Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/6a8e5e-39b6-47e3-bbb0-b29f10cc0328/1/38U4n3FVydVlxOP1KV-nUmPyM6M.roa
File: 38U4n3FVydVlxOP1KV-nUmPyM6M.roa (raw, json)
Hash identifier: Ef7gHqCZw+8SgBBEH1UPvvwSqAACZImIriJuJBOh7A4=
Subject key identifier: DF:C5:38:9F:71:55:C9:D5:65:C4:E3:F5:29:5F:A7:52:63:F2:33:A3
Certificate issuer: /CN=01c38a06a39b20b8da40009237d76acdd28e71a5
Certificate serial: 1A04389A
Authority key identifier: 01:C3:8A:06:A3:9B:20:B8:DA:40:00:92:37:D7:6A:CD:D2:8E:71:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AcOKBqObILjaQACSN9dqzdKOcaU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/6a8e5e-39b6-47e3-bbb0-b29f10cc0328/1/38U4n3FVydVlxOP1KV-nUmPyM6M.roa
Signing time: Wed 16 Mar 2022 10:03:10 +0000
ROA not before: Wed 16 Mar 2022 10:03:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 19905
IP address blocks: 138.12.128.0/17 maxlen: 24
37.98.232.0/21 maxlen: 24
148.139.104.0/24 maxlen: 24
163.120.128.0/17 maxlen: 24
2a04:37c0::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 436484250 (0x1a04389a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01c38a06a39b20b8da40009237d76acdd28e71a5
Validity
Not Before: Mar 16 10:03:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dfc5389f7155c9d565c4e3f5295fa75263f233a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:1f:93:83:93:63:1a:04:c8:24:f6:50:5a:9f:
5b:1a:cd:0b:8c:fd:87:9d:ae:c8:a0:74:a0:a9:01:
b3:6e:cc:d5:1a:c5:ed:95:94:9c:8d:ce:48:5b:68:
43:3d:6d:9d:54:17:63:b8:57:e3:f5:aa:8e:bf:ed:
8f:16:63:55:3e:fd:88:1c:e0:3b:99:2e:cf:a6:61:
d0:c8:d7:db:0b:ca:d2:76:a5:11:c4:05:aa:3d:24:
3f:b4:14:af:25:b4:56:84:41:55:ef:2c:4c:18:df:
ae:6a:62:a3:fd:e4:fd:76:be:5e:8a:19:8c:eb:7b:
fe:0b:cb:00:92:a1:56:a5:cf:69:7b:83:73:69:e5:
8f:43:63:8c:fd:e4:37:b5:77:7f:5f:07:92:96:f8:
73:86:9f:9e:d1:ef:07:0d:e9:18:b6:d3:0f:1c:c4:
3a:19:09:c0:6f:e6:04:f8:b6:0c:a5:e2:80:65:dc:
5d:94:2f:61:9b:e6:c7:bc:14:a1:fb:be:2a:98:02:
ca:4c:9c:cf:9b:25:a7:81:04:97:c2:5c:31:11:8d:
74:8b:2d:7d:e9:67:d5:39:e1:d2:d5:02:78:ee:40:
cc:ff:54:52:01:93:43:92:62:2f:f7:9c:58:61:c2:
62:10:9f:b6:19:f8:9a:f7:23:ac:ba:77:72:c4:15:
da:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:C5:38:9F:71:55:C9:D5:65:C4:E3:F5:29:5F:A7:52:63:F2:33:A3
X509v3 Authority Key Identifier:
keyid:01:C3:8A:06:A3:9B:20:B8:DA:40:00:92:37:D7:6A:CD:D2:8E:71:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AcOKBqObILjaQACSN9dqzdKOcaU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/6a8e5e-39b6-47e3-bbb0-b29f10cc0328/1/38U4n3FVydVlxOP1KV-nUmPyM6M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/6a8e5e-39b6-47e3-bbb0-b29f10cc0328/1/AcOKBqObILjaQACSN9dqzdKOcaU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.98.232.0/21
138.12.128.0/17
148.139.104.0/24
163.120.128.0/17
IPv6:
2a04:37c0::/29
Signature Algorithm: sha256WithRSAEncryption
4b:e4:27:32:c3:2f:95:4a:53:c9:5b:dc:b3:b8:a4:0d:0d:ae:
e9:ba:51:34:06:cd:c2:da:18:e9:ee:8a:d1:05:9e:c9:18:b0:
31:c2:e1:2a:e1:6d:d2:78:f3:ba:45:ac:f2:47:97:c5:3d:d0:
ab:76:04:7e:63:c2:e0:6f:dd:cd:22:55:8f:d5:90:23:05:f9:
fd:15:c6:88:2b:30:3c:c8:2b:88:5c:cd:7d:88:9f:c0:97:1a:
b9:3a:f4:d3:cc:dd:30:73:7e:8f:61:ab:85:d7:87:90:20:66:
ad:53:0b:14:be:5b:fb:62:d6:04:93:4f:14:e6:a4:b5:53:e3:
1e:d5:5e:f3:62:84:7e:15:b7:b3:cd:44:d0:a9:ba:fe:63:e9:
b5:0f:01:2f:da:2b:ab:b7:ae:03:8f:d8:00:6f:94:fe:6a:c3:
ca:cd:98:c7:9a:e4:5d:fc:69:41:ff:59:96:ed:5d:ac:8d:f1:
81:4d:4e:81:5b:bf:ad:7b:53:d9:1d:6b:f3:2d:0b:08:bc:5f:
90:0c:00:72:b2:5b:e4:49:af:3a:69:53:a2:29:62:5a:1e:23:
ab:13:89:42:25:be:b5:bb:43:01:9b:8c:74:6b:88:46:0b:b4:
81:1d:a2:1c:95:f3:f1:4c:5c:a8:b2:d6:f5:da:bc:08:a7:af:
29:2e:a0:b8
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIEGgQ4mjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
MWMzOGEwNmEzOWIyMGI4ZGE0MDAwOTIzN2Q3NmFjZGQyOGU3MWE1MB4XDTIyMDMx
NjEwMDMxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGZjNTM4OWY3MTU1
YzlkNTY1YzRlM2Y1Mjk1ZmE3NTI2M2YyMzNhMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJcfk4OTYxoEyCT2UFqfWxrNC4z9h52uyKB0oKkBs27M1RrF
7ZWUnI3OSFtoQz1tnVQXY7hX4/Wqjr/tjxZjVT79iBzgO5kuz6Zh0MjX2wvK0nal
EcQFqj0kP7QUryW0VoRBVe8sTBjfrmpio/3k/Xa+XooZjOt7/gvLAJKhVqXPaXuD
c2nlj0NjjP3kN7V3f18Hkpb4c4afntHvBw3pGLbTDxzEOhkJwG/mBPi2DKXigGXc
XZQvYZvmx7wUofu+KpgCykycz5slp4EEl8JcMRGNdIstfeln1Tnh0tUCeO5AzP9U
UgGTQ5JiL/ecWGHCYhCfthn4mvcjrLp3csQV2lUCAwEAAaOCAiowggImMB0GA1Ud
DgQWBBTfxTifcVXJ1WXE4/UpX6dSY/IzozAfBgNVHSMEGDAWgBQBw4oGo5sguNpA
AJI312rN0o5xpTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0FjT0tCcU9iSUxqYVFBQ1NOOWRxemRLT2NhVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjUvNmE4ZTVlLTM5YjYtNDdlMy1iYmIwLWIyOWYxMGNjMDMyOC8x
LzM4VTRuM0ZWeWRWbHhPUDFLVi1uVW1QeU02TS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjUv
NmE4ZTVlLTM5YjYtNDdlMy1iYmIwLWIyOWYxMGNjMDMyOC8xL0FjT0tCcU9iSUxq
YVFBQ1NOOWRxemRLT2NhVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEAyVi6AMEB4oMgAMEAJSLaAMEB6N4
gDANBAIAAjAHAwUDKgQ3wDANBgkqhkiG9w0BAQsFAAOCAQEAS+QnMsMvlUpTyVvc
s7ikDQ2u6bpRNAbNwtoY6e6K0QWeyRiwMcLhKuFt0njzukWs8keXxT3Qq3YEfmPC
4G/dzSJVj9WQIwX5/RXGiCswPMgriFzNfYifwJcauTr008zdMHN+j2GrhdeHkCBm
rVMLFL5b+2LWBJNPFOaktVPjHtVe82KEfhW3s81E0Km6/mPptQ8BL9orq7euA4/Y
AG+U/mrDys2Yx5rkXfxpQf9Zlu1drI3xgU1OgVu/rXtT2R1r8y0LCLxfkAwAcrJb
5EmvOmlToiliWh4jqxOJQiW+tbtDAZuMdGuIRgu0gR2iHJXz8UxcqLLW9dq8CKev
KS6guA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:12 2023 by rpki-client on console-ams.rpki-client.org