Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/338605-4db4-4ede-a310-5642353d431a/1/b93j6EH4Gh5KStGRhD_0DpJsT08.roa
File: b93j6EH4Gh5KStGRhD_0DpJsT08.roa (raw, json)
Hash identifier: pr0HpfgYqt2xUhep4HQcQ9dZOmN7YOY/+uOe6SkrYB4=
Subject key identifier: 6F:DD:E3:E8:41:F8:1A:1E:4A:4A:D1:91:84:3F:F4:0E:92:6C:4F:4F
Certificate issuer: /CN=4ad467f16d0951e430713832c6c759561e76041f
Certificate serial: 08271D9B
Authority key identifier: 4A:D4:67:F1:6D:09:51:E4:30:71:38:32:C6:C7:59:56:1E:76:04:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/StRn8W0JUeQwcTgyxsdZVh52BB8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/338605-4db4-4ede-a310-5642353d431a/1/b93j6EH4Gh5KStGRhD_0DpJsT08.roa
Signing time: Sat 01 Jan 2022 01:53:51 +0000
ROA not before: Sat 01 Jan 2022 01:53:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 9074
IP address blocks: 37.131.255.0/24 maxlen: 24
37.131.254.0/24 maxlen: 24
185.248.108.0/24 maxlen: 24
185.248.109.0/24 maxlen: 24
37.131.251.0/24 maxlen: 24
37.131.248.0/24 maxlen: 24
37.131.252.0/24 maxlen: 24
37.131.249.0/24 maxlen: 24
37.131.253.0/24 maxlen: 24
37.131.250.0/24 maxlen: 24
2a0b:9bc0:1::/48 maxlen: 48
2a0b:9bc0:2::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 136781211 (0x8271d9b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ad467f16d0951e430713832c6c759561e76041f
Validity
Not Before: Jan 1 01:53:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6fdde3e841f81a1e4a4ad191843ff40e926c4f4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:bf:78:c2:94:0d:c5:11:18:e7:2d:a1:12:64:
5a:34:2b:8e:f2:fd:b6:8a:52:15:c2:76:23:f0:a7:
39:a6:01:f3:0a:ee:42:3e:1b:31:bd:6b:28:7c:12:
cb:69:96:a0:02:99:40:e5:40:52:a3:b7:1f:6d:33:
fa:13:68:3a:43:a5:01:0f:3c:b4:53:2b:ac:2d:53:
5a:37:58:e5:b7:47:94:23:11:8c:c7:70:6b:99:2c:
1a:e5:3a:97:85:1b:4e:01:4a:a1:74:db:34:d0:95:
bd:d7:3c:7b:bc:9b:b8:fc:01:50:e4:30:fa:e5:5c:
fe:32:7f:0e:5a:a1:01:2a:d8:67:4d:bf:82:c4:e2:
e0:cf:5d:35:c1:ca:9f:c3:0a:e0:5c:ae:83:46:87:
33:1a:a0:d0:e0:f9:78:fb:46:25:18:6c:ec:45:ce:
25:da:d4:de:c8:b9:13:28:62:9b:9b:64:11:1a:0d:
51:0e:7d:69:f8:d7:68:5b:30:98:0c:60:fa:f2:b0:
ce:13:e9:7b:bd:b5:8b:20:91:cd:85:cc:79:ff:c2:
5d:a1:0e:5b:c6:7b:ec:2d:49:23:3c:e4:48:10:47:
0e:7b:26:bf:8f:6a:0e:bc:66:e2:3a:65:f4:10:a2:
eb:e8:d9:7c:8d:22:60:5d:e5:c3:88:62:ee:3e:ee:
99:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:DD:E3:E8:41:F8:1A:1E:4A:4A:D1:91:84:3F:F4:0E:92:6C:4F:4F
X509v3 Authority Key Identifier:
keyid:4A:D4:67:F1:6D:09:51:E4:30:71:38:32:C6:C7:59:56:1E:76:04:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/StRn8W0JUeQwcTgyxsdZVh52BB8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/338605-4db4-4ede-a310-5642353d431a/1/b93j6EH4Gh5KStGRhD_0DpJsT08.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/338605-4db4-4ede-a310-5642353d431a/1/StRn8W0JUeQwcTgyxsdZVh52BB8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.131.248.0/21
185.248.108.0/23
IPv6:
2a0b:9bc0:1::-2a0b:9bc0:2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
07:21:81:12:c2:17:03:98:9d:1e:57:7f:6a:57:94:04:9b:87:
1c:0a:60:49:01:4c:bb:76:0f:43:6d:39:34:8e:1f:ba:da:89:
11:95:24:28:11:d3:b4:9a:12:0a:11:06:06:45:05:50:6a:e9:
fc:0c:f6:0c:a5:72:bc:72:a9:77:65:c2:44:4b:c1:bc:0c:f7:
ca:36:ad:19:a8:1d:e8:21:c8:d6:62:29:21:b5:ed:4c:02:d9:
79:a3:88:95:3f:a0:b6:a2:ac:4c:31:93:d7:8d:f1:8b:11:11:
72:f0:fd:9b:69:c1:94:57:4f:7a:2f:dd:1d:ac:74:30:15:97:
58:2b:0d:9d:47:2b:32:fc:88:a6:8c:af:b3:3c:3a:d4:45:0e:
50:41:38:51:30:cb:69:41:fb:54:b3:68:fb:67:fb:9d:18:c8:
0c:82:b4:15:87:db:93:69:c6:08:e6:05:74:e2:94:58:42:d8:
9c:9e:e7:03:76:77:26:2a:f0:65:9f:44:fe:f9:7a:45:28:45:
7b:e6:bd:27:ca:5f:3a:26:e7:51:2c:2a:be:df:bd:33:12:66:
a3:56:5d:d2:63:b8:71:c8:46:8b:ff:ad:6c:06:e3:96:22:65:
19:a7:44:59:a5:20:f3:00:37:4a:9f:9a:e7:f8:cd:29:79:d4:
f5:b7:ab:f9
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIECCcdmzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
YWQ0NjdmMTZkMDk1MWU0MzA3MTM4MzJjNmM3NTk1NjFlNzYwNDFmMB4XDTIyMDEw
MTAxNTM1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmZkZGUzZTg0MWY4
MWExZTRhNGFkMTkxODQzZmY0MGU5MjZjNGY0ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMK/eMKUDcURGOctoRJkWjQrjvL9topSFcJ2I/CnOaYB8wru
Qj4bMb1rKHwSy2mWoAKZQOVAUqO3H20z+hNoOkOlAQ88tFMrrC1TWjdY5bdHlCMR
jMdwa5ksGuU6l4UbTgFKoXTbNNCVvdc8e7ybuPwBUOQw+uVc/jJ/DlqhASrYZ02/
gsTi4M9dNcHKn8MK4Fyug0aHMxqg0OD5ePtGJRhs7EXOJdrU3si5Eyhim5tkERoN
UQ59afjXaFswmAxg+vKwzhPpe721iyCRzYXMef/CXaEOW8Z77C1JIzzkSBBHDnsm
v49qDrxm4jpl9BCi6+jZfI0iYF3lw4hi7j7umcMCAwEAAaOCAiswggInMB0GA1Ud
DgQWBBRv3ePoQfgaHkpK0ZGEP/QOkmxPTzAfBgNVHSMEGDAWgBRK1GfxbQlR5DBx
ODLGx1lWHnYEHzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1N0Um44VzBKVWVRd2NUZ3l4c2RaVmg1MkJCOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGQvMzM4NjA1LTRkYjQtNGVkZS1hMzEwLTU2NDIzNTNkNDMxYS8x
L2I5M2o2RUg0R2g1S1N0R1JoRF8wRHBKc1QwOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGQv
MzM4NjA1LTRkYjQtNGVkZS1hMzEwLTU2NDIzNTNkNDMxYS8xL1N0Um44VzBKVWVR
d2NUZ3l4c2RaVmg1MkJCOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBB
BggrBgEFBQcBBwEB/wQyMDAwEgQCAAEwDAMEAyWD+AMEAbn4bDAaBAIAAjAUMBID
BwAqC5vAAAEDBwAqC5vAAAIwDQYJKoZIhvcNAQELBQADggEBAAchgRLCFwOYnR5X
f2pXlASbhxwKYEkBTLt2D0NtOTSOH7raiRGVJCgR07SaEgoRBgZFBVBq6fwM9gyl
crxyqXdlwkRLwbwM98o2rRmoHeghyNZiKSG17UwC2XmjiJU/oLairEwxk9eN8YsR
EXLw/ZtpwZRXT3ov3R2sdDAVl1grDZ1HKzL8iKaMr7M8OtRFDlBBOFEwy2lB+1Sz
aPtn+50YyAyCtBWH25NpxgjmBXTilFhC2Jye5wN2dyYq8GWfRP75ekUoRXvmvSfK
Xzom51EsKr7fvTMSZqNWXdJjuHHIRov/rWwG45YiZRmnRFmlIPMAN0qfmuf4zSl5
1PW3q/k=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:46:08 2025 by rpki-client