Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/496525-2c0d-43e4-8188-5fbc230abdc2/1/a3AeGdpFHvLXhVzaI0u0z2nRKbs.roa
File: a3AeGdpFHvLXhVzaI0u0z2nRKbs.roa (raw, json)
Hash identifier: HuN2poxKTmiupl4TrTms/ADu8sn8HoEUVNxHMjxR75c=
Subject key identifier: 6B:70:1E:19:DA:45:1E:F2:D7:85:5C:DA:23:4B:B4:CF:69:D1:29:BB
Certificate issuer: /CN=6ecd5cad4d3306c4f72c42afc06e5cd1fbafe3a3
Certificate serial: 32503627
Authority key identifier: 6E:CD:5C:AD:4D:33:06:C4:F7:2C:42:AF:C0:6E:5C:D1:FB:AF:E3:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bs1crU0zBsT3LEKvwG5c0fuv46M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/496525-2c0d-43e4-8188-5fbc230abdc2/1/a3AeGdpFHvLXhVzaI0u0z2nRKbs.roa
Signing time: Sat 01 Jan 2022 07:53:35 +0000
ROA not before: Sat 01 Jan 2022 07:53:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205473
IP address blocks: 37.205.112.0/24 maxlen: 24
37.205.112.0/22 maxlen: 22
37.205.115.0/24 maxlen: 24
37.205.113.0/24 maxlen: 24
37.205.114.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 844117543 (0x32503627)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ecd5cad4d3306c4f72c42afc06e5cd1fbafe3a3
Validity
Not Before: Jan 1 07:53:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6b701e19da451ef2d7855cda234bb4cf69d129bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:7c:a1:9b:f5:bb:e9:08:66:57:05:46:b9:be:
7c:a3:34:69:af:64:69:ee:9c:64:0c:38:d7:6c:5f:
a4:44:c4:d0:6c:08:f8:57:17:1f:4a:39:0a:5c:83:
2a:fd:f8:fe:94:47:83:e0:3d:5a:95:e9:6c:8f:72:
91:6b:2c:88:7c:17:7a:f2:c1:05:09:d0:bd:df:f8:
bd:b1:57:96:5f:dc:09:f7:27:1c:b4:5e:f9:3b:83:
76:c2:84:27:e0:67:9a:c5:4c:be:7a:3c:70:f3:f4:
de:d2:51:3c:5e:03:a2:c7:44:6b:ac:a2:30:f8:35:
22:6a:f5:a1:cd:00:3a:aa:83:16:5c:83:27:dd:67:
dc:0d:0d:59:9c:77:db:ca:ce:4d:58:3c:c5:25:6d:
3e:e2:51:0c:7b:5a:2f:17:27:c3:d0:72:89:b8:eb:
9f:6c:5f:80:e1:25:21:ee:5c:a1:da:ef:aa:a1:ad:
de:e8:17:3b:5c:dd:84:a6:64:92:3b:fc:6c:f6:5c:
90:b1:0f:37:04:6f:d6:1e:c3:8c:a1:55:ca:5a:52:
d6:ea:ea:e4:b2:0c:c7:28:c4:7a:bf:26:3c:3f:29:
75:ad:4a:41:ab:21:d3:eb:3d:dd:f2:99:8a:6f:c5:
24:d7:1d:6c:df:de:06:d8:ff:47:33:cb:d9:51:e3:
80:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:70:1E:19:DA:45:1E:F2:D7:85:5C:DA:23:4B:B4:CF:69:D1:29:BB
X509v3 Authority Key Identifier:
keyid:6E:CD:5C:AD:4D:33:06:C4:F7:2C:42:AF:C0:6E:5C:D1:FB:AF:E3:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bs1crU0zBsT3LEKvwG5c0fuv46M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/496525-2c0d-43e4-8188-5fbc230abdc2/1/a3AeGdpFHvLXhVzaI0u0z2nRKbs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/496525-2c0d-43e4-8188-5fbc230abdc2/1/bs1crU0zBsT3LEKvwG5c0fuv46M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.205.112.0/22
Signature Algorithm: sha256WithRSAEncryption
0f:06:bf:24:17:84:2f:54:12:b9:5a:c4:61:64:08:bd:d5:92:
26:a9:74:e9:fb:0a:59:49:ff:d3:a9:4f:de:cb:65:5d:74:58:
d5:7a:f8:f6:db:c7:3b:2e:7f:8e:e1:a2:ab:97:fa:21:d7:30:
9e:b8:86:cc:0a:5f:10:fd:a1:0a:23:2f:af:29:4e:4a:c0:07:
0a:18:75:93:04:4b:67:2a:ed:74:65:90:88:2e:d8:25:e5:23:
8e:f0:46:25:c2:a7:38:e8:83:b5:99:c7:14:41:2c:bb:82:18:
fa:f7:1f:5f:c2:0a:63:d9:32:55:05:c1:55:53:84:10:92:a4:
a6:12:ff:18:27:b5:40:49:ab:94:01:48:2d:d9:c2:ce:e0:b8:
1d:13:2b:dd:40:96:e9:2a:3c:af:41:84:e7:0c:45:b5:d3:54:
13:09:15:7d:b3:fe:39:17:7e:07:64:ca:66:ae:56:08:6b:b3:
d0:a3:96:58:74:c5:2b:14:ee:bc:ca:01:0b:08:9f:ae:7a:16:
a9:1c:9a:61:9f:47:4e:00:73:db:bb:d8:a3:7d:e2:6d:b7:3a:
7d:a3:6a:c1:e9:30:ae:6d:08:43:bf:e4:1a:e3:ea:9f:28:5b:
11:45:a6:69:92:5c:aa:ec:2e:e5:f3:4c:b9:11:3a:46:37:6a:
eb:57:b4:0a
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEMlA2JzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
ZWNkNWNhZDRkMzMwNmM0ZjcyYzQyYWZjMDZlNWNkMWZiYWZlM2EzMB4XDTIyMDEw
MTA3NTMzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmI3MDFlMTlkYTQ1
MWVmMmQ3ODU1Y2RhMjM0YmI0Y2Y2OWQxMjliYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANd8oZv1u+kIZlcFRrm+fKM0aa9kae6cZAw412xfpETE0GwI
+FcXH0o5ClyDKv34/pRHg+A9WpXpbI9ykWssiHwXevLBBQnQvd/4vbFXll/cCfcn
HLRe+TuDdsKEJ+BnmsVMvno8cPP03tJRPF4DosdEa6yiMPg1Imr1oc0AOqqDFlyD
J91n3A0NWZx328rOTVg8xSVtPuJRDHtaLxcnw9Byibjrn2xfgOElIe5codrvqqGt
3ugXO1zdhKZkkjv8bPZckLEPNwRv1h7DjKFVylpS1urq5LIMxyjEer8mPD8pda1K
Qash0+s93fKZim/FJNcdbN/eBtj/RzPL2VHjgLECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRrcB4Z2kUe8teFXNojS7TPadEpuzAfBgNVHSMEGDAWgBRuzVytTTMGxPcs
Qq/AblzR+6/jozAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JzMWNyVTB6QnNUM0xFS3Z3RzVjMGZ1djQ2TS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWIvNDk2NTI1LTJjMGQtNDNlNC04MTg4LTVmYmMyMzBhYmRjMi8x
L2EzQWVHZHBGSHZMWGhWemFJMHUwejJuUkticy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWIv
NDk2NTI1LTJjMGQtNDNlNC04MTg4LTVmYmMyMzBhYmRjMi8xL2JzMWNyVTB6QnNU
M0xFS3Z3RzVjMGZ1djQ2TS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAiXNcDANBgkqhkiG9w0BAQsFAAOC
AQEADwa/JBeEL1QSuVrEYWQIvdWSJql06fsKWUn/06lP3stlXXRY1Xr49tvHOy5/
juGiq5f6IdcwnriGzApfEP2hCiMvrylOSsAHChh1kwRLZyrtdGWQiC7YJeUjjvBG
JcKnOOiDtZnHFEEsu4IY+vcfX8IKY9kyVQXBVVOEEJKkphL/GCe1QEmrlAFILdnC
zuC4HRMr3UCW6So8r0GE5wxFtdNUEwkVfbP+ORd+B2TKZq5WCGuz0KOWWHTFKxTu
vMoBCwifrnoWqRyaYZ9HTgBz27vYo33ibbc6faNqwekwrm0IQ7/kGuPqnyhbEUWm
aZJcquwu5fNMuRE6Rjdq61e0Cg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:56:46 2024 by rpki-client on console-ams.rpki-client.org