Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/8a344e-0ed8-42b2-a744-a9e8468710a3/1/SWIjF3UUMks-WkL-ou1kW7rADAk.roa
File: SWIjF3UUMks-WkL-ou1kW7rADAk.roa (raw, json)
Hash identifier: D9gcaC5rnBLe5hr4UsKgeWgw2LhR/1VSd0V4ZcrqYC4=
Subject key identifier: 49:62:23:17:75:14:32:4B:3E:5A:42:FE:A2:ED:64:5B:BA:C0:0C:09
Certificate issuer: /CN=c8d335041718b18830b1f58c15d3518510fe6118
Certificate serial: FAE6E2
Authority key identifier: C8:D3:35:04:17:18:B1:88:30:B1:F5:8C:15:D3:51:85:10:FE:61:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yNM1BBcYsYgwsfWMFdNRhRD-YRg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/8a344e-0ed8-42b2-a744-a9e8468710a3/1/SWIjF3UUMks-WkL-ou1kW7rADAk.roa
Signing time: Wed 06 Apr 2022 09:56:27 +0000
ROA not before: Wed 06 Apr 2022 09:56:27 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29286
IP address blocks: 37.1.174.0/24 maxlen: 24
37.1.175.0/24 maxlen: 24
37.1.173.0/24 maxlen: 24
37.252.206.0/24 maxlen: 24
37.252.205.0/24 maxlen: 24
37.252.200.0/21 maxlen: 21
37.252.207.0/24 maxlen: 24
37.1.169.0/24 maxlen: 24
37.1.168.0/21 maxlen: 21
37.1.168.0/24 maxlen: 24
37.1.171.0/24 maxlen: 24
37.1.170.0/24 maxlen: 24
37.1.172.0/24 maxlen: 24
2a03:b7c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16443106 (0xfae6e2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c8d335041718b18830b1f58c15d3518510fe6118
Validity
Not Before: Apr 6 09:56:27 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=496223177514324b3e5a42fea2ed645bbac00c09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:2c:bb:b0:43:68:ff:e9:7e:47:9a:fe:10:a8:
98:9e:7d:2d:b6:16:d4:27:ed:8b:e5:4e:47:88:be:
dc:da:8a:97:cd:2b:7b:e0:93:81:77:8b:15:d6:ac:
05:82:6e:40:aa:8c:67:4a:22:70:cf:50:5f:93:09:
71:c2:a5:dc:42:c1:95:df:e3:b8:9c:f9:5f:2a:fe:
6a:f5:fb:bc:8f:be:15:0f:9d:60:a8:77:34:10:6d:
27:6e:8a:22:65:01:5a:d7:72:ea:55:18:34:51:0c:
4a:67:64:80:ce:fa:8e:42:7c:e8:92:75:24:d2:d3:
9f:53:3a:dc:50:7c:44:9b:6d:1b:c5:38:bc:b4:a9:
db:c7:46:dd:0c:d6:1e:b5:eb:72:98:d1:b4:2a:fe:
c8:93:c6:70:3c:b1:a3:f2:cd:01:f2:ab:65:9b:05:
f9:db:35:59:0f:8a:6d:3b:57:ee:cf:26:79:a0:a9:
d1:c9:58:91:c0:df:fa:ba:c6:52:a8:23:80:05:9a:
57:d6:6b:cc:6d:18:bb:18:78:b0:23:0e:a9:9d:3d:
c0:b0:a4:5b:bf:f1:00:63:71:8e:74:5a:ac:73:2b:
e4:97:33:9a:ce:b5:d7:e5:2e:0a:cb:e5:d1:e1:f2:
90:cc:15:c8:22:41:93:4e:83:d5:49:11:40:ce:33:
a2:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:62:23:17:75:14:32:4B:3E:5A:42:FE:A2:ED:64:5B:BA:C0:0C:09
X509v3 Authority Key Identifier:
keyid:C8:D3:35:04:17:18:B1:88:30:B1:F5:8C:15:D3:51:85:10:FE:61:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yNM1BBcYsYgwsfWMFdNRhRD-YRg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/8a344e-0ed8-42b2-a744-a9e8468710a3/1/SWIjF3UUMks-WkL-ou1kW7rADAk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/8a344e-0ed8-42b2-a744-a9e8468710a3/1/yNM1BBcYsYgwsfWMFdNRhRD-YRg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.1.168.0/21
37.252.200.0/21
IPv6:
2a03:b7c0::/32
Signature Algorithm: sha256WithRSAEncryption
00:15:42:73:4d:87:71:6e:52:f9:b9:dd:c1:17:fd:97:d2:91:
c7:1e:48:59:87:2f:eb:43:48:10:ba:a1:d2:cd:f5:da:b8:89:
a0:54:00:42:99:9d:b3:00:3a:bc:b5:3d:fd:38:a3:2b:e9:57:
04:46:49:37:d5:5c:85:c7:28:dd:3d:06:7c:99:7d:f8:a0:e4:
82:6b:39:58:97:34:32:29:52:0b:a7:08:b8:fb:b4:f3:1f:2c:
d4:aa:8e:a4:ad:84:4f:c8:24:fb:ff:2d:de:5b:b7:b4:b2:d6:
63:32:bf:29:80:2c:cf:26:6b:e0:09:6c:03:2d:94:2d:f9:b9:
cd:bb:5d:83:ce:57:b8:47:55:77:76:5d:03:61:71:2b:10:65:
5b:e4:83:67:df:48:53:42:0c:fe:1e:a8:c9:58:f4:c0:5b:bc:
96:b4:d9:92:ac:77:3f:93:d5:25:0e:1a:e9:8a:ff:c8:b0:6c:
b0:6e:47:a4:cd:e5:ff:1e:72:a5:e4:ee:ff:98:d4:f4:97:c5:
10:d5:42:4e:83:23:4b:b3:36:a9:c9:0e:1e:19:59:e9:13:37:
79:c9:7a:e9:77:57:b0:9d:f2:5d:4c:ed:f4:3f:af:69:a5:16:
ad:dc:04:ae:44:be:44:74:3f:8a:e2:e5:e1:18:ea:f9:04:34:
e9:1e:6d:72
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEAPrm4jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
OGQzMzUwNDE3MThiMTg4MzBiMWY1OGMxNWQzNTE4NTEwZmU2MTE4MB4XDTIyMDQw
NjA5NTYyN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDk2MjIzMTc3NTE0
MzI0YjNlNWE0MmZlYTJlZDY0NWJiYWMwMGMwOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKosu7BDaP/pfkea/hComJ59LbYW1Cfti+VOR4i+3NqKl80r
e+CTgXeLFdasBYJuQKqMZ0oicM9QX5MJccKl3ELBld/juJz5Xyr+avX7vI++FQ+d
YKh3NBBtJ26KImUBWtdy6lUYNFEMSmdkgM76jkJ86JJ1JNLTn1M63FB8RJttG8U4
vLSp28dG3QzWHrXrcpjRtCr+yJPGcDyxo/LNAfKrZZsF+ds1WQ+KbTtX7s8meaCp
0clYkcDf+rrGUqgjgAWaV9ZrzG0Yuxh4sCMOqZ09wLCkW7/xAGNxjnRarHMr5Jcz
ms611+UuCsvl0eHykMwVyCJBk06D1UkRQM4zon8CAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBRJYiMXdRQySz5aQv6i7WRbusAMCTAfBgNVHSMEGDAWgBTI0zUEFxixiDCx
9YwV01GFEP5hGDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3lOTTFCQmNZc1lnd3NmV01GZE5SaFJELVlSZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDEvOGEzNDRlLTBlZDgtNDJiMi1hNzQ0LWE5ZTg0Njg3MTBhMy8x
L1NXSWpGM1VVTWtzLVdrTC1vdTFrVzdyQURBay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDEv
OGEzNDRlLTBlZDgtNDJiMi1hNzQ0LWE5ZTg0Njg3MTBhMy8xL3lOTTFCQmNZc1ln
d3NmV01GZE5SaFJELVlSZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAyUBqAMEAyX8yDANBAIAAjAHAwUA
KgO3wDANBgkqhkiG9w0BAQsFAAOCAQEAABVCc02HcW5S+bndwRf9l9KRxx5IWYcv
60NIELqh0s312riJoFQAQpmdswA6vLU9/TijK+lXBEZJN9Vchcco3T0GfJl9+KDk
gms5WJc0MilSC6cIuPu08x8s1KqOpK2ET8gk+/8t3lu3tLLWYzK/KYAszyZr4Als
Ay2ULfm5zbtdg85XuEdVd3ZdA2FxKxBlW+SDZ99IU0IM/h6oyVj0wFu8lrTZkqx3
P5PVJQ4a6Yr/yLBssG5HpM3l/x5ypeTu/5jU9JfFENVCToMjS7M2qckOHhlZ6RM3
ecl66XdXsJ3yXUzt9D+vaaUWrdwErkS+RHQ/iuLl4Rjq+QQ06R5tcg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:15 2024 by rpki-client on console-ams.rpki-client.org