Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/b64083-550e-4caf-bc29-a34a8b806832/1/bK-SeYxp5_bQ0Oht32auyENYSRE.roa
File: bK-SeYxp5_bQ0Oht32auyENYSRE.roa (raw, json)
Hash identifier: IqaO69p1YKmCXuJKW3yFnJ8SuPFZrTAipsM90mrryDQ=
Subject key identifier: 6C:AF:92:79:8C:69:E7:F6:D0:D0:E8:6D:DF:66:AE:C8:43:58:49:11
Certificate issuer: /CN=0f091bdc666b8a59433c68d90e0d8cc37acdce92
Certificate serial: 15CDDEEB
Authority key identifier: 0F:09:1B:DC:66:6B:8A:59:43:3C:68:D9:0E:0D:8C:C3:7A:CD:CE:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Dwkb3GZrillDPGjZDg2Mw3rNzpI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/b64083-550e-4caf-bc29-a34a8b806832/1/bK-SeYxp5_bQ0Oht32auyENYSRE.roa
Signing time: Sat 01 Jan 2022 13:56:21 +0000
ROA not before: Sat 01 Jan 2022 13:56:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198399
IP address blocks: 37.34.79.0/24 maxlen: 24
185.95.225.0/24 maxlen: 24
185.95.224.0/24 maxlen: 24
195.93.168.0/24 maxlen: 24
37.34.77.0/24 maxlen: 24
37.34.72.0/22 maxlen: 22
37.34.76.0/24 maxlen: 24
195.93.169.0/24 maxlen: 24
195.93.168.0/23 maxlen: 23
37.34.78.0/24 maxlen: 24
2a00:c5e0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 365813483 (0x15cddeeb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f091bdc666b8a59433c68d90e0d8cc37acdce92
Validity
Not Before: Jan 1 13:56:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6caf92798c69e7f6d0d0e86ddf66aec843584911
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:9e:01:70:c6:ca:70:6f:21:b5:02:33:da:10:
01:11:00:e9:8c:5f:d7:cb:9c:43:9d:fb:7a:7c:b2:
91:b6:25:ac:cc:e8:51:ac:5c:9e:34:e1:52:e7:81:
a6:d2:84:dd:20:64:cf:73:e1:91:ea:8c:1c:48:d8:
28:b7:a6:be:96:be:1c:58:65:ce:a5:87:ec:e2:12:
17:53:55:40:d6:20:14:c2:a2:07:13:c8:0a:de:d0:
c7:19:cd:1f:9b:97:e0:48:50:f9:e4:29:4a:6b:a8:
6a:86:ef:05:bc:4f:48:c1:ee:cc:f6:44:de:f3:74:
60:30:91:55:f6:93:67:03:0d:36:65:1a:11:70:9b:
f9:55:0a:f5:af:25:34:38:df:f3:25:df:23:6d:42:
09:8c:37:0e:72:46:88:97:48:56:95:8c:40:2d:47:
c7:0a:c9:38:3d:45:db:ca:fc:83:4f:b2:86:5a:2c:
69:47:db:3c:4f:26:a9:b4:7e:a3:43:d7:82:ff:5f:
13:28:cc:cb:04:e2:51:a2:a5:8d:ed:f4:bd:6b:10:
52:a9:45:a0:81:fa:ac:56:d1:2d:7c:01:f6:ae:4e:
d5:39:9f:f8:18:c4:59:0b:63:07:81:ed:5b:0e:42:
5b:3b:c2:65:03:9f:0a:f9:51:56:45:b2:f2:48:3a:
13:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:AF:92:79:8C:69:E7:F6:D0:D0:E8:6D:DF:66:AE:C8:43:58:49:11
X509v3 Authority Key Identifier:
keyid:0F:09:1B:DC:66:6B:8A:59:43:3C:68:D9:0E:0D:8C:C3:7A:CD:CE:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Dwkb3GZrillDPGjZDg2Mw3rNzpI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/b64083-550e-4caf-bc29-a34a8b806832/1/bK-SeYxp5_bQ0Oht32auyENYSRE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/b64083-550e-4caf-bc29-a34a8b806832/1/Dwkb3GZrillDPGjZDg2Mw3rNzpI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.34.72.0/21
185.95.224.0/23
195.93.168.0/23
IPv6:
2a00:c5e0::/32
Signature Algorithm: sha256WithRSAEncryption
a9:81:47:b3:32:57:8e:57:99:1d:29:23:c6:4f:9b:a5:0b:cd:
03:18:6f:f3:cb:31:60:73:86:dc:e6:6e:8f:89:a5:d5:55:36:
40:73:19:13:a2:d6:45:20:34:38:78:4b:0d:9c:4e:ef:a8:df:
37:aa:83:2b:32:72:ea:e4:08:40:89:02:8d:0b:4e:d3:83:fc:
e5:8b:1c:80:e5:86:9e:9b:78:3e:b0:9b:08:6c:9f:0e:d9:19:
41:21:44:fd:9a:a6:9b:0b:9d:2b:74:14:d8:ae:25:bb:66:4b:
1d:77:45:79:ca:92:6d:fd:3f:ca:5d:c9:36:8e:62:5f:cc:37:
54:74:14:3b:fc:a8:93:27:51:1e:66:30:ac:3b:d5:c8:11:ad:
71:f6:62:08:83:06:99:32:21:1e:de:32:56:69:89:22:4f:15:
c4:03:52:63:3a:30:33:37:d6:ed:2d:94:05:ae:44:84:ed:ab:
8f:a1:40:cd:83:06:bc:db:c5:b5:76:3c:39:f1:c2:c3:27:af:
89:c6:b7:3b:72:a5:14:07:dd:c5:a2:a4:5b:6d:12:45:45:e3:
d4:9a:c0:cb:76:1f:0d:13:99:f5:5d:5b:a9:f6:45:68:e2:7b:
16:27:df:52:f9:5d:19:47:33:bd:d8:66:c1:c5:42:37:60:3f:
0a:97:94:51
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEFc3e6zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
ZjA5MWJkYzY2NmI4YTU5NDMzYzY4ZDkwZTBkOGNjMzdhY2RjZTkyMB4XDTIyMDEw
MTEzNTYyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmNhZjkyNzk4YzY5
ZTdmNmQwZDBlODZkZGY2NmFlYzg0MzU4NDkxMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMGeAXDGynBvIbUCM9oQAREA6Yxf18ucQ537enyykbYlrMzo
UaxcnjThUueBptKE3SBkz3PhkeqMHEjYKLemvpa+HFhlzqWH7OISF1NVQNYgFMKi
BxPICt7QxxnNH5uX4EhQ+eQpSmuoaobvBbxPSMHuzPZE3vN0YDCRVfaTZwMNNmUa
EXCb+VUK9a8lNDjf8yXfI21CCYw3DnJGiJdIVpWMQC1HxwrJOD1F28r8g0+yhlos
aUfbPE8mqbR+o0PXgv9fEyjMywTiUaKlje30vWsQUqlFoIH6rFbRLXwB9q5O1Tmf
+BjEWQtjB4HtWw5CWzvCZQOfCvlRVkWy8kg6E+ECAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBRsr5J5jGnn9tDQ6G3fZq7IQ1hJETAfBgNVHSMEGDAWgBQPCRvcZmuKWUM8
aNkODYzDes3OkjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0R3a2IzR1pyaWxsRFBHalpEZzJNdzNyTnpwSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjgvYjY0MDgzLTU1MGUtNGNhZi1iYzI5LWEzNGE4YjgwNjgzMi8x
L2JLLVNlWXhwNV9iUTBPaHQzMmF1eUVOWVNSRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjgv
YjY0MDgzLTU1MGUtNGNhZi1iYzI5LWEzNGE4YjgwNjgzMi8xL0R3a2IzR1pyaWxs
RFBHalpEZzJNdzNyTnpwSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEAyUiSAMEAblf4AMEAcNdqDANBAIA
AjAHAwUAKgDF4DANBgkqhkiG9w0BAQsFAAOCAQEAqYFHszJXjleZHSkjxk+bpQvN
Axhv88sxYHOG3OZuj4ml1VU2QHMZE6LWRSA0OHhLDZxO76jfN6qDKzJy6uQIQIkC
jQtO04P85YscgOWGnpt4PrCbCGyfDtkZQSFE/ZqmmwudK3QU2K4lu2ZLHXdFecqS
bf0/yl3JNo5iX8w3VHQUO/yokydRHmYwrDvVyBGtcfZiCIMGmTIhHt4yVmmJIk8V
xANSYzowMzfW7S2UBa5EhO2rj6FAzYMGvNvFtXY8OfHCwyevica3O3KlFAfdxaKk
W20SRUXj1JrAy3YfDROZ9V1bqfZFaOJ7FiffUvldGUczvdhmwcVCN2A/CpeUUQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:23 2023 by rpki-client on console-ams.rpki-client.org