Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/6FvDnI0XlJ46UzuoLnrRqNiJQ_E.roa
File: 6FvDnI0XlJ46UzuoLnrRqNiJQ_E.roa (raw, json)
Hash identifier: XJEI5VSolVKIbDuaZ9/4U8PES1ggekVthgOdD1Ic78I=
Subject key identifier: E8:5B:C3:9C:8D:17:94:9E:3A:53:3B:A8:2E:7A:D1:A8:D8:89:43:F1
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 07B126A5
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/6FvDnI0XlJ46UzuoLnrRqNiJQ_E.roa
Signing time: Sat 01 Jan 2022 05:57:03 +0000
ROA not before: Sat 01 Jan 2022 05:57:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198961
IP address blocks: 37.221.176.0/24 maxlen: 24
37.221.177.0/24 maxlen: 24
37.221.178.0/24 maxlen: 24
37.221.179.0/24 maxlen: 24
37.221.181.0/24 maxlen: 24
37.221.182.0/24 maxlen: 24
37.221.183.0/24 maxlen: 24
188.255.237.0/24 maxlen: 24
188.255.131.0/24 maxlen: 24
188.255.132.0/24 maxlen: 24
212.69.24.0/22 maxlen: 22
212.69.22.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 129050277 (0x7b126a5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Jan 1 05:57:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e85bc39c8d17949e3a533ba82e7ad1a8d88943f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:8c:d8:c6:1a:1b:b6:f3:f7:bc:fd:be:8a:7c:
97:41:b4:db:db:f9:a3:01:8b:eb:71:cc:e7:d3:02:
60:49:cd:9b:bc:98:e8:7c:40:91:1d:d3:71:bf:e2:
32:c3:44:f9:9c:4b:97:44:e1:28:be:15:9e:3e:36:
41:48:bc:30:e3:41:90:f2:01:ed:f5:11:51:b9:53:
8c:61:0c:69:3a:73:df:81:d6:cf:42:39:b9:ee:f9:
de:e1:13:82:a3:c8:90:2b:c9:b3:be:d6:e2:47:86:
50:4b:88:51:0b:58:99:5d:b6:44:53:01:7f:5e:a3:
81:92:8c:29:0c:b8:44:49:fd:ec:ed:ad:b4:a9:96:
06:71:37:f9:ab:2c:24:b7:34:5d:15:55:ed:4a:c7:
1d:d8:89:86:28:e5:bd:6e:64:b3:1a:6e:1b:6e:c8:
9a:93:56:52:fd:a2:70:22:79:d6:fe:f1:03:b1:07:
d4:d7:f7:2c:56:4e:71:fe:32:66:2a:ec:e9:76:ae:
7a:42:9c:d0:cc:fb:fd:cb:1c:6b:dc:da:82:63:83:
d2:4f:82:52:0f:7e:de:ba:2b:ba:1e:3f:e8:60:5d:
ec:65:08:d3:a6:7e:7f:76:94:1b:7d:22:a3:24:1c:
2c:dd:8a:4a:cd:ba:b1:6d:0e:71:d7:96:e4:8c:af:
a1:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:5B:C3:9C:8D:17:94:9E:3A:53:3B:A8:2E:7A:D1:A8:D8:89:43:F1
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/6FvDnI0XlJ46UzuoLnrRqNiJQ_E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.221.176.0/22
37.221.181.0-37.221.183.255
188.255.131.0-188.255.132.255
188.255.237.0/24
212.69.22.0-212.69.27.255
Signature Algorithm: sha256WithRSAEncryption
9a:ab:93:be:0f:ce:79:44:32:c5:8f:6b:26:d0:92:05:38:a4:
03:fa:ac:98:bc:a5:33:83:64:66:05:35:e3:dd:de:91:62:86:
a3:fb:29:17:7d:95:ce:d1:8e:38:40:f4:d5:c3:6a:9f:02:fe:
be:4e:2b:58:34:9d:b1:44:d3:19:02:db:6d:85:0b:69:c2:b9:
38:77:fa:46:5c:4a:1f:7f:04:81:93:1e:7d:74:4c:2a:0c:51:
e3:85:9c:73:ba:01:da:5d:a9:81:6c:73:43:d6:60:23:c5:cb:
7b:04:d4:5c:24:44:dc:5e:5f:6d:8a:6f:ce:6e:78:e5:62:d4:
bc:ed:49:52:f8:f7:0a:f6:4c:2c:1a:82:c1:30:56:c3:00:f9:
1e:4b:d4:a4:7b:06:a5:a0:3e:df:60:46:16:65:cd:1b:a1:05:
8a:3a:56:77:f6:e1:8a:6d:6b:99:7d:8b:e7:df:2c:b5:af:45:
6d:e5:97:9c:68:4a:d8:02:b2:5e:98:db:ab:13:ac:eb:9d:8d:
bf:07:e2:f3:6c:68:c7:ea:f2:28:7a:dc:96:b6:2c:91:ae:cc:
a8:6a:5f:d3:d3:0c:13:d6:d0:60:6d:73:68:a4:2e:33:1f:9b:
31:8a:5b:e0:2b:55:fe:ed:c6:29:36:89:99:5d:bb:b4:6e:44:
3d:ab:23:b9
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgIEB7EmpTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
Zjg0ZTQ3MzhhNzBlYTM5YzA4Y2VmMjEwNDMyYWUzOTllYzdlOTE1MB4XDTIyMDEw
MTA1NTcwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTg1YmMzOWM4ZDE3
OTQ5ZTNhNTMzYmE4MmU3YWQxYThkODg5NDNmMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMeM2MYaG7bz97z9vop8l0G029v5owGL63HM59MCYEnNm7yY
6HxAkR3Tcb/iMsNE+ZxLl0ThKL4Vnj42QUi8MONBkPIB7fURUblTjGEMaTpz34HW
z0I5ue753uETgqPIkCvJs77W4keGUEuIUQtYmV22RFMBf16jgZKMKQy4REn97O2t
tKmWBnE3+assJLc0XRVV7UrHHdiJhijlvW5ksxpuG27ImpNWUv2icCJ51v7xA7EH
1Nf3LFZOcf4yZirs6XauekKc0Mz7/csca9zagmOD0k+CUg9+3roruh4/6GBd7GUI
06Z+f3aUG30ioyQcLN2KSs26sW0OcdeW5IyvoYsCAwEAAaOCAjkwggI1MB0GA1Ud
DgQWBBToW8OcjReUnjpTO6guetGo2IlD8TAfBgNVHSMEGDAWgBRvhORzinDqOcCM
7yEEMq45nsfpFTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2I0VGtjNHB3NmpuQWpPOGhCREt1T1o3SDZSVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzYvZGRmOGIzLTFjMDgtNDk1Yy04ZGRmLWZhZTVkYmVkM2IxYi8x
LzZGdkRuSTBYbEo0NlV6dW9MbnJScU5pSlFfRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzYv
ZGRmOGIzLTFjMDgtNDk1Yy04ZGRmLWZhZTVkYmVkM2IxYi8xL2I0VGtjNHB3Nmpu
QWpPOGhCREt1T1o3SDZSVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBP
BggrBgEFBQcBBwEB/wRAMD4wPAQCAAEwNgMEAiXdsDAMAwQAJd21AwQDJd2wMAwD
BAC8/4MDBAC8/4QDBAC8/+0wDAMEAdRFFgMEAtRFGDANBgkqhkiG9w0BAQsFAAOC
AQEAmquTvg/OeUQyxY9rJtCSBTikA/qsmLylM4NkZgU1493ekWKGo/spF32VztGO
OED01cNqnwL+vk4rWDSdsUTTGQLbbYULacK5OHf6RlxKH38EgZMefXRMKgxR44Wc
c7oB2l2pgWxzQ9ZgI8XLewTUXCRE3F5fbYpvzm545WLUvO1JUvj3CvZMLBqCwTBW
wwD5HkvUpHsGpaA+32BGFmXNG6EFijpWd/bhim1rmX2L598sta9FbeWXnGhK2AKy
XpjbqxOs652Nvwfi82xox+ryKHrclrYska7MqGpf09MME9bQYG1zaKQuMx+bMYpb
4CtV/u3GKTaJmV27tG5EPasjuQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:03 2024 by rpki-client on console-ams.rpki-client.org