Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/08e15b-4a24-4ce0-9454-f87a322a7776/1/x2aLlpBguoUzxYIefOlgk7SA9RM.roa
File: x2aLlpBguoUzxYIefOlgk7SA9RM.roa (raw, json)
Hash identifier: cs24XsRdFIiTOLsKPUlEiOq3+qZWQxdU420qoCyFkKc=
Subject key identifier: C7:66:8B:96:90:60:BA:85:33:C5:82:1E:7C:E9:60:93:B4:80:F5:13
Certificate issuer: /CN=1bd21dfb24f7d8ce2311ba4076775474bd50be64
Certificate serial: 271B7149
Authority key identifier: 1B:D2:1D:FB:24:F7:D8:CE:23:11:BA:40:76:77:54:74:BD:50:BE:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G9Id-yT32M4jEbpAdndUdL1QvmQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/08e15b-4a24-4ce0-9454-f87a322a7776/1/x2aLlpBguoUzxYIefOlgk7SA9RM.roa
Signing time: Tue 08 Mar 2022 15:48:23 +0000
ROA not before: Tue 08 Mar 2022 15:48:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12684
IP address blocks: 37.19.24.0/21 maxlen: 21
2a04:2880::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 656109897 (0x271b7149)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1bd21dfb24f7d8ce2311ba4076775474bd50be64
Validity
Not Before: Mar 8 15:48:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c7668b969060ba8533c5821e7ce96093b480f513
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:38:c9:cc:4a:bd:b0:1a:86:1a:bf:7e:36:99:
74:cf:4b:0d:d3:47:36:2c:62:b6:12:20:bf:1e:78:
05:18:e1:56:69:17:8c:6c:a3:82:64:8c:4c:90:27:
16:35:4b:d5:11:db:a5:4c:d4:36:d2:ce:96:f1:af:
86:1c:57:bf:29:4c:22:1c:65:58:a6:69:22:da:91:
9a:48:66:2e:89:ef:14:c1:63:f1:2a:3c:51:fc:04:
29:86:c9:e6:18:34:90:10:d7:56:4f:c4:28:14:06:
be:bd:6a:45:43:92:f0:65:2a:ea:26:09:c2:77:ac:
fd:c5:04:53:db:bf:07:79:95:b8:e4:51:18:ac:e8:
29:92:2d:aa:e8:2e:19:71:45:b7:f7:e9:0d:a8:1b:
6c:28:7a:5f:40:98:ca:b3:78:d7:1d:39:ad:1e:0b:
53:b0:3b:85:c2:d4:8d:f2:4c:04:be:56:9a:2b:69:
88:c9:71:47:81:5f:80:2f:0f:42:30:75:80:7a:f8:
e7:a4:88:62:13:7b:42:81:ef:de:a5:97:99:e5:ee:
87:ba:4a:39:fa:e3:41:26:e3:f9:1d:cb:15:17:d0:
6e:b1:64:33:1e:70:96:cf:3b:60:2a:c7:a6:13:04:
58:5c:18:6d:6a:b5:7e:41:5c:21:79:a1:8a:7d:cf:
83:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:66:8B:96:90:60:BA:85:33:C5:82:1E:7C:E9:60:93:B4:80:F5:13
X509v3 Authority Key Identifier:
keyid:1B:D2:1D:FB:24:F7:D8:CE:23:11:BA:40:76:77:54:74:BD:50:BE:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G9Id-yT32M4jEbpAdndUdL1QvmQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/08e15b-4a24-4ce0-9454-f87a322a7776/1/x2aLlpBguoUzxYIefOlgk7SA9RM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/08e15b-4a24-4ce0-9454-f87a322a7776/1/G9Id-yT32M4jEbpAdndUdL1QvmQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.19.24.0/21
IPv6:
2a04:2880::/48
Signature Algorithm: sha256WithRSAEncryption
2d:49:4b:bb:0a:38:41:55:9c:2c:8c:d9:dd:78:39:e7:f1:85:
cb:75:b6:9a:27:0b:ed:eb:48:e8:b9:c6:6d:84:9b:ca:5d:92:
31:5d:81:3f:0a:e3:f8:0c:c0:43:07:c6:b1:3e:b8:16:01:cd:
5d:c8:b9:c1:0b:5f:e4:73:96:ff:d5:a7:9f:d0:6e:32:0b:a0:
f2:f9:d1:3a:f0:90:b9:91:a1:a8:c3:4d:82:54:b8:9f:fa:10:
5f:79:04:79:5e:94:38:45:da:8d:f3:62:97:ed:53:cb:15:4a:
3b:63:60:c9:2c:36:83:8e:d3:fa:d6:34:90:bb:b5:03:8d:87:
0a:f4:0f:1a:c0:c1:6a:bc:08:77:e9:3b:06:7d:90:88:b9:42:
c8:fd:10:3c:32:c0:97:53:3e:2d:06:66:d0:7b:b6:ea:54:28:
e2:2c:10:33:91:02:64:a7:4d:0d:c5:12:f1:3e:8a:72:d0:85:
d7:c9:14:39:5c:54:6f:15:30:6a:5b:b1:9e:c6:86:83:8b:b8:
9c:12:44:d4:a3:0e:a1:e9:6d:54:5a:0e:8a:af:a8:bd:e3:42:
18:36:e6:49:63:6f:6e:1b:52:bd:24:dc:d3:76:65:aa:d7:77:
46:0b:7f:6f:62:46:f0:d3:a9:ec:2a:ce:5e:61:db:fb:5c:a1:
14:1d:a9:a6
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEJxtxSTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
YmQyMWRmYjI0ZjdkOGNlMjMxMWJhNDA3Njc3NTQ3NGJkNTBiZTY0MB4XDTIyMDMw
ODE1NDgyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzc2NjhiOTY5MDYw
YmE4NTMzYzU4MjFlN2NlOTYwOTNiNDgwZjUxMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN84ycxKvbAahhq/fjaZdM9LDdNHNixithIgvx54BRjhVmkX
jGyjgmSMTJAnFjVL1RHbpUzUNtLOlvGvhhxXvylMIhxlWKZpItqRmkhmLonvFMFj
8So8UfwEKYbJ5hg0kBDXVk/EKBQGvr1qRUOS8GUq6iYJwnes/cUEU9u/B3mVuORR
GKzoKZItquguGXFFt/fpDagbbCh6X0CYyrN41x05rR4LU7A7hcLUjfJMBL5Wmitp
iMlxR4FfgC8PQjB1gHr456SIYhN7QoHv3qWXmeXuh7pKOfrjQSbj+R3LFRfQbrFk
Mx5wls87YCrHphMEWFwYbWq1fkFcIXmhin3Pgy0CAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBTHZouWkGC6hTPFgh586WCTtID1EzAfBgNVHSMEGDAWgBQb0h37JPfYziMR
ukB2d1R0vVC+ZDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0c5SWQteVQzMk00akVicEFkbmRVZEwxUXZtUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTIvMDhlMTViLTRhMjQtNGNlMC05NDU0LWY4N2EzMjJhNzc3Ni8x
L3gyYUxscEJndW9VenhZSWVmT2xnazdTQTlSTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTIv
MDhlMTViLTRhMjQtNGNlMC05NDU0LWY4N2EzMjJhNzc3Ni8xL0c5SWQteVQzMk00
akVicEFkbmRVZEwxUXZtUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEAyUTGDAPBAIAAjAJAwcAKgQogAAA
MA0GCSqGSIb3DQEBCwUAA4IBAQAtSUu7CjhBVZwsjNndeDnn8YXLdbaaJwvt60jo
ucZthJvKXZIxXYE/CuP4DMBDB8axPrgWAc1dyLnBC1/kc5b/1aef0G4yC6Dy+dE6
8JC5kaGow02CVLif+hBfeQR5XpQ4RdqN82KX7VPLFUo7Y2DJLDaDjtP61jSQu7UD
jYcK9A8awMFqvAh36TsGfZCIuULI/RA8MsCXUz4tBmbQe7bqVCjiLBAzkQJkp00N
xRLxPopy0IXXyRQ5XFRvFTBqW7GexoaDi7icEkTUow6h6W1UWg6Kr6i940IYNuZJ
Y29uG1K9JNzTdmWq13dGC39vYkbw06nsKs5eYdv7XKEUHamm
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:14 2023 by rpki-client on console-fra.rpki-client.org