Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/6PL9MNNEWRH4uhTWXrbBUfkPoM4.roa
File: 6PL9MNNEWRH4uhTWXrbBUfkPoM4.roa (raw, json)
Hash identifier: M+BvxSSC5ZUn4zSwDrgUBKmD4lmS/2Jg35HwfMl01kQ=
Subject key identifier: E8:F2:FD:30:D3:44:59:11:F8:BA:14:D6:5E:B6:C1:51:F9:0F:A0:CE
Certificate issuer: /CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
Certificate serial: 1F94B275
Authority key identifier: 29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/6PL9MNNEWRH4uhTWXrbBUfkPoM4.roa
Signing time: Sat 01 Jan 2022 14:06:39 +0000
ROA not before: Sat 01 Jan 2022 14:06:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 58212
IP address blocks: 37.114.42.0/24 maxlen: 24
37.114.43.0/24 maxlen: 24
37.114.44.0/24 maxlen: 24
37.114.44.0/23 maxlen: 24
37.114.45.0/24 maxlen: 24
103.252.89.0/24 maxlen: 24
103.252.90.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 529838709 (0x1f94b275)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
Validity
Not Before: Jan 1 14:06:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e8f2fd30d3445911f8ba14d65eb6c151f90fa0ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:22:78:ab:ab:6d:12:e8:15:f4:42:c3:14:f0:
f5:c7:2f:89:69:21:9a:4b:01:17:5e:26:0b:b0:fc:
5b:25:d8:f3:46:39:85:7d:e3:a5:08:c4:29:e2:fa:
83:45:c9:b7:98:84:a2:bf:19:70:6d:21:7c:a0:be:
a1:d2:4d:eb:38:4c:e6:08:2f:be:ce:c3:d9:65:67:
d5:60:db:95:0e:bb:9d:0c:0f:d2:66:8f:87:f1:ee:
e0:5b:ef:54:c3:8e:36:1d:e5:4d:da:2a:40:59:a4:
f6:05:5a:33:b0:b4:6c:ec:51:73:50:6f:ae:db:de:
c6:ee:f4:42:ee:bf:62:ac:55:08:ce:98:7b:25:50:
4d:44:6e:17:86:0c:41:ea:07:39:bf:f6:e8:14:04:
fa:59:b1:e0:34:e6:e2:77:ad:0a:b8:6f:93:08:81:
cb:bf:cb:20:49:80:c2:7c:9a:5a:8f:ec:16:93:cf:
be:20:9f:bb:e5:72:45:79:6b:53:bf:05:19:c3:05:
97:f9:96:82:63:da:f3:10:5b:27:f0:70:e5:95:d0:
a1:2e:3c:d4:1e:de:9f:68:55:54:f5:01:47:9e:d6:
78:04:b1:ac:29:6d:a8:9e:65:cd:9e:46:fc:ec:19:
01:61:f3:98:ef:c6:f4:a2:7d:6a:17:ea:94:81:61:
fe:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:F2:FD:30:D3:44:59:11:F8:BA:14:D6:5E:B6:C1:51:F9:0F:A0:CE
X509v3 Authority Key Identifier:
keyid:29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/6PL9MNNEWRH4uhTWXrbBUfkPoM4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/KWWTt0fnalZJJRG7NhLk1eTL5-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.114.42.0-37.114.45.255
103.252.89.0-103.252.90.255
Signature Algorithm: sha256WithRSAEncryption
c0:7a:1e:d4:3a:d2:1c:4a:7d:69:aa:8f:8a:e9:75:c8:bb:60:
9e:3e:c6:a5:b7:b5:b4:c0:db:dc:56:3f:e6:cf:3b:89:48:6a:
9b:98:51:da:19:7f:5d:06:ae:41:8c:4b:57:85:17:be:e5:8d:
1d:75:fd:4a:87:8d:4a:61:28:4d:65:5e:a4:7d:b6:01:e8:46:
84:d0:6d:8b:6b:6a:db:bb:10:9a:60:a2:be:4f:6b:28:63:17:
dd:cc:84:ac:41:33:a6:01:8f:6b:20:ec:28:f9:dc:d9:ec:51:
0d:fb:99:65:92:83:20:3a:48:99:f4:9f:5d:48:79:e0:51:ac:
f1:1b:d9:fd:fd:52:e1:0b:de:2c:0e:71:95:92:66:e1:af:5e:
38:c9:bb:60:e9:0e:e7:9f:f0:54:40:24:14:c3:00:19:d2:99:
95:0e:cf:7e:6a:b5:80:fd:c7:1c:70:70:2c:b1:98:43:c8:79:
34:d7:79:66:4e:dd:5c:ff:d3:db:4f:4d:e3:7b:6e:c3:49:7a:
de:b6:6f:2c:5f:0a:1d:e8:e2:82:00:30:a9:7b:a2:98:94:da:
b4:0e:75:6c:5b:a0:d7:1e:6e:a9:13:7e:06:13:84:72:d4:a7:
36:fa:9c:6a:c1:ad:6e:db:15:a7:14:ab:36:d9:6a:56:c2:77:
60:3f:09:ff
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgIEH5SydTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
OTY1OTNiNzQ3ZTc2YTU2NDkyNTExYmIzNjEyZTRkNWU0Y2JlN2VjMB4XDTIyMDEw
MTE0MDYzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZThmMmZkMzBkMzQ0
NTkxMWY4YmExNGQ2NWViNmMxNTFmOTBmYTBjZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMwieKurbRLoFfRCwxTw9ccviWkhmksBF14mC7D8WyXY80Y5
hX3jpQjEKeL6g0XJt5iEor8ZcG0hfKC+odJN6zhM5ggvvs7D2WVn1WDblQ67nQwP
0maPh/Hu4FvvVMOONh3lTdoqQFmk9gVaM7C0bOxRc1Bvrtvexu70Qu6/YqxVCM6Y
eyVQTURuF4YMQeoHOb/26BQE+lmx4DTm4netCrhvkwiBy7/LIEmAwnyaWo/sFpPP
viCfu+VyRXlrU78FGcMFl/mWgmPa8xBbJ/Bw5ZXQoS481B7en2hVVPUBR57WeASx
rCltqJ5lzZ5G/OwZAWHzmO/G9KJ9ahfqlIFh/hsCAwEAAaOCAh8wggIbMB0GA1Ud
DgQWBBTo8v0w00RZEfi6FNZetsFR+Q+gzjAfBgNVHSMEGDAWgBQpZZO3R+dqVkkl
Ebs2EuTV5Mvn7DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tXV1R0MGZuYWxaSkpSRzdOaExrMWVUTDUtdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGUvYzU4YmRjLTE0ZTctNDk5Yy05ZDljLTFiN2NiYjA4ZDczZi8x
LzZQTDlNTk5FV1JINHVoVFdYcmJCVWZrUG9NNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGUv
YzU4YmRjLTE0ZTctNDk5Yy05ZDljLTFiN2NiYjA4ZDczZi8xL0tXV1R0MGZuYWxa
SkpSRzdOaExrMWVUTDUtdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA1
BggrBgEFBQcBBwEB/wQmMCQwIgQCAAEwHDAMAwQBJXIqAwQBJXIsMAwDBABn/FkD
BABn/FowDQYJKoZIhvcNAQELBQADggEBAMB6HtQ60hxKfWmqj4rpdci7YJ4+xqW3
tbTA29xWP+bPO4lIapuYUdoZf10GrkGMS1eFF77ljR11/UqHjUphKE1lXqR9tgHo
RoTQbYtratu7EJpgor5PayhjF93MhKxBM6YBj2sg7Cj53NnsUQ37mWWSgyA6SJn0
n11IeeBRrPEb2f39UuEL3iwOcZWSZuGvXjjJu2DpDuef8FRAJBTDABnSmZUOz35q
tYD9xxxwcCyxmEPIeTTXeWZO3Vz/09tPTeN7bsNJet62byxfCh3o4oIAMKl7opiU
2rQOdWxboNcebqkTfgYThHLUpzb6nGrBrW7bFacUqzbZalbCd2A/Cf8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:57 2024 by rpki-client on console-fra.rpki-client.org