Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/FyW1AfFUTAnDW_NOsY7a8IXFWIk.roa
File: FyW1AfFUTAnDW_NOsY7a8IXFWIk.roa (raw, json)
Hash identifier: TyuNSrM0WH1krg8uru/KOgLSZYhr5V1h5Xo14G36Wag=
Subject key identifier: 17:25:B5:01:F1:54:4C:09:C3:5B:F3:4E:B1:8E:DA:F0:85:C5:58:89
Certificate issuer: /CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Certificate serial: 6FF6ED
Authority key identifier: A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/FyW1AfFUTAnDW_NOsY7a8IXFWIk.roa
Signing time: Sat 01 Jan 2022 03:01:03 +0000
ROA not before: Sat 01 Jan 2022 03:01:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 397222
IP address blocks: 37.209.192.0/24 maxlen: 24
37.209.198.0/24 maxlen: 24
37.209.194.0/24 maxlen: 24
37.209.196.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7337709 (0x6ff6ed)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Validity
Not Before: Jan 1 03:01:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1725b501f1544c09c35bf34eb18edaf085c55889
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:f5:37:4e:69:b3:fb:2e:dd:8b:bd:d7:f0:bb:
24:46:ea:bc:71:fc:84:ce:b4:ec:a9:8e:dc:18:7d:
01:3d:b5:c3:ba:b8:6a:cb:33:22:71:25:06:5c:4b:
2e:92:df:da:56:8e:ad:ef:66:99:03:2e:69:70:db:
e3:ff:1e:f4:24:39:b3:d3:28:80:c8:6d:22:2a:9b:
b8:d1:d8:f9:8c:24:34:5c:ed:c4:2c:41:fc:45:61:
32:b2:50:fd:02:81:4b:01:d6:a3:f5:1a:fa:95:c6:
f5:2e:53:5d:42:2b:f4:2f:58:5d:7f:90:84:35:f7:
c6:7f:93:63:9b:54:a7:0b:7e:34:a7:04:81:1c:88:
b3:e6:82:83:15:b4:20:06:88:fc:87:7a:07:ff:82:
4f:f1:7f:7d:ee:9c:1b:e5:1d:b0:64:57:9e:f6:a0:
49:67:eb:64:17:8c:0e:1e:31:5b:96:17:cd:87:fa:
b0:b7:61:a9:6c:19:d2:ba:94:84:aa:24:84:17:24:
f6:c2:a0:8c:ef:91:af:ea:fb:a7:8e:4f:04:7b:a4:
c9:50:6e:ca:78:5b:f2:21:b6:5a:8e:12:43:8b:01:
4a:ce:f8:d7:20:cd:ab:eb:86:14:2f:11:b8:37:91:
96:0e:4d:43:b3:06:21:0c:f5:ff:ec:f2:84:d4:d4:
45:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:25:B5:01:F1:54:4C:09:C3:5B:F3:4E:B1:8E:DA:F0:85:C5:58:89
X509v3 Authority Key Identifier:
keyid:A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/FyW1AfFUTAnDW_NOsY7a8IXFWIk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.209.192.0/24
37.209.194.0/24
37.209.196.0/24
37.209.198.0/24
Signature Algorithm: sha256WithRSAEncryption
68:60:c9:66:c9:32:f6:45:66:d5:8f:0b:1d:6b:be:80:ee:9d:
46:47:9f:ca:9d:0c:61:96:d8:1d:76:a9:c9:cc:8c:78:90:2e:
68:e3:be:fc:0f:a9:b3:c8:1a:a1:0c:f5:ff:31:f6:d7:a8:8b:
7f:97:ef:4b:33:dd:bf:0c:9a:ae:fe:3f:11:8f:b3:a4:23:b5:
1e:6f:0f:2c:9b:71:61:c0:d1:ba:b5:5e:1b:25:7b:23:98:4a:
cd:30:d0:bf:ca:75:bc:03:40:6e:23:99:e0:a7:8f:22:1a:b1:
57:0a:01:9b:03:53:d4:dc:3e:32:68:eb:4f:c5:e6:96:89:ab:
79:e7:d4:b3:29:1f:e7:a9:7c:12:13:37:91:88:82:ba:14:af:
2b:fd:c0:94:5a:7b:31:c7:9f:a2:81:38:36:fb:83:8f:b1:fc:
84:68:37:09:19:40:4e:51:45:46:63:87:59:65:da:2d:00:99:
a7:a7:e6:72:a6:55:8e:71:3d:00:fd:8b:c9:cc:79:62:50:27:
c3:52:cd:87:18:94:bf:9b:f4:7c:eb:fb:0e:2a:e5:01:1f:d8:
53:ae:dc:7f:8b:a6:fe:71:23:3d:e0:5a:19:c6:d7:18:c2:e5:
36:78:89:77:cc:29:d5:28:c1:44:fb:7e:0a:ef:b0:4b:d6:65:
aa:b7:b6:20
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIDb/btMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGE1
YWU4YTNkOGJkYWFiZjQ3NjVmZGE3OWQ1NWVjYThjNjljOGJmMmMwHhcNMjIwMTAx
MDMwMTAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygxNzI1YjUwMWYxNTQ0
YzA5YzM1YmYzNGViMThlZGFmMDg1YzU1ODg5MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAtfU3Tmmz+y7di73X8LskRuq8cfyEzrTsqY7cGH0BPbXDurhq
yzMicSUGXEsukt/aVo6t72aZAy5pcNvj/x70JDmz0yiAyG0iKpu40dj5jCQ0XO3E
LEH8RWEyslD9AoFLAdaj9Rr6lcb1LlNdQiv0L1hdf5CENffGf5Njm1SnC340pwSB
HIiz5oKDFbQgBoj8h3oH/4JP8X997pwb5R2wZFee9qBJZ+tkF4wOHjFblhfNh/qw
t2GpbBnSupSEqiSEFyT2wqCM75Gv6vunjk8Ee6TJUG7KeFvyIbZajhJDiwFKzvjX
IM2r64YULxG4N5GWDk1DswYhDPX/7PKE1NRFDQIDAQABo4ICGzCCAhcwHQYDVR0O
BBYEFBcltQHxVEwJw1vzTrGO2vCFxViJMB8GA1UdIwQYMBaAFKWuij2L2qv0dl/a
edVeyoxpyL8sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
cGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEtNDE2Zjg1ZWUyMzdiLzEv
RnlXMUFmRlVUQW5EV19OT3NZN2E4SVhGV0lrLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8w
ZDI4MGMtOWQ4OC00YWVhLWI1MjEtNDE2Zjg1ZWUyMzdiLzEvcGE2S1BZdmFxX1Iy
WDlwNTFWN0tqR25Jdnl3LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDEG
CCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAJdHAAwQAJdHCAwQAJdHEAwQAJdHG
MA0GCSqGSIb3DQEBCwUAA4IBAQBoYMlmyTL2RWbVjwsda76A7p1GR5/KnQxhltgd
dqnJzIx4kC5o4778D6mzyBqhDPX/MfbXqIt/l+9LM92/DJqu/j8Rj7OkI7Uebw8s
m3FhwNG6tV4bJXsjmErNMNC/ynW8A0BuI5ngp48iGrFXCgGbA1PU3D4yaOtPxeaW
iat559SzKR/nqXwSEzeRiIK6FK8r/cCUWnsxx5+igTg2+4OPsfyEaDcJGUBOUUVG
Y4dZZdotAJmnp+ZyplWOcT0A/YvJzHliUCfDUs2HGJS/m/R86/sOKuUBH9hTrtx/
i6b+cSM94FoZxtcYwuU2eIl3zCnVKMFE+34K77BL1mWqt7Yg
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:21 2023 by rpki-client on console-ams.rpki-client.org