:d8:22:05:
90:02:2c:08:f6:47:a3:b0:af:74:8e:cd:32:43:f1:2a:b5:51:
98:75:49:40:31:90:7c:ea:1a:98:e3:d8:cb:94:82:f9:e7:be:
df:af:b2:4d:de:09:21:89:01:60:62:7f:0c:df:81:c9:5e:ba:
41:73:ef:cd:21:7d:cc:79:d6:38:e4:35:c3:36:04:46:48:70:
b3:3c:81:44
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEAO+M6DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
OGQzMzUwNDE3MThiMTg4MzBiMWY1OGMxNWQzNTE4NTEwZmU2MTE4MB4XDTIyMDQw
NTA3NDYxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzU1NDhjZjExZmE2
Njk0MzNhYWExMDhlYmZhNmExOGYzMjBlY2E1NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPFS+7ePVrtQutyjHeS4W2B1vmy7bA/iZE1t1/OT6YnzeXkt
Qzf8fkrq6f3UfeE5fg0ABjC8V3ErerkXxyER9C6oIEI9yoTLdOCjSZ3YKZk/QoAb
omV9FcuGeNhEcoBDfO11Sm5bjWDSRDM1Gz4wpGKbjoiZJQRizwuZ3Qu+LsY46M3U
Bg2Ft0vjFpWqSXnUYh5FUOmO4Zhwnr/XgYXKXrzUVVo8GpDaj6mMaae1Qt27ZhG7
G0JHjXLL8pdbY74XjY4xj8IrfOezb/bV6r3d3iHsz5CwH12AQi+V3snqpRyF8c/t
EHEymp4ivpRw1c+RbEzS3fDa6Ou0O0Cfn4pSpbcCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBR1VIzxH6ZpQzqqEI6/pqGPMg7KVTAfBgNVHSMEGDAWgBTI0zUEFxixiDCx
9YwV01GFEP5hGDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3lOTTFCQmNZc1lnd3NmV01GZE5SaFJELVlSZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDEvOGEzNDRlLTBlZDgtNDJiMi1hNzQ0LWE5ZTg0Njg3MTBhMy8x
L2RWU004Ui1tYVVNNnFoQ092NmFoanpJT3lsVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDEv
OGEzNDRlLTBlZDgtNDJiMi1hNzQ0LWE5ZTg0Njg3MTBhMy8xL3lOTTFCQmNZc1ln
d3NmV01GZE5SaFJELVlSZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAyUBqAMEAyX8yDANBAIAAjAHAwUA
KgO3wDANBgkqhkiG9w0BAQsFAAOCAQEAHFQGcFk81JGIAW6aa+xN33rf7SY5Qas7
q8HvmcDjextJqjqW5+DtnJmcajWa4TtRYY5fkHYq83dwjx1l7uXGCCmwKZJhs3Zp
dS6ic9QQ5CGlLcshdW0z+5d9W1Top7S/iBH1NGHFQzUO2P/p5BNdf8oPJidnjhz0
K98LmRmIQS2KeIJMnIqLnGgPIUkravN7U56hk2IjH4dRUOgpBoS6pMHxdVxk/aED
JCKpHgh9Pg7D2CIFkAIsCPZHo7CvdI7NMkPxKrVRmHVJQDGQfOoamOPYy5SC+ee+
36+yTd4JIYkBYGJ/DN+ByV66QXPvzSF9zHnWOOQ1wzYERkhwszyBRA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:58 2024 by rpki-client on console-fra.rpki-client.org