Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/4S3kxsGeTiWmo62m36jPvaVGfwM.roa
File: 4S3kxsGeTiWmo62m36jPvaVGfwM.roa (raw, json)
Hash identifier: e8NlByxO2rW0CimzsFIPLmJojTmkBr7LxofaE0t0l6U=
Subject key identifier: E1:2D:E4:C6:C1:9E:4E:25:A6:A3:AD:A6:DF:A8:CF:BD:A5:46:7F:03
Certificate issuer: /CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Certificate serial: 768E0A
Authority key identifier: A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/4S3kxsGeTiWmo62m36jPvaVGfwM.roa
Signing time: Sat 01 Jan 2022 03:01:09 +0000
ROA not before: Sat 01 Jan 2022 03:01:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 397236
IP address blocks: 37.209.192.0/24 maxlen: 24
37.209.194.0/24 maxlen: 24
37.209.196.0/24 maxlen: 24
37.209.198.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7769610 (0x768e0a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Validity
Not Before: Jan 1 03:01:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e12de4c6c19e4e25a6a3ada6dfa8cfbda5467f03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:0e:65:77:d3:49:51:a0:22:71:e0:96:37:39:
ed:f4:09:e8:92:dc:48:0a:b4:8a:d1:c3:82:08:38:
18:d5:bd:75:41:4f:fb:5b:d7:30:e7:a9:9e:71:93:
8a:7e:4c:da:88:9c:f1:21:55:f8:fe:e1:f1:d2:23:
b5:da:d0:c2:31:47:95:c3:b1:e0:28:2f:36:73:21:
98:72:3e:ec:24:2c:31:23:b6:49:7f:36:4e:0c:03:
6f:d9:34:6a:ef:d0:58:c9:53:2c:03:97:6b:8e:a0:
35:ef:00:99:7d:ae:17:d4:5c:d1:46:4f:8d:69:d3:
df:8c:99:70:67:b9:06:c4:50:4b:58:d3:bf:cb:e6:
04:c9:50:f6:8c:a1:5a:56:c3:df:54:c2:03:fe:6e:
08:a8:fd:c8:eb:66:50:f3:c0:d1:a7:da:f7:9a:78:
b3:b8:c0:7e:24:73:e3:23:d6:d2:c7:2a:34:0a:62:
1b:36:bf:b6:ef:e5:7d:2a:31:6a:38:ed:d8:aa:d0:
e3:f5:e1:f2:90:7d:b8:73:37:60:e8:78:6f:a1:8e:
74:10:4d:ce:eb:13:26:36:1e:ad:08:7b:5f:3d:80:
cb:18:34:19:e9:aa:3b:be:21:bd:3f:b6:16:2c:66:
64:82:02:ec:37:fc:34:e7:62:6a:d8:f2:d6:93:8b:
a0:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:2D:E4:C6:C1:9E:4E:25:A6:A3:AD:A6:DF:A8:CF:BD:A5:46:7F:03
X509v3 Authority Key Identifier:
keyid:A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/4S3kxsGeTiWmo62m36jPvaVGfwM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.209.192.0/24
37.209.194.0/24
37.209.196.0/24
37.209.198.0/24
Signature Algorithm: sha256WithRSAEncryption
44:52:00:69:c0:42:72:55:4d:0a:5e:86:d7:29:d2:92:fc:e2:
65:68:a2:0b:ea:1d:00:13:ef:a5:30:a9:b1:6e:16:f4:6d:7c:
15:47:2d:25:53:b1:15:0c:e6:49:1c:bd:fd:d3:80:33:a9:7c:
ec:02:c1:3c:2e:36:92:aa:f7:6b:9e:82:b2:ab:95:77:9f:cc:
8e:b4:fe:2d:bd:b2:a4:7b:74:f3:27:3e:07:9a:9e:9d:d5:c1:
e3:c1:34:f8:bd:22:05:9e:98:aa:ac:d8:e2:46:52:30:08:24:
9a:a0:37:ae:a9:5b:ab:b5:56:45:9b:42:9a:6d:9b:32:4d:59:
b6:e5:d9:53:94:ce:91:2c:78:39:e1:40:09:bd:83:15:df:f0:
27:80:c9:e5:2c:61:89:ec:7e:3d:2e:65:4e:d5:57:0b:5e:1d:
e5:00:66:66:68:c3:6f:20:ec:b7:8b:ef:c2:3e:80:3b:8d:b6:
b8:8c:ba:67:65:3e:78:bc:13:6c:d5:a5:0a:f2:d7:04:51:63:
dd:1d:96:c1:0a:f6:26:f4:73:94:fe:c5:46:ab:cd:a3:29:2a:
e3:82:d1:5d:dd:09:c4:ff:e5:6c:aa:9b:7a:69:20:60:ad:ab:
41:a8:2f:f4:ef:3b:5f:52:ab:15:f9:9e:d3:f0:29:3f:ea:e5:
8b:a4:22:5b
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIDdo4KMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGE1
YWU4YTNkOGJkYWFiZjQ3NjVmZGE3OWQ1NWVjYThjNjljOGJmMmMwHhcNMjIwMTAx
MDMwMTA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhlMTJkZTRjNmMxOWU0
ZTI1YTZhM2FkYTZkZmE4Y2ZiZGE1NDY3ZjAzMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA2A5ld9NJUaAiceCWNznt9AnoktxICrSK0cOCCDgY1b11QU/7
W9cw56mecZOKfkzaiJzxIVX4/uHx0iO12tDCMUeVw7HgKC82cyGYcj7sJCwxI7ZJ
fzZODANv2TRq79BYyVMsA5drjqA17wCZfa4X1FzRRk+NadPfjJlwZ7kGxFBLWNO/
y+YEyVD2jKFaVsPfVMID/m4IqP3I62ZQ88DRp9r3mnizuMB+JHPjI9bSxyo0CmIb
Nr+27+V9KjFqOO3YqtDj9eHykH24czdg6HhvoY50EE3O6xMmNh6tCHtfPYDLGDQZ
6ao7viG9P7YWLGZkggLsN/w052Jq2PLWk4ug0QIDAQABo4ICGzCCAhcwHQYDVR0O
BBYEFOEt5MbBnk4lpqOtpt+oz72lRn8DMB8GA1UdIwQYMBaAFKWuij2L2qv0dl/a
edVeyoxpyL8sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
cGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEtNDE2Zjg1ZWUyMzdiLzEv
NFMza3hzR2VUaVdtbzYybTM2alB2YVZHZndNLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8w
ZDI4MGMtOWQ4OC00YWVhLWI1MjEtNDE2Zjg1ZWUyMzdiLzEvcGE2S1BZdmFxX1Iy
WDlwNTFWN0tqR25Jdnl3LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDEG
CCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAJdHAAwQAJdHCAwQAJdHEAwQAJdHG
MA0GCSqGSIb3DQEBCwUAA4IBAQBEUgBpwEJyVU0KXobXKdKS/OJlaKIL6h0AE++l
MKmxbhb0bXwVRy0lU7EVDOZJHL3904AzqXzsAsE8LjaSqvdrnoKyq5V3n8yOtP4t
vbKke3TzJz4Hmp6d1cHjwTT4vSIFnpiqrNjiRlIwCCSaoDeuqVurtVZFm0KabZsy
TVm25dlTlM6RLHg54UAJvYMV3/AngMnlLGGJ7H49LmVO1VcLXh3lAGZmaMNvIOy3
i+/CPoA7jba4jLpnZT54vBNs1aUK8tcEUWPdHZbBCvYm9HOU/sVGq82jKSrjgtFd
3QnE/+Vsqpt6aSBgratBqC/07ztfUqsV+Z7T8Ck/6uWLpCJb
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:21 2023 by rpki-client on console-ams.rpki-client.org