Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/7dbfe7-3614-456e-bf4c-ef7f56842546/1/395CxEgfN1M6eF0ootCcsk8pKvg.roa
File: 395CxEgfN1M6eF0ootCcsk8pKvg.roa (raw, json)
Hash identifier: W6k/yVT4bCgP9L1aTd0l7FC3LQFhb45VbZ6NL64srfU=
Subject key identifier: DF:DE:42:C4:48:1F:37:53:3A:78:5D:28:A2:D0:9C:B2:4F:29:2A:F8
Certificate issuer: /CN=8a7415ae634d613159cbd2ce74ac261a7d5ac4d4
Certificate serial: 091EBE72
Authority key identifier: 8A:74:15:AE:63:4D:61:31:59:CB:D2:CE:74:AC:26:1A:7D:5A:C4:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/inQVrmNNYTFZy9LOdKwmGn1axNQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/7dbfe7-3614-456e-bf4c-ef7f56842546/1/395CxEgfN1M6eF0ootCcsk8pKvg.roa
Signing time: Sat 01 Jan 2022 07:02:13 +0000
ROA not before: Sat 01 Jan 2022 07:02:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60522
IP address blocks: 37.131.179.0/24 maxlen: 24
37.131.180.0/22 maxlen: 22
185.212.52.0/22 maxlen: 22
2a0b:72c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 153009778 (0x91ebe72)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8a7415ae634d613159cbd2ce74ac261a7d5ac4d4
Validity
Not Before: Jan 1 07:02:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dfde42c4481f37533a785d28a2d09cb24f292af8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:61:c7:bd:25:b5:c1:54:4a:bb:b0:41:73:40:
27:a7:3a:cd:4b:fb:5e:19:30:60:98:e1:4a:21:26:
a6:d1:75:a8:9d:02:01:a4:78:96:63:10:5f:66:b3:
c3:9a:a4:20:ef:9c:d4:38:06:6f:cf:42:6e:e0:e7:
a6:04:17:14:67:66:7a:8a:06:09:11:22:b4:99:3c:
26:f2:37:c3:85:52:be:11:95:33:19:d7:a9:c0:30:
52:0f:c1:dc:56:28:cd:fa:9a:c3:42:d1:e5:26:d8:
89:cb:aa:92:6f:f4:8b:4e:0a:d5:62:67:36:e1:90:
00:1e:8e:e6:3c:ac:f5:64:9d:3b:46:2d:e3:11:20:
ee:d6:74:1e:86:7f:ff:81:61:3a:ff:e8:e7:d3:c9:
e6:ce:87:47:dd:f3:d6:9d:0e:72:da:4e:fb:a7:44:
bf:c4:30:d4:67:17:a3:f5:90:da:74:c2:9a:11:8c:
83:7c:c2:1d:95:99:b4:e2:8e:45:f8:b9:8e:10:03:
77:16:44:95:28:05:46:08:45:db:e7:26:23:62:ec:
27:e6:aa:90:97:cb:52:a2:1f:8d:fb:35:6f:10:39:
d8:6d:c7:e8:aa:e4:b1:5d:95:24:24:9d:89:70:3d:
89:7b:2a:a6:ba:90:ab:09:46:18:e5:aa:fa:5c:cd:
b9:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:DE:42:C4:48:1F:37:53:3A:78:5D:28:A2:D0:9C:B2:4F:29:2A:F8
X509v3 Authority Key Identifier:
keyid:8A:74:15:AE:63:4D:61:31:59:CB:D2:CE:74:AC:26:1A:7D:5A:C4:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/inQVrmNNYTFZy9LOdKwmGn1axNQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/7dbfe7-3614-456e-bf4c-ef7f56842546/1/395CxEgfN1M6eF0ootCcsk8pKvg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/7dbfe7-3614-456e-bf4c-ef7f56842546/1/inQVrmNNYTFZy9LOdKwmGn1axNQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.131.179.0-37.131.183.255
185.212.52.0/22
IPv6:
2a0b:72c0::/32
Signature Algorithm: sha256WithRSAEncryption
1c:52:63:7e:3e:c7:14:10:bb:ca:03:7c:ff:61:08:fa:76:0c:
4a:72:99:0f:56:03:c0:72:20:56:db:d6:2f:8c:7c:6b:25:aa:
c8:d0:5f:14:f0:5e:03:2b:7a:af:5c:82:2f:da:b0:26:46:ad:
e8:2c:3b:93:df:f1:58:a3:22:96:19:5c:d6:af:4e:b2:3a:c0:
fe:0d:4e:9f:2f:37:12:a4:67:09:fe:26:3f:92:0d:d3:b5:c4:
b7:77:39:4c:74:a3:57:f5:2a:b0:f0:63:00:03:4e:97:3b:d2:
98:31:76:21:b5:17:7b:a9:b6:62:27:9e:8e:50:d3:36:9f:83:
9b:9c:4f:51:c2:ea:c3:56:4d:91:ea:86:70:c8:56:35:c5:7a:
3b:e7:2c:2c:c9:fa:ad:a2:70:7a:20:1b:c0:91:72:d6:d7:59:
41:15:a0:69:11:2b:a4:28:ab:25:fb:91:6b:5c:31:5d:c8:75:
a1:62:6f:36:4f:b5:c3:83:12:1c:19:eb:b6:01:38:b9:a0:36:
d5:cd:2f:48:61:d6:78:00:9a:4b:df:b2:c1:2d:9a:43:57:d4:
74:a0:a4:c2:11:4a:6a:fd:e9:f2:e7:94:8b:17:06:e2:c9:4f:
5c:44:97:b0:2a:8b:70:32:42:96:85:4b:87:22:5d:2a:e8:e4:
eb:64:1a:e0
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIECR6+cjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
YTc0MTVhZTYzNGQ2MTMxNTljYmQyY2U3NGFjMjYxYTdkNWFjNGQ0MB4XDTIyMDEw
MTA3MDIxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGZkZTQyYzQ0ODFm
Mzc1MzNhNzg1ZDI4YTJkMDljYjI0ZjI5MmFmODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKthx70ltcFUSruwQXNAJ6c6zUv7XhkwYJjhSiEmptF1qJ0C
AaR4lmMQX2azw5qkIO+c1DgGb89CbuDnpgQXFGdmeooGCREitJk8JvI3w4VSvhGV
MxnXqcAwUg/B3FYozfqaw0LR5SbYicuqkm/0i04K1WJnNuGQAB6O5jys9WSdO0Yt
4xEg7tZ0HoZ//4FhOv/o59PJ5s6HR93z1p0OctpO+6dEv8Qw1GcXo/WQ2nTCmhGM
g3zCHZWZtOKORfi5jhADdxZElSgFRghF2+cmI2LsJ+aqkJfLUqIfjfs1bxA52G3H
6KrksV2VJCSdiXA9iXsqprqQqwlGGOWq+lzNuXECAwEAAaOCAiYwggIiMB0GA1Ud
DgQWBBTf3kLESB83Uzp4XSii0JyyTykq+DAfBgNVHSMEGDAWgBSKdBWuY01hMVnL
0s50rCYafVrE1DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2luUVZybU5OWVRGWnk5TE9kS3dtR24xYXhOUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjkvN2RiZmU3LTM2MTQtNDU2ZS1iZjRjLWVmN2Y1Njg0MjU0Ni8x
LzM5NUN4RWdmTjFNNmVGMG9vdENjc2s4cEt2Zy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjkv
N2RiZmU3LTM2MTQtNDU2ZS1iZjRjLWVmN2Y1Njg0MjU0Ni8xL2luUVZybU5OWVRG
Wnk5TE9kS3dtR24xYXhOUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA8
BggrBgEFBQcBBwEB/wQtMCswGgQCAAEwFDAMAwQAJYOzAwQDJYOwAwQCudQ0MA0E
AgACMAcDBQAqC3LAMA0GCSqGSIb3DQEBCwUAA4IBAQAcUmN+PscUELvKA3z/YQj6
dgxKcpkPVgPAciBW29YvjHxrJarI0F8U8F4DK3qvXIIv2rAmRq3oLDuT3/FYoyKW
GVzWr06yOsD+DU6fLzcSpGcJ/iY/kg3TtcS3dzlMdKNX9Sqw8GMAA06XO9KYMXYh
tRd7qbZiJ56OUNM2n4ObnE9RwurDVk2R6oZwyFY1xXo75ywsyfqtonB6IBvAkXLW
11lBFaBpESukKKsl+5FrXDFdyHWhYm82T7XDgxIcGeu2ATi5oDbVzS9IYdZ4AJpL
37LBLZpDV9R0oKTCEUpq/eny55SLFwbiyU9cRJewKotwMkKWhUuHIl0q6OTrZBrg
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:53 2024 by rpki-client on console-ams.rpki-client.org