Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/eb1cd5-c871-4d4f-ac3f-4b599d08ed1c/1/cUSnLgi9Pn9H8o2T3fPonRxCtls.roa
File: cUSnLgi9Pn9H8o2T3fPonRxCtls.roa (raw, json)
Hash identifier: CGHXFepzsr3kZmtZO2CvY9zIBDWsm01lkiQLfNaMdC8=
Subject key identifier: 71:44:A7:2E:08:BD:3E:7F:47:F2:8D:93:DD:F3:E8:9D:1C:42:B6:5B
Certificate issuer: /CN=cafd3133df47ce2bb07c472fbe6bb4e9178c6233
Certificate serial: 0183CD04F0F11ACEF80BE36A29087A29AAB8
Authority key identifier: CA:FD:31:33:DF:47:CE:2B:B0:7C:47:2F:BE:6B:B4:E9:17:8C:62:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yv0xM99HziuwfEcvvmu06ReMYjM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/eb1cd5-c871-4d4f-ac3f-4b599d08ed1c/1/cUSnLgi9Pn9H8o2T3fPonRxCtls.roa
Signing time: Wed 12 Oct 2022 16:26:36 +0000
ROA not before: Wed 12 Oct 2022 16:26:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3561
IP address blocks: 37.72.133.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:cd:04:f0:f1:1a:ce:f8:0b:e3:6a:29:08:7a:29:aa:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cafd3133df47ce2bb07c472fbe6bb4e9178c6233
Validity
Not Before: Oct 12 16:26:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7144a72e08bd3e7f47f28d93ddf3e89d1c42b65b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:10:8d:56:f7:a7:08:c5:c5:59:93:1c:c4:80:
05:07:83:48:9c:ee:7b:d3:94:19:f7:99:ca:87:fe:
39:c5:6d:7f:d6:b1:96:e6:fe:4b:3d:e4:6b:20:7e:
ba:0b:d7:47:d3:c9:40:aa:b4:36:7a:4c:3d:40:b6:
84:26:e8:d7:a1:0d:d1:31:4c:84:d8:b0:0e:57:e0:
71:aa:a8:30:5f:dd:1d:43:16:90:32:63:ed:4b:7d:
33:9c:f5:90:bb:08:3a:24:38:1c:68:f9:5f:6b:cc:
e5:9d:9d:2b:e0:f3:68:1e:97:6f:fe:ca:41:8e:3d:
d2:92:3b:a5:ea:78:b9:a3:79:a5:c3:32:f0:90:30:
f3:3c:7f:3f:9c:56:d1:8d:3d:33:5a:f7:79:15:44:
ef:2a:6a:4c:11:27:da:f4:03:a9:75:81:fb:24:28:
19:f9:96:fc:19:fb:ea:dd:cb:12:b5:2d:94:0d:96:
10:1d:2e:98:0d:ee:cf:0b:b6:5a:be:c9:ee:12:b9:
2f:fb:e7:54:1d:04:39:8e:d7:5b:61:78:bd:ff:93:
cc:66:85:aa:63:6e:d4:38:6f:f1:7f:ef:16:98:7e:
91:17:fc:ac:c4:e8:94:da:fc:91:cf:34:ff:36:2a:
bd:f7:7d:a3:09:d2:45:9b:69:3d:86:dc:7f:f2:b9:
af:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:44:A7:2E:08:BD:3E:7F:47:F2:8D:93:DD:F3:E8:9D:1C:42:B6:5B
X509v3 Authority Key Identifier:
keyid:CA:FD:31:33:DF:47:CE:2B:B0:7C:47:2F:BE:6B:B4:E9:17:8C:62:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yv0xM99HziuwfEcvvmu06ReMYjM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/eb1cd5-c871-4d4f-ac3f-4b599d08ed1c/1/cUSnLgi9Pn9H8o2T3fPonRxCtls.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/eb1cd5-c871-4d4f-ac3f-4b599d08ed1c/1/yv0xM99HziuwfEcvvmu06ReMYjM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.72.133.0/24
Signature Algorithm: sha256WithRSAEncryption
dc:6e:52:75:75:20:01:d7:68:e3:6f:9c:24:db:2e:3e:41:0f:
03:fd:0f:43:f4:83:01:b1:59:85:01:82:01:2f:2e:ea:94:da:
e5:bb:17:a8:4c:3b:a9:35:9c:0b:3d:7e:bc:3e:3f:f8:26:dc:
7b:ee:0a:f9:66:f4:8f:2c:f3:c0:d5:a3:52:3b:71:e1:b0:85:
ec:d7:ff:1d:20:a7:12:30:49:77:d7:6e:c9:23:f2:b6:ac:38:
60:b6:60:ca:9d:8a:a7:10:75:74:67:4a:9c:55:db:fe:c4:94:
45:9d:13:5d:6c:45:4a:27:a8:f8:4a:60:27:87:34:75:2f:86:
91:aa:03:b6:79:17:cf:86:da:4e:6d:cc:b2:1d:98:15:5f:2f:
94:f5:6f:a5:70:20:55:9e:1d:b4:12:f0:37:cb:79:b5:94:8d:
c9:d9:b5:8b:1e:ce:fa:b4:63:9c:64:f4:d2:a8:98:2b:1a:8b:
8b:da:75:07:62:5f:a6:e3:46:63:d2:d1:37:f2:63:90:e3:d3:
b0:ca:57:e0:df:65:c2:d5:3a:4e:ee:2a:6a:9a:04:5b:03:5d:
0d:2e:a0:6b:04:01:45:2a:98:47:47:d4:ac:6f:be:71:58:7a:
61:bd:18:32:87:a5:54:c8:53:97:12:ff:89:2d:51:3a:33:67:
b8:36:66:8b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYPNBPDxGs74C+NqKQh6Kaq4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhZmQzMTMzZGY0N2NlMmJiMDdjNDcyZmJlNmJiNGU5MTc4
YzYyMzMwHhcNMjIxMDEyMTYyNjM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTQ0YTcyZTA4YmQzZTdmNDdmMjhkOTNkZGYzZTg5ZDFjNDJiNjViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1RCNVvenCMXFWZMcxIAFB4NInO57
05QZ95nKh/45xW1/1rGW5v5LPeRrIH66C9dH08lAqrQ2ekw9QLaEJujXoQ3RMUyE
2LAOV+BxqqgwX90dQxaQMmPtS30znPWQuwg6JDgcaPlfa8zlnZ0r4PNoHpdv/spB
jj3Skjul6ni5o3mlwzLwkDDzPH8/nFbRjT0zWvd5FUTvKmpMESfa9AOpdYH7JCgZ
+Zb8Gfvq3csStS2UDZYQHS6YDe7PC7ZavsnuErkv++dUHQQ5jtdbYXi9/5PMZoWq
Y27UOG/xf+8WmH6RF/ysxOiU2vyRzzT/Niq9932jCdJFm2k9htx/8rmvHQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHFEpy4IvT5/R/KNk93z6J0cQrZbMB8GA1UdIwQY
MBaAFMr9MTPfR84rsHxHL75rtOkXjGIzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXYweE05OUh6aXV3ZkVjdnZtdTA2UmVNWWpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lYjFjZDUtYzg3MS00ZDRmLWFjM2Yt
NGI1OTlkMDhlZDFjLzEvY1VTbkxnaTlQbjlIOG8yVDNmUG9uUnhDdGxzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lYjFjZDUtYzg3MS00ZDRmLWFjM2YtNGI1OTlkMDhlZDFj
LzEveXYweE05OUh6aXV3ZkVjdnZtdTA2UmVNWWpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJUiFMA0G
CSqGSIb3DQEBCwUAA4IBAQDcblJ1dSAB12jjb5wk2y4+QQ8D/Q9D9IMBsVmFAYIB
Ly7qlNrluxeoTDupNZwLPX68Pj/4Jtx77gr5ZvSPLPPA1aNSO3HhsIXs1/8dIKcS
MEl3127JI/K2rDhgtmDKnYqnEHV0Z0qcVdv+xJRFnRNdbEVKJ6j4SmAnhzR1L4aR
qgO2eRfPhtpObcyyHZgVXy+U9W+lcCBVnh20EvA3y3m1lI3J2bWLHs76tGOcZPTS
qJgrGouL2nUHYl+m40Zj0tE38mOQ49Owylfg32XC1TpO7ipqmgRbA10NLqBrBAFF
KphHR9Ssb75xWHphvRgyh6VUyFOXEv+JLVE6M2e4NmaL
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:42:15 2023 by rpki-client on console-fra.rpki-client.org