Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f2a37c-a129-4c0b-9ed1-b18dac2d259b/1/lCYXjx6ddQiVnBM7d7ZXcma3xxA.roa
File: lCYXjx6ddQiVnBM7d7ZXcma3xxA.roa (raw, json)
Hash identifier: xjCmwzSAzDSsjegBOhGyqIsqTxTc4I+xHVClqPF0GF8=
Subject key identifier: 94:26:17:8F:1E:9D:75:08:95:9C:13:3B:77:B6:57:72:66:B7:C7:10
Certificate issuer: /CN=4f7d885393b32b5eee3a0bf4338e0faaef3c753c
Certificate serial: 018BCE3B58FD177563D0159624A362EEBAFD
Authority key identifier: 4F:7D:88:53:93:B3:2B:5E:EE:3A:0B:F4:33:8E:0F:AA:EF:3C:75:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T32IU5OzK17uOgv0M44Pqu88dTw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f2a37c-a129-4c0b-9ed1-b18dac2d259b/1/lCYXjx6ddQiVnBM7d7ZXcma3xxA.roa
Signing time: Tue 14 Nov 2023 14:27:57 +0000
ROA not before: Tue 14 Nov 2023 14:27:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 37.221.72.0/24 maxlen: 24
37.221.72.0/22 maxlen: 24
2a09:ea00::/40 maxlen: 56
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ce:3b:58:fd:17:75:63:d0:15:96:24:a3:62:ee:ba:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f7d885393b32b5eee3a0bf4338e0faaef3c753c
Validity
Not Before: Nov 14 14:27:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9426178f1e9d7508959c133b77b6577266b7c710
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:08:88:c9:ac:f2:08:0c:9b:a3:f4:8d:d2:46:
83:53:75:0f:fd:22:06:9d:fd:5e:78:f4:d9:63:d3:
b2:a8:b9:a9:c6:c8:3b:17:6d:17:71:df:3e:fb:a2:
d5:8d:5b:da:22:a8:27:fc:ef:b1:9f:bb:02:e8:21:
3c:30:4f:c1:55:35:75:70:4b:a1:c1:cd:cf:74:80:
d8:2d:e6:03:a1:f1:59:4f:b0:b3:a8:36:45:8b:8c:
1f:69:0b:8b:70:38:d2:e8:65:db:c1:ff:0e:1c:e9:
53:a0:33:17:2e:7f:a6:e9:b1:68:6f:8d:ea:77:ec:
6a:84:b8:0d:f5:15:fc:8f:8d:47:42:d2:e1:9e:90:
7e:a4:1f:05:26:43:d5:fb:ee:cf:b7:6f:06:28:86:
4e:dd:80:61:b7:d8:98:de:2c:bb:9f:7f:83:03:6e:
a9:5a:99:41:23:f5:80:b8:60:6d:8a:96:f6:cd:53:
14:8f:27:16:ef:7a:dc:af:48:b8:82:60:af:e9:be:
58:d6:4a:9b:2f:0e:1c:b5:92:b1:1a:8a:41:ea:78:
ec:61:47:95:a1:53:db:a3:e1:8c:34:de:50:38:3c:
25:44:47:0a:fe:2a:62:0d:0e:9a:a8:24:81:e9:ac:
3d:b0:f4:20:eb:cb:ce:e2:9f:a1:f0:5a:76:f1:d5:
ee:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:26:17:8F:1E:9D:75:08:95:9C:13:3B:77:B6:57:72:66:B7:C7:10
X509v3 Authority Key Identifier:
keyid:4F:7D:88:53:93:B3:2B:5E:EE:3A:0B:F4:33:8E:0F:AA:EF:3C:75:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T32IU5OzK17uOgv0M44Pqu88dTw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f2a37c-a129-4c0b-9ed1-b18dac2d259b/1/lCYXjx6ddQiVnBM7d7ZXcma3xxA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f2a37c-a129-4c0b-9ed1-b18dac2d259b/1/T32IU5OzK17uOgv0M44Pqu88dTw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.221.72.0/22
IPv6:
2a09:ea00::/40
Signature Algorithm: sha256WithRSAEncryption
2d:b8:e9:a0:04:e0:85:e5:c3:0b:f1:4c:41:1b:42:ee:9e:8c:
ba:02:41:5b:4f:1a:8e:6f:21:c3:4e:78:4a:ad:c8:1a:cf:ad:
82:42:15:6d:6d:90:b7:5f:8a:a7:f1:90:ae:35:e1:1c:8b:1f:
3e:80:05:61:30:47:bc:71:31:6f:dc:de:9f:55:a3:10:43:51:
0a:ac:b0:12:90:73:5f:54:bc:ee:aa:5e:b3:7b:68:8b:7b:d9:
88:ad:2b:7a:3a:8e:e9:ac:d7:a9:f4:d5:d9:03:fb:e4:36:11:
dc:85:57:8e:72:95:84:69:e0:fc:f8:41:a0:02:b2:f4:e7:e6:
c1:be:b3:2f:c0:8d:76:fb:08:13:65:e8:88:db:e2:73:bb:29:
44:bc:f3:3f:b4:f7:ae:15:ab:a0:fd:66:75:e6:c3:0c:86:aa:
76:a0:4b:42:c9:0b:ea:b5:b8:d4:33:9a:b4:4c:17:3a:ab:ef:
8a:ed:80:84:2e:90:81:a9:4f:0e:11:11:b5:c1:a6:74:e5:69:
1d:1e:31:8c:97:88:f1:ea:35:6e:e7:95:f3:42:1b:96:cf:2e:
02:ad:03:77:11:f2:4d:46:80:ed:1a:24:1f:06:03:54:bd:e8:
5e:9c:ec:90:d5:91:95:58:c2:16:40:5d:d2:5e:61:77:29:b7:
7f:bb:a8:6f
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYvOO1j9F3Vj0BWWJKNi7rr9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmN2Q4ODUzOTNiMzJiNWVlZTNhMGJmNDMzOGUwZmFhZWYz
Yzc1M2MwHhcNMjMxMTE0MTQyNzU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDI2MTc4ZjFlOWQ3NTA4OTU5YzEzM2I3N2I2NTc3MjY2YjdjNzEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnQiIyazyCAybo/SN0kaDU3UP/SIG
nf1eePTZY9OyqLmpxsg7F20Xcd8++6LVjVvaIqgn/O+xn7sC6CE8ME/BVTV1cEuh
wc3PdIDYLeYDofFZT7CzqDZFi4wfaQuLcDjS6GXbwf8OHOlToDMXLn+m6bFob43q
d+xqhLgN9RX8j41HQtLhnpB+pB8FJkPV++7Pt28GKIZO3YBht9iY3iy7n3+DA26p
WplBI/WAuGBtipb2zVMUjycW73rcr0i4gmCv6b5Y1kqbLw4ctZKxGopB6njsYUeV
oVPbo+GMNN5QODwlREcK/ipiDQ6aqCSB6aw9sPQg68vO4p+h8Fp28dXuTwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFJQmF48enXUIlZwTO3e2V3Jmt8cQMB8GA1UdIwQY
MBaAFE99iFOTsyte7joL9DOOD6rvPHU8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDMySVU1T3pLMTd1T2d2ME00NFBxdTg4ZFR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mMmEzN2MtYTEyOS00YzBiLTllZDEt
YjE4ZGFjMmQyNTliLzEvbENZWGp4NmRkUWlWbkJNN2Q3WlhjbWEzeHhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9mMmEzN2MtYTEyOS00YzBiLTllZDEtYjE4ZGFjMmQyNTli
LzEvVDMySVU1T3pLMTd1T2d2ME00NFBxdTg4ZFR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQCJd1IMA4E
AgACMAgDBgAqCeoAADANBgkqhkiG9w0BAQsFAAOCAQEALbjpoATgheXDC/FMQRtC
7p6MugJBW08ajm8hw054Sq3IGs+tgkIVbW2Qt1+Kp/GQrjXhHIsfPoAFYTBHvHEx
b9zen1WjEENRCqywEpBzX1S87qpes3toi3vZiK0rejqO6azXqfTV2QP75DYR3IVX
jnKVhGng/PhBoAKy9Ofmwb6zL8CNdvsIE2XoiNvic7spRLzzP7T3rhWroP1mdebD
DIaqdqBLQskL6rW41DOatEwXOqvviu2AhC6QgalPDhERtcGmdOVpHR4xjJeI8eo1
bueV80Ibls8uAq0DdxHyTUaA7RokHwYDVL3oXpzskNWRlVjCFkBd0l5hdym3f7uo
bw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:16:47 2025 by rpki-client