Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/496525-2c0d-43e4-8188-5fbc230abdc2/1/nyjjUprATNSZgHY1kxU3wGwfJJc.roa
File: nyjjUprATNSZgHY1kxU3wGwfJJc.roa (raw, json)
Hash identifier: 4XBqVR4GTYv6aN2gM4z+PunWnkZJ5NtHxaJ95PrShz8=
Subject key identifier: 9F:28:E3:52:9A:C0:4C:D4:99:80:76:35:93:15:37:C0:6C:1F:24:97
Certificate issuer: /CN=6ecd5cad4d3306c4f72c42afc06e5cd1fbafe3a3
Certificate serial: 018C2FCEF64A95FB539F24E05B501E618837
Authority key identifier: 6E:CD:5C:AD:4D:33:06:C4:F7:2C:42:AF:C0:6E:5C:D1:FB:AF:E3:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bs1crU0zBsT3LEKvwG5c0fuv46M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/496525-2c0d-43e4-8188-5fbc230abdc2/1/nyjjUprATNSZgHY1kxU3wGwfJJc.roa
Signing time: Sun 03 Dec 2023 13:12:21 +0000
ROA not before: Sun 03 Dec 2023 13:12:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201749
IP address blocks: 37.205.112.0/24 maxlen: 24
37.205.112.0/22 maxlen: 22
37.205.116.0/22 maxlen: 22
37.205.117.0/24 maxlen: 24
37.205.116.0/24 maxlen: 24
37.205.113.0/24 maxlen: 24
37.205.115.0/24 maxlen: 24
37.205.114.0/24 maxlen: 24
37.205.118.0/24 maxlen: 24
37.205.119.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:2f:ce:f6:4a:95:fb:53:9f:24:e0:5b:50:1e:61:88:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ecd5cad4d3306c4f72c42afc06e5cd1fbafe3a3
Validity
Not Before: Dec 3 13:12:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9f28e3529ac04cd499807635931537c06c1f2497
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:e2:fd:41:cf:c6:09:36:32:bc:42:0f:33:70:
ed:01:ce:f7:f8:37:6d:15:ad:ff:1e:e4:1a:f0:17:
45:40:fd:ce:9a:57:28:0c:03:5b:c9:2c:50:b4:b3:
22:0f:4a:ab:45:d0:45:30:ea:b9:b2:e0:5c:e2:c2:
88:29:8b:43:38:8d:7f:9e:a0:ba:2c:49:ea:79:0e:
47:32:76:a5:eb:2c:9c:74:46:50:d2:98:7e:fa:29:
66:68:b2:79:64:b6:b7:34:d7:1e:2a:df:9c:5b:f6:
ea:0e:4b:85:3a:18:22:43:f3:4d:9b:fd:3d:5b:b7:
1e:d3:1a:20:f5:d5:df:e0:9d:69:7a:fa:73:13:ee:
fa:d8:ec:86:31:80:13:fc:36:40:d3:b1:6e:c4:83:
a8:1d:41:c5:44:4f:e5:32:cf:c8:5a:bb:82:49:82:
23:64:7b:b6:a4:b3:13:7a:c4:28:7c:73:8a:40:0b:
36:12:94:e9:21:a6:a0:3b:50:9c:1a:f2:16:88:17:
37:0b:7d:03:b1:32:8d:45:e5:92:fd:c3:3c:ff:49:
9c:6d:50:4a:4a:fc:4f:db:84:9d:94:10:39:91:b3:
ae:67:fc:38:bd:84:66:6c:f3:98:d2:5b:8f:c9:41:
f8:05:b6:f2:2f:2a:44:88:3f:46:75:bb:d4:ba:fb:
b0:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:28:E3:52:9A:C0:4C:D4:99:80:76:35:93:15:37:C0:6C:1F:24:97
X509v3 Authority Key Identifier:
keyid:6E:CD:5C:AD:4D:33:06:C4:F7:2C:42:AF:C0:6E:5C:D1:FB:AF:E3:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bs1crU0zBsT3LEKvwG5c0fuv46M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/496525-2c0d-43e4-8188-5fbc230abdc2/1/nyjjUprATNSZgHY1kxU3wGwfJJc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/496525-2c0d-43e4-8188-5fbc230abdc2/1/bs1crU0zBsT3LEKvwG5c0fuv46M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.205.112.0/21
Signature Algorithm: sha256WithRSAEncryption
19:64:43:96:1a:8e:b4:9b:2d:63:f0:7d:81:8d:3c:e0:e8:ab:
d0:80:9e:70:62:4b:b6:f8:5f:30:03:f4:12:15:c3:b1:1a:75:
b5:7f:f3:d4:96:a4:63:bb:c6:a4:9c:e4:a7:e4:b9:c7:8e:aa:
cb:2a:88:05:42:84:d6:1c:44:be:02:df:8d:5b:5b:e0:2d:b9:
ca:e2:29:38:78:bf:2c:b0:0e:2e:cb:12:5d:67:a2:32:29:a6:
b3:20:07:d9:64:d4:77:81:69:53:57:ea:b1:28:34:19:43:52:
eb:0f:92:18:a4:a6:96:7a:5f:75:c3:5c:26:9f:34:79:48:c6:
5e:c1:dc:b4:10:7d:df:e5:82:a3:22:f9:aa:e7:35:48:1b:33:
9a:80:7e:56:77:98:b6:52:b3:0a:a0:5b:72:31:dd:47:c0:ec:
9e:99:13:b7:3c:41:48:4f:90:3e:32:39:26:89:68:cb:ad:8a:
2f:fd:e4:fc:15:9a:0a:b2:1f:1c:e8:48:6b:25:68:7d:4f:cc:
ba:62:ff:67:17:40:ae:43:14:c5:72:97:af:70:ea:e7:9c:99:
d2:ce:8f:4a:2d:ff:b0:4d:ff:7e:0f:9e:bc:8c:42:1a:c4:26:
c8:a4:d4:6b:9a:99:09:a0:f1:34:43:0e:b0:6c:d6:83:49:99:
a3:12:2f:6d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYwvzvZKlftTnyTgW1AeYYg3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlY2Q1Y2FkNGQzMzA2YzRmNzJjNDJhZmMwNmU1Y2QxZmJh
ZmUzYTMwHhcNMjMxMjAzMTMxMjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjI4ZTM1MjlhYzA0Y2Q0OTk4MDc2MzU5MzE1MzdjMDZjMWYyNDk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvOL9Qc/GCTYyvEIPM3DtAc73+Ddt
Fa3/HuQa8BdFQP3OmlcoDANbySxQtLMiD0qrRdBFMOq5suBc4sKIKYtDOI1/nqC6
LEnqeQ5HMnal6yycdEZQ0ph++ilmaLJ5ZLa3NNceKt+cW/bqDkuFOhgiQ/NNm/09
W7ce0xog9dXf4J1pevpzE+762OyGMYAT/DZA07FuxIOoHUHFRE/lMs/IWruCSYIj
ZHu2pLMTesQofHOKQAs2EpTpIaagO1CcGvIWiBc3C30DsTKNReWS/cM8/0mcbVBK
SvxP24SdlBA5kbOuZ/w4vYRmbPOY0luPyUH4BbbyLypEiD9GdbvUuvuwnwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ8o41KawEzUmYB2NZMVN8BsHySXMB8GA1UdIwQY
MBaAFG7NXK1NMwbE9yxCr8BuXNH7r+OjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYnMxY3JVMHpCc1QzTEVLdndHNWMwZnV2NDZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi80OTY1MjUtMmMwZC00M2U0LTgxODgt
NWZiYzIzMGFiZGMyLzEvbnlqalVwckFUTlNaZ0hZMWt4VTN3R3dmSkpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi80OTY1MjUtMmMwZC00M2U0LTgxODgtNWZiYzIzMGFiZGMy
LzEvYnMxY3JVMHpCc1QzTEVLdndHNWMwZnV2NDZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDJc1wMA0G
CSqGSIb3DQEBCwUAA4IBAQAZZEOWGo60my1j8H2BjTzg6KvQgJ5wYku2+F8wA/QS
FcOxGnW1f/PUlqRju8aknOSn5LnHjqrLKogFQoTWHES+At+NW1vgLbnK4ik4eL8s
sA4uyxJdZ6IyKaazIAfZZNR3gWlTV+qxKDQZQ1LrD5IYpKaWel91w1wmnzR5SMZe
wdy0EH3f5YKjIvmq5zVIGzOagH5Wd5i2UrMKoFtyMd1HwOyemRO3PEFIT5A+Mjkm
iWjLrYov/eT8FZoKsh8c6EhrJWh9T8y6Yv9nF0CuQxTFcpevcOrnnJnSzo9KLf+w
Tf9+D568jEIaxCbIpNRrmpkJoPE0Qw6wbNaDSZmjEi9t
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:33:11 2025 by rpki-client