Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/1fc627-a373-474d-bc7e-e2d846849482/1/nMYBrqJfZkT3EdpG0PCSppzmP9M.roa
File: nMYBrqJfZkT3EdpG0PCSppzmP9M.roa (raw, json)
Hash identifier: Lgc8f5ClTJiyLFdpLXBEmX5KGIjGPiWIgEkOkiW7SF0=
Subject key identifier: 9C:C6:01:AE:A2:5F:66:44:F7:11:DA:46:D0:F0:92:A6:9C:E6:3F:D3
Certificate issuer: /CN=2efb9e6d7566dfef9d5cb98d929cb70323d389f2
Certificate serial: 08C185AA
Authority key identifier: 2E:FB:9E:6D:75:66:DF:EF:9D:5C:B9:8D:92:9C:B7:03:23:D3:89:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LvuebXVm3--dXLmNkpy3AyPTifI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/1fc627-a373-474d-bc7e-e2d846849482/1/nMYBrqJfZkT3EdpG0PCSppzmP9M.roa
Signing time: Sat 01 Jan 2022 04:55:04 +0000
ROA not before: Sat 01 Jan 2022 04:55:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49354
IP address blocks: 37.18.128.0/22 maxlen: 26
2a05:280::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 146900394 (0x8c185aa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2efb9e6d7566dfef9d5cb98d929cb70323d389f2
Validity
Not Before: Jan 1 04:55:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9cc601aea25f6644f711da46d0f092a69ce63fd3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:fc:37:9f:7a:32:e1:44:55:63:8e:12:9e:20:
54:3c:56:ac:09:8a:6a:01:9c:16:5f:2d:84:34:93:
7e:7e:54:52:2b:0a:c1:90:8e:93:c3:5e:17:ce:02:
90:14:b4:ec:36:4f:bd:81:ae:99:e6:b8:86:c0:60:
88:a0:9d:d1:da:56:fb:88:4a:29:0e:61:8c:e3:98:
65:3b:c1:1d:71:e3:04:70:1a:b7:28:43:66:ab:d5:
84:19:2d:ff:49:d8:c0:b7:ca:6f:a6:ab:a2:4d:84:
2b:8a:78:d7:cc:c8:56:03:4b:a9:a0:db:8e:e1:31:
f3:29:12:91:11:4d:ab:e6:a8:9a:19:4e:b2:0a:21:
ee:86:20:30:48:18:91:9e:6a:d6:34:4b:30:0d:e4:
0b:99:f7:f6:1c:de:51:d9:9b:26:d9:9f:82:76:a9:
62:5f:45:2b:eb:6b:24:ab:61:c1:b9:c0:96:70:55:
ef:fb:cf:0c:bd:88:d4:98:89:9e:a6:1c:b9:ce:c1:
04:52:ff:5a:a9:b8:63:fd:58:5f:d8:0e:1c:9e:12:
68:12:3b:3c:41:4c:56:3d:e5:4c:07:ab:c9:93:ea:
cf:1c:f3:92:5f:cc:4f:c5:54:89:48:0c:eb:f8:a4:
f3:3a:db:9b:3d:ae:89:1b:b6:72:f7:75:d2:94:5e:
cf:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:C6:01:AE:A2:5F:66:44:F7:11:DA:46:D0:F0:92:A6:9C:E6:3F:D3
X509v3 Authority Key Identifier:
keyid:2E:FB:9E:6D:75:66:DF:EF:9D:5C:B9:8D:92:9C:B7:03:23:D3:89:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LvuebXVm3--dXLmNkpy3AyPTifI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/1fc627-a373-474d-bc7e-e2d846849482/1/nMYBrqJfZkT3EdpG0PCSppzmP9M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/1fc627-a373-474d-bc7e-e2d846849482/1/LvuebXVm3--dXLmNkpy3AyPTifI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.18.128.0/22
IPv6:
2a05:280::/29
Signature Algorithm: sha256WithRSAEncryption
46:4a:51:79:a7:44:54:1d:29:2a:91:ea:c0:be:07:8f:7c:11:
8e:b6:b5:60:d9:cf:04:f6:e3:3d:45:34:b6:89:5d:61:df:60:
37:54:28:31:43:1d:52:c3:7d:6f:8c:99:bb:90:f9:54:fb:b4:
f2:da:eb:8c:12:87:25:e1:d1:c9:5e:ec:3d:07:45:a5:5b:0e:
27:21:e5:1e:7d:81:5b:78:91:17:78:22:f5:e5:cb:8a:e6:41:
10:61:2c:c5:9f:e3:67:f3:61:67:55:5f:b7:76:35:56:7f:39:
02:c2:32:de:9f:e5:87:07:d3:ae:86:b4:7c:6a:e9:e3:21:80:
b7:01:07:66:af:3b:f8:25:ce:0c:fe:f4:1c:1c:78:f9:93:d6:
44:3a:fb:39:13:fc:8d:be:62:2c:4d:51:20:e1:af:df:29:8f:
06:41:1a:09:a1:f8:a3:4c:ed:03:91:12:33:cf:30:a2:e6:fe:
49:aa:fc:63:6d:2e:65:00:e4:9e:e6:db:54:91:29:f9:7b:62:
33:e6:03:36:36:90:11:8d:b3:dc:8e:f3:04:e8:18:d1:71:a8:
b5:be:0e:b5:c4:34:91:0f:a8:b9:4a:0a:4b:58:14:fa:e7:7e:
fe:34:f1:39:11:d8:3a:13:b4:ea:cb:f3:bf:36:90:b4:de:81:
ba:64:3e:7e
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIECMGFqjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ZWZiOWU2ZDc1NjZkZmVmOWQ1Y2I5OGQ5MjljYjcwMzIzZDM4OWYyMB4XDTIyMDEw
MTA0NTUwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWNjNjAxYWVhMjVm
NjY0NGY3MTFkYTQ2ZDBmMDkyYTY5Y2U2M2ZkMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL/8N596MuFEVWOOEp4gVDxWrAmKagGcFl8thDSTfn5UUisK
wZCOk8NeF84CkBS07DZPvYGumea4hsBgiKCd0dpW+4hKKQ5hjOOYZTvBHXHjBHAa
tyhDZqvVhBkt/0nYwLfKb6arok2EK4p418zIVgNLqaDbjuEx8ykSkRFNq+aomhlO
sgoh7oYgMEgYkZ5q1jRLMA3kC5n39hzeUdmbJtmfgnapYl9FK+trJKthwbnAlnBV
7/vPDL2I1JiJnqYcuc7BBFL/Wqm4Y/1YX9gOHJ4SaBI7PEFMVj3lTAeryZPqzxzz
kl/MT8VUiUgM6/ik8zrbmz2uiRu2cvd10pRezw8CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBScxgGuol9mRPcR2kbQ8JKmnOY/0zAfBgNVHSMEGDAWgBQu+55tdWbf751c
uY2SnLcDI9OJ8jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0x2dWViWFZtMy0tZFhMbU5rcHkzQXlQVGlmSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzEvMWZjNjI3LWEzNzMtNDc0ZC1iYzdlLWUyZDg0Njg0OTQ4Mi8x
L25NWUJycUpmWmtUM0VkcEcwUENTcHB6bVA5TS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzEv
MWZjNjI3LWEzNzMtNDc0ZC1iYzdlLWUyZDg0Njg0OTQ4Mi8xL0x2dWViWFZtMy0t
ZFhMbU5rcHkzQXlQVGlmSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAiUSgDANBAIAAjAHAwUDKgUCgDAN
BgkqhkiG9w0BAQsFAAOCAQEARkpReadEVB0pKpHqwL4Hj3wRjra1YNnPBPbjPUU0
toldYd9gN1QoMUMdUsN9b4yZu5D5VPu08trrjBKHJeHRyV7sPQdFpVsOJyHlHn2B
W3iRF3gi9eXLiuZBEGEsxZ/jZ/NhZ1Vft3Y1Vn85AsIy3p/lhwfTroa0fGrp4yGA
twEHZq87+CXODP70HBx4+ZPWRDr7ORP8jb5iLE1RIOGv3ymPBkEaCaH4o0ztA5ES
M88woub+Sar8Y20uZQDknubbVJEp+XtiM+YDNjaQEY2z3I7zBOgY0XGotb4OtcQ0
kQ+ouUoKS1gU+ud+/jTxORHYOhO06svzvzaQtN6BumQ+fg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:55 2023 by rpki-client on console-ams.rpki-client.org