Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/397546-dc7b-4660-8a51-bf59fc1cb26d/1/Hn0XgqwRYTYronBRqPRBUSN6hpA.roa
File: Hn0XgqwRYTYronBRqPRBUSN6hpA.roa (raw, json)
Hash identifier: Dz8k0Zax+FoZYvO0BX4hGkdpyT28W0AjyfNV1XHSKYY=
Subject key identifier: 1E:7D:17:82:AC:11:61:36:2B:A2:70:51:A8:F4:41:51:23:7A:86:90
Certificate issuer: /CN=24ba4f52ac1be0755d34bc5483c061bdf293447e
Certificate serial: 0A523C08
Authority key identifier: 24:BA:4F:52:AC:1B:E0:75:5D:34:BC:54:83:C0:61:BD:F2:93:44:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JLpPUqwb4HVdNLxUg8BhvfKTRH4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/397546-dc7b-4660-8a51-bf59fc1cb26d/1/Hn0XgqwRYTYronBRqPRBUSN6hpA.roa
Signing time: Sat 01 Jan 2022 09:53:35 +0000
ROA not before: Sat 01 Jan 2022 09:53:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8781
IP address blocks: 37.211.192.0/20 maxlen: 24
37.211.96.0/22 maxlen: 24
78.100.64.0/20 maxlen: 20
37.211.104.0/22 maxlen: 24
185.96.224.0/22 maxlen: 22
37.211.100.0/22 maxlen: 24
37.211.112.0/22 maxlen: 24
37.211.108.0/22 maxlen: 24
37.211.116.0/22 maxlen: 24
37.211.124.0/22 maxlen: 24
37.211.120.0/22 maxlen: 24
176.202.0.0/15 maxlen: 24
37.211.208.0/22 maxlen: 24
37.211.212.0/22 maxlen: 24
37.211.216.0/22 maxlen: 24
37.211.224.0/22 maxlen: 24
37.211.228.0/22 maxlen: 24
37.211.232.0/22 maxlen: 24
37.211.236.0/22 maxlen: 24
37.211.240.0/20 maxlen: 24
86.62.241.0/24 maxlen: 24
89.211.48.0/20 maxlen: 20
86.62.192.0/18 maxlen: 24
89.211.4.0/24 maxlen: 24
89.211.3.0/24 maxlen: 24
89.211.0.0/16 maxlen: 24
89.211.7.0/24 maxlen: 24
89.211.6.0/24 maxlen: 24
89.211.5.0/24 maxlen: 24
89.211.16.0/21 maxlen: 21
89.211.24.0/21 maxlen: 21
89.211.32.0/20 maxlen: 20
37.210.0.0/15 maxlen: 24
212.77.192.0/19 maxlen: 19
212.77.192.0/24 maxlen: 24
212.77.199.0/24 maxlen: 24
212.77.204.0/24 maxlen: 24
212.77.202.0/24 maxlen: 24
212.77.207.0/24 maxlen: 24
212.77.211.0/24 maxlen: 24
212.77.210.0/24 maxlen: 24
212.77.209.0/24 maxlen: 24
212.77.218.0/24 maxlen: 24
212.77.217.0/24 maxlen: 24
212.77.221.0/24 maxlen: 24
212.77.220.0/24 maxlen: 24
82.148.96.0/19 maxlen: 24
82.148.96.0/24 maxlen: 24
178.152.0.0/15 maxlen: 24
2001:1a10::/29 maxlen: 29
2001:1a10:c1::/48 maxlen: 48
2001:1a10:1::/48 maxlen: 48
2001:1a11::/32 maxlen: 32
2001:1a10:cd::/48 maxlen: 64
2001:1a10::/40 maxlen: 40
2001:1a10:100::/40 maxlen: 40
2001:1a10::/32 maxlen: 40
2001:1a10:4000::/36 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 173161480 (0xa523c08)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=24ba4f52ac1be0755d34bc5483c061bdf293447e
Validity
Not Before: Jan 1 09:53:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1e7d1782ac1161362ba27051a8f44151237a8690
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:69:2d:01:28:89:d3:6d:09:c3:da:a2:57:95:
71:62:98:fc:e3:fa:c7:94:80:a8:90:58:2a:03:d5:
d5:81:8b:9f:50:8e:ba:73:d7:dd:22:07:67:b6:7c:
47:5a:4e:11:ad:5f:37:9c:bc:32:d1:fb:76:c9:82:
0e:f8:90:a5:31:3c:76:39:9f:28:09:5a:2c:a8:1b:
8d:81:91:bf:29:70:16:29:fe:52:fd:1e:7f:98:21:
65:90:76:dd:09:bd:fb:34:fa:6a:27:1e:8c:1b:e3:
68:88:61:04:9c:1c:7c:11:4f:5e:0b:44:a6:74:5d:
3b:f3:41:35:f3:e1:7e:55:f3:e3:85:60:ef:18:8d:
14:6b:94:5c:bf:56:a6:8d:c3:cc:28:50:fc:61:ce:
67:e5:32:f0:49:c4:dd:0d:0d:46:2f:3d:1b:a9:48:
97:12:26:5b:42:c6:02:8f:a4:95:46:57:00:68:16:
f0:da:c5:49:ee:91:13:06:4b:97:97:5d:3a:d7:18:
20:a4:68:ae:1d:e3:3a:55:3c:45:ff:c7:d9:fc:d5:
62:79:c6:26:a7:73:05:b7:d1:21:3f:19:cd:97:20:
9c:16:23:56:f0:fa:16:88:82:26:ce:72:8e:e2:0b:
15:d5:36:36:4c:d7:a2:83:24:c8:89:7f:8b:b4:10:
2c:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:7D:17:82:AC:11:61:36:2B:A2:70:51:A8:F4:41:51:23:7A:86:90
X509v3 Authority Key Identifier:
keyid:24:BA:4F:52:AC:1B:E0:75:5D:34:BC:54:83:C0:61:BD:F2:93:44:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JLpPUqwb4HVdNLxUg8BhvfKTRH4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/397546-dc7b-4660-8a51-bf59fc1cb26d/1/Hn0XgqwRYTYronBRqPRBUSN6hpA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/397546-dc7b-4660-8a51-bf59fc1cb26d/1/JLpPUqwb4HVdNLxUg8BhvfKTRH4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.210.0.0/15
78.100.64.0/20
82.148.96.0/19
86.62.192.0/18
89.211.0.0/16
176.202.0.0/15
178.152.0.0/15
185.96.224.0/22
212.77.192.0/19
IPv6:
2001:1a10::/29
Signature Algorithm: sha256WithRSAEncryption
07:53:e3:05:fc:05:8d:53:33:56:79:01:8d:2c:5c:df:cc:42:
0b:37:b7:da:85:26:33:a4:9f:5d:fd:46:99:72:c4:c1:64:81:
f7:74:94:c5:1e:ca:1a:5d:cf:3f:8a:23:44:29:f4:20:36:92:
07:b9:11:83:81:89:da:a5:e8:90:9f:6e:df:06:87:97:42:52:
01:11:e4:cf:e1:ca:cb:8d:e4:12:9a:a9:46:d5:3d:9d:23:0b:
27:3c:c8:31:d9:d0:8d:72:de:2a:a5:7e:c8:9e:f5:1d:9b:89:
cd:f8:3c:99:f6:17:af:bb:3c:7f:91:be:d7:32:d3:a9:f6:dc:
e6:3e:b7:98:ff:df:a9:08:ab:d5:ac:7c:62:d8:14:98:44:76:
1d:c3:25:a7:9d:64:3c:fa:23:e7:76:b4:1b:82:93:e3:66:6f:
f2:cb:42:5d:f2:09:15:24:c5:13:ba:b3:67:59:bc:69:28:aa:
93:19:65:29:9a:c5:56:db:ee:92:43:66:e9:ce:e6:77:d4:ae:
70:4f:6a:64:36:b3:85:08:a8:1c:62:c7:cd:82:67:d2:f4:c0:
a7:07:7f:75:42:91:99:cd:b4:b9:9e:6c:50:09:b8:63:eb:3f:
0a:16:81:41:e8:df:c0:1a:ff:ed:ad:95:16:4c:9f:09:23:14:
f1:3b:e1:c2
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIEClI8CDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
NGJhNGY1MmFjMWJlMDc1NWQzNGJjNTQ4M2MwNjFiZGYyOTM0NDdlMB4XDTIyMDEw
MTA5NTMzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWU3ZDE3ODJhYzEx
NjEzNjJiYTI3MDUxYThmNDQxNTEyMzdhODY5MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALhpLQEoidNtCcPaoleVcWKY/OP6x5SAqJBYKgPV1YGLn1CO
unPX3SIHZ7Z8R1pOEa1fN5y8MtH7dsmCDviQpTE8djmfKAlaLKgbjYGRvylwFin+
Uv0ef5ghZZB23Qm9+zT6aicejBvjaIhhBJwcfBFPXgtEpnRdO/NBNfPhflXz44Vg
7xiNFGuUXL9Wpo3DzChQ/GHOZ+Uy8EnE3Q0NRi89G6lIlxImW0LGAo+klUZXAGgW
8NrFSe6REwZLl5ddOtcYIKRorh3jOlU8Rf/H2fzVYnnGJqdzBbfRIT8ZzZcgnBYj
VvD6FoiCJs5yjuILFdU2NkzXooMkyIl/i7QQLHcCAwEAAaOCAkQwggJAMB0GA1Ud
DgQWBBQefReCrBFhNiuicFGo9EFRI3qGkDAfBgNVHSMEGDAWgBQkuk9SrBvgdV00
vFSDwGG98pNEfjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0pMcFBVcXdiNEhWZE5MeFVnOEJodmZLVFJINC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzcvMzk3NTQ2LWRjN2ItNDY2MC04YTUxLWJmNTlmYzFjYjI2ZC8x
L0huMFhncXdSWVRZcm9uQlJxUFJCVVNONmhwQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzcv
Mzk3NTQ2LWRjN2ItNDY2MC04YTUxLWJmNTlmYzFjYjI2ZC8xL0pMcFBVcXdiNEhW
ZE5MeFVnOEJodmZLVFJINC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBa
BggrBgEFBQcBBwEB/wRLMEkwOAQCAAEwMgMDASXSAwQETmRAAwQFUpRgAwQGVj7A
AwMAWdMDAwGwygMDAbKYAwQCuWDgAwQF1E3AMA0EAgACMAcDBQMgARoQMA0GCSqG
SIb3DQEBCwUAA4IBAQAHU+MF/AWNUzNWeQGNLFzfzEILN7fahSYzpJ9d/UaZcsTB
ZIH3dJTFHsoaXc8/iiNEKfQgNpIHuRGDgYnapeiQn27fBoeXQlIBEeTP4crLjeQS
mqlG1T2dIwsnPMgx2dCNct4qpX7InvUdm4nN+DyZ9hevuzx/kb7XMtOp9tzmPreY
/9+pCKvVrHxi2BSYRHYdwyWnnWQ8+iPndrQbgpPjZm/yy0Jd8gkVJMUTurNnWbxp
KKqTGWUpmsVW2+6SQ2bpzuZ31K5wT2pkNrOFCKgcYsfNgmfS9MCnB391QpGZzbS5
nmxQCbhj6z8KFoFB6N/AGv/trZUWTJ8JIxTxO+HC
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:21 2023 by rpki-client on console-ams.rpki-client.org