Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/STsbmxc12WSjZDr58W1GjEQ9MDc.roa
File: STsbmxc12WSjZDr58W1GjEQ9MDc.roa (raw, json)
Hash identifier: dPMXc5Fmk/wunlP02lUP36M9rmwODd8krIIvPW3UIBU=
Subject key identifier: 49:3B:1B:9B:17:35:D9:64:A3:64:3A:F9:F1:6D:46:8C:44:3D:30:37
Certificate issuer: /CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Certificate serial: 6D7119
Authority key identifier: A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/STsbmxc12WSjZDr58W1GjEQ9MDc.roa
Signing time: Sat 01 Jan 2022 03:00:59 +0000
ROA not before: Sat 01 Jan 2022 03:00:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 397213
IP address blocks: 37.209.192.0/24 maxlen: 24
37.209.196.0/24 maxlen: 24
37.209.194.0/24 maxlen: 24
37.209.198.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7172377 (0x6d7119)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Validity
Not Before: Jan 1 03:00:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=493b1b9b1735d964a3643af9f16d468c443d3037
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:f5:f5:d5:bf:06:d5:70:ca:75:28:f7:bf:c4:
18:a9:96:7d:da:96:32:15:f1:35:c8:55:cc:fc:a1:
35:98:d3:ca:23:92:bf:f4:ab:55:da:bd:05:a1:ba:
50:d1:07:6e:1c:95:b5:09:4d:e2:91:b6:85:ad:25:
47:c0:7e:c6:9b:b5:5e:e8:9c:4b:41:0c:15:b4:73:
b0:61:24:ea:ff:f4:45:ef:26:db:97:ba:62:ca:c0:
65:cb:05:88:ec:f9:26:9d:5a:9b:ec:96:09:27:34:
3c:18:3f:3a:d0:0c:40:7e:44:14:60:28:d9:92:bf:
ac:c7:c6:48:2c:78:80:d5:20:0a:5c:d7:1d:08:6f:
90:36:ba:52:eb:3e:23:b3:94:16:52:83:a8:c1:24:
2f:7d:32:fc:30:19:25:b6:c4:48:ee:df:4a:35:9f:
31:1b:2e:05:d6:bf:e6:fe:fe:b2:2a:fd:a7:90:5a:
58:fa:2d:1e:78:36:1d:a9:9d:44:38:92:44:7e:a0:
61:f6:46:a8:d5:0a:1f:be:26:28:16:ab:14:fa:2e:
c1:ce:19:4e:0d:df:55:0d:b2:b8:2f:d4:95:b5:8c:
69:bd:58:59:ee:da:3f:fd:20:ba:44:47:ce:25:14:
dd:99:f4:b6:af:80:e1:e3:69:6a:db:37:66:6e:47:
5a:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:3B:1B:9B:17:35:D9:64:A3:64:3A:F9:F1:6D:46:8C:44:3D:30:37
X509v3 Authority Key Identifier:
keyid:A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/STsbmxc12WSjZDr58W1GjEQ9MDc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.209.192.0/24
37.209.194.0/24
37.209.196.0/24
37.209.198.0/24
Signature Algorithm: sha256WithRSAEncryption
27:fd:35:c7:bd:11:ce:a8:2f:21:b3:83:23:65:af:0a:7a:fb:
4d:9c:02:df:d8:cd:7d:a4:9f:a7:bf:03:c9:a4:71:98:6a:91:
d7:ca:ce:87:01:89:8a:26:2a:69:76:0f:6f:24:c8:f5:df:4f:
fe:dc:fe:b2:1b:56:42:12:1d:93:40:9a:87:33:fb:3a:ec:aa:
6a:5d:fc:7e:07:ce:d9:e7:1c:bf:3d:fb:a9:5a:fd:75:17:2d:
56:ba:ce:01:c5:44:be:d9:74:2c:cb:a8:97:d2:ff:6b:55:7a:
1b:5d:f2:60:43:50:aa:14:6b:a5:0a:6f:6b:3c:dc:41:ff:a5:
47:01:28:a8:27:9d:c8:5a:b1:de:0b:98:a0:86:3b:4b:ee:59:
69:9d:15:1f:cb:15:97:3a:ce:cc:2f:51:ce:01:ce:6d:fa:69:
db:6a:81:50:03:24:84:4a:bb:bf:25:d9:51:63:3d:43:7d:87:
7a:db:d4:71:5e:fd:a0:6d:3e:2f:08:b3:3f:61:c3:61:30:95:
c1:96:8f:a3:28:1d:d6:8e:05:65:79:5e:56:2c:42:b8:e3:ff:
1a:3e:0c:90:4c:5f:b6:5a:47:1e:c7:3b:46:cf:3a:bb:f4:58:
0e:ae:8f:e3:68:a1:62:7e:f0:82:bf:31:88:a5:26:f3:7a:d3:
9e:25:4c:cc
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIDbXEZMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGE1
YWU4YTNkOGJkYWFiZjQ3NjVmZGE3OWQ1NWVjYThjNjljOGJmMmMwHhcNMjIwMTAx
MDMwMDU5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg0OTNiMWI5YjE3MzVk
OTY0YTM2NDNhZjlmMTZkNDY4YzQ0M2QzMDM3MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAx/X11b8G1XDKdSj3v8QYqZZ92pYyFfE1yFXM/KE1mNPKI5K/
9KtV2r0FobpQ0QduHJW1CU3ikbaFrSVHwH7Gm7Ve6JxLQQwVtHOwYSTq//RF7ybb
l7piysBlywWI7PkmnVqb7JYJJzQ8GD860AxAfkQUYCjZkr+sx8ZILHiA1SAKXNcd
CG+QNrpS6z4js5QWUoOowSQvfTL8MBkltsRI7t9KNZ8xGy4F1r/m/v6yKv2nkFpY
+i0eeDYdqZ1EOJJEfqBh9kao1QofviYoFqsU+i7BzhlODd9VDbK4L9SVtYxpvVhZ
7to//SC6REfOJRTdmfS2r4Dh42lq2zdmbkdaTwIDAQABo4ICGzCCAhcwHQYDVR0O
BBYEFEk7G5sXNdlko2Q6+fFtRoxEPTA3MB8GA1UdIwQYMBaAFKWuij2L2qv0dl/a
edVeyoxpyL8sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
cGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEtNDE2Zjg1ZWUyMzdiLzEv
U1RzYm14YzEyV1NqWkRyNThXMUdqRVE5TURjLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8w
ZDI4MGMtOWQ4OC00YWVhLWI1MjEtNDE2Zjg1ZWUyMzdiLzEvcGE2S1BZdmFxX1Iy
WDlwNTFWN0tqR25Jdnl3LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDEG
CCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAJdHAAwQAJdHCAwQAJdHEAwQAJdHG
MA0GCSqGSIb3DQEBCwUAA4IBAQAn/TXHvRHOqC8hs4MjZa8KevtNnALf2M19pJ+n
vwPJpHGYapHXys6HAYmKJippdg9vJMj130/+3P6yG1ZCEh2TQJqHM/s67KpqXfx+
B87Z5xy/PfupWv11Fy1Wus4BxUS+2XQsy6iX0v9rVXobXfJgQ1CqFGulCm9rPNxB
/6VHASioJ53IWrHeC5ighjtL7llpnRUfyxWXOs7ML1HOAc5t+mnbaoFQAySESru/
JdlRYz1DfYd629RxXv2gbT4vCLM/YcNhMJXBlo+jKB3WjgVleV5WLEK44/8aPgyQ
TF+2WkcexztGzzq79FgOro/jaKFifvCCvzGIpSbzetOeJUzM
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:21 2023 by rpki-client on console-ams.rpki-client.org