Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/cd1db3-2877-4f32-83c5-370b82e9f90b/1/5m6aPLd2pew-pZP4pwX8-fniuR8.roa
File: 5m6aPLd2pew-pZP4pwX8-fniuR8.roa (raw, json)
Hash identifier: tOf6lWpPoYXg2jdFf5sfv1ygu1ntEQapfw2Y10A0/LQ=
Subject key identifier: E6:6E:9A:3C:B7:76:A5:EC:3E:A5:93:F8:A7:05:FC:F9:F9:E2:B9:1F
Certificate issuer: /CN=be9b5458c237db65848cb2acbec6db9423fcb3a6
Certificate serial: 0290CD10
Authority key identifier: BE:9B:54:58:C2:37:DB:65:84:8C:B2:AC:BE:C6:DB:94:23:FC:B3:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vptUWMI322WEjLKsvsbblCP8s6Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/cd1db3-2877-4f32-83c5-370b82e9f90b/1/5m6aPLd2pew-pZP4pwX8-fniuR8.roa
Signing time: Sat 01 Jan 2022 14:06:30 +0000
ROA not before: Sat 01 Jan 2022 14:06:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200865
IP address blocks: 37.17.128.0/24 maxlen: 24
37.17.128.0/20 maxlen: 20
37.17.128.0/19 maxlen: 19
37.17.144.0/20 maxlen: 20
185.91.16.0/24 maxlen: 24
185.91.17.0/24 maxlen: 24
185.91.16.0/23 maxlen: 23
185.91.19.0/24 maxlen: 24
185.91.18.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 43044112 (0x290cd10)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be9b5458c237db65848cb2acbec6db9423fcb3a6
Validity
Not Before: Jan 1 14:06:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e66e9a3cb776a5ec3ea593f8a705fcf9f9e2b91f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:c4:4e:c1:c8:02:03:10:c4:1b:d1:94:38:c3:
6d:31:40:ba:aa:74:88:b6:7e:1f:8b:73:3f:f2:e3:
cf:af:90:ed:cd:5f:e0:65:1a:e7:63:29:ff:46:ab:
29:35:d1:36:35:14:8f:8d:a4:f5:7d:fd:24:7b:36:
99:c4:7b:23:3f:44:ee:66:c9:00:85:79:53:0a:a5:
20:09:23:0e:7e:2c:e2:5d:f8:b1:05:9e:6e:cd:f9:
e7:d9:e5:d8:62:1e:9b:de:c0:cc:00:42:03:f0:2c:
8c:13:c3:f9:02:27:c8:42:fd:e5:39:b1:ed:f6:db:
bb:c4:fb:24:80:e2:bb:5d:12:f2:1b:ee:46:1b:38:
0a:1c:c1:71:8c:05:e8:6b:2f:d9:98:11:0a:13:34:
ad:16:61:75:1a:e0:0e:f7:f5:a0:fb:bb:85:db:14:
b8:99:02:7a:73:d2:57:51:52:a0:f0:25:39:0d:27:
56:a8:27:d0:73:e3:26:53:fe:87:1f:6f:51:0e:24:
5c:c5:97:c1:1a:7a:57:52:6f:5c:b2:c0:ea:b1:6b:
2d:08:81:a9:a1:97:9b:2f:e5:f2:dd:fe:4e:fa:f7:
86:10:52:c1:6f:db:ab:77:e5:af:3b:ca:7c:7e:ca:
3c:da:71:4b:2c:81:7f:80:c7:f2:47:dc:a5:73:cd:
18:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:6E:9A:3C:B7:76:A5:EC:3E:A5:93:F8:A7:05:FC:F9:F9:E2:B9:1F
X509v3 Authority Key Identifier:
keyid:BE:9B:54:58:C2:37:DB:65:84:8C:B2:AC:BE:C6:DB:94:23:FC:B3:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vptUWMI322WEjLKsvsbblCP8s6Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/cd1db3-2877-4f32-83c5-370b82e9f90b/1/5m6aPLd2pew-pZP4pwX8-fniuR8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/cd1db3-2877-4f32-83c5-370b82e9f90b/1/vptUWMI322WEjLKsvsbblCP8s6Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.17.128.0/19
185.91.16.0/22
Signature Algorithm: sha256WithRSAEncryption
30:09:eb:86:b9:03:72:f5:2b:54:d6:d0:dc:17:27:f4:ca:70:
df:0c:de:be:31:4d:31:72:13:d6:15:14:43:a7:09:d5:02:cf:
9e:2b:b5:2b:ff:4c:9a:97:b7:76:42:30:d8:ab:49:f2:41:f4:
26:e6:ef:bf:94:47:a7:1c:71:1f:be:f7:8d:b4:de:1a:72:0f:
37:5d:60:f5:be:48:a2:0c:76:71:0b:22:e3:22:00:df:de:b4:
43:56:8c:80:4c:61:27:5e:75:1b:49:56:38:56:0a:7d:55:cf:
d2:1d:e2:11:ae:fc:d8:4b:77:31:65:b8:c2:e7:89:6b:f9:c9:
90:f7:21:a2:2a:3f:9c:36:7b:4f:b5:ee:d7:7c:1d:ec:03:c4:
47:3d:90:76:7f:b7:58:20:97:07:db:11:79:c2:6b:0d:86:56:
aa:9e:40:7f:4b:81:f8:5c:b2:95:eb:f1:4f:39:c5:df:bf:d5:
fe:cf:a0:2d:f1:40:af:fd:c0:06:7b:83:b1:cf:c6:5e:ff:ee:
b9:30:a2:cb:d9:2d:83:1f:a2:f4:e5:83:b7:1e:de:ce:05:e6:
eb:92:36:0c:91:8c:98:06:6b:fa:5d:c5:28:b0:97:f6:fb:c4:
01:55:9a:e7:a2:30:b9:9b:d3:a1:16:05:dc:9f:07:65:15:f5:
c0:64:1e:48
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEApDNEDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
ZTliNTQ1OGMyMzdkYjY1ODQ4Y2IyYWNiZWM2ZGI5NDIzZmNiM2E2MB4XDTIyMDEw
MTE0MDYzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTY2ZTlhM2NiNzc2
YTVlYzNlYTU5M2Y4YTcwNWZjZjlmOWUyYjkxZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN/ETsHIAgMQxBvRlDjDbTFAuqp0iLZ+H4tzP/Ljz6+Q7c1f
4GUa52Mp/0arKTXRNjUUj42k9X39JHs2mcR7Iz9E7mbJAIV5UwqlIAkjDn4s4l34
sQWebs3559nl2GIem97AzABCA/AsjBPD+QInyEL95Tmx7fbbu8T7JIDiu10S8hvu
Rhs4ChzBcYwF6Gsv2ZgRChM0rRZhdRrgDvf1oPu7hdsUuJkCenPSV1FSoPAlOQ0n
Vqgn0HPjJlP+hx9vUQ4kXMWXwRp6V1JvXLLA6rFrLQiBqaGXmy/l8t3+Tvr3hhBS
wW/bq3flrzvKfH7KPNpxSyyBf4DH8kfcpXPNGP0CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTmbpo8t3al7D6lk/inBfz5+eK5HzAfBgNVHSMEGDAWgBS+m1RYwjfbZYSM
sqy+xtuUI/yzpjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3ZwdFVXTUkzMjJXRWpMS3N2c2JibENQOHM2WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzYvY2QxZGIzLTI4NzctNGYzMi04M2M1LTM3MGI4MmU5ZjkwYi8x
LzVtNmFQTGQycGV3LXBaUDRwd1g4LWZuaXVSOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzYv
Y2QxZGIzLTI4NzctNGYzMi04M2M1LTM3MGI4MmU5ZjkwYi8xL3ZwdFVXTUkzMjJX
RWpMS3N2c2JibENQOHM2WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEBSURgAMEArlbEDANBgkqhkiG9w0B
AQsFAAOCAQEAMAnrhrkDcvUrVNbQ3Bcn9Mpw3wzevjFNMXIT1hUUQ6cJ1QLPniu1
K/9Mmpe3dkIw2KtJ8kH0Jubvv5RHpxxxH773jbTeGnIPN11g9b5Iogx2cQsi4yIA
3960Q1aMgExhJ151G0lWOFYKfVXP0h3iEa782Et3MWW4wueJa/nJkPchoio/nDZ7
T7Xu13wd7APERz2Qdn+3WCCXB9sRecJrDYZWqp5Af0uB+FyylevxTznF37/V/s+g
LfFAr/3ABnuDsc/GXv/uuTCiy9ktgx+i9OWDtx7ezgXm65I2DJGMmAZr+l3FKLCX
9vvEAVWa56IwuZvToRYF3J8HZRX1wGQeSA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:02 2024 by rpki-client on console-ams.rpki-client.org