Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/3d3a2d-a039-46f4-8687-057817ba9fb7/1/I3VA6tmThbKPmW9G9slVmbOZOLI.roa
File: I3VA6tmThbKPmW9G9slVmbOZOLI.roa (raw, json)
Hash identifier: l9WXtomAE08kNRg3iF4mEaA2QyYkd6I2bQmnD+ATZhU=
Subject key identifier: 23:75:40:EA:D9:93:85:B2:8F:99:6F:46:F6:C9:55:99:B3:99:38:B2
Certificate issuer: /CN=04cbe5b4623dab42f15a905002db7ce62e854f29
Certificate serial: 01856ED4DC32038D4A938931B21E606D0CEC
Authority key identifier: 04:CB:E5:B4:62:3D:AB:42:F1:5A:90:50:02:DB:7C:E6:2E:85:4F:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BMvltGI9q0LxWpBQAtt85i6FTyk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/3d3a2d-a039-46f4-8687-057817ba9fb7/1/I3VA6tmThbKPmW9G9slVmbOZOLI.roa
Signing time: Sun 01 Jan 2023 19:35:21 +0000
ROA not before: Sun 01 Jan 2023 19:35:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201443
IP address blocks: 37.202.14.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:d4:dc:32:03:8d:4a:93:89:31:b2:1e:60:6d:0c:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=04cbe5b4623dab42f15a905002db7ce62e854f29
Validity
Not Before: Jan 1 19:35:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=237540ead99385b28f996f46f6c95599b39938b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:3f:1e:52:af:79:12:ec:69:ca:76:c5:6a:47:
aa:1f:36:47:0a:96:30:a4:0e:90:d2:c8:ad:be:19:
4a:5d:c5:fd:b8:1f:aa:82:12:f2:42:a6:df:be:78:
ef:45:d9:87:04:3a:be:5f:a1:98:8e:33:73:66:c5:
5a:ca:b8:e7:e5:fd:cd:9f:b6:86:ec:79:d8:1d:d9:
7b:d0:c8:a6:bc:f8:d0:65:87:9d:b8:a3:d8:c9:98:
6a:02:11:ff:cb:98:5a:66:de:26:0c:28:ef:60:2b:
39:90:b3:e8:ee:4a:c2:8a:72:c7:d4:62:ea:cc:8f:
a1:fd:da:1c:19:70:fd:4f:75:3a:41:46:c4:f4:64:
75:aa:c2:57:35:00:b7:70:1f:1e:44:52:13:5a:a6:
dd:42:15:ce:cb:57:90:9a:cd:f0:59:38:d8:3e:b3:
25:25:01:5f:50:b1:44:e0:6c:26:b9:d3:ee:8d:a6:
18:57:ce:c5:0c:51:5d:98:af:79:da:53:7a:56:07:
85:e2:72:14:49:8f:0b:3b:2d:42:3d:20:e7:79:3b:
67:8d:14:d8:d2:9a:28:48:d5:51:5e:b1:d1:53:a5:
4d:2c:3a:eb:ef:04:89:6c:50:a4:cf:65:52:b7:9f:
f1:26:51:3f:52:0f:50:27:89:33:72:1c:26:5f:3a:
9f:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:75:40:EA:D9:93:85:B2:8F:99:6F:46:F6:C9:55:99:B3:99:38:B2
X509v3 Authority Key Identifier:
keyid:04:CB:E5:B4:62:3D:AB:42:F1:5A:90:50:02:DB:7C:E6:2E:85:4F:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BMvltGI9q0LxWpBQAtt85i6FTyk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/3d3a2d-a039-46f4-8687-057817ba9fb7/1/I3VA6tmThbKPmW9G9slVmbOZOLI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/3d3a2d-a039-46f4-8687-057817ba9fb7/1/BMvltGI9q0LxWpBQAtt85i6FTyk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.14.0/24
Signature Algorithm: sha256WithRSAEncryption
23:ea:9c:2c:75:17:34:41:71:4f:14:cb:6c:0d:73:aa:99:ce:
96:92:32:f0:81:04:51:20:11:a4:23:17:0e:98:c4:e2:10:5a:
c1:09:2d:4c:be:7a:85:5a:98:a5:26:9b:7e:8d:c9:2b:26:6a:
d1:12:b6:4b:4a:d4:25:f9:6e:a0:61:09:61:16:d1:3a:ed:66:
49:40:c0:e9:df:10:09:23:04:d5:ca:03:0e:7d:0a:97:75:9f:
1a:57:3f:d5:f4:08:47:75:fd:9b:93:e5:3c:52:2a:74:ca:79:
ef:61:07:2a:3b:43:4d:f6:6b:c9:4a:5e:31:5a:83:09:fa:00:
38:54:79:da:dc:d3:a1:b2:96:f9:12:e5:33:3d:b2:61:23:92:
ea:cc:8e:cc:03:5d:52:f3:47:2a:d3:77:6b:71:bb:bf:8a:7c:
e9:6a:f2:5e:ba:ad:f3:12:e4:ee:8e:60:8d:e7:79:d3:17:0d:
b0:27:2d:25:b8:f9:61:d7:11:63:c9:c8:e9:89:b2:33:f6:21:
81:69:74:51:29:5b:22:44:d0:a7:83:e7:de:5f:4d:be:ea:5e:
84:b8:06:bd:db:f7:83:65:a5:69:29:fc:e8:61:2d:57:40:a3:
c1:bb:d7:1e:b7:c2:c1:06:31:02:8a:1f:e8:6a:fe:65:7f:fe:
91:c2:b3:71
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVu1NwyA41Kk4kxsh5gbQzsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0Y2JlNWI0NjIzZGFiNDJmMTVhOTA1MDAyZGI3Y2U2MmU4
NTRmMjkwHhcNMjMwMTAxMTkzNTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzc1NDBlYWQ5OTM4NWIyOGY5OTZmNDZmNmM5NTU5OWIzOTkzOGIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsT8eUq95EuxpynbFakeqHzZHCpYw
pA6Q0sitvhlKXcX9uB+qghLyQqbfvnjvRdmHBDq+X6GYjjNzZsVayrjn5f3Nn7aG
7HnYHdl70MimvPjQZYeduKPYyZhqAhH/y5haZt4mDCjvYCs5kLPo7krCinLH1GLq
zI+h/docGXD9T3U6QUbE9GR1qsJXNQC3cB8eRFITWqbdQhXOy1eQms3wWTjYPrMl
JQFfULFE4GwmudPujaYYV87FDFFdmK952lN6VgeF4nIUSY8LOy1CPSDneTtnjRTY
0pooSNVRXrHRU6VNLDrr7wSJbFCkz2VSt5/xJlE/Ug9QJ4kzchwmXzqf8wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCN1QOrZk4Wyj5lvRvbJVZmzmTiyMB8GA1UdIwQY
MBaAFATL5bRiPatC8VqQUALbfOYuhU8pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQk12bHRHSTlxMEx4V3BCUUF0dDg1aTZGVHlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS8zZDNhMmQtYTAzOS00NmY0LTg2ODct
MDU3ODE3YmE5ZmI3LzEvSTNWQTZ0bVRoYktQbVc5RzlzbFZtYk9aT0xJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS8zZDNhMmQtYTAzOS00NmY0LTg2ODctMDU3ODE3YmE5ZmI3
LzEvQk12bHRHSTlxMEx4V3BCUUF0dDg1aTZGVHlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJcoOMA0G
CSqGSIb3DQEBCwUAA4IBAQAj6pwsdRc0QXFPFMtsDXOqmc6WkjLwgQRRIBGkIxcO
mMTiEFrBCS1MvnqFWpilJpt+jckrJmrRErZLStQl+W6gYQlhFtE67WZJQMDp3xAJ
IwTVygMOfQqXdZ8aVz/V9AhHdf2bk+U8Uip0ynnvYQcqO0NN9mvJSl4xWoMJ+gA4
VHna3NOhspb5EuUzPbJhI5LqzI7MA11S80cq03drcbu/inzpavJeuq3zEuTujmCN
53nTFw2wJy0luPlh1xFjycjpibIz9iGBaXRRKVsiRNCng+feX02+6l6EuAa92/eD
ZaVpKfzoYS1XQKPBu9cet8LBBjECih/oav5lf/6RwrNx
-----END CERTIFICATE-----
Generated at Sat Apr 19 17:50:19 2025 by rpki-client