Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f2a37c-a129-4c0b-9ed1-b18dac2d259b/1/t7pexk8mITCmRTGbgERp2-L0esc.roa
File: t7pexk8mITCmRTGbgERp2-L0esc.roa (raw, json)
Hash identifier: aRrCTlCoYuN33eUCzCEn0M6yFY+myNEXIjA4TvIP07k=
Subject key identifier: B7:BA:5E:C6:4F:26:21:30:A6:45:31:9B:80:44:69:DB:E2:F4:7A:C7
Certificate issuer: /CN=4f7d885393b32b5eee3a0bf4338e0faaef3c753c
Certificate serial: 0429333C
Authority key identifier: 4F:7D:88:53:93:B3:2B:5E:EE:3A:0B:F4:33:8E:0F:AA:EF:3C:75:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T32IU5OzK17uOgv0M44Pqu88dTw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f2a37c-a129-4c0b-9ed1-b18dac2d259b/1/t7pexk8mITCmRTGbgERp2-L0esc.roa
Signing time: Sat 01 Jan 2022 15:02:30 +0000
ROA not before: Sat 01 Jan 2022 15:02:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16509
IP address blocks: 37.221.73.0/24 maxlen: 24
37.221.75.0/24 maxlen: 24
37.221.72.0/24 maxlen: 24
37.221.74.0/24 maxlen: 24
2a09:ea00:2::/48 maxlen: 48
2a09:ea00::/48 maxlen: 48
2a09:ea00:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 69808956 (0x429333c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f7d885393b32b5eee3a0bf4338e0faaef3c753c
Validity
Not Before: Jan 1 15:02:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b7ba5ec64f262130a645319b804469dbe2f47ac7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:a2:c9:a3:24:b3:d0:44:e5:15:51:74:82:6f:
04:a3:f0:18:9e:3f:24:34:7c:c4:24:37:a2:c0:1b:
71:1e:84:28:e7:f0:3e:8b:40:d3:35:72:76:48:51:
fd:bb:59:fa:7f:ba:82:a3:d4:4e:b9:b1:22:c4:e2:
c2:bb:d9:4b:b5:18:d4:8f:0a:18:a5:a0:0d:15:64:
ea:41:6c:44:2f:15:05:b5:3d:1b:76:f8:ea:d5:80:
32:79:ef:55:58:21:26:88:3a:25:c3:ab:b1:29:0c:
59:93:8d:fd:c2:58:59:64:02:09:7e:a7:64:70:ad:
f0:6d:c9:3f:d4:13:0c:6d:08:91:3e:23:5d:b9:94:
4e:04:ce:f5:f0:7e:34:0e:38:ad:ef:b2:19:2b:69:
de:50:8b:bb:c4:92:00:09:f4:34:84:66:17:f1:b6:
a5:48:f3:df:b3:ea:32:aa:83:91:48:f8:e5:b8:c2:
76:9e:ad:ff:96:42:84:de:91:69:f3:61:f5:c4:e6:
49:15:eb:21:8f:ba:c4:15:d0:a5:c9:1c:f2:55:8a:
a6:32:50:0d:a0:91:74:f5:e5:90:cf:09:36:9f:6c:
d4:63:64:5d:04:60:d7:9e:26:f7:b1:c8:ec:03:8b:
c1:08:d4:43:03:a2:6f:66:8a:ca:11:71:f9:2f:31:
77:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:BA:5E:C6:4F:26:21:30:A6:45:31:9B:80:44:69:DB:E2:F4:7A:C7
X509v3 Authority Key Identifier:
keyid:4F:7D:88:53:93:B3:2B:5E:EE:3A:0B:F4:33:8E:0F:AA:EF:3C:75:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T32IU5OzK17uOgv0M44Pqu88dTw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f2a37c-a129-4c0b-9ed1-b18dac2d259b/1/t7pexk8mITCmRTGbgERp2-L0esc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f2a37c-a129-4c0b-9ed1-b18dac2d259b/1/T32IU5OzK17uOgv0M44Pqu88dTw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.221.72.0/22
IPv6:
2a09:ea00::-2a09:ea00:2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
94:90:ce:7c:2b:a6:22:b2:56:38:9b:e2:9b:0c:49:61:9b:dd:
80:1f:1a:ba:1f:6c:c3:2b:35:23:00:3b:e9:10:31:22:1d:a9:
1d:7e:8a:7a:df:19:73:b2:98:84:f0:46:60:48:f2:b4:fc:32:
5a:d2:fc:49:c6:82:97:a0:44:a3:66:6c:40:8a:66:47:cd:68:
1c:60:9a:9b:95:1f:91:6f:12:fa:4b:63:70:03:f9:13:bb:9c:
b7:e4:f3:9e:0e:4b:8c:06:a7:e9:09:c5:d6:97:42:c9:e2:e0:
fb:31:5e:de:7e:eb:2d:f2:64:4f:3f:7e:35:2a:9a:2f:30:c7:
76:92:9f:3e:ca:c4:70:9a:42:2c:26:52:df:48:48:d5:57:f1:
b5:eb:8f:b5:d4:2e:6d:b2:f6:0a:ed:80:8a:2a:f5:ad:b4:60:
10:6d:8a:8a:e9:21:c7:d7:f5:e7:2c:e5:ba:0e:17:50:b4:d3:
9b:6e:fc:c9:b8:75:0a:2a:47:68:67:d6:e2:13:5b:5b:c5:a7:
bf:4a:cf:8c:59:47:bb:70:9a:72:6c:d7:30:ba:44:28:04:c0:
27:df:6d:b3:3c:8e:d3:2a:cf:2f:87:cc:af:e4:2a:3a:ee:c0:
30:e2:29:ec:26:eb:22:6d:29:22:4c:41:1b:e9:b4:8a:34:0a:
61:cc:d5:a0
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgIEBCkzPDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
ZjdkODg1MzkzYjMyYjVlZWUzYTBiZjQzMzhlMGZhYWVmM2M3NTNjMB4XDTIyMDEw
MTE1MDIzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjdiYTVlYzY0ZjI2
MjEzMGE2NDUzMTliODA0NDY5ZGJlMmY0N2FjNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM6iyaMks9BE5RVRdIJvBKPwGJ4/JDR8xCQ3osAbcR6EKOfw
PotA0zVydkhR/btZ+n+6gqPUTrmxIsTiwrvZS7UY1I8KGKWgDRVk6kFsRC8VBbU9
G3b46tWAMnnvVVghJog6JcOrsSkMWZON/cJYWWQCCX6nZHCt8G3JP9QTDG0IkT4j
XbmUTgTO9fB+NA44re+yGStp3lCLu8SSAAn0NIRmF/G2pUjz37PqMqqDkUj45bjC
dp6t/5ZChN6RafNh9cTmSRXrIY+6xBXQpckc8lWKpjJQDaCRdPXlkM8JNp9s1GNk
XQRg154m97HI7AOLwQjUQwOib2aKyhFx+S8xd9ECAwEAAaOCAiIwggIeMB0GA1Ud
DgQWBBS3ul7GTyYhMKZFMZuARGnb4vR6xzAfBgNVHSMEGDAWgBRPfYhTk7MrXu46
C/Qzjg+q7zx1PDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1QzMklVNU96SzE3dU9ndjBNNDRQcXU4OGRUdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTAvZjJhMzdjLWExMjktNGMwYi05ZWQxLWIxOGRhYzJkMjU5Yi8x
L3Q3cGV4azhtSVRDbVJUR2JnRVJwMi1MMGVzYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTAv
ZjJhMzdjLWExMjktNGMwYi05ZWQxLWIxOGRhYzJkMjU5Yi8xL1QzMklVNU96SzE3
dU9ndjBNNDRQcXU4OGRUdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA4
BggrBgEFBQcBBwEB/wQpMCcwDAQCAAEwBgMEAiXdSDAXBAIAAjARMA8DBAEqCeoD
BwAqCeoAAAIwDQYJKoZIhvcNAQELBQADggEBAJSQznwrpiKyVjib4psMSWGb3YAf
GrofbMMrNSMAO+kQMSIdqR1+inrfGXOymITwRmBI8rT8MlrS/EnGgpegRKNmbECK
ZkfNaBxgmpuVH5FvEvpLY3AD+RO7nLfk854OS4wGp+kJxdaXQsni4PsxXt5+6y3y
ZE8/fjUqmi8wx3aSnz7KxHCaQiwmUt9ISNVX8bXrj7XULm2y9grtgIoq9a20YBBt
iorpIcfX9ecs5boOF1C005tu/Mm4dQoqR2hn1uITW1vFp79Kz4xZR7twmnJs1zC6
RCgEwCffbbM8jtMqzy+HzK/kKjruwDDiKewm6yJtKSJMQRvptIo0CmHM1aA=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:16:01 2025 by rpki-client