Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/448c85-a966-4df2-98e4-a5a5ad06eb43/1/37XNRy-XEzluOXqkZ4aG7irG278.roa
File: 37XNRy-XEzluOXqkZ4aG7irG278.roa (raw, json)
Hash identifier: 8Y7BNycmYjQWBOYwYmIyUy5Utio7MN3J+thkHuYKw+w=
Subject key identifier: DF:B5:CD:47:2F:97:13:39:6E:39:7A:A4:67:86:86:EE:2A:C6:DB:BF
Certificate issuer: /CN=5e9b9bed8f8d3d579bb0552e4fc4b81986861e64
Certificate serial: 01DFCED8
Authority key identifier: 5E:9B:9B:ED:8F:8D:3D:57:9B:B0:55:2E:4F:C4:B8:19:86:86:1E:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xpub7Y-NPVebsFUuT8S4GYaGHmQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/448c85-a966-4df2-98e4-a5a5ad06eb43/1/37XNRy-XEzluOXqkZ4aG7irG278.roa
Signing time: Sat 01 Jan 2022 10:03:46 +0000
ROA not before: Sat 01 Jan 2022 10:03:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 24836
IP address blocks: 193.111.163.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 31444696 (0x1dfced8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e9b9bed8f8d3d579bb0552e4fc4b81986861e64
Validity
Not Before: Jan 1 10:03:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dfb5cd472f9713396e397aa4678686ee2ac6dbbf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:ac:60:3d:11:56:7b:c4:09:c0:ee:0a:e2:05:
3b:ea:f2:be:a0:e5:76:5e:25:bb:d6:fb:fe:c0:52:
1e:23:d9:58:da:7a:be:b2:eb:c1:a1:ad:8b:36:49:
da:92:2a:c5:0f:29:e9:1a:a7:b4:b3:eb:4d:b1:b6:
b3:d5:23:0f:12:60:37:00:25:f9:3c:be:1d:a9:bf:
aa:10:17:4a:35:31:dc:9e:d4:ef:a8:23:25:5c:6e:
3c:6c:9c:67:01:66:cc:2f:a3:55:66:c8:12:d9:87:
bc:11:15:8b:31:a3:20:fa:61:df:55:35:96:41:ee:
60:1a:a2:f9:f6:d7:2d:c4:04:4a:3a:cb:11:9b:c7:
9c:b4:21:9c:f4:cb:52:3b:95:ae:0f:7c:08:0d:c5:
92:b6:9b:70:53:a5:a8:30:d1:17:22:c4:b1:52:09:
41:6c:6f:80:71:ca:09:94:97:86:b2:e4:f8:84:a5:
87:9f:97:59:e1:cf:cb:d5:7b:4f:58:7f:86:22:db:
33:79:99:58:c0:a1:90:a3:18:b6:b2:26:7d:c1:4d:
c7:42:28:3c:10:e4:e9:a4:20:e2:46:41:28:fb:37:
d5:aa:bb:07:3f:68:c6:18:24:f2:61:ae:9f:69:6f:
9a:d4:d4:b0:7c:a2:48:d9:89:c9:f9:15:5f:85:9d:
2e:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:B5:CD:47:2F:97:13:39:6E:39:7A:A4:67:86:86:EE:2A:C6:DB:BF
X509v3 Authority Key Identifier:
keyid:5E:9B:9B:ED:8F:8D:3D:57:9B:B0:55:2E:4F:C4:B8:19:86:86:1E:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xpub7Y-NPVebsFUuT8S4GYaGHmQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/448c85-a966-4df2-98e4-a5a5ad06eb43/1/37XNRy-XEzluOXqkZ4aG7irG278.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/448c85-a966-4df2-98e4-a5a5ad06eb43/1/Xpub7Y-NPVebsFUuT8S4GYaGHmQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.111.163.0/24
Signature Algorithm: sha256WithRSAEncryption
b7:56:f6:05:be:37:21:da:35:c2:20:16:4d:40:c6:7e:f4:f7:
cf:f8:58:24:49:11:2a:26:64:11:be:c1:ad:90:3f:ed:22:d0:
bc:34:94:13:b3:2f:89:0d:af:3d:b0:3e:ce:29:f1:3d:4c:52:
ad:e5:40:be:bc:df:5e:61:7a:89:38:4b:2c:bb:79:05:48:7e:
c4:cf:05:ff:97:fb:2c:68:f4:78:c3:bb:ca:5e:a3:ab:27:3d:
95:96:1d:c9:c1:4f:c6:a0:e7:1c:ab:f5:68:9b:a4:77:31:2f:
bf:d0:55:a9:cd:23:52:d6:3f:0f:32:bd:1a:5b:6c:73:32:ac:
b2:9e:bd:2f:53:00:d7:c1:c6:22:dc:66:6e:37:88:f6:56:fc:
08:e9:7f:08:b8:89:57:a1:b7:3d:c5:90:28:bc:61:ee:e8:3b:
af:07:c3:af:5f:10:a6:43:2d:59:f5:c7:3c:ee:cc:4a:ca:29:
fe:eb:4d:9b:48:39:f1:9d:20:0d:fd:98:4e:8b:88:bf:cc:5e:
ef:1f:21:3f:a1:cd:f6:ca:85:f0:e5:14:57:e3:87:42:bc:ba:
95:99:4e:5c:7f:d1:53:6d:ec:45:5d:c6:85:a1:87:3b:8c:11:
a0:08:c5:16:90:9f:67:42:78:a0:00:f7:da:96:99:77:d7:a7:
98:8a:7a:83
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAd/O2DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
ZTliOWJlZDhmOGQzZDU3OWJiMDU1MmU0ZmM0YjgxOTg2ODYxZTY0MB4XDTIyMDEw
MTEwMDM0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGZiNWNkNDcyZjk3
MTMzOTZlMzk3YWE0Njc4Njg2ZWUyYWM2ZGJiZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMysYD0RVnvECcDuCuIFO+ryvqDldl4lu9b7/sBSHiPZWNp6
vrLrwaGtizZJ2pIqxQ8p6RqntLPrTbG2s9UjDxJgNwAl+Ty+Ham/qhAXSjUx3J7U
76gjJVxuPGycZwFmzC+jVWbIEtmHvBEVizGjIPph31U1lkHuYBqi+fbXLcQESjrL
EZvHnLQhnPTLUjuVrg98CA3FkrabcFOlqDDRFyLEsVIJQWxvgHHKCZSXhrLk+ISl
h5+XWeHPy9V7T1h/hiLbM3mZWMChkKMYtrImfcFNx0IoPBDk6aQg4kZBKPs31aq7
Bz9oxhgk8mGun2lvmtTUsHyiSNmJyfkVX4WdLhMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTftc1HL5cTOW45eqRnhobuKsbbvzAfBgNVHSMEGDAWgBRem5vtj409V5uw
VS5PxLgZhoYeZDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1hwdWI3WS1OUFZlYnNGVXVUOFM0R1lhR0htUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmQvNDQ4Yzg1LWE5NjYtNGRmMi05OGU0LWE1YTVhZDA2ZWI0My8x
LzM3WE5SeS1YRXpsdU9YcWtaNGFHN2lyRzI3OC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmQv
NDQ4Yzg1LWE5NjYtNGRmMi05OGU0LWE1YTVhZDA2ZWI0My8xL1hwdWI3WS1OUFZl
YnNGVXVUOFM0R1lhR0htUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMFvozANBgkqhkiG9w0BAQsFAAOC
AQEAt1b2Bb43Ido1wiAWTUDGfvT3z/hYJEkRKiZkEb7BrZA/7SLQvDSUE7MviQ2v
PbA+zinxPUxSreVAvrzfXmF6iThLLLt5BUh+xM8F/5f7LGj0eMO7yl6jqyc9lZYd
ycFPxqDnHKv1aJukdzEvv9BVqc0jUtY/DzK9GltsczKssp69L1MA18HGItxmbjeI
9lb8COl/CLiJV6G3PcWQKLxh7ug7rwfDr18QpkMtWfXHPO7MSsop/utNm0g58Z0g
Df2YTouIv8xe7x8hP6HN9sqF8OUUV+OHQry6lZlOXH/RU23sRV3GhaGHO4wRoAjF
FpCfZ0J4oAD32paZd9enmIp6gw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:41 2023 by rpki-client on console-ams.rpki-client.org