Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/cf2ebf-2a09-43d2-a225-a165359a6211/1/Z8I5j0mGhK8NFl0jlT5AEaRmge4.roa
File: Z8I5j0mGhK8NFl0jlT5AEaRmge4.roa (raw, json)
Hash identifier: QJDiMvq8VnxKldnjSBXHlZwamhRyssJCE3ezHT12ZF4=
Subject key identifier: 67:C2:39:8F:49:86:84:AF:0D:16:5D:23:95:3E:40:11:A4:66:81:EE
Certificate issuer: /CN=4ee4057f9ea0140cef7ce4789369c5cf01f7c68e
Certificate serial: 04ACE24F
Authority key identifier: 4E:E4:05:7F:9E:A0:14:0C:EF:7C:E4:78:93:69:C5:CF:01:F7:C6:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TuQFf56gFAzvfOR4k2nFzwH3xo4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/cf2ebf-2a09-43d2-a225-a165359a6211/1/Z8I5j0mGhK8NFl0jlT5AEaRmge4.roa
Signing time: Sat 01 Jan 2022 10:01:15 +0000
ROA not before: Sat 01 Jan 2022 10:01:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39305
IP address blocks: 37.221.84.0/24 maxlen: 24
37.221.85.0/24 maxlen: 24
37.221.86.0/24 maxlen: 24
2a09:f200::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78438991 (0x4ace24f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ee4057f9ea0140cef7ce4789369c5cf01f7c68e
Validity
Not Before: Jan 1 10:01:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=67c2398f498684af0d165d23953e4011a46681ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:4d:69:34:84:91:dd:f3:23:2a:8f:a4:42:a2:
0b:61:63:42:e5:66:c9:87:88:2c:b2:c4:5d:fa:7e:
be:dc:f1:01:27:e2:82:af:1f:fc:16:9e:88:3f:7e:
25:c1:ad:19:6e:6d:15:71:28:4c:2b:b0:6d:88:00:
d9:38:92:f9:e2:c4:76:15:e6:c7:5b:ac:3f:c1:6f:
02:10:d0:f9:a2:8a:2b:15:22:3d:93:1b:fc:cc:2d:
6f:af:0c:79:d6:bc:01:b0:49:52:8a:d0:b7:9d:1e:
5b:4a:5c:d4:0d:aa:ae:1f:34:10:b3:2a:f2:6e:a8:
a8:85:e8:63:b9:88:89:61:f2:79:3e:a5:93:be:cc:
0a:1c:6c:40:30:be:3c:99:31:6b:92:a5:82:5a:4b:
2e:e7:10:95:91:ee:09:39:82:9b:c4:71:ea:20:11:
0a:2a:06:bc:6e:aa:2f:8b:01:d7:8b:2f:40:88:58:
06:2e:34:14:a0:57:ff:d6:de:b4:17:05:08:1d:49:
a7:04:12:fb:88:fe:5a:b0:08:19:f2:95:a4:bb:f8:
57:b1:99:a7:73:27:99:c9:1d:fa:fb:e2:d1:c5:7a:
df:e1:bc:f3:73:e0:00:1f:d2:d5:07:a3:0d:31:37:
18:ce:bb:c5:0f:1f:28:32:91:66:64:d1:d3:11:3f:
fa:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:C2:39:8F:49:86:84:AF:0D:16:5D:23:95:3E:40:11:A4:66:81:EE
X509v3 Authority Key Identifier:
keyid:4E:E4:05:7F:9E:A0:14:0C:EF:7C:E4:78:93:69:C5:CF:01:F7:C6:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TuQFf56gFAzvfOR4k2nFzwH3xo4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/cf2ebf-2a09-43d2-a225-a165359a6211/1/Z8I5j0mGhK8NFl0jlT5AEaRmge4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/cf2ebf-2a09-43d2-a225-a165359a6211/1/TuQFf56gFAzvfOR4k2nFzwH3xo4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.221.84.0-37.221.86.255
IPv6:
2a09:f200::/29
Signature Algorithm: sha256WithRSAEncryption
44:99:34:b6:1a:30:cf:af:50:ca:a6:1a:ec:40:25:e2:79:35:
3c:a2:c0:aa:f2:00:6f:a5:a9:25:74:89:59:7f:ab:a1:53:99:
bf:9a:5d:ff:cd:16:7a:49:33:3a:73:61:9a:ae:08:ed:ea:e8:
49:a7:70:d5:1a:f6:a8:10:3f:83:65:42:61:e9:1e:94:55:f4:
d6:0f:a6:3b:c4:da:fc:22:fb:2f:0b:88:e0:ea:ee:4b:f0:49:
a7:28:5f:d4:7f:6b:87:e4:6d:18:8b:b1:80:f2:b2:82:4d:9d:
ad:4a:79:52:68:9c:3f:a2:f0:e1:49:19:b0:f5:59:91:97:ef:
9e:c3:d1:47:6f:c9:bd:77:1d:d3:5d:9d:63:b3:d6:69:c0:e6:
7e:9c:87:f4:64:d8:8d:a5:93:17:be:99:77:04:be:f6:83:27:
72:35:01:e4:18:cc:ef:b0:47:7c:bc:4f:9b:c7:c0:4c:fc:46:
7e:11:6c:26:2d:16:fb:82:83:9e:d9:75:d6:2c:51:a6:bb:4d:
83:74:64:00:1c:f4:12:e3:ba:9d:01:f7:87:af:80:47:3c:dc:
08:1f:46:45:01:72:e6:4e:ac:2c:1d:e2:1f:3f:b9:aa:4f:87:
d8:1d:f3:d3:8e:d8:95:85:fe:ab:e8:ef:b6:a0:33:ce:db:a8:
2f:ab:ff:bc
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIEBKziTzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
ZWU0MDU3ZjllYTAxNDBjZWY3Y2U0Nzg5MzY5YzVjZjAxZjdjNjhlMB4XDTIyMDEw
MTEwMDExNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjdjMjM5OGY0OTg2
ODRhZjBkMTY1ZDIzOTUzZTQwMTFhNDY2ODFlZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKFNaTSEkd3zIyqPpEKiC2FjQuVmyYeILLLEXfp+vtzxASfi
gq8f/BaeiD9+JcGtGW5tFXEoTCuwbYgA2TiS+eLEdhXmx1usP8FvAhDQ+aKKKxUi
PZMb/Mwtb68Meda8AbBJUorQt50eW0pc1A2qrh80ELMq8m6oqIXoY7mIiWHyeT6l
k77MChxsQDC+PJkxa5KlglpLLucQlZHuCTmCm8Rx6iARCioGvG6qL4sB14svQIhY
Bi40FKBX/9betBcFCB1JpwQS+4j+WrAIGfKVpLv4V7GZp3Mnmckd+vvi0cV63+G8
83PgAB/S1QejDTE3GM67xQ8fKDKRZmTR0xE/+g8CAwEAAaOCAiAwggIcMB0GA1Ud
DgQWBBRnwjmPSYaErw0WXSOVPkARpGaB7jAfBgNVHSMEGDAWgBRO5AV/nqAUDO98
5HiTacXPAffGjjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1R1UUZmNTZnRkF6dmZPUjRrMm5GendIM3hvNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGYvY2YyZWJmLTJhMDktNDNkMi1hMjI1LWExNjUzNTlhNjIxMS8x
L1o4STVqMG1HaEs4TkZsMGpsVDVBRWFSbWdlNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGYv
Y2YyZWJmLTJhMDktNDNkMi1hMjI1LWExNjUzNTlhNjIxMS8xL1R1UUZmNTZnRkF6
dmZPUjRrMm5GendIM3hvNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA2
BggrBgEFBQcBBwEB/wQnMCUwFAQCAAEwDjAMAwQCJd1UAwQAJd1WMA0EAgACMAcD
BQMqCfIAMA0GCSqGSIb3DQEBCwUAA4IBAQBEmTS2GjDPr1DKphrsQCXieTU8osCq
8gBvpakldIlZf6uhU5m/ml3/zRZ6STM6c2Gargjt6uhJp3DVGvaoED+DZUJh6R6U
VfTWD6Y7xNr8IvsvC4jg6u5L8EmnKF/Uf2uH5G0Yi7GA8rKCTZ2tSnlSaJw/ovDh
SRmw9VmRl++ew9FHb8m9dx3TXZ1js9ZpwOZ+nIf0ZNiNpZMXvpl3BL72gydyNQHk
GMzvsEd8vE+bx8BM/EZ+EWwmLRb7goOe2XXWLFGmu02DdGQAHPQS47qdAfeHr4BH
PNwIH0ZFAXLmTqwsHeIfP7mqT4fYHfPTjtiVhf6r6O+2oDPO26gvq/+8
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:33 2024 by rpki-client on console-ams.rpki-client.org