Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/7e1d94-1854-473d-8753-18ded80b4b5d/1/CvT4hqc9xANg0uvuuBee9f7MriA.roa
File: CvT4hqc9xANg0uvuuBee9f7MriA.roa (raw, json)
Hash identifier: NvJYDW1ZdUkgufdfnvMsswhGK6WmobbYIlLsBqUemBs=
Subject key identifier: 0A:F4:F8:86:A7:3D:C4:03:60:D2:EB:EE:B8:17:9E:F5:FE:CC:AE:20
Certificate issuer: /CN=36574be6ae76cd523b33787cfbdb69264263d074
Certificate serial: 1901DA0E
Authority key identifier: 36:57:4B:E6:AE:76:CD:52:3B:33:78:7C:FB:DB:69:26:42:63:D0:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NldL5q52zVI7M3h8-9tpJkJj0HQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/7e1d94-1854-473d-8753-18ded80b4b5d/1/CvT4hqc9xANg0uvuuBee9f7MriA.roa
Signing time: Sat 01 Jan 2022 02:54:29 +0000
ROA not before: Sat 01 Jan 2022 02:54:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200873
IP address blocks: 37.221.99.0/24 maxlen: 24
185.67.236.0/23 maxlen: 23
185.67.238.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 419551758 (0x1901da0e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36574be6ae76cd523b33787cfbdb69264263d074
Validity
Not Before: Jan 1 02:54:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0af4f886a73dc40360d2ebeeb8179ef5feccae20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:a2:db:44:9f:c1:97:4d:54:22:18:2c:fc:d3:
95:2b:c3:a8:af:d1:d4:14:23:89:5c:ce:17:47:6e:
ac:73:c7:b1:9a:09:ae:d7:c1:9e:53:f1:30:46:bc:
87:80:b0:dd:1f:dd:3a:0d:73:f6:91:5a:bf:17:d4:
9d:72:35:55:59:30:2e:b6:66:97:45:02:a7:9b:15:
3b:00:63:16:53:1a:1a:73:56:51:fe:a5:77:8b:b4:
27:2c:d1:c7:c2:20:af:d2:16:9c:89:cc:9f:e4:2f:
96:ef:3a:41:99:a6:45:9c:fb:47:53:72:b0:d2:cb:
e2:65:74:48:af:58:e2:6c:60:fb:5e:9f:95:37:c0:
b8:e4:57:80:db:1a:d5:c0:ba:69:9b:05:2d:eb:73:
00:03:1a:12:68:1d:18:a4:7f:36:b4:9f:e2:7b:68:
2e:36:21:91:d6:1b:2d:6a:be:48:2c:5e:50:8c:4a:
5b:d2:68:c6:86:16:8c:72:a1:e4:ca:6a:23:47:19:
b5:d6:52:a9:08:1c:c2:0c:bc:db:6f:98:17:8a:e9:
0b:7a:c8:24:90:ba:9b:32:fa:c4:43:52:90:ed:41:
be:64:6b:d0:01:b0:b8:89:0b:de:e9:05:88:6e:3d:
f3:ff:95:1b:7f:a0:49:f1:73:a2:c6:51:08:d1:c8:
84:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:F4:F8:86:A7:3D:C4:03:60:D2:EB:EE:B8:17:9E:F5:FE:CC:AE:20
X509v3 Authority Key Identifier:
keyid:36:57:4B:E6:AE:76:CD:52:3B:33:78:7C:FB:DB:69:26:42:63:D0:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NldL5q52zVI7M3h8-9tpJkJj0HQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/7e1d94-1854-473d-8753-18ded80b4b5d/1/CvT4hqc9xANg0uvuuBee9f7MriA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/7e1d94-1854-473d-8753-18ded80b4b5d/1/NldL5q52zVI7M3h8-9tpJkJj0HQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.221.99.0/24
185.67.236.0-185.67.238.255
Signature Algorithm: sha256WithRSAEncryption
52:87:c8:1f:07:25:a9:65:cd:7c:70:bf:3d:b2:27:12:9b:d6:
ec:f5:c7:46:45:b7:e2:b4:23:1c:0e:4c:83:87:77:90:40:5a:
35:be:6f:30:a9:50:66:ed:d1:c2:fd:57:5e:4e:97:1c:0e:da:
15:13:c8:ff:d7:bb:ce:4b:69:fd:ed:e3:59:ee:aa:33:0d:e6:
aa:77:0a:fe:13:f3:c6:2e:2b:90:7f:6a:31:12:6b:21:46:e8:
c3:a0:9e:bf:b1:18:da:9b:c7:bd:79:81:67:98:72:66:97:98:
ad:af:93:8c:6f:07:e3:3b:58:ac:57:55:33:6f:7b:c1:15:8b:
08:d8:93:0e:4b:75:05:16:d7:4e:d8:15:6c:14:9d:f6:18:0b:
08:35:24:11:23:7f:cc:50:fe:b4:ee:66:84:4e:6a:5f:5c:84:
ae:39:7e:3c:19:3c:92:f3:2f:56:36:36:e5:f2:67:06:3f:d8:
31:ca:c0:09:19:a4:52:46:42:02:06:7e:39:5d:41:f5:15:cb:
1f:ba:d3:01:e5:59:31:e2:01:c8:ae:49:75:89:e2:56:72:66:
03:7f:17:78:ac:5b:14:90:44:4b:af:72:a1:14:7a:ed:16:c6:
92:6f:6f:07:7d:4b:52:f5:15:b2:f4:93:77:ed:c9:7c:b6:10:
1e:2d:3f:f6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIEGQHaDjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NjU3NGJlNmFlNzZjZDUyM2IzMzc4N2NmYmRiNjkyNjQyNjNkMDc0MB4XDTIyMDEw
MTAyNTQyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGFmNGY4ODZhNzNk
YzQwMzYwZDJlYmVlYjgxNzllZjVmZWNjYWUyMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOGi20SfwZdNVCIYLPzTlSvDqK/R1BQjiVzOF0durHPHsZoJ
rtfBnlPxMEa8h4Cw3R/dOg1z9pFavxfUnXI1VVkwLrZml0UCp5sVOwBjFlMaGnNW
Uf6ld4u0JyzRx8Igr9IWnInMn+Qvlu86QZmmRZz7R1NysNLL4mV0SK9Y4mxg+16f
lTfAuORXgNsa1cC6aZsFLetzAAMaEmgdGKR/NrSf4ntoLjYhkdYbLWq+SCxeUIxK
W9JoxoYWjHKh5MpqI0cZtdZSqQgcwgy822+YF4rpC3rIJJC6mzL6xENSkO1BvmRr
0AGwuIkL3ukFiG498/+VG3+gSfFzosZRCNHIhIsCAwEAAaOCAhcwggITMB0GA1Ud
DgQWBBQK9PiGpz3EA2DS6+64F571/syuIDAfBgNVHSMEGDAWgBQ2V0vmrnbNUjsz
eHz722kmQmPQdDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05sZEw1cTUyelZJN00zaDgtOXRwSmtKajBIUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTkvN2UxZDk0LTE4NTQtNDczZC04NzUzLTE4ZGVkODBiNGI1ZC8x
L0N2VDRocWM5eEFOZzB1dnV1QmVlOWY3TXJpQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTkv
N2UxZDk0LTE4NTQtNDczZC04NzUzLTE4ZGVkODBiNGI1ZC8xL05sZEw1cTUyelZJ
N00zaDgtOXRwSmtKajBIUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAt
BggrBgEFBQcBBwEB/wQeMBwwGgQCAAEwFAMEACXdYzAMAwQCuUPsAwQAuUPuMA0G
CSqGSIb3DQEBCwUAA4IBAQBSh8gfByWpZc18cL89sicSm9bs9cdGRbfitCMcDkyD
h3eQQFo1vm8wqVBm7dHC/VdeTpccDtoVE8j/17vOS2n97eNZ7qozDeaqdwr+E/PG
LiuQf2oxEmshRujDoJ6/sRjam8e9eYFnmHJml5itr5OMbwfjO1isV1Uzb3vBFYsI
2JMOS3UFFtdO2BVsFJ32GAsINSQRI3/MUP607maETmpfXISuOX48GTyS8y9WNjbl
8mcGP9gxysAJGaRSRkICBn45XUH1FcsfutMB5Vkx4gHIrkl1ieJWcmYDfxd4rFsU
kERLr3KhFHrtFsaSb28HfUtS9RWy9JN37cl8thAeLT/2
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:31:17 2025 by rpki-client