Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/391dd7-4b96-46a5-afb4-6b615b7dbfe0/1/sJnOEZ1yc6vVtHD4yz8jijzm9q0.roa
File: sJnOEZ1yc6vVtHD4yz8jijzm9q0.roa (raw, json)
Hash identifier: 5aZ2GMvl2fJGSdDaz3V/FAHnBjMf2CKmBnL5xG61qwI=
Subject key identifier: B0:99:CE:11:9D:72:73:AB:D5:B4:70:F8:CB:3F:23:8A:3C:E6:F6:AD
Certificate issuer: /CN=61340818a8633908cf37ea145d66d92452fb73aa
Certificate serial: 018570950947C377F045D57FBBA620477775
Authority key identifier: 61:34:08:18:A8:63:39:08:CF:37:EA:14:5D:66:D9:24:52:FB:73:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YTQIGKhjOQjPN-oUXWbZJFL7c6o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/391dd7-4b96-46a5-afb4-6b615b7dbfe0/1/sJnOEZ1yc6vVtHD4yz8jijzm9q0.roa
Signing time: Mon 02 Jan 2023 03:44:53 +0000
ROA not before: Mon 02 Jan 2023 03:44:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39194
IP address blocks: 83.146.192.0/18 maxlen: 18
185.143.60.0/22 maxlen: 22
37.35.16.0/20 maxlen: 20
85.209.100.0/22 maxlen: 22
2a00:7a20::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:95:09:47:c3:77:f0:45:d5:7f:bb:a6:20:47:77:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61340818a8633908cf37ea145d66d92452fb73aa
Validity
Not Before: Jan 2 03:44:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b099ce119d7273abd5b470f8cb3f238a3ce6f6ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:70:86:a2:f6:87:ff:af:db:71:fe:12:25:a7:
ec:a1:85:3e:46:f9:3d:da:3d:ab:38:be:e5:80:b6:
01:52:c6:19:1a:55:33:d8:fe:27:c1:62:19:c2:a0:
4a:2c:12:64:b6:fa:9a:7c:5f:d1:87:bc:45:97:0e:
ee:68:89:ed:ec:b9:e6:f5:57:05:81:10:b7:99:91:
76:65:28:b3:de:cd:7f:97:2c:61:01:0e:3c:81:e1:
08:f2:36:7c:fa:78:f3:41:4e:11:6a:ee:d0:58:ff:
47:3f:e0:8b:65:a2:c0:02:2d:c9:99:b7:fc:80:0e:
e3:b6:34:13:0b:4d:90:1a:9b:08:ea:fe:80:dd:76:
69:09:2c:a1:a8:8d:fc:da:0a:f1:1e:ce:f8:89:5d:
3e:14:c5:2d:31:b5:27:04:64:28:74:0c:1e:bd:53:
db:13:6c:8d:66:a7:40:6a:19:9d:c9:07:57:4d:07:
30:8b:2d:a8:40:3f:a9:ba:ae:4a:da:6d:dc:ef:61:
13:ff:3d:e1:e9:6d:fb:1d:73:74:50:c8:c0:74:16:
ef:66:95:53:a3:11:7f:88:4b:f2:54:c1:7e:1d:be:
e9:96:30:0b:dc:91:5f:5c:a7:05:3b:e0:f1:a3:a0:
1e:28:f7:cd:ad:99:16:cb:47:95:06:93:ac:a7:de:
57:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:99:CE:11:9D:72:73:AB:D5:B4:70:F8:CB:3F:23:8A:3C:E6:F6:AD
X509v3 Authority Key Identifier:
keyid:61:34:08:18:A8:63:39:08:CF:37:EA:14:5D:66:D9:24:52:FB:73:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YTQIGKhjOQjPN-oUXWbZJFL7c6o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/391dd7-4b96-46a5-afb4-6b615b7dbfe0/1/sJnOEZ1yc6vVtHD4yz8jijzm9q0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/391dd7-4b96-46a5-afb4-6b615b7dbfe0/1/YTQIGKhjOQjPN-oUXWbZJFL7c6o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.35.16.0/20
83.146.192.0/18
85.209.100.0/22
185.143.60.0/22
IPv6:
2a00:7a20::/32
Signature Algorithm: sha256WithRSAEncryption
0d:fb:76:34:50:fb:3e:5b:98:8d:90:f2:c4:e4:28:75:d0:aa:
49:06:d1:f9:c0:cf:5b:27:57:4b:5a:79:6e:d5:6c:58:56:33:
ea:c0:c8:68:97:64:dc:38:1a:5e:e4:9a:4d:b1:d9:95:ba:48:
ea:ff:6f:40:2c:b6:16:45:26:24:91:51:23:52:4a:f3:34:f8:
60:f0:ab:ac:22:65:41:15:25:a2:d1:5b:e0:11:f0:38:b5:c1:
11:4b:fd:26:8c:0d:67:29:fd:f9:f9:c7:a0:f2:5f:d1:67:cc:
10:fa:e1:c0:e0:bb:f8:7f:4a:cc:4a:36:65:24:7c:66:36:c9:
a9:a3:3b:e7:45:9d:78:81:31:bc:f5:ff:43:ab:cd:d0:14:69:
35:50:6e:eb:9a:94:d4:ed:6a:37:37:c5:34:6c:b9:0f:61:bc:
d7:3e:de:57:2b:c7:d6:77:ac:8e:f5:0b:dc:88:81:0f:d5:25:
1e:9f:e4:58:78:12:e4:78:ca:95:c9:8a:d3:40:16:76:71:f2:
53:f8:c7:e3:ca:7c:f7:3d:f2:68:fd:9e:93:0c:d3:d1:86:bc:
f9:c8:24:c1:c5:49:6a:57:ee:25:dc:02:d1:7a:eb:7b:22:72:
8e:f1:ef:b4:c9:5f:9e:2d:2f:24:83:6e:6c:91:ac:45:3b:06:
10:2d:c8:4c
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVwlQlHw3fwRdV/u6YgR3d1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxMzQwODE4YTg2MzM5MDhjZjM3ZWExNDVkNjZkOTI0NTJm
YjczYWEwHhcNMjMwMTAyMDM0NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDk5Y2UxMTlkNzI3M2FiZDViNDcwZjhjYjNmMjM4YTNjZTZmNmFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArXCGovaH/6/bcf4SJafsoYU+Rvk9
2j2rOL7lgLYBUsYZGlUz2P4nwWIZwqBKLBJktvqafF/Rh7xFlw7uaInt7Lnm9VcF
gRC3mZF2ZSiz3s1/lyxhAQ48geEI8jZ8+njzQU4Rau7QWP9HP+CLZaLAAi3Jmbf8
gA7jtjQTC02QGpsI6v6A3XZpCSyhqI382grxHs74iV0+FMUtMbUnBGQodAwevVPb
E2yNZqdAahmdyQdXTQcwiy2oQD+puq5K2m3c72ET/z3h6W37HXN0UMjAdBbvZpVT
oxF/iEvyVMF+Hb7pljAL3JFfXKcFO+Dxo6AeKPfNrZkWy0eVBpOsp95XQwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFLCZzhGdcnOr1bRw+Ms/I4o85vatMB8GA1UdIwQY
MBaAFGE0CBioYzkIzzfqFF1m2SRS+3OqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVRRSUdLaGpPUWpQTi1vVVhXYlpKRkw3YzZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi8zOTFkZDctNGI5Ni00NmE1LWFmYjQt
NmI2MTViN2RiZmUwLzEvc0puT0VaMXljNnZWdEhENHl6OGppanptOXEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi8zOTFkZDctNGI5Ni00NmE1LWFmYjQtNmI2MTViN2RiZmUw
LzEvWVRRSUdLaGpPUWpQTi1vVVhXYlpKRkw3YzZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQEJSMQAwQG
U5LAAwQCVdFkAwQCuY88MA0EAgACMAcDBQAqAHogMA0GCSqGSIb3DQEBCwUAA4IB
AQAN+3Y0UPs+W5iNkPLE5Ch10KpJBtH5wM9bJ1dLWnlu1WxYVjPqwMhol2TcOBpe
5JpNsdmVukjq/29ALLYWRSYkkVEjUkrzNPhg8KusImVBFSWi0VvgEfA4tcERS/0m
jA1nKf35+ceg8l/RZ8wQ+uHA4Lv4f0rMSjZlJHxmNsmpozvnRZ14gTG89f9Dq83Q
FGk1UG7rmpTU7Wo3N8U0bLkPYbzXPt5XK8fWd6yO9QvciIEP1SUen+RYeBLkeMqV
yYrTQBZ2cfJT+Mfjynz3PfJo/Z6TDNPRhrz5yCTBxUlqV+4l3ALReut7InKO8e+0
yV+eLS8kg25skaxFOwYQLchM
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:52:33 2025 by rpki-client