Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/f4baea-f054-4e23-9aa8-0ff8cafe5dea/1/Uzz6esEeBb0eIXdmc_hdWaDkthQ.roa
File: Uzz6esEeBb0eIXdmc_hdWaDkthQ.roa (raw, json)
Hash identifier: PdKxjx794Hg5jVwOxwz60yhczCC2wYSYnBy714Q56aA=
Subject key identifier: 53:3C:FA:7A:C1:1E:05:BD:1E:21:77:66:73:F8:5D:59:A0:E4:B6:14
Certificate issuer: /CN=ecdf3696cf74ea955be383874e39a727aa6824f1
Certificate serial: F0062B
Authority key identifier: EC:DF:36:96:CF:74:EA:95:5B:E3:83:87:4E:39:A7:27:AA:68:24:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7N82ls906pVb44OHTjmnJ6poJPE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/f4baea-f054-4e23-9aa8-0ff8cafe5dea/1/Uzz6esEeBb0eIXdmc_hdWaDkthQ.roa
Signing time: Sat 01 Jan 2022 08:04:34 +0000
ROA not before: Sat 01 Jan 2022 08:04:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210733
IP address blocks: 37.72.137.0/24 maxlen: 24
2a11:3040::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15730219 (0xf0062b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ecdf3696cf74ea955be383874e39a727aa6824f1
Validity
Not Before: Jan 1 08:04:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=533cfa7ac11e05bd1e21776673f85d59a0e4b614
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:f6:8e:66:d0:91:b7:af:e3:6d:a2:b7:66:62:
62:f5:52:45:cb:8d:3e:bc:f9:b5:ca:1e:76:80:c3:
e7:bd:aa:a1:b6:b5:24:db:47:66:5c:43:7c:9f:85:
2f:d2:be:84:07:3b:b6:7e:54:0e:58:a7:24:ab:3e:
50:16:4d:5b:21:3a:81:27:dc:db:53:69:9d:00:20:
aa:82:50:e8:36:ad:8f:1f:9c:e4:c6:5b:9b:ce:e2:
b0:7c:03:2b:04:a5:45:fc:cd:8b:4c:4d:5b:a8:02:
6a:b5:4b:7f:a0:62:9b:7a:bd:0a:1d:3a:ff:9d:4a:
20:29:59:c6:41:3e:80:ac:0a:ba:c0:51:52:1e:c9:
05:3c:4a:8e:67:0a:9c:09:b4:c1:ee:89:3c:98:e6:
1b:9a:c1:25:db:0f:2d:d0:40:8f:37:b5:d6:79:66:
4c:a1:a3:ca:2c:f9:c6:6e:1a:09:91:b8:13:28:a3:
f6:bf:b6:c3:8a:ec:27:f8:fb:c9:66:89:22:ef:41:
18:9c:4c:55:2e:5c:ce:49:b4:cc:34:5e:89:94:76:
a3:5e:2f:56:ff:74:e7:d5:1b:19:cf:3b:f4:a7:65:
68:d9:be:ed:c2:b3:50:6a:67:49:7e:2a:a0:64:40:
cb:86:86:01:5b:bf:53:e5:a8:09:97:af:3b:8d:e1:
ed:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:3C:FA:7A:C1:1E:05:BD:1E:21:77:66:73:F8:5D:59:A0:E4:B6:14
X509v3 Authority Key Identifier:
keyid:EC:DF:36:96:CF:74:EA:95:5B:E3:83:87:4E:39:A7:27:AA:68:24:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7N82ls906pVb44OHTjmnJ6poJPE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/f4baea-f054-4e23-9aa8-0ff8cafe5dea/1/Uzz6esEeBb0eIXdmc_hdWaDkthQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/f4baea-f054-4e23-9aa8-0ff8cafe5dea/1/7N82ls906pVb44OHTjmnJ6poJPE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.72.137.0/24
IPv6:
2a11:3040::/29
Signature Algorithm: sha256WithRSAEncryption
41:97:a5:37:9a:51:88:31:02:77:c4:ac:f1:06:41:13:4e:72:
f8:a4:4b:14:50:72:3c:fe:73:99:63:22:2e:69:e8:69:38:f6:
38:45:c7:74:fc:ff:9f:2f:f8:08:f4:d3:7f:20:ee:f0:ea:6b:
b2:39:75:b8:b1:6b:91:cb:7d:3a:06:93:c8:e9:94:70:2a:43:
07:c6:22:0b:ab:a7:93:54:c0:4e:64:55:25:dc:8a:04:1a:ef:
69:70:1a:77:36:bb:41:98:ce:cb:e0:4c:2d:df:a1:ec:10:cf:
6a:17:cd:56:c5:fa:73:7a:04:cf:6b:36:d9:8a:3b:95:89:b6:
f2:c5:9d:31:6e:b5:da:b5:53:53:12:40:be:0e:7a:26:ad:33:
d7:d0:a5:3f:8b:0a:b2:74:4a:65:ae:f6:8e:92:6a:50:b8:e3:
e8:87:74:ca:cd:9b:ed:c9:a5:97:59:c0:ac:92:26:d0:ff:36:
5c:c3:ed:f3:b4:82:f9:61:3e:cc:30:6d:07:38:b4:4a:61:6f:
2a:a3:27:b4:f6:25:a1:0d:fd:e6:3b:0f:37:bc:b9:0c:38:78:
34:61:0a:90:a2:f5:77:ce:3e:b7:12:01:5d:2d:0e:92:c6:ed:
c5:4e:3b:73:d7:42:19:22:3c:d7:7b:02:4b:0f:f5:41:0a:bd:
8f:a5:7c:ad
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEAPAGKzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
Y2RmMzY5NmNmNzRlYTk1NWJlMzgzODc0ZTM5YTcyN2FhNjgyNGYxMB4XDTIyMDEw
MTA4MDQzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTMzY2ZhN2FjMTFl
MDViZDFlMjE3NzY2NzNmODVkNTlhMGU0YjYxNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANf2jmbQkbev422it2ZiYvVSRcuNPrz5tcoedoDD572qoba1
JNtHZlxDfJ+FL9K+hAc7tn5UDlinJKs+UBZNWyE6gSfc21NpnQAgqoJQ6Datjx+c
5MZbm87isHwDKwSlRfzNi0xNW6gCarVLf6Bim3q9Ch06/51KIClZxkE+gKwKusBR
Uh7JBTxKjmcKnAm0we6JPJjmG5rBJdsPLdBAjze11nlmTKGjyiz5xm4aCZG4Eyij
9r+2w4rsJ/j7yWaJIu9BGJxMVS5czkm0zDReiZR2o14vVv9059UbGc879KdlaNm+
7cKzUGpnSX4qoGRAy4aGAVu/U+WoCZevO43h7ScCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBRTPPp6wR4FvR4hd2Zz+F1ZoOS2FDAfBgNVHSMEGDAWgBTs3zaWz3TqlVvj
g4dOOacnqmgk8TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzdOODJsczkwNnBWYjQ0T0hUam1uSjZwb0pQRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDAvZjRiYWVhLWYwNTQtNGUyMy05YWE4LTBmZjhjYWZlNWRlYS8x
L1V6ejZlc0VlQmIwZUlYZG1jX2hkV2FEa3RoUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDAv
ZjRiYWVhLWYwNTQtNGUyMy05YWE4LTBmZjhjYWZlNWRlYS8xLzdOODJsczkwNnBW
YjQ0T0hUam1uSjZwb0pQRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEACVIiTANBAIAAjAHAwUDKhEwQDAN
BgkqhkiG9w0BAQsFAAOCAQEAQZelN5pRiDECd8Ss8QZBE05y+KRLFFByPP5zmWMi
LmnoaTj2OEXHdPz/ny/4CPTTfyDu8Oprsjl1uLFrkct9OgaTyOmUcCpDB8YiC6un
k1TATmRVJdyKBBrvaXAadza7QZjOy+BMLd+h7BDPahfNVsX6c3oEz2s22Yo7lYm2
8sWdMW612rVTUxJAvg56Jq0z19ClP4sKsnRKZa72jpJqULjj6Id0ys2b7cmll1nA
rJIm0P82XMPt87SC+WE+zDBtBzi0SmFvKqMntPYloQ395jsPN7y5DDh4NGEKkKL1
d84+txIBXS0OksbtxU47c9dCGSI813sCSw/1QQq9j6V8rQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:05:58 2025 by rpki-client