Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/_EImmPYNfb8-fGGF7Xb_10msZUQ.roa
File: _EImmPYNfb8-fGGF7Xb_10msZUQ.roa (raw, json)
Hash identifier: OfFKFYzQn0n0EbIdOkQmRl04WEMqRzdPqcxHXb6X5Ls=
Subject key identifier: FC:42:26:98:F6:0D:7D:BF:3E:7C:61:85:ED:76:FF:D7:49:AC:65:44
Certificate issuer: /CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Certificate serial: 79FDA4
Authority key identifier: A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/_EImmPYNfb8-fGGF7Xb_10msZUQ.roa
Signing time: Sat 01 Jan 2022 03:01:10 +0000
ROA not before: Sat 01 Jan 2022 03:01:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 397240
IP address blocks: 37.209.192.0/24 maxlen: 24
37.209.194.0/24 maxlen: 24
37.209.196.0/24 maxlen: 24
37.209.198.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7994788 (0x79fda4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Validity
Not Before: Jan 1 03:01:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fc422698f60d7dbf3e7c6185ed76ffd749ac6544
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:70:59:73:4d:2c:ec:b1:09:a8:49:1f:3e:95:
e9:14:44:4d:4f:42:bd:00:b8:44:2d:54:10:56:f4:
6c:0a:06:df:75:77:dd:3c:ef:f2:13:c0:59:0e:d6:
f9:45:62:e5:e0:a1:f6:70:13:d6:81:5b:0b:60:36:
c4:29:e5:4b:c5:49:e8:db:a2:7e:eb:ad:0d:fd:fa:
be:f1:cf:24:f2:0f:24:09:2c:29:80:b4:b2:5b:92:
56:ec:7a:52:f3:09:0f:df:5f:eb:46:84:49:0d:10:
a7:a2:73:52:4e:30:f0:e5:87:4a:d5:bc:31:08:dd:
ce:88:bc:93:20:40:38:fc:8e:cb:95:15:fe:cf:46:
55:c9:ef:79:d9:29:75:f5:17:6f:72:21:4d:70:f3:
cd:68:57:9c:26:f1:8c:a0:f5:ed:85:4b:e9:7b:8b:
e5:b5:2b:d0:c3:48:bb:46:c2:e3:ed:f6:70:0c:9c:
c7:ea:10:13:dd:c7:66:61:c2:f1:59:c4:8a:d3:b8:
9d:c2:c4:12:8a:d5:46:4b:79:e0:02:f9:35:a6:ac:
ea:58:3d:05:07:fa:19:9e:b4:f0:8f:f5:47:1a:eb:
b4:12:44:72:8a:fc:3a:bd:75:81:44:aa:a3:7c:59:
f0:40:1e:e8:cb:10:3b:34:66:d1:bc:ff:93:c0:06:
e4:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:42:26:98:F6:0D:7D:BF:3E:7C:61:85:ED:76:FF:D7:49:AC:65:44
X509v3 Authority Key Identifier:
keyid:A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/_EImmPYNfb8-fGGF7Xb_10msZUQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.209.192.0/24
37.209.194.0/24
37.209.196.0/24
37.209.198.0/24
Signature Algorithm: sha256WithRSAEncryption
23:8e:3f:ae:67:6b:af:3d:02:19:96:ad:75:8a:0f:f4:7a:6a:
e9:69:ef:0e:18:09:42:5a:40:e7:4b:18:dc:30:52:20:5c:ff:
7a:f6:7e:df:52:86:10:0d:41:20:20:63:aa:54:21:ec:cf:fc:
ab:dd:b9:f9:8f:b5:ee:35:c4:54:26:4e:a3:06:6c:a6:75:1b:
40:8c:7e:cf:b5:ef:c6:f3:f1:03:8a:b5:58:4a:b5:74:84:4d:
df:4d:95:74:99:02:9e:c2:5b:0e:97:1c:c5:9c:46:e1:e7:fd:
ba:71:18:f4:c1:76:72:8a:98:be:6c:61:90:1e:0d:a1:e1:58:
4e:bf:7c:ad:1c:68:70:27:e4:c7:e3:c1:ba:82:c5:74:b1:22:
dc:30:ff:b1:ed:90:14:cc:2d:55:13:ee:e1:34:4d:aa:a5:33:
36:75:fd:72:a7:a0:4e:43:1e:50:19:7b:08:70:19:15:7c:a6:
51:23:41:b8:07:0b:76:e3:71:43:38:74:ac:b3:c5:6b:c3:21:
d8:23:7b:49:12:1f:cc:5e:d7:10:8d:be:26:1b:db:9f:3a:1c:
79:17:a9:d4:8e:d4:4f:dc:c2:c0:ae:8f:ec:cb:1a:0e:79:a5:
54:87:0b:00:86:32:1b:f3:97:3b:59:92:40:66:cf:16:95:35:
6e:43:c7:eb
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIDef2kMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGE1
YWU4YTNkOGJkYWFiZjQ3NjVmZGE3OWQ1NWVjYThjNjljOGJmMmMwHhcNMjIwMTAx
MDMwMTEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhmYzQyMjY5OGY2MGQ3
ZGJmM2U3YzYxODVlZDc2ZmZkNzQ5YWM2NTQ0MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA0HBZc00s7LEJqEkfPpXpFERNT0K9ALhELVQQVvRsCgbfdXfd
PO/yE8BZDtb5RWLl4KH2cBPWgVsLYDbEKeVLxUno26J+660N/fq+8c8k8g8kCSwp
gLSyW5JW7HpS8wkP31/rRoRJDRCnonNSTjDw5YdK1bwxCN3OiLyTIEA4/I7LlRX+
z0ZVye952Sl19RdvciFNcPPNaFecJvGMoPXthUvpe4vltSvQw0i7RsLj7fZwDJzH
6hAT3cdmYcLxWcSK07idwsQSitVGS3ngAvk1pqzqWD0FB/oZnrTwj/VHGuu0EkRy
ivw6vXWBRKqjfFnwQB7oyxA7NGbRvP+TwAbk6wIDAQABo4ICGzCCAhcwHQYDVR0O
BBYEFPxCJpj2DX2/Pnxhhe12/9dJrGVEMB8GA1UdIwQYMBaAFKWuij2L2qv0dl/a
edVeyoxpyL8sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
cGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEtNDE2Zjg1ZWUyMzdiLzEv
X0VJbW1QWU5mYjgtZkdHRjdYYl8xMG1zWlVRLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8w
ZDI4MGMtOWQ4OC00YWVhLWI1MjEtNDE2Zjg1ZWUyMzdiLzEvcGE2S1BZdmFxX1Iy
WDlwNTFWN0tqR25Jdnl3LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDEG
CCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAJdHAAwQAJdHCAwQAJdHEAwQAJdHG
MA0GCSqGSIb3DQEBCwUAA4IBAQAjjj+uZ2uvPQIZlq11ig/0emrpae8OGAlCWkDn
SxjcMFIgXP969n7fUoYQDUEgIGOqVCHsz/yr3bn5j7XuNcRUJk6jBmymdRtAjH7P
te/G8/EDirVYSrV0hE3fTZV0mQKewlsOlxzFnEbh5/26cRj0wXZyipi+bGGQHg2h
4VhOv3ytHGhwJ+TH48G6gsV0sSLcMP+x7ZAUzC1VE+7hNE2qpTM2df1yp6BOQx5Q
GXsIcBkVfKZRI0G4Bwt243FDOHSss8VrwyHYI3tJEh/MXtcQjb4mG9ufOhx5F6nU
jtRP3MLAro/syxoOeaVUhwsAhjIb85c7WZJAZs8WlTVuQ8fr
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:21 2023 by rpki-client on console-ams.rpki-client.org