Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/O5ig0BgBm0zrJyFhV-aoYSfale4.roa
File: O5ig0BgBm0zrJyFhV-aoYSfale4.roa (raw, json)
Hash identifier: 08zCuVwpir/mLX4BOwIj3smAYPoU1rAG/OPxEglRgGA=
Subject key identifier: 3B:98:A0:D0:18:01:9B:4C:EB:27:21:61:57:E6:A8:61:27:DA:95:EE
Certificate issuer: /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial: 0183287DF120DC615FB0956FD9EE2D8F93C6
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/O5ig0BgBm0zrJyFhV-aoYSfale4.roa
Signing time: Sat 10 Sep 2022 17:41:25 +0000
ROA not before: Sat 10 Sep 2022 17:41:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7018
IP address blocks: 37.221.95.0/24 maxlen: 24
37.221.93.0/24 maxlen: 24
37.221.94.0/24 maxlen: 24
37.221.92.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:28:7d:f1:20:dc:61:5f:b0:95:6f:d9:ee:2d:8f:93:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Validity
Not Before: Sep 10 17:41:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3b98a0d018019b4ceb27216157e6a86127da95ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:9f:40:73:8a:78:c5:61:b8:e5:21:3a:0e:45:
d7:a4:83:b8:a4:57:4b:c0:70:9b:3d:a7:65:f6:bb:
03:ca:bf:3d:51:49:8a:d0:cc:76:b0:d0:7e:c3:28:
79:c4:e9:d7:64:85:7b:c4:2b:26:f7:01:80:de:1d:
fa:b2:5e:e6:c6:40:65:30:92:34:2d:84:75:26:27:
76:7c:c7:7d:1c:9e:d7:0c:4a:ae:eb:d1:b8:41:2f:
af:99:2a:48:05:d1:61:d9:88:94:3a:cb:1e:bd:f4:
73:78:14:e1:62:0c:af:1d:81:35:03:e4:9a:4b:b0:
fa:f2:1d:24:0f:ab:99:24:a3:78:cb:ff:cb:6c:75:
b4:06:7e:69:11:65:c6:d7:20:a9:b1:cd:0c:3c:c7:
f0:7e:52:d7:8d:bb:04:33:1c:ae:10:7e:8b:49:cf:
84:7a:9f:8c:5f:ee:b3:f3:83:4f:a8:2d:29:91:ea:
0d:d7:93:62:18:0c:bd:7e:81:2e:e4:10:ea:51:a3:
ab:d9:26:3c:50:0e:e9:42:40:fb:00:eb:37:ed:8a:
63:c3:a8:2c:51:6d:dc:6c:ea:37:fb:ff:b1:dd:fb:
46:5c:19:76:32:37:96:f2:f8:26:f1:56:56:f4:05:
52:93:03:15:35:80:1c:7a:97:92:f2:08:f0:09:b5:
f2:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:98:A0:D0:18:01:9B:4C:EB:27:21:61:57:E6:A8:61:27:DA:95:EE
X509v3 Authority Key Identifier:
keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/O5ig0BgBm0zrJyFhV-aoYSfale4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.221.92.0/22
Signature Algorithm: sha256WithRSAEncryption
70:32:a4:c0:9f:86:c1:56:2b:d5:6a:e2:44:63:8d:f9:e5:a5:
38:c2:a9:0d:0a:35:88:41:db:6f:f3:5d:e2:4f:20:a1:76:53:
c3:6d:a0:47:73:e9:97:6f:1e:cc:47:05:e1:3d:6b:86:28:e9:
45:5d:7e:b6:45:52:53:66:d1:50:e3:3e:7d:71:6f:9a:d1:b6:
56:e4:9b:ac:91:ad:90:29:39:6a:e5:d7:4c:28:8e:a4:aa:b9:
ae:a8:ef:c5:53:e6:38:0f:b5:56:af:ab:66:61:0d:16:7b:25:
fc:e5:ba:04:77:02:82:18:26:a8:bf:b7:47:c6:23:4c:4a:ec:
55:54:97:8c:0b:2b:27:89:45:a0:3b:31:c1:71:ed:91:ed:7f:
6a:cc:ce:f0:ac:7d:23:dd:ea:32:4e:e4:c0:84:56:91:29:f5:
61:b1:e0:38:84:1d:32:ca:9f:a0:65:97:f8:58:32:98:27:91:
81:2c:0f:1c:cb:3d:c0:34:7e:61:91:31:9a:e8:91:ec:c3:79:
0d:6e:b9:8c:f0:44:b0:51:c7:15:5b:d5:d4:7a:6d:c4:4b:f6:
4d:9c:43:40:2e:b6:b3:ff:3b:6b:17:ed:db:6d:dc:af:c3:98:
47:55:1f:7b:0f:60:86:64:ae:45:e3:fd:bb:14:e8:f4:77:67:
2f:59:e2:12
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYMoffEg3GFfsJVv2e4tj5PGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjIwOTEwMTc0MTI1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjk4YTBkMDE4MDE5YjRjZWIyNzIxNjE1N2U2YTg2MTI3ZGE5NWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgp9Ac4p4xWG45SE6DkXXpIO4pFdL
wHCbPadl9rsDyr89UUmK0Mx2sNB+wyh5xOnXZIV7xCsm9wGA3h36sl7mxkBlMJI0
LYR1Jid2fMd9HJ7XDEqu69G4QS+vmSpIBdFh2YiUOssevfRzeBThYgyvHYE1A+Sa
S7D68h0kD6uZJKN4y//LbHW0Bn5pEWXG1yCpsc0MPMfwflLXjbsEMxyuEH6LSc+E
ep+MX+6z84NPqC0pkeoN15NiGAy9foEu5BDqUaOr2SY8UA7pQkD7AOs37Ypjw6gs
UW3cbOo3+/+x3ftGXBl2MjeW8vgm8VZW9AVSkwMVNYAcepeS8gjwCbXyqwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDuYoNAYAZtM6ychYVfmqGEn2pXuMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvTzVpZzBCZ0JtMHpySnlGaFYtYW9ZU2ZhbGU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCJd1cMA0G
CSqGSIb3DQEBCwUAA4IBAQBwMqTAn4bBVivVauJEY4355aU4wqkNCjWIQdtv813i
TyChdlPDbaBHc+mXbx7MRwXhPWuGKOlFXX62RVJTZtFQ4z59cW+a0bZW5Juska2Q
KTlq5ddMKI6kqrmuqO/FU+Y4D7VWr6tmYQ0WeyX85boEdwKCGCaov7dHxiNMSuxV
VJeMCysniUWgOzHBce2R7X9qzM7wrH0j3eoyTuTAhFaRKfVhseA4hB0yyp+gZZf4
WDKYJ5GBLA8cyz3ANH5hkTGa6JHsw3kNbrmM8ESwUccVW9XUem3ES/ZNnENALraz
/ztrF+3bbdyvw5hHVR97D2CGZK5F4/27FOj0d2cvWeIS
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:19 2023 by rpki-client on console-ams.rpki-client.org