Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/Qan2fJiMRMeS7Cw-i_4_H2L67g4.roa
File: Qan2fJiMRMeS7Cw-i_4_H2L67g4.roa (raw, json)
Hash identifier: r0AGWlecxAxSt/zbe7wXz0Jw98hztdgotJM/k90ntb8=
Subject key identifier: 41:A9:F6:7C:98:8C:44:C7:92:EC:2C:3E:8B:FE:3F:1F:62:FA:EE:0E
Certificate issuer: /CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Certificate serial: 7299B3
Authority key identifier: A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/Qan2fJiMRMeS7Cw-i_4_H2L67g4.roa
Signing time: Sat 01 Jan 2022 03:01:05 +0000
ROA not before: Sat 01 Jan 2022 03:01:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 397227
IP address blocks: 37.209.192.0/24 maxlen: 24
37.209.198.0/24 maxlen: 24
37.209.196.0/24 maxlen: 24
37.209.194.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7510451 (0x7299b3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Validity
Not Before: Jan 1 03:01:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=41a9f67c988c44c792ec2c3e8bfe3f1f62faee0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:41:db:29:9f:2c:9c:10:11:6e:3e:58:02:0c:
58:11:55:52:11:e2:4e:45:4f:06:67:a4:a9:d4:3a:
e9:43:8f:4a:c4:dc:26:24:3c:f5:2a:ab:fc:ae:37:
3a:ff:a0:b9:15:59:84:2b:1f:d3:27:cf:96:ea:f6:
68:cc:61:ef:e2:f1:bd:51:8b:a1:4c:aa:07:cd:29:
2e:7f:4b:bd:00:ef:18:35:b5:0a:58:99:b7:4a:43:
3c:3d:e8:b2:24:d8:b3:19:d1:44:3f:27:19:90:f6:
71:13:3a:b0:ac:76:5a:c6:c0:28:23:9f:4d:f1:1e:
36:1b:f0:4c:32:bb:ce:c7:5e:92:83:5d:af:d4:98:
f6:36:49:01:b0:ee:be:61:cb:49:58:b0:b9:51:66:
30:ce:7d:12:54:2e:54:60:98:cd:0a:05:f2:69:94:
1e:bd:52:0d:7a:ed:a6:1c:63:e6:32:23:88:a4:a6:
63:f6:e5:a0:f6:61:fb:04:ff:51:e5:fe:c3:ee:b2:
ef:4c:4c:36:93:0e:c7:47:29:ea:45:94:1a:75:c0:
d3:9a:60:bb:26:82:10:20:21:62:0e:cb:22:2e:e6:
0a:42:7a:f8:0c:75:1b:aa:b7:bb:db:48:cc:69:e1:
10:29:30:c9:0a:4e:ce:5d:11:5e:8d:f9:4f:32:49:
41:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:A9:F6:7C:98:8C:44:C7:92:EC:2C:3E:8B:FE:3F:1F:62:FA:EE:0E
X509v3 Authority Key Identifier:
keyid:A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/Qan2fJiMRMeS7Cw-i_4_H2L67g4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.209.192.0/24
37.209.194.0/24
37.209.196.0/24
37.209.198.0/24
Signature Algorithm: sha256WithRSAEncryption
60:53:e3:99:17:66:8e:a1:01:aa:1c:da:7e:06:6c:bc:81:e4:
de:03:c2:24:ed:45:da:ac:7a:42:45:75:93:a6:be:a4:72:53:
f5:5c:63:bb:7e:b2:28:05:e6:cf:9f:a1:e9:75:ed:e2:ee:fe:
f2:47:ab:c1:d6:35:f6:05:9b:c2:a5:43:4a:15:c6:94:8e:b1:
25:22:5b:eb:5c:4c:41:86:9f:08:03:35:af:9a:ec:9e:4e:91:
6a:d2:af:29:43:4e:cc:1d:94:ad:b2:2c:af:6c:5f:c0:f3:9e:
e2:56:5f:8a:d2:ad:49:93:d7:ef:b9:cf:e9:6f:df:69:10:f4:
9a:07:95:8c:82:e1:5b:dc:10:2a:98:e3:fb:f5:19:f4:9e:9e:
07:a2:15:c3:a1:b1:78:30:51:46:b2:3c:15:09:4b:98:9a:06:
ba:cd:4e:35:ef:d7:31:b3:38:7d:c7:80:b5:ea:72:e8:51:ea:
3e:95:6d:6f:c8:26:5b:1a:cd:74:11:80:21:6b:5d:01:23:0b:
12:3c:33:b3:f2:4a:ea:49:1d:72:ed:24:82:82:90:07:1d:e0:
b1:27:25:be:8e:77:c3:9f:e3:fc:2a:c9:e1:bd:bc:88:b5:5b:
29:64:50:f1:89:dd:eb:af:ae:e4:30:b6:e4:d0:62:06:87:2c:
c5:31:ce:3e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIDcpmzMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGE1
YWU4YTNkOGJkYWFiZjQ3NjVmZGE3OWQ1NWVjYThjNjljOGJmMmMwHhcNMjIwMTAx
MDMwMTA1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg0MWE5ZjY3Yzk4OGM0
NGM3OTJlYzJjM2U4YmZlM2YxZjYyZmFlZTBlMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEArkHbKZ8snBARbj5YAgxYEVVSEeJORU8GZ6Sp1DrpQ49KxNwm
JDz1Kqv8rjc6/6C5FVmEKx/TJ8+W6vZozGHv4vG9UYuhTKoHzSkuf0u9AO8YNbUK
WJm3SkM8PeiyJNizGdFEPycZkPZxEzqwrHZaxsAoI59N8R42G/BMMrvOx16Sg12v
1Jj2NkkBsO6+YctJWLC5UWYwzn0SVC5UYJjNCgXyaZQevVINeu2mHGPmMiOIpKZj
9uWg9mH7BP9R5f7D7rLvTEw2kw7HRynqRZQadcDTmmC7JoIQICFiDssiLuYKQnr4
DHUbqre720jMaeEQKTDJCk7OXRFejflPMklBOQIDAQABo4ICGzCCAhcwHQYDVR0O
BBYEFEGp9nyYjETHkuwsPov+Px9i+u4OMB8GA1UdIwQYMBaAFKWuij2L2qv0dl/a
edVeyoxpyL8sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
cGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEtNDE2Zjg1ZWUyMzdiLzEv
UWFuMmZKaU1STWVTN0N3LWlfNF9IMkw2N2c0LnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8w
ZDI4MGMtOWQ4OC00YWVhLWI1MjEtNDE2Zjg1ZWUyMzdiLzEvcGE2S1BZdmFxX1Iy
WDlwNTFWN0tqR25Jdnl3LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDEG
CCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAJdHAAwQAJdHCAwQAJdHEAwQAJdHG
MA0GCSqGSIb3DQEBCwUAA4IBAQBgU+OZF2aOoQGqHNp+Bmy8geTeA8Ik7UXarHpC
RXWTpr6kclP1XGO7frIoBebPn6Hpde3i7v7yR6vB1jX2BZvCpUNKFcaUjrElIlvr
XExBhp8IAzWvmuyeTpFq0q8pQ07MHZStsiyvbF/A857iVl+K0q1Jk9fvuc/pb99p
EPSaB5WMguFb3BAqmOP79Rn0np4HohXDobF4MFFGsjwVCUuYmga6zU4179cxszh9
x4C16nLoUeo+lW1vyCZbGs10EYAha10BIwsSPDOz8krqSR1y7SSCgpAHHeCxJyW+
jnfDn+P8KsnhvbyItVspZFDxid3rr67kMLbk0GIGhyzFMc4+
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:38 2023 by rpki-client on console-fra.rpki-client.org