Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/415d4b-f7a6-49d6-a7ad-ddf0b8b09616/1/37dGpOyRVqxZUdc3B1NBI-RwZNk.roa
File: 37dGpOyRVqxZUdc3B1NBI-RwZNk.roa (raw, json)
Hash identifier: BlXFydxsBTjwJ0UvTVkdcQzMctIxdeIKNS8vUY1J4ig=
Subject key identifier: DF:B7:46:A4:EC:91:56:AC:59:51:D7:37:07:53:41:23:E4:70:64:D9
Certificate issuer: /CN=14b71800dddc497f60f9edb7833c94973ab7dc1c
Certificate serial: 0520197E
Authority key identifier: 14:B7:18:00:DD:DC:49:7F:60:F9:ED:B7:83:3C:94:97:3A:B7:DC:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FLcYAN3cSX9g-e23gzyUlzq33Bw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/415d4b-f7a6-49d6-a7ad-ddf0b8b09616/1/37dGpOyRVqxZUdc3B1NBI-RwZNk.roa
Signing time: Sat 01 Jan 2022 16:06:18 +0000
ROA not before: Sat 01 Jan 2022 16:06:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15576
IP address blocks: 31.132.8.0/22 maxlen: 22
2a06:6400::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 85989758 (0x520197e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=14b71800dddc497f60f9edb7833c94973ab7dc1c
Validity
Not Before: Jan 1 16:06:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dfb746a4ec9156ac5951d73707534123e47064d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:99:61:bd:b7:f4:c9:bc:96:14:12:5b:89:16:
3a:f7:26:9a:84:9f:72:53:38:bd:ea:32:45:56:bc:
eb:9d:0f:5a:da:87:be:53:f8:60:d8:72:9c:5f:e0:
bb:cf:64:45:8c:ab:84:cc:2b:3a:9f:82:a9:bd:87:
cd:7e:69:31:3b:7f:38:58:eb:93:fe:f6:b8:f1:51:
20:66:ff:d1:f2:96:17:c6:75:b0:4e:59:68:15:07:
19:d0:76:67:ce:f5:01:0b:fb:c4:c7:7d:d3:22:7f:
0a:95:01:87:16:bf:5a:e4:79:fc:56:f8:49:c3:76:
43:49:a1:13:d0:39:59:0e:bc:11:ca:69:35:3d:85:
ce:cd:20:d3:c6:b9:96:01:23:4d:79:ef:9a:51:eb:
a4:e2:df:a5:38:12:60:c2:ef:1e:87:c6:14:52:64:
74:28:27:5c:df:07:ef:37:53:2d:f5:f9:a0:50:b2:
ed:a3:6d:f7:9e:a1:6d:c7:24:fb:9a:dd:f1:d6:ce:
9a:c9:c3:9c:5c:69:4f:76:92:9d:15:da:d1:3d:02:
36:ea:4d:dc:e9:ac:97:43:14:89:32:ac:12:8d:3e:
79:62:1b:b3:fe:f8:fc:12:a0:8a:5d:39:44:dc:20:
08:4a:b5:10:2f:48:d6:a6:14:69:eb:88:29:e2:e2:
00:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:B7:46:A4:EC:91:56:AC:59:51:D7:37:07:53:41:23:E4:70:64:D9
X509v3 Authority Key Identifier:
keyid:14:B7:18:00:DD:DC:49:7F:60:F9:ED:B7:83:3C:94:97:3A:B7:DC:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FLcYAN3cSX9g-e23gzyUlzq33Bw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/415d4b-f7a6-49d6-a7ad-ddf0b8b09616/1/37dGpOyRVqxZUdc3B1NBI-RwZNk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/415d4b-f7a6-49d6-a7ad-ddf0b8b09616/1/FLcYAN3cSX9g-e23gzyUlzq33Bw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.132.8.0/22
IPv6:
2a06:6400::/29
Signature Algorithm: sha256WithRSAEncryption
23:11:5a:51:20:ca:aa:cc:5c:37:9b:49:29:82:d7:c9:8a:25:
13:c9:a4:ef:3a:6a:5e:17:7a:ae:1a:84:28:24:ee:b3:2d:00:
b6:8b:d6:c4:64:4a:2f:95:f0:4c:90:2c:e1:e0:3e:68:54:27:
db:12:c0:31:fd:25:0b:02:fe:20:33:31:7a:a6:b3:17:7a:a7:
b3:d8:38:d8:16:3b:b0:6d:91:b4:f4:46:2c:18:56:04:14:98:
a9:ca:f3:df:98:64:51:2d:23:ab:ec:96:77:57:06:91:26:df:
cb:f2:a1:9e:2a:b8:25:03:9b:98:8e:ea:4d:59:68:d0:6f:b3:
32:bb:e1:2c:bb:f6:e4:44:46:3f:d2:b7:63:51:5d:7d:f2:22:
7d:92:34:c3:d4:6a:50:c6:11:9d:a5:ce:20:57:bf:b8:61:b9:
82:f0:7f:7a:02:6a:ff:e9:f4:ee:c2:fc:f7:1c:90:b3:16:4f:
a8:2d:7a:13:ef:b3:6d:62:cd:24:a2:12:e6:03:e3:96:d5:4b:
4f:2f:e3:c3:71:74:3b:12:47:2c:c6:d1:a0:a7:6a:fe:a6:05:
e1:5d:b1:33:30:91:82:4b:67:2b:84:27:89:b3:b9:72:65:5e:
c5:96:d8:5d:c6:d4:c2:54:79:ec:d7:51:50:6a:0c:90:ee:38:
e2:e8:03:63
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEBSAZfjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
NGI3MTgwMGRkZGM0OTdmNjBmOWVkYjc4MzNjOTQ5NzNhYjdkYzFjMB4XDTIyMDEw
MTE2MDYxOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGZiNzQ2YTRlYzkx
NTZhYzU5NTFkNzM3MDc1MzQxMjNlNDcwNjRkOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ+ZYb239Mm8lhQSW4kWOvcmmoSfclM4veoyRVa8650PWtqH
vlP4YNhynF/gu89kRYyrhMwrOp+Cqb2HzX5pMTt/OFjrk/72uPFRIGb/0fKWF8Z1
sE5ZaBUHGdB2Z871AQv7xMd90yJ/CpUBhxa/WuR5/Fb4ScN2Q0mhE9A5WQ68Ecpp
NT2Fzs0g08a5lgEjTXnvmlHrpOLfpTgSYMLvHofGFFJkdCgnXN8H7zdTLfX5oFCy
7aNt956hbcck+5rd8dbOmsnDnFxpT3aSnRXa0T0CNupN3Omsl0MUiTKsEo0+eWIb
s/74/BKgil05RNwgCEq1EC9I1qYUaeuIKeLiALcCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBTft0ak7JFWrFlR1zcHU0Ej5HBk2TAfBgNVHSMEGDAWgBQUtxgA3dxJf2D5
7beDPJSXOrfcHDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0ZMY1lBTjNjU1g5Zy1lMjNnenlVbHpxMzNCdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmMvNDE1ZDRiLWY3YTYtNDlkNi1hN2FkLWRkZjBiOGIwOTYxNi8x
LzM3ZEdwT3lSVnF4WlVkYzNCMU5CSS1Sd1pOay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmMv
NDE1ZDRiLWY3YTYtNDlkNi1hN2FkLWRkZjBiOGIwOTYxNi8xL0ZMY1lBTjNjU1g5
Zy1lMjNnenlVbHpxMzNCdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAh+ECDANBAIAAjAHAwUDKgZkADAN
BgkqhkiG9w0BAQsFAAOCAQEAIxFaUSDKqsxcN5tJKYLXyYolE8mk7zpqXhd6rhqE
KCTusy0AtovWxGRKL5XwTJAs4eA+aFQn2xLAMf0lCwL+IDMxeqazF3qns9g42BY7
sG2RtPRGLBhWBBSYqcrz35hkUS0jq+yWd1cGkSbfy/Khniq4JQObmI7qTVlo0G+z
MrvhLLv25ERGP9K3Y1FdffIifZI0w9RqUMYRnaXOIFe/uGG5gvB/egJq/+n07sL8
9xyQsxZPqC16E++zbWLNJKIS5gPjltVLTy/jw3F0OxJHLMbRoKdq/qYF4V2xMzCR
gktnK4QnibO5cmVexZbYXcbUwlR57NdRUGoMkO444ugDYw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:04 2024 by rpki-client on console-ams.rpki-client.org