Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/6db797-a3d3-4241-903a-0c66840198d0/1/luIm7gw3sB97GS5TxNtqi-zp234.roa
File: luIm7gw3sB97GS5TxNtqi-zp234.roa (raw, json)
Hash identifier: 0f6+aAiOYa/ruDeh8OXziGlx+vncn973V32GxFjeW9Y=
Subject key identifier: 96:E2:26:EE:0C:37:B0:1F:7B:19:2E:53:C4:DB:6A:8B:EC:E9:DB:7E
Certificate issuer: /CN=6a8edda2f21c885fbe67286218b8318d6ad23896
Certificate serial: 01884925A83DFFADA991E63D883B492AA5FC
Authority key identifier: 6A:8E:DD:A2:F2:1C:88:5F:BE:67:28:62:18:B8:31:8D:6A:D2:38:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ao7dovIciF--ZyhiGLgxjWrSOJY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/6db797-a3d3-4241-903a-0c66840198d0/1/luIm7gw3sB97GS5TxNtqi-zp234.roa
Signing time: Tue 23 May 2023 15:06:24 +0000
ROA not before: Tue 23 May 2023 15:06:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198193
IP address blocks: 185.28.216.0/23 maxlen: 23
185.28.218.0/23 maxlen: 23
185.104.164.0/23 maxlen: 23
185.104.166.0/23 maxlen: 23
37.10.108.0/24 maxlen: 24
91.216.122.0/24 maxlen: 24
37.10.70.0/24 maxlen: 24
185.217.112.0/23 maxlen: 23
185.217.114.0/23 maxlen: 23
91.216.73.0/24 maxlen: 24
91.216.77.0/24 maxlen: 24
185.91.192.0/23 maxlen: 23
91.216.100.0/24 maxlen: 24
185.42.22.0/23 maxlen: 23
185.42.20.0/23 maxlen: 23
185.91.194.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:49:25:a8:3d:ff:ad:a9:91:e6:3d:88:3b:49:2a:a5:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a8edda2f21c885fbe67286218b8318d6ad23896
Validity
Not Before: May 23 15:06:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=96e226ee0c37b01f7b192e53c4db6a8bece9db7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:33:71:27:31:49:62:7c:a4:5d:e3:ed:3a:ce:
ed:36:42:a9:3d:ff:1e:02:34:72:66:81:b5:41:98:
e1:1c:cf:0b:a3:96:90:d2:fb:ff:ac:9b:ef:db:71:
4c:03:6e:17:dd:d1:9b:1b:f8:f1:42:f9:5e:84:e8:
36:94:e5:d0:85:18:e7:8d:ef:2d:4d:8d:8c:ce:47:
69:5b:b3:72:9d:da:bd:6a:a9:5c:2e:dc:52:14:b7:
f1:92:13:c5:32:60:9e:3d:29:7f:98:aa:58:11:a3:
d0:6b:67:60:84:43:3c:37:ed:4e:68:6f:ca:df:ef:
ca:ef:9c:2c:f0:eb:48:5b:e2:da:bd:b8:eb:81:e6:
cc:fb:7d:2f:a8:49:e4:de:9f:a7:f8:94:ed:23:fa:
8c:da:02:28:0e:59:51:3d:a6:48:28:95:a1:84:74:
1d:bf:ff:ee:2d:4e:f3:5f:c0:ae:b7:bc:f8:98:de:
dc:25:fb:5d:da:a1:ee:87:72:eb:fb:4a:02:49:e9:
d3:6c:d9:e5:71:83:a4:e5:d0:44:f8:41:b0:01:c3:
3c:0f:24:1b:34:7c:b3:17:07:ea:4a:09:0c:0a:a7:
10:10:53:97:c8:1c:4b:e9:e8:f5:f0:6f:ed:2f:42:
5a:45:91:10:29:29:33:59:2e:24:28:84:33:1a:6b:
2f:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:E2:26:EE:0C:37:B0:1F:7B:19:2E:53:C4:DB:6A:8B:EC:E9:DB:7E
X509v3 Authority Key Identifier:
keyid:6A:8E:DD:A2:F2:1C:88:5F:BE:67:28:62:18:B8:31:8D:6A:D2:38:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ao7dovIciF--ZyhiGLgxjWrSOJY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/6db797-a3d3-4241-903a-0c66840198d0/1/luIm7gw3sB97GS5TxNtqi-zp234.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/6db797-a3d3-4241-903a-0c66840198d0/1/ao7dovIciF--ZyhiGLgxjWrSOJY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.10.70.0/24
37.10.108.0/24
91.216.73.0/24
91.216.77.0/24
91.216.100.0/24
91.216.122.0/24
185.28.216.0/22
185.42.20.0/22
185.91.192.0/22
185.104.164.0/22
185.217.112.0/22
Signature Algorithm: sha256WithRSAEncryption
58:53:d4:e9:ce:92:5f:3b:e7:6d:7a:1b:2c:1d:8c:af:44:a9:
7a:f6:f5:1d:cd:70:5f:02:7e:44:c4:e1:52:9b:a2:6b:8b:bb:
2a:43:89:0c:1a:07:ae:f8:b3:dc:4a:65:f8:8d:17:5a:61:04:
0b:e9:aa:5a:ad:0b:f9:16:45:7e:25:0d:7e:b7:6a:cb:31:61:
97:d1:16:a7:a1:af:12:b3:e2:69:b7:d9:bc:a4:a4:20:71:c6:
a8:26:45:a1:c1:5d:75:5a:da:08:7c:24:89:53:ca:d9:e3:41:
65:63:5a:cd:06:e4:3b:f8:bc:48:e7:38:39:b4:66:43:bc:a0:
ed:1a:e6:58:d5:93:a4:b3:cc:3f:b8:63:0e:93:69:47:69:92:
92:80:79:f8:89:66:f5:c7:d4:fa:35:19:80:25:3c:b1:1e:a7:
ef:4c:d5:da:b9:04:1e:f3:c9:48:2f:95:7c:60:d7:09:09:63:
5d:3e:8a:bd:f5:f7:ee:3e:5d:01:15:b6:c9:f9:ad:ba:bd:d3:
fa:b4:05:6b:eb:8b:4e:da:2e:67:fd:2b:a9:c9:cc:39:ea:de:
93:9c:d1:ed:b6:8e:84:13:0a:61:ae:1a:88:e2:da:2a:6a:55:
94:af:ef:ee:90:81:38:0f:bb:c1:6c:0c:cb:b3:ba:6a:e2:07:
c5:9b:69:1c
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYhJJag9/62pkeY9iDtJKqX8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhOGVkZGEyZjIxYzg4NWZiZTY3Mjg2MjE4YjgzMThkNmFk
MjM4OTYwHhcNMjMwNTIzMTUwNjI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NmUyMjZlZTBjMzdiMDFmN2IxOTJlNTNjNGRiNmE4YmVjZTlkYjdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyDNxJzFJYnykXePtOs7tNkKpPf8e
AjRyZoG1QZjhHM8Lo5aQ0vv/rJvv23FMA24X3dGbG/jxQvlehOg2lOXQhRjnje8t
TY2MzkdpW7Nyndq9aqlcLtxSFLfxkhPFMmCePSl/mKpYEaPQa2dghEM8N+1OaG/K
3+/K75ws8OtIW+LavbjrgebM+30vqEnk3p+n+JTtI/qM2gIoDllRPaZIKJWhhHQd
v//uLU7zX8Cut7z4mN7cJftd2qHuh3Lr+0oCSenTbNnlcYOk5dBE+EGwAcM8DyQb
NHyzFwfqSgkMCqcQEFOXyBxL6ej18G/tL0JaRZEQKSkzWS4kKIQzGmsv/QIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFJbiJu4MN7AfexkuU8Tbaovs6dt+MB8GA1UdIwQY
MBaAFGqO3aLyHIhfvmcoYhi4MY1q0jiWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYW83ZG92SWNpRi0tWnloaUdMZ3hqV3JTT0pZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS82ZGI3OTctYTNkMy00MjQxLTkwM2Et
MGM2Njg0MDE5OGQwLzEvbHVJbTdndzNzQjk3R1M1VHhOdHFpLXpwMjM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS82ZGI3OTctYTNkMy00MjQxLTkwM2EtMGM2Njg0MDE5OGQw
LzEvYW83ZG92SWNpRi0tWnloaUdMZ3hqV3JTT0pZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQAJQpGAwQA
JQpsAwQAW9hJAwQAW9hNAwQAW9hkAwQAW9h6AwQCuRzYAwQCuSoUAwQCuVvAAwQC
uWikAwQCudlwMA0GCSqGSIb3DQEBCwUAA4IBAQBYU9TpzpJfO+dtehssHYyvRKl6
9vUdzXBfAn5ExOFSm6Jri7sqQ4kMGgeu+LPcSmX4jRdaYQQL6aparQv5FkV+JQ1+
t2rLMWGX0Ranoa8Ss+Jpt9m8pKQgccaoJkWhwV11WtoIfCSJU8rZ40FlY1rNBuQ7
+LxI5zg5tGZDvKDtGuZY1ZOks8w/uGMOk2lHaZKSgHn4iWb1x9T6NRmAJTyxHqfv
TNXauQQe88lIL5V8YNcJCWNdPoq99ffuPl0BFbbJ+a26vdP6tAVr64tO2i5n/Sup
ycw56t6TnNHtto6EEwphrhqI4toqalWUr+/ukIE4D7vBbAzLs7pq4gfFm2kc
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:32:55 2025 by rpki-client