Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/8fa051-4357-4d31-8537-6812babc5a8b/1/N-HkKhDUuh-cCazPyKtARmIUZxQ.roa
File: N-HkKhDUuh-cCazPyKtARmIUZxQ.roa (raw, json)
Hash identifier: FZ65IuOdjC/BFxinazpE4+XS3UbLILimzCVhK2P6ck0=
Subject key identifier: 37:E1:E4:2A:10:D4:BA:1F:9C:09:AC:CF:C8:AB:40:46:62:14:67:14
Certificate issuer: /CN=e97656f22015589ff7cc66056867f605d81449bc
Certificate serial: 01856FCB97A85F337D5A78C2029453AD45ED
Authority key identifier: E9:76:56:F2:20:15:58:9F:F7:CC:66:05:68:67:F6:05:D8:14:49:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6XZW8iAVWJ_3zGYFaGf2BdgUSbw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/8fa051-4357-4d31-8537-6812babc5a8b/1/N-HkKhDUuh-cCazPyKtARmIUZxQ.roa
Signing time: Mon 02 Jan 2023 00:04:51 +0000
ROA not before: Mon 02 Jan 2023 00:04:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21277
IP address blocks: 185.37.160.0/22 maxlen: 22
2a00:f7a0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:cb:97:a8:5f:33:7d:5a:78:c2:02:94:53:ad:45:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e97656f22015589ff7cc66056867f605d81449bc
Validity
Not Before: Jan 2 00:04:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=37e1e42a10d4ba1f9c09accfc8ab404662146714
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:21:5d:ca:b1:3b:1f:17:c5:86:97:4e:8d:ee:
5d:17:a8:b2:d1:74:14:24:98:ca:06:f7:54:0e:ab:
e0:59:1c:da:06:45:0d:dd:be:e7:59:f4:e3:6f:f1:
e0:5a:a5:ab:83:00:d6:dc:c1:a9:fb:16:69:d7:6c:
d6:43:58:8a:15:a7:c6:b8:e4:f5:d0:0c:96:88:cb:
5e:6e:d9:40:27:01:93:fc:b6:fa:e4:9c:a2:b2:e3:
8a:cb:8b:8f:0b:a3:a3:06:a8:08:f1:6f:a1:f2:93:
99:85:2f:0f:2d:51:af:31:6b:f2:ca:1f:64:99:3c:
bb:f3:8e:d2:f7:49:bc:8c:af:4c:c6:62:38:bd:d5:
9a:ce:d6:49:5e:59:74:ff:d2:ee:68:1e:d6:ee:3c:
a5:28:02:c6:23:93:d8:54:4c:52:6a:67:c2:3b:ce:
ad:34:13:0a:13:54:24:2d:78:2f:55:73:f9:0c:35:
27:1c:5d:bb:b2:9d:12:b8:b3:48:3d:16:c7:6c:13:
2f:7d:a6:57:67:96:65:0d:38:e4:a8:1f:7a:9d:fa:
d4:b1:be:16:6c:a4:90:d6:da:58:f7:4c:19:6c:43:
d2:f5:71:52:51:03:bc:aa:e3:14:89:47:19:c4:4f:
25:61:f2:82:c1:46:42:b3:57:d1:67:e0:a5:6a:dc:
cb:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:E1:E4:2A:10:D4:BA:1F:9C:09:AC:CF:C8:AB:40:46:62:14:67:14
X509v3 Authority Key Identifier:
keyid:E9:76:56:F2:20:15:58:9F:F7:CC:66:05:68:67:F6:05:D8:14:49:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6XZW8iAVWJ_3zGYFaGf2BdgUSbw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/8fa051-4357-4d31-8537-6812babc5a8b/1/N-HkKhDUuh-cCazPyKtARmIUZxQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/8fa051-4357-4d31-8537-6812babc5a8b/1/6XZW8iAVWJ_3zGYFaGf2BdgUSbw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.37.160.0/22
IPv6:
2a00:f7a0::/32
Signature Algorithm: sha256WithRSAEncryption
72:fe:06:43:0f:14:35:d2:b0:d0:00:8c:ae:7e:49:6a:a1:da:
a6:af:62:b7:06:d9:9b:77:9a:5f:91:2e:d0:50:82:fa:97:d6:
93:b2:31:74:55:d3:32:fb:25:48:44:a5:bb:8a:14:60:15:09:
30:53:ce:46:89:8c:06:1a:50:ac:be:f5:1f:e3:5b:6c:b7:90:
b4:74:c6:82:d8:99:2d:0b:43:6b:e7:d5:9d:36:a5:de:56:0a:
66:53:9b:bc:70:ba:6f:4c:22:e2:c0:fa:1f:35:04:4d:f8:fb:
5e:70:21:0c:57:ee:80:d1:04:df:e3:5b:99:34:32:d3:c1:41:
16:76:e3:3e:cf:1e:a8:82:93:28:ad:b7:b6:6a:be:77:b4:88:
b5:ab:53:5b:ad:b1:1a:74:e5:ff:63:87:83:a7:39:24:63:7e:
a7:25:78:3a:1e:6c:94:f9:ee:74:8b:dd:04:43:86:bb:d9:71:
c2:e5:4e:c7:aa:04:b4:d9:cd:9c:f0:5c:1e:18:60:05:b0:89:
74:e2:e7:bc:47:cf:39:4a:15:d3:4d:c9:d1:40:43:a4:6a:c9:
93:7a:27:bf:aa:94:9a:4e:ee:14:6e:3e:c7:ea:25:a8:e4:13:
35:87:79:88:3c:8e:69:e4:6d:41:f0:9b:c9:fd:9c:00:34:f9:
1f:7e:aa:ac
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvy5eoXzN9WnjCApRTrUXtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5NzY1NmYyMjAxNTU4OWZmN2NjNjYwNTY4NjdmNjA1ZDgx
NDQ5YmMwHhcNMjMwMTAyMDAwNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzN2UxZTQyYTEwZDRiYTFmOWMwOWFjY2ZjOGFiNDA0NjYyMTQ2NzE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmyFdyrE7HxfFhpdOje5dF6iy0XQU
JJjKBvdUDqvgWRzaBkUN3b7nWfTjb/HgWqWrgwDW3MGp+xZp12zWQ1iKFafGuOT1
0AyWiMtebtlAJwGT/Lb65JyisuOKy4uPC6OjBqgI8W+h8pOZhS8PLVGvMWvyyh9k
mTy7847S90m8jK9MxmI4vdWaztZJXll0/9LuaB7W7jylKALGI5PYVExSamfCO86t
NBMKE1QkLXgvVXP5DDUnHF27sp0SuLNIPRbHbBMvfaZXZ5ZlDTjkqB96nfrUsb4W
bKSQ1tpY90wZbEPS9XFSUQO8quMUiUcZxE8lYfKCwUZCs1fRZ+ClatzLKwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDfh5CoQ1LofnAmsz8irQEZiFGcUMB8GA1UdIwQY
MBaAFOl2VvIgFVif98xmBWhn9gXYFEm8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlhaVzhpQVZXSl8zekdZRmFHZjJCZGdVU2J3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS84ZmEwNTEtNDM1Ny00ZDMxLTg1Mzct
NjgxMmJhYmM1YThiLzEvTi1Ia0toRFV1aC1jQ2F6UHlLdEFSbUlVWnhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS84ZmEwNTEtNDM1Ny00ZDMxLTg1MzctNjgxMmJhYmM1YThi
LzEvNlhaVzhpQVZXSl8zekdZRmFHZjJCZGdVU2J3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuSWgMA0E
AgACMAcDBQAqAPegMA0GCSqGSIb3DQEBCwUAA4IBAQBy/gZDDxQ10rDQAIyufklq
odqmr2K3Btmbd5pfkS7QUIL6l9aTsjF0VdMy+yVIRKW7ihRgFQkwU85GiYwGGlCs
vvUf41tst5C0dMaC2JktC0Nr59WdNqXeVgpmU5u8cLpvTCLiwPofNQRN+PtecCEM
V+6A0QTf41uZNDLTwUEWduM+zx6ogpMorbe2ar53tIi1q1NbrbEadOX/Y4eDpzkk
Y36nJXg6HmyU+e50i90EQ4a72XHC5U7HqgS02c2c8FweGGAFsIl04ue8R885ShXT
TcnRQEOkasmTeie/qpSaTu4Ubj7H6iWo5BM1h3mIPI5p5G1B8JvJ/ZwANPkffqqs
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:29:54 2025 by rpki-client