Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/N6GsjDbg-9eUd6uBpobdp2dV5e4.roa
File: N6GsjDbg-9eUd6uBpobdp2dV5e4.roa (raw, json)
Hash identifier: 0PBBIYHCCCjdAehvYPXkZP+Vv+a73V0h/dXqn9qqxgw=
Subject key identifier: 37:A1:AC:8C:36:E0:FB:D7:94:77:AB:81:A6:86:DD:A7:67:55:E5:EE
Certificate issuer: /CN=458d12f095053c35876b88b47685d6435421fcf2
Certificate serial: 0BA01BAF
Authority key identifier: 45:8D:12:F0:95:05:3C:35:87:6B:88:B4:76:85:D6:43:54:21:FC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/N6GsjDbg-9eUd6uBpobdp2dV5e4.roa
Signing time: Fri 14 Jan 2022 10:13:52 +0000
ROA not before: Fri 14 Jan 2022 10:13:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212228
IP address blocks: 185.158.250.0/24 maxlen: 24
91.242.217.0/24 maxlen: 24
91.240.202.0/24 maxlen: 24
37.10.71.0/24 maxlen: 24
2a0b:7140:2::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 195042223 (0xba01baf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=458d12f095053c35876b88b47685d6435421fcf2
Validity
Not Before: Jan 14 10:13:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=37a1ac8c36e0fbd79477ab81a686dda76755e5ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:45:07:ba:bc:b0:d0:5e:e4:a5:bf:02:e1:dd:
85:11:92:d2:85:4b:5c:ed:fa:c9:c1:fe:73:1c:ec:
53:2c:11:7b:56:84:01:9a:6f:39:d6:b8:bc:6e:32:
1b:af:d4:ae:21:cb:c0:b8:22:ce:a3:73:f9:8a:e3:
89:c3:9d:6d:e0:9b:c2:89:5b:37:12:1b:c1:26:7f:
5c:9b:e8:ea:c9:41:4e:4d:61:e6:66:9a:f3:47:a1:
0b:7d:57:91:e4:f1:63:65:5a:6c:41:fd:bc:fd:76:
60:b7:d7:0f:62:4e:98:4e:e5:06:93:ea:e9:fc:7e:
0c:6c:1e:de:ec:84:35:f6:2f:fc:ff:b7:fe:ce:d9:
9d:01:2a:6d:ea:2c:93:58:47:a3:ef:d1:52:2a:cd:
2b:2c:79:49:9e:de:f8:b1:5e:d5:b1:bc:10:15:25:
2e:c4:7a:9d:cc:80:27:90:c8:c6:b4:cd:eb:57:46:
7a:b4:e5:08:dc:d7:a5:3c:9c:2d:65:7f:0a:75:1e:
71:ff:dd:ab:d0:5a:b7:eb:15:64:11:ae:cb:30:c4:
56:2c:81:d3:7d:77:30:c8:92:b8:bc:c7:6b:d1:2e:
6d:c1:26:df:e6:62:6c:c3:77:aa:b3:f7:ce:4e:75:
fd:1a:1b:a3:f3:9f:ac:80:89:50:af:f3:01:67:2e:
d9:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:A1:AC:8C:36:E0:FB:D7:94:77:AB:81:A6:86:DD:A7:67:55:E5:EE
X509v3 Authority Key Identifier:
keyid:45:8D:12:F0:95:05:3C:35:87:6B:88:B4:76:85:D6:43:54:21:FC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/N6GsjDbg-9eUd6uBpobdp2dV5e4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.10.71.0/24
91.240.202.0/24
91.242.217.0/24
185.158.250.0/24
IPv6:
2a0b:7140:2::/48
Signature Algorithm: sha256WithRSAEncryption
16:44:2d:d0:d5:58:5f:b5:6d:01:4f:b0:b2:13:3b:56:ba:42:
c0:5e:2a:af:4b:3a:92:83:19:75:eb:0a:5c:90:57:46:46:56:
5a:9f:6d:7c:c6:17:c4:87:6d:3d:66:23:b1:8f:95:b1:13:28:
2e:93:75:65:1d:27:15:05:9e:08:81:86:3e:b5:04:36:70:5e:
68:76:8d:24:24:7d:93:46:25:52:5c:77:6f:55:1f:bc:f2:63:
1f:8c:a7:22:4d:e2:a1:de:0f:09:df:0f:2a:1b:03:9b:e0:41:
1d:3b:41:2f:df:4c:ae:21:65:f9:b6:90:29:07:f9:70:28:77:
e3:44:5e:42:2e:c9:87:a6:f6:09:03:09:27:03:50:d7:65:c2:
bc:d8:d5:1d:54:6f:09:83:30:56:e3:01:9d:59:49:2b:76:d8:
13:8e:b3:6e:db:b8:e1:f8:96:43:ba:fc:25:16:ba:7c:36:e5:
c2:66:a6:d5:46:ae:66:6f:d5:74:8d:4d:cc:3d:7e:71:cc:a8:
ba:c4:09:e9:da:13:e3:e1:91:3d:be:0b:8d:22:79:cc:38:1e:
4e:1d:b4:42:95:e4:24:0e:12:96:d7:3b:0e:8f:0a:8a:f1:29:
1a:d0:69:a9:48:9f:5d:c7:63:06:26:4b:37:ec:5f:90:c0:00:
1c:a5:da:c5
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIEC6AbrzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
NThkMTJmMDk1MDUzYzM1ODc2Yjg4YjQ3Njg1ZDY0MzU0MjFmY2YyMB4XDTIyMDEx
NDEwMTM1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzdhMWFjOGMzNmUw
ZmJkNzk0NzdhYjgxYTY4NmRkYTc2NzU1ZTVlZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANNFB7q8sNBe5KW/AuHdhRGS0oVLXO36ycH+cxzsUywRe1aE
AZpvOda4vG4yG6/UriHLwLgizqNz+YrjicOdbeCbwolbNxIbwSZ/XJvo6slBTk1h
5maa80ehC31XkeTxY2VabEH9vP12YLfXD2JOmE7lBpPq6fx+DGwe3uyENfYv/P+3
/s7ZnQEqbeosk1hHo+/RUirNKyx5SZ7e+LFe1bG8EBUlLsR6ncyAJ5DIxrTN61dG
erTlCNzXpTycLWV/CnUecf/dq9Bat+sVZBGuyzDEViyB0313MMiSuLzHa9EubcEm
3+ZibMN3qrP3zk51/Robo/OfrICJUK/zAWcu2RMCAwEAAaOCAiwwggIoMB0GA1Ud
DgQWBBQ3oayMNuD715R3q4Gmht2nZ1Xl7jAfBgNVHSMEGDAWgBRFjRLwlQU8NYdr
iLR2hdZDVCH88jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1JZMFM4SlVGUERXSGE0aTBkb1hXUTFRaF9QSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2EvN2NlY2M3LWY2M2QtNDNmYy1iMjE5LTM5NTU5NTllYWY4MS8x
L042R3NqRGJnLTllVWQ2dUJwb2JkcDJkVjVlNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Ev
N2NlY2M3LWY2M2QtNDNmYy1iMjE5LTM5NTU5NTllYWY4MS8xL1JZMFM4SlVGUERX
SGE0aTBkb1hXUTFRaF9QSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBC
BggrBgEFBQcBBwEB/wQzMDEwHgQCAAEwGAMEACUKRwMEAFvwygMEAFvy2QMEALme
+jAPBAIAAjAJAwcAKgtxQAACMA0GCSqGSIb3DQEBCwUAA4IBAQAWRC3Q1VhftW0B
T7CyEztWukLAXiqvSzqSgxl16wpckFdGRlZan218xhfEh209ZiOxj5WxEyguk3Vl
HScVBZ4IgYY+tQQ2cF5odo0kJH2TRiVSXHdvVR+88mMfjKciTeKh3g8J3w8qGwOb
4EEdO0Ev30yuIWX5tpApB/lwKHfjRF5CLsmHpvYJAwknA1DXZcK82NUdVG8JgzBW
4wGdWUkrdtgTjrNu27jh+JZDuvwlFrp8NuXCZqbVRq5mb9V0jU3MPX5xzKi6xAnp
2hPj4ZE9vguNInnMOB5OHbRCleQkDhKW1zsOjwqK8Ska0GmpSJ9dx2MGJks37F+Q
wAAcpdrF
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:02 2024 by rpki-client on console-fra.rpki-client.org