Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/7a48f5-bd24-4dc4-8cca-6ba0a0ce01ed/1/oHr0HqXHTYmJhvYFjavbmqWnUcA.roa
File: oHr0HqXHTYmJhvYFjavbmqWnUcA.roa (raw, json)
Hash identifier: ItnMHOt0m8QwrCpRWsxMRPkYJelQc6w1SgqLc1gZy30=
Subject key identifier: A0:7A:F4:1E:A5:C7:4D:89:89:86:F6:05:8D:AB:DB:9A:A5:A7:51:C0
Certificate issuer: /CN=dafb645f134f4fdada45e70bcfcd93b897dbd725
Certificate serial: 3968BB63
Authority key identifier: DA:FB:64:5F:13:4F:4F:DA:DA:45:E7:0B:CF:CD:93:B8:97:DB:D7:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2vtkXxNPT9raRecLz82TuJfb1yU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/7a48f5-bd24-4dc4-8cca-6ba0a0ce01ed/1/oHr0HqXHTYmJhvYFjavbmqWnUcA.roa
Signing time: Tue 07 Jun 2022 06:22:20 +0000
ROA not before: Tue 07 Jun 2022 06:22:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35766
IP address blocks: 37.130.206.0/23 maxlen: 24
37.130.204.0/23 maxlen: 23
37.130.204.0/24 maxlen: 24
37.130.204.0/22 maxlen: 22
37.130.206.0/24 maxlen: 24
37.130.205.0/24 maxlen: 24
37.130.207.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 963165027 (0x3968bb63)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dafb645f134f4fdada45e70bcfcd93b897dbd725
Validity
Not Before: Jun 7 06:22:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a07af41ea5c74d898986f6058dabdb9aa5a751c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:d5:13:78:5a:26:c1:90:8d:57:f6:42:f4:f1:
62:a6:e3:0b:d7:70:cb:d9:84:08:ba:a3:d2:84:79:
ad:7c:08:22:ee:70:65:9e:91:59:b8:0a:2f:37:41:
49:fb:a2:90:53:dd:46:3b:fd:0f:a0:4b:67:cc:63:
b1:73:6b:61:20:5b:d7:5c:7f:08:14:39:ae:e3:01:
41:ff:20:fc:14:b2:ac:71:e8:b6:38:f3:b7:2d:91:
c5:a3:98:ac:ee:b7:a9:e3:58:d6:30:a5:33:49:b7:
d3:66:75:be:2f:f8:8f:b6:f4:83:8b:6e:43:03:bc:
94:b7:79:40:cb:8a:6e:cb:53:26:fe:27:5b:25:83:
81:c1:c9:14:e2:72:e2:6b:ce:45:c4:e0:77:fe:64:
7f:1b:a7:40:c9:c9:cb:b6:d4:93:2a:50:0a:21:54:
86:cb:63:00:0c:7f:0b:7d:b4:6f:97:f0:fd:2a:88:
8c:8c:b6:d5:17:d7:cf:b9:ac:02:7b:35:9e:8e:a7:
d3:0b:bb:f2:99:d0:46:67:e4:37:33:aa:56:d6:f6:
4b:8c:38:a2:61:76:6f:43:ec:31:f2:37:a7:70:cb:
a5:18:63:81:0d:9f:9e:b5:b6:4c:fb:37:a1:df:c4:
1a:0e:5c:65:e9:ad:a5:fd:c6:10:1f:f9:e6:c4:b2:
dc:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:7A:F4:1E:A5:C7:4D:89:89:86:F6:05:8D:AB:DB:9A:A5:A7:51:C0
X509v3 Authority Key Identifier:
keyid:DA:FB:64:5F:13:4F:4F:DA:DA:45:E7:0B:CF:CD:93:B8:97:DB:D7:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2vtkXxNPT9raRecLz82TuJfb1yU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/7a48f5-bd24-4dc4-8cca-6ba0a0ce01ed/1/oHr0HqXHTYmJhvYFjavbmqWnUcA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/7a48f5-bd24-4dc4-8cca-6ba0a0ce01ed/1/2vtkXxNPT9raRecLz82TuJfb1yU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.130.204.0/22
Signature Algorithm: sha256WithRSAEncryption
29:29:8b:95:60:d2:26:98:16:55:ba:25:88:a5:36:32:ef:b1:
27:db:83:9d:d0:c9:34:2c:37:8c:ae:e2:f8:a1:46:24:c4:a2:
ac:bf:8e:41:85:8c:82:ed:d3:f7:4e:19:da:9a:a2:e5:e1:02:
bd:73:60:a3:35:74:51:fd:06:23:db:8c:fb:09:81:aa:77:4a:
47:8b:8e:2d:95:17:b2:0f:00:f2:40:a2:3f:38:1c:5d:e7:95:
50:63:7d:c4:0a:d0:2e:ef:6f:c0:cc:1a:0d:3b:66:f2:f7:52:
bf:4b:fd:5e:52:47:88:f9:5d:c8:cf:c9:52:f8:56:34:59:e8:
6b:9d:05:83:e9:59:f1:3f:78:98:f3:6c:b3:7c:c3:91:40:5d:
a8:9c:3e:ac:46:00:a8:6b:08:2f:95:cb:72:0b:fc:97:57:1c:
61:4e:32:78:20:b9:07:b0:22:28:a6:8f:40:24:55:d2:a5:9f:
cf:49:01:ec:bc:8e:51:81:0b:33:b8:a0:27:98:2a:eb:c0:27:
55:a3:cc:e0:f3:f8:d1:7d:0f:80:dd:78:53:cb:57:fe:c6:fa:
c1:1e:ce:f0:6a:b0:9d:4e:2e:b6:ab:72:7c:b6:88:ea:94:fe:
09:91:51:10:2f:1b:8e:74:81:6e:e9:ac:ff:e7:55:cb:e0:d6:
0b:0e:52:43
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEOWi7YzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
YWZiNjQ1ZjEzNGY0ZmRhZGE0NWU3MGJjZmNkOTNiODk3ZGJkNzI1MB4XDTIyMDYw
NzA2MjIyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTA3YWY0MWVhNWM3
NGQ4OTg5ODZmNjA1OGRhYmRiOWFhNWE3NTFjMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ7VE3haJsGQjVf2QvTxYqbjC9dwy9mECLqj0oR5rXwIIu5w
ZZ6RWbgKLzdBSfuikFPdRjv9D6BLZ8xjsXNrYSBb11x/CBQ5ruMBQf8g/BSyrHHo
tjjzty2RxaOYrO63qeNY1jClM0m302Z1vi/4j7b0g4tuQwO8lLd5QMuKbstTJv4n
WyWDgcHJFOJy4mvORcTgd/5kfxunQMnJy7bUkypQCiFUhstjAAx/C320b5fw/SqI
jIy21RfXz7msAns1no6n0wu78pnQRmfkNzOqVtb2S4w4omF2b0PsMfI3p3DLpRhj
gQ2fnrW2TPs3od/EGg5cZemtpf3GEB/55sSy3IECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSgevQepcdNiYmG9gWNq9uapadRwDAfBgNVHSMEGDAWgBTa+2RfE09P2tpF
5wvPzZO4l9vXJTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzJ2dGtYeE5QVDlyYVJlY0x6ODJUdUpmYjF5VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTIvN2E0OGY1LWJkMjQtNGRjNC04Y2NhLTZiYTBhMGNlMDFlZC8x
L29IcjBIcVhIVFltSmh2WUZqYXZibXFXblVjQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTIv
N2E0OGY1LWJkMjQtNGRjNC04Y2NhLTZiYTBhMGNlMDFlZC8xLzJ2dGtYeE5QVDly
YVJlY0x6ODJUdUpmYjF5VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAiWCzDANBgkqhkiG9w0BAQsFAAOC
AQEAKSmLlWDSJpgWVboliKU2Mu+xJ9uDndDJNCw3jK7i+KFGJMSirL+OQYWMgu3T
904Z2pqi5eECvXNgozV0Uf0GI9uM+wmBqndKR4uOLZUXsg8A8kCiPzgcXeeVUGN9
xArQLu9vwMwaDTtm8vdSv0v9XlJHiPldyM/JUvhWNFnoa50Fg+lZ8T94mPNss3zD
kUBdqJw+rEYAqGsIL5XLcgv8l1ccYU4yeCC5B7AiKKaPQCRV0qWfz0kB7LyOUYEL
M7igJ5gq68AnVaPM4PP40X0PgN14U8tX/sb6wR7O8GqwnU4utqtyfLaI6pT+CZFR
EC8bjnSBbums/+dVy+DWCw5SQw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:17:58 2025 by rpki-client