Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/c686b3-e7a9-4f9c-842c-119d8bf717bb/1/dDP2X2YrOHB3EVjkzZolWTOt4ZM.roa
File: dDP2X2YrOHB3EVjkzZolWTOt4ZM.roa (raw, json)
Hash identifier: urOFBNSDD28duxRU59fq37ytwV/6OesT82KD6IUN1sc=
Subject key identifier: 74:33:F6:5F:66:2B:38:70:77:11:58:E4:CD:9A:25:59:33:AD:E1:93
Certificate issuer: /CN=3deb104463e920b45542b6af1a27d5950e86e9a0
Certificate serial: 018C3E164023627F4BA197315219FC680F04
Authority key identifier: 3D:EB:10:44:63:E9:20:B4:55:42:B6:AF:1A:27:D5:95:0E:86:E9:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PesQRGPpILRVQravGifVlQ6G6aA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/c686b3-e7a9-4f9c-842c-119d8bf717bb/1/dDP2X2YrOHB3EVjkzZolWTOt4ZM.roa
Signing time: Wed 06 Dec 2023 07:44:54 +0000
ROA not before: Wed 06 Dec 2023 07:44:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200640
IP address blocks: 37.34.100.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:3e:16:40:23:62:7f:4b:a1:97:31:52:19:fc:68:0f:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3deb104463e920b45542b6af1a27d5950e86e9a0
Validity
Not Before: Dec 6 07:44:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7433f65f662b3870771158e4cd9a255933ade193
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:f4:5e:de:8f:7c:8c:6f:79:1f:7e:df:8f:52:
94:48:1f:8f:ee:2f:3e:ab:e7:33:dd:4a:ec:2a:17:
09:d7:94:f2:4f:30:69:37:18:8a:24:a9:b5:c7:05:
4e:4e:b1:57:f9:26:05:b9:bf:42:43:ad:91:ee:b2:
41:86:f2:98:d4:1f:19:a8:ad:b6:dd:68:64:12:ab:
d1:47:ac:9e:5b:de:30:a4:c4:0f:90:f3:a6:f6:52:
77:ad:79:eb:ad:cc:c2:e1:c7:cc:ba:d8:89:ea:67:
e2:e2:f0:7a:a1:e8:3f:cd:f7:a5:54:93:0f:42:80:
18:e3:e4:f7:21:42:03:34:86:91:41:b4:e5:cb:3e:
cc:12:ca:ec:cc:05:88:de:88:3b:12:c8:d6:f6:95:
57:4c:14:db:65:ed:00:ed:ab:da:47:2b:17:22:ac:
0a:23:be:fd:be:82:ab:4b:ac:53:04:13:2d:03:df:
c0:f3:35:0c:fe:2f:ea:a3:0a:5b:57:f9:f3:43:e7:
c7:f0:52:4e:4f:ff:5e:e0:be:ef:cc:a5:60:a9:32:
d8:b1:62:93:a4:24:83:a9:15:59:a2:34:07:92:82:
69:2d:53:1d:83:ad:90:fb:39:3b:1d:fd:7e:60:a7:
80:91:8d:66:a8:4e:63:3d:22:93:b6:71:a3:79:84:
6f:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:33:F6:5F:66:2B:38:70:77:11:58:E4:CD:9A:25:59:33:AD:E1:93
X509v3 Authority Key Identifier:
keyid:3D:EB:10:44:63:E9:20:B4:55:42:B6:AF:1A:27:D5:95:0E:86:E9:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PesQRGPpILRVQravGifVlQ6G6aA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/c686b3-e7a9-4f9c-842c-119d8bf717bb/1/dDP2X2YrOHB3EVjkzZolWTOt4ZM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/c686b3-e7a9-4f9c-842c-119d8bf717bb/1/PesQRGPpILRVQravGifVlQ6G6aA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.34.100.0/22
Signature Algorithm: sha256WithRSAEncryption
44:18:2a:6d:03:2c:af:36:38:4d:41:f7:ac:c4:85:b7:3d:4f:
98:5f:d4:00:cd:67:a6:5c:ce:21:4b:8e:0a:94:47:6a:53:f5:
88:76:4c:ff:70:29:e4:12:d0:2e:ae:20:69:2f:b4:0c:89:bb:
5a:72:00:aa:56:d2:30:a2:3d:e2:61:e6:62:37:71:17:e5:74:
e8:e6:e8:6d:24:a3:32:37:48:11:55:cb:74:bd:27:ba:40:c4:
1b:b6:fd:61:7c:15:65:1b:e4:b5:e3:bb:2b:d0:57:08:f7:c7:
d6:d3:97:aa:67:12:32:f8:4c:44:39:99:c7:b5:f3:2a:3a:65:
d7:e1:a0:92:d1:ec:1e:4e:22:d1:1d:fd:0f:3e:a7:b1:0d:9e:
8d:21:93:66:a1:3e:2a:9e:e2:e0:e1:91:f9:0b:83:87:16:f2:
1f:49:48:5c:6f:e0:31:18:6a:75:0c:fd:97:c6:06:a0:50:da:
26:7b:9e:17:0f:69:2f:4a:31:1b:de:f3:6e:0f:f7:0f:8a:5f:
0a:13:c9:87:97:89:fa:76:2d:d7:cb:49:2a:20:75:90:f6:e9:
71:25:fd:d2:5c:bb:de:7b:41:aa:7c:f1:b4:5a:d3:f9:1e:59:
3e:9b:32:68:bf:fd:dc:9d:33:90:b7:ab:a7:5e:b9:e1:55:fa:
e6:9b:e6:eb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYw+FkAjYn9LoZcxUhn8aA8EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkZWIxMDQ0NjNlOTIwYjQ1NTQyYjZhZjFhMjdkNTk1MGU4
NmU5YTAwHhcNMjMxMjA2MDc0NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDMzZjY1ZjY2MmIzODcwNzcxMTU4ZTRjZDlhMjU1OTMzYWRlMTkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAofRe3o98jG95H37fj1KUSB+P7i8+
q+cz3UrsKhcJ15TyTzBpNxiKJKm1xwVOTrFX+SYFub9CQ62R7rJBhvKY1B8ZqK22
3WhkEqvRR6yeW94wpMQPkPOm9lJ3rXnrrczC4cfMutiJ6mfi4vB6oeg/zfelVJMP
QoAY4+T3IUIDNIaRQbTlyz7MEsrszAWI3og7EsjW9pVXTBTbZe0A7avaRysXIqwK
I779voKrS6xTBBMtA9/A8zUM/i/qowpbV/nzQ+fH8FJOT/9e4L7vzKVgqTLYsWKT
pCSDqRVZojQHkoJpLVMdg62Q+zk7Hf1+YKeAkY1mqE5jPSKTtnGjeYRvxQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHQz9l9mKzhwdxFY5M2aJVkzreGTMB8GA1UdIwQY
MBaAFD3rEERj6SC0VUK2rxon1ZUOhumgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGVzUVJHUHBJTFJWUXJhdkdpZlZsUTZHNmFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9jNjg2YjMtZTdhOS00ZjljLTg0MmMt
MTE5ZDhiZjcxN2JiLzEvZERQMlgyWXJPSEIzRVZqa3pab2xXVE90NFpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9jNjg2YjMtZTdhOS00ZjljLTg0MmMtMTE5ZDhiZjcxN2Ji
LzEvUGVzUVJHUHBJTFJWUXJhdkdpZlZsUTZHNmFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCJSJkMA0G
CSqGSIb3DQEBCwUAA4IBAQBEGCptAyyvNjhNQfesxIW3PU+YX9QAzWemXM4hS44K
lEdqU/WIdkz/cCnkEtAuriBpL7QMibtacgCqVtIwoj3iYeZiN3EX5XTo5uhtJKMy
N0gRVct0vSe6QMQbtv1hfBVlG+S147sr0FcI98fW05eqZxIy+ExEOZnHtfMqOmXX
4aCS0eweTiLRHf0PPqexDZ6NIZNmoT4qnuLg4ZH5C4OHFvIfSUhcb+AxGGp1DP2X
xgagUNome54XD2kvSjEb3vNuD/cPil8KE8mHl4n6di3Xy0kqIHWQ9ulxJf3SXLve
e0GqfPG0WtP5Hlk+mzJov/3cnTOQt6unXrnhVfrmm+br
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:10:15 2025 by rpki-client