Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/55d10d-b448-4b47-ba58-147adc90ca0f/1/cqNEDylGx31ScO6aXcU7HhOoroA.roa
File: cqNEDylGx31ScO6aXcU7HhOoroA.roa (raw, json)
Hash identifier: m1jDcSPDoRyCquZ1gMnY/gWmh/HWcvEfvPhRVti9wfQ=
Subject key identifier: 72:A3:44:0F:29:46:C7:7D:52:70:EE:9A:5D:C5:3B:1E:13:A8:AE:80
Certificate issuer: /CN=949ff40831ca66f996c76ea466af49476fecd1ff
Certificate serial: 0453D3DA
Authority key identifier: 94:9F:F4:08:31:CA:66:F9:96:C7:6E:A4:66:AF:49:47:6F:EC:D1:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lJ_0CDHKZvmWx26kZq9JR2_s0f8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/55d10d-b448-4b47-ba58-147adc90ca0f/1/cqNEDylGx31ScO6aXcU7HhOoroA.roa
Signing time: Sat 01 Jan 2022 10:00:59 +0000
ROA not before: Sat 01 Jan 2022 10:00:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35236
IP address blocks: 37.221.117.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 72602586 (0x453d3da)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=949ff40831ca66f996c76ea466af49476fecd1ff
Validity
Not Before: Jan 1 10:00:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=72a3440f2946c77d5270ee9a5dc53b1e13a8ae80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:2a:14:b6:af:b6:a4:ac:98:51:92:11:cf:08:
91:c1:d7:44:8a:40:92:af:b6:92:eb:86:8d:b2:fa:
5c:eb:7a:89:16:04:c5:0e:6a:bb:0c:f0:c2:b0:a8:
c3:15:59:92:f3:c3:45:42:2e:5a:58:fb:39:de:13:
42:1b:33:d0:84:f4:32:24:45:cb:e6:c9:0d:3c:82:
55:29:f5:5f:77:90:e9:d0:dd:b2:88:a3:34:c9:ca:
19:86:4e:40:b6:f7:1e:12:d5:62:96:24:91:1e:1a:
1b:c4:b5:da:7e:20:d5:0e:d1:5a:06:aa:4d:60:9f:
4b:f1:2c:55:c9:ec:30:76:b7:6f:ca:b3:0d:34:45:
c2:c2:de:0a:9d:db:a1:aa:a3:8a:49:51:73:91:95:
45:d3:de:96:e4:48:da:ab:10:ab:d1:33:95:af:b2:
ef:fd:77:7d:23:20:d5:96:43:e9:71:bd:92:17:f0:
6e:df:58:1a:3c:0f:82:d4:5f:c3:7b:66:40:36:92:
38:e8:33:e6:96:b6:9c:02:a2:07:d6:46:a1:1a:7c:
95:97:00:2e:b3:4c:1f:ee:ba:ce:84:cc:b1:1a:f4:
a3:2d:6c:cc:d8:98:fb:0c:ac:c4:4e:d0:98:a4:2d:
98:75:41:df:8c:b2:51:ca:a2:61:9c:b2:bb:45:30:
6c:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:A3:44:0F:29:46:C7:7D:52:70:EE:9A:5D:C5:3B:1E:13:A8:AE:80
X509v3 Authority Key Identifier:
keyid:94:9F:F4:08:31:CA:66:F9:96:C7:6E:A4:66:AF:49:47:6F:EC:D1:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lJ_0CDHKZvmWx26kZq9JR2_s0f8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/55d10d-b448-4b47-ba58-147adc90ca0f/1/cqNEDylGx31ScO6aXcU7HhOoroA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/55d10d-b448-4b47-ba58-147adc90ca0f/1/lJ_0CDHKZvmWx26kZq9JR2_s0f8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.221.117.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:c4:6d:e6:2a:64:a8:d3:95:0d:37:a1:a8:a8:2e:16:79:52:
3c:f2:9d:f8:87:cd:aa:63:6b:5e:3a:22:ff:ef:a1:b6:60:66:
25:4f:ae:7f:06:ee:7b:e1:a0:6e:7f:fe:96:e4:f2:7c:83:14:
8a:c7:a3:70:c0:06:97:71:5f:c9:63:b1:7c:d1:65:e5:8b:3d:
b4:c7:07:ed:dd:a6:68:c4:da:74:94:f9:17:09:30:bd:e4:48:
48:e8:d3:05:f1:46:09:15:64:f2:82:ce:72:a3:49:f0:49:1e:
30:6c:f5:23:b3:d5:92:0b:5c:9e:b8:07:ba:7a:de:9c:b7:b1:
1b:7e:1a:4e:73:63:05:2d:76:11:1f:40:f9:47:d2:79:f9:f9:
dc:cc:02:52:40:cb:97:57:1d:ff:26:7f:ed:c2:66:9a:e1:c3:
b3:94:fc:aa:f9:9c:78:5a:9d:9d:00:a5:f3:54:b5:02:2e:2b:
57:70:62:ac:40:1f:53:85:cd:d9:57:bb:fb:f4:31:b2:ab:22:
8f:9f:38:f4:31:c3:7f:0b:9a:67:ed:39:b8:57:e8:a1:16:b0:
7a:f4:c1:8c:64:58:1f:3e:d5:4a:26:ce:c1:dc:6e:65:94:49:
d9:22:42:74:74:0f:66:ad:70:2e:72:0b:71:16:70:a7:f7:27:
0c:b5:c7:3d
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBFPT2jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
NDlmZjQwODMxY2E2NmY5OTZjNzZlYTQ2NmFmNDk0NzZmZWNkMWZmMB4XDTIyMDEw
MTEwMDA1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzJhMzQ0MGYyOTQ2
Yzc3ZDUyNzBlZTlhNWRjNTNiMWUxM2E4YWU4MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALgqFLavtqSsmFGSEc8IkcHXRIpAkq+2kuuGjbL6XOt6iRYE
xQ5quwzwwrCowxVZkvPDRUIuWlj7Od4TQhsz0IT0MiRFy+bJDTyCVSn1X3eQ6dDd
soijNMnKGYZOQLb3HhLVYpYkkR4aG8S12n4g1Q7RWgaqTWCfS/EsVcnsMHa3b8qz
DTRFwsLeCp3boaqjiklRc5GVRdPeluRI2qsQq9Ezla+y7/13fSMg1ZZD6XG9khfw
bt9YGjwPgtRfw3tmQDaSOOgz5pa2nAKiB9ZGoRp8lZcALrNMH+66zoTMsRr0oy1s
zNiY+wysxE7QmKQtmHVB34yyUcqiYZyyu0UwbCMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRyo0QPKUbHfVJw7ppdxTseE6iugDAfBgNVHSMEGDAWgBSUn/QIMcpm+ZbH
bqRmr0lHb+zR/zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2xKXzBDREhLWnZtV3gyNmtacTlKUjJfczBmOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDUvNTVkMTBkLWI0NDgtNGI0Ny1iYTU4LTE0N2FkYzkwY2EwZi8x
L2NxTkVEeWxHeDMxU2NPNmFYY1U3SGhPb3JvQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDUv
NTVkMTBkLWI0NDgtNGI0Ny1iYTU4LTE0N2FkYzkwY2EwZi8xL2xKXzBDREhLWnZt
V3gyNmtacTlKUjJfczBmOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEACXddTANBgkqhkiG9w0BAQsFAAOC
AQEAX8Rt5ipkqNOVDTehqKguFnlSPPKd+IfNqmNrXjoi/++htmBmJU+ufwbue+Gg
bn/+luTyfIMUisejcMAGl3FfyWOxfNFl5Ys9tMcH7d2maMTadJT5FwkwveRISOjT
BfFGCRVk8oLOcqNJ8EkeMGz1I7PVkgtcnrgHunrenLexG34aTnNjBS12ER9A+UfS
efn53MwCUkDLl1cd/yZ/7cJmmuHDs5T8qvmceFqdnQCl81S1Ai4rV3BirEAfU4XN
2Ve7+/Qxsqsij5849DHDfwuaZ+05uFfooRawevTBjGRYHz7VSibOwdxuZZRJ2SJC
dHQPZq1wLnILcRZwp/cnDLXHPQ==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:37:20 2025 by rpki-client