Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/mb7hr0k1EQ_8xinjTv0Mh1JlyEs.roa
File: mb7hr0k1EQ_8xinjTv0Mh1JlyEs.roa (raw, json)
Hash identifier: VXAMQSfwlGIur01fG7YpexuFu4KcTGOOP0vrVCCRnPw=
Subject key identifier: 99:BE:E1:AF:49:35:11:0F:FC:C6:29:E3:4E:FD:0C:87:52:65:C8:4B
Certificate issuer: /CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Certificate serial: 6B35CB
Authority key identifier: A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/mb7hr0k1EQ_8xinjTv0Mh1JlyEs.roa
Signing time: Sat 01 Jan 2022 03:00:57 +0000
ROA not before: Sat 01 Jan 2022 03:00:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12008
IP address blocks: 37.209.192.0/24 maxlen: 24
37.209.198.0/24 maxlen: 24
37.209.194.0/24 maxlen: 24
37.209.196.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7026123 (0x6b35cb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Validity
Not Before: Jan 1 03:00:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=99bee1af4935110ffcc629e34efd0c875265c84b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:4d:93:8a:ff:d6:7e:f3:0b:a2:b8:d8:06:a3:
bf:9f:a3:f2:2b:31:ea:6c:58:75:90:e5:e7:21:2f:
ca:31:7c:d2:14:28:a4:30:83:f1:dc:9c:44:40:7d:
c5:3e:83:62:ea:f2:5f:e9:e0:cc:a0:2a:14:5d:cc:
6d:28:df:2a:8f:34:c3:e7:bf:4b:56:1e:a5:a3:66:
0e:b4:5e:f8:94:af:07:5a:a0:46:32:21:7f:c8:d0:
6d:82:e4:d3:e0:21:17:ce:96:fb:5d:26:fd:14:89:
2b:18:81:67:b4:dc:31:bd:12:cc:45:21:16:58:f8:
ad:ea:df:8a:b0:f4:b2:cd:22:0c:fe:fe:3c:ad:27:
ef:df:c0:26:bc:71:0c:23:ce:fb:0d:1b:32:63:62:
48:06:66:57:d3:c1:e3:53:2f:81:98:ac:fd:df:7c:
ae:55:8d:0c:b0:98:2a:65:ab:68:8e:f2:27:05:f8:
63:8d:7c:31:44:a9:6d:01:8d:6e:fa:31:d6:a1:8d:
18:50:4d:c2:dd:8d:a7:dc:65:ad:1f:52:43:11:6a:
c1:bb:bf:08:4e:bb:53:9a:27:6f:49:27:4a:fd:e5:
93:70:5b:e7:b3:61:f5:e5:0e:c4:cc:f4:67:df:95:
ec:59:f0:47:8f:06:98:c7:84:a1:91:ef:ac:a1:37:
c8:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:BE:E1:AF:49:35:11:0F:FC:C6:29:E3:4E:FD:0C:87:52:65:C8:4B
X509v3 Authority Key Identifier:
keyid:A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/mb7hr0k1EQ_8xinjTv0Mh1JlyEs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.209.192.0/24
37.209.194.0/24
37.209.196.0/24
37.209.198.0/24
Signature Algorithm: sha256WithRSAEncryption
70:06:08:4e:90:df:6d:6c:3b:e7:38:71:5e:9d:0b:03:af:3f:
ec:68:78:bd:a4:07:dd:39:5c:60:a2:ba:a3:b3:e2:d1:3f:66:
77:a8:08:4e:03:61:03:f1:78:00:8b:e7:6c:c2:23:a4:15:22:
1f:98:05:6e:d8:e6:d6:87:67:68:61:26:e3:fc:5f:80:38:13:
77:05:e7:d6:c4:2f:e2:90:d0:2d:67:73:52:c2:47:db:fa:26:
f1:a0:e1:15:b0:73:f1:93:6b:02:7f:43:75:c1:ef:86:4d:16:
49:25:74:b3:59:9a:47:f3:78:48:81:16:ed:13:bb:b3:1f:e1:
c2:c2:04:b1:4b:c0:60:30:ac:8d:10:da:cd:6c:03:e2:ef:fd:
b7:c4:15:03:2f:e4:e2:9f:d8:91:01:9d:84:da:ee:0b:cd:a5:
0b:58:2d:6c:64:7c:72:db:b2:3c:e1:79:e3:b0:e7:83:fc:aa:
9a:a6:a0:73:55:94:e1:43:8d:0b:75:85:f4:b5:25:dc:7d:3e:
3c:23:c1:2c:61:22:b1:47:9c:56:a0:3c:1b:fa:70:1e:a1:1a:
03:ad:77:56:be:5d:c8:20:ed:99:23:16:9d:18:ef:5d:be:ea:
d4:77:8d:dc:03:3c:2c:17:39:78:f5:22:ac:6f:4d:47:6c:94:
14:a2:e5:26
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIDazXLMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGE1
YWU4YTNkOGJkYWFiZjQ3NjVmZGE3OWQ1NWVjYThjNjljOGJmMmMwHhcNMjIwMTAx
MDMwMDU3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg5OWJlZTFhZjQ5MzUx
MTBmZmNjNjI5ZTM0ZWZkMGM4NzUyNjVjODRiMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAhk2Tiv/WfvMLorjYBqO/n6PyKzHqbFh1kOXnIS/KMXzSFCik
MIPx3JxEQH3FPoNi6vJf6eDMoCoUXcxtKN8qjzTD579LVh6lo2YOtF74lK8HWqBG
MiF/yNBtguTT4CEXzpb7XSb9FIkrGIFntNwxvRLMRSEWWPit6t+KsPSyzSIM/v48
rSfv38AmvHEMI877DRsyY2JIBmZX08HjUy+BmKz933yuVY0MsJgqZatojvInBfhj
jXwxRKltAY1u+jHWoY0YUE3C3Y2n3GWtH1JDEWrBu78ITrtTmidvSSdK/eWTcFvn
s2H15Q7EzPRn35XsWfBHjwaYx4Shke+soTfIqwIDAQABo4ICGzCCAhcwHQYDVR0O
BBYEFJm+4a9JNREP/MYp4079DIdSZchLMB8GA1UdIwQYMBaAFKWuij2L2qv0dl/a
edVeyoxpyL8sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
cGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEtNDE2Zjg1ZWUyMzdiLzEv
bWI3aHIwazFFUV84eGlualR2ME1oMUpseUVzLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8w
ZDI4MGMtOWQ4OC00YWVhLWI1MjEtNDE2Zjg1ZWUyMzdiLzEvcGE2S1BZdmFxX1Iy
WDlwNTFWN0tqR25Jdnl3LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDEG
CCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAJdHAAwQAJdHCAwQAJdHEAwQAJdHG
MA0GCSqGSIb3DQEBCwUAA4IBAQBwBghOkN9tbDvnOHFenQsDrz/saHi9pAfdOVxg
orqjs+LRP2Z3qAhOA2ED8XgAi+dswiOkFSIfmAVu2ObWh2doYSbj/F+AOBN3BefW
xC/ikNAtZ3NSwkfb+ibxoOEVsHPxk2sCf0N1we+GTRZJJXSzWZpH83hIgRbtE7uz
H+HCwgSxS8BgMKyNENrNbAPi7/23xBUDL+Tin9iRAZ2E2u4LzaULWC1sZHxy27I8
4XnjsOeD/KqapqBzVZThQ40LdYX0tSXcfT48I8EsYSKxR5xWoDwb+nAeoRoDrXdW
vl3IIO2ZIxadGO9dvurUd43cAzwsFzl49SKsb01HbJQUouUm
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:38 2023 by rpki-client on console-fra.rpki-client.org