Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/1c9809-1f60-43c2-8103-dad0420b85d3/1/DrFdo1SmRfIPWK8C15bVfq8OcIs.roa
File: DrFdo1SmRfIPWK8C15bVfq8OcIs.roa (raw, json)
Hash identifier: MnUJljRqwfo+s+6zkQkm3MPAKppI1eUg2isQLuI/m10=
Subject key identifier: 0E:B1:5D:A3:54:A6:45:F2:0F:58:AF:02:D7:96:D5:7E:AF:0E:70:8B
Certificate issuer: /CN=f919e1f3fe69b4ebdff02a9a857e7c6c2b25301a
Certificate serial: 04AF9EE5
Authority key identifier: F9:19:E1:F3:FE:69:B4:EB:DF:F0:2A:9A:85:7E:7C:6C:2B:25:30:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-Rnh8_5ptOvf8CqahX58bCslMBo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/1c9809-1f60-43c2-8103-dad0420b85d3/1/DrFdo1SmRfIPWK8C15bVfq8OcIs.roa
Signing time: Tue 31 May 2022 11:01:13 +0000
ROA not before: Tue 31 May 2022 11:01:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208677
IP address blocks: 37.18.8.0/23 maxlen: 23
37.18.10.0/24 maxlen: 24
37.18.22.0/24 maxlen: 24
178.170.242.0/24 maxlen: 24
46.243.141.0/24 maxlen: 24
46.243.142.0/23 maxlen: 23
37.230.139.0/24 maxlen: 24
37.18.102.0/24 maxlen: 24
37.18.100.0/23 maxlen: 23
37.18.107.0/24 maxlen: 24
37.18.112.0/23 maxlen: 23
37.18.108.0/22 maxlen: 22
37.18.115.0/24 maxlen: 24
37.18.114.0/24 maxlen: 24
37.18.116.0/22 maxlen: 22
37.18.120.0/23 maxlen: 23
37.18.122.0/24 maxlen: 24
37.230.186.0/24 maxlen: 24
37.230.184.0/23 maxlen: 23
37.230.180.0/23 maxlen: 23
46.243.206.0/24 maxlen: 24
46.243.201.0/24 maxlen: 24
46.243.226.0/23 maxlen: 23
46.243.244.0/23 maxlen: 23
37.18.72.0/23 maxlen: 23
188.72.106.0/23 maxlen: 23
188.72.108.0/23 maxlen: 23
37.230.192.0/21 maxlen: 21
37.230.224.0/24 maxlen: 24
37.230.233.0/24 maxlen: 24
94.139.252.0/22 maxlen: 22
178.170.192.0/22 maxlen: 22
178.170.191.0/24 maxlen: 24
45.9.24.0/22 maxlen: 22
178.170.196.0/23 maxlen: 23
141.101.201.0/24 maxlen: 24
45.89.224.0/22 maxlen: 22
2a0c:2b80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78618341 (0x4af9ee5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f919e1f3fe69b4ebdff02a9a857e7c6c2b25301a
Validity
Not Before: May 31 11:01:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0eb15da354a645f20f58af02d796d57eaf0e708b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:fc:48:ec:72:cc:a0:f8:b2:e7:ed:dc:0e:0a:
cf:66:9b:c4:b5:60:45:cb:d6:90:8d:47:b9:1e:bf:
ff:6b:cb:74:36:54:13:d9:6b:40:81:a6:0d:ca:4a:
66:50:bb:56:13:77:88:94:17:99:10:4f:68:bb:11:
af:92:0f:0e:66:46:85:fe:15:35:af:84:52:a9:93:
24:f1:6c:8e:7f:c8:e8:23:a4:fe:03:c8:55:9d:04:
09:af:53:f1:8d:52:bb:9a:8d:fe:20:c2:57:d6:ec:
da:37:5c:94:c2:5b:b6:33:ad:fd:a8:5e:4a:7f:37:
b6:f0:55:50:3c:57:f7:89:08:0e:60:39:11:a9:b8:
e0:33:4f:f4:6b:66:58:9e:01:1a:78:ac:67:3a:57:
59:d6:6c:6a:55:35:1d:89:1f:a4:5f:93:1b:39:03:
7f:d3:a8:d0:b0:95:b6:91:75:b5:52:45:25:1c:d0:
61:32:ca:58:31:1d:b5:7e:1a:b9:d2:25:9f:89:52:
31:1f:4b:92:5b:bd:31:73:48:e1:83:58:d2:00:f1:
82:63:98:97:65:5e:bc:41:7f:77:12:50:64:da:73:
f8:3e:b8:7d:9c:1e:8c:7c:9c:0c:7a:f4:0b:db:67:
46:77:0d:c0:cb:18:1b:f4:d4:1d:59:21:61:40:b0:
19:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:B1:5D:A3:54:A6:45:F2:0F:58:AF:02:D7:96:D5:7E:AF:0E:70:8B
X509v3 Authority Key Identifier:
keyid:F9:19:E1:F3:FE:69:B4:EB:DF:F0:2A:9A:85:7E:7C:6C:2B:25:30:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-Rnh8_5ptOvf8CqahX58bCslMBo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/1c9809-1f60-43c2-8103-dad0420b85d3/1/DrFdo1SmRfIPWK8C15bVfq8OcIs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/1c9809-1f60-43c2-8103-dad0420b85d3/1/1-Rnh8_5ptOvf8CqahX58bCslMBo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.18.8.0-37.18.10.255
37.18.22.0/24
37.18.72.0/23
37.18.100.0-37.18.102.255
37.18.107.0-37.18.122.255
37.230.139.0/24
37.230.180.0/23
37.230.184.0-37.230.186.255
37.230.192.0/21
37.230.224.0/24
37.230.233.0/24
45.9.24.0/22
45.89.224.0/22
46.243.141.0-46.243.143.255
46.243.201.0/24
46.243.206.0/24
46.243.226.0/23
46.243.244.0/23
94.139.252.0/22
141.101.201.0/24
178.170.191.0-178.170.197.255
178.170.242.0/24
188.72.106.0-188.72.109.255
IPv6:
2a0c:2b80::/29
Signature Algorithm: sha256WithRSAEncryption
75:f9:a2:a7:91:a3:89:31:64:e1:10:68:52:f8:06:44:0f:d2:
7c:f3:bf:5b:62:10:5e:cc:02:84:55:a0:bc:e4:0c:9e:39:8f:
69:d7:12:ac:84:63:1c:0a:5d:fd:93:b7:fd:97:4f:c9:c9:0a:
16:1f:69:a8:d0:63:ac:8f:b0:f3:de:0f:21:06:29:c3:2a:e2:
35:9a:b5:17:8f:ac:8b:02:5c:e5:3d:7e:b1:91:ed:6c:80:0e:
31:8d:fd:52:1e:7b:ed:f3:93:c3:6e:b8:a0:75:84:33:85:48:
4e:40:07:d3:54:53:15:b3:c2:86:96:7b:3a:82:c0:00:01:dc:
05:7b:e7:01:6c:74:c8:14:d3:58:a5:f8:8c:d4:21:9d:98:c4:
56:0b:45:c3:dc:82:c0:81:3a:cd:85:a4:2d:d5:0e:34:4e:8f:
4e:0b:1c:45:32:1d:c6:36:71:73:f4:1c:22:b6:64:b6:86:69:
45:47:b2:3d:d6:0c:23:2b:0c:df:2d:68:10:51:86:c7:2c:5c:
62:1c:24:12:9a:7e:6c:19:e9:3a:52:2c:f4:2e:75:c0:b8:3c:
ff:52:c4:c0:cf:94:9d:5b:a9:ff:d8:fe:e7:ac:d4:57:4c:68:
d2:a7:1c:93:6e:00:f1:74:e5:f5:24:32:70:22:e1:4b:1c:d7:
e6:6f:49:b8
-----BEGIN CERTIFICATE-----
MIIFwTCCBKmgAwIBAgIEBK+e5TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
OTE5ZTFmM2ZlNjliNGViZGZmMDJhOWE4NTdlN2M2YzJiMjUzMDFhMB4XDTIyMDUz
MTExMDExM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGViMTVkYTM1NGE2
NDVmMjBmNThhZjAyZDc5NmQ1N2VhZjBlNzA4YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIj8SOxyzKD4suft3A4Kz2abxLVgRcvWkI1HuR6//2vLdDZU
E9lrQIGmDcpKZlC7VhN3iJQXmRBPaLsRr5IPDmZGhf4VNa+EUqmTJPFsjn/I6COk
/gPIVZ0ECa9T8Y1Su5qN/iDCV9bs2jdclMJbtjOt/aheSn83tvBVUDxX94kIDmA5
Eam44DNP9GtmWJ4BGnisZzpXWdZsalU1HYkfpF+TGzkDf9Oo0LCVtpF1tVJFJRzQ
YTLKWDEdtX4audIln4lSMR9Lklu9MXNI4YNY0gDxgmOYl2VevEF/dxJQZNpz+D64
fZwejHycDHr0C9tnRncNwMsYG/TUHVkhYUCwGRECAwEAAaOCAtswggLXMB0GA1Ud
DgQWBBQOsV2jVKZF8g9YrwLXltV+rw5wizAfBgNVHSMEGDAWgBT5GeHz/mm069/w
KpqFfnxsKyUwGjAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtUm5oOF81cHRPdmY4Q3FhaFg1OGJDc2xNQm8uY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxUL2Y2LzFjOTgwOS0xZjYwLTQzYzItODEwMy1kYWQwNDIwYjg1ZDMv
MS9EckZkbzFTbVJmSVBXSzhDMTViVmZxOE9jSXMucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Y2
LzFjOTgwOS0xZjYwLTQzYzItODEwMy1kYWQwNDIwYjg1ZDMvMS8xLVJuaDhfNXB0
T3ZmOENxYWhYNThiQ3NsTUJvLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MIHuBggrBgEFBQcBBwEB/wSB3jCB2zCByQQCAAEwgcIwDAMEAyUSCAMEACUSCgME
ACUSFgMEASUSSDAMAwQCJRJkAwQAJRJmMAwDBAAlEmsDBAAlEnoDBAAl5osDBAEl
5rQwDAMEAyXmuAMEACXmugMEAyXmwAMEACXm4AMEACXm6QMEAi0JGAMEAi1Z4DAM
AwQALvONAwQELvOAAwQALvPJAwQALvPOAwQBLvPiAwQBLvP0AwQCXov8AwQAjWXJ
MAwDBACyqr8DBAGyqsQDBACyqvIwDAMEAbxIagMEAbxIbDANBAIAAjAHAwUDKgwr
gDANBgkqhkiG9w0BAQsFAAOCAQEAdfmip5GjiTFk4RBoUvgGRA/SfPO/W2IQXswC
hFWgvOQMnjmPadcSrIRjHApd/ZO3/ZdPyckKFh9pqNBjrI+w894PIQYpwyriNZq1
F4+siwJc5T1+sZHtbIAOMY39Uh577fOTw264oHWEM4VITkAH01RTFbPChpZ7OoLA
AAHcBXvnAWx0yBTTWKX4jNQhnZjEVgtFw9yCwIE6zYWkLdUONE6PTgscRTIdxjZx
c/QcIrZktoZpRUeyPdYMIysM3y1oEFGGxyxcYhwkEpp+bBnpOlIs9C51wLg8/1LE
wM+UnVup/9j+56zUV0xo0qcck24A8XTl9SQycCLhSxzX5m9JuA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:55 2024 by rpki-client on console-ams.rpki-client.org