Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/n6NlOSeoIg85z4UDmUqhWbCN-SA.roa
File: n6NlOSeoIg85z4UDmUqhWbCN-SA.roa (raw, json)
Hash identifier: 1hUMMArRzo2yEjHrczsB6Hlnat7T1XxLjyfosKVqvqQ=
Subject key identifier: 9F:A3:65:39:27:A8:22:0F:39:CF:85:03:99:4A:A1:59:B0:8D:F9:20
Certificate issuer: /CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Certificate serial: 7A92A8
Authority key identifier: A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/n6NlOSeoIg85z4UDmUqhWbCN-SA.roa
Signing time: Sat 01 Jan 2022 03:01:11 +0000
ROA not before: Sat 01 Jan 2022 03:01:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 397243
IP address blocks: 37.209.192.0/24 maxlen: 24
37.209.196.0/24 maxlen: 24
37.209.194.0/24 maxlen: 24
37.209.198.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8032936 (0x7a92a8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Validity
Not Before: Jan 1 03:01:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9fa3653927a8220f39cf8503994aa159b08df920
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:6b:1f:17:b7:61:2e:4d:30:65:08:71:a6:fe:
08:c5:7f:c4:9d:12:fa:c2:a0:1d:5a:ea:c0:f6:40:
66:42:46:47:0a:15:e8:9d:2f:66:14:34:30:af:31:
8b:92:11:89:95:61:d2:9b:23:1f:af:73:b5:c2:85:
69:5b:2a:06:e3:97:b6:70:d0:49:3d:2d:3a:f0:37:
7a:fd:e7:0e:17:31:43:af:7b:3f:1d:61:5d:d5:c8:
c6:21:4f:1b:f7:a3:01:a2:4f:9b:49:99:7b:26:12:
7d:77:7c:d0:c7:cd:ad:84:ce:7e:36:b7:7b:9c:86:
eb:04:fa:4a:1a:07:73:2d:c1:41:57:0b:15:6c:2e:
64:8c:55:18:2f:6b:87:fe:ea:56:b9:d0:1a:0e:14:
80:84:68:0a:12:5d:64:ba:a7:6b:e5:46:5d:cf:de:
0d:bc:13:cd:4e:7c:d2:3e:51:26:30:d8:f1:e6:10:
94:7c:54:bb:03:29:85:d1:e9:0f:73:a7:07:13:f8:
7c:ef:ee:79:12:01:6a:c7:a2:61:3b:9b:58:8a:dc:
69:90:d0:59:8c:e6:dc:10:fd:2e:ed:ef:74:01:a5:
0a:9f:2e:1c:4c:02:97:60:8a:8a:41:12:80:98:41:
df:b8:37:41:03:7c:c2:1a:74:27:de:10:d7:77:03:
da:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:A3:65:39:27:A8:22:0F:39:CF:85:03:99:4A:A1:59:B0:8D:F9:20
X509v3 Authority Key Identifier:
keyid:A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/n6NlOSeoIg85z4UDmUqhWbCN-SA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.209.192.0/24
37.209.194.0/24
37.209.196.0/24
37.209.198.0/24
Signature Algorithm: sha256WithRSAEncryption
69:05:4f:d9:98:4c:68:60:1d:bc:22:63:24:fb:fe:de:6a:04:
20:14:dc:14:24:4d:03:eb:24:9c:1c:9d:b5:71:ed:25:56:b0:
13:62:aa:f1:a4:8a:b1:42:dc:91:23:02:aa:dc:25:9e:6a:78:
a6:49:c0:f9:58:95:45:e1:b1:9c:70:b5:0b:6f:ee:26:5b:1b:
a6:ec:3b:d5:c5:a2:c7:b1:e2:08:79:b0:98:b4:f9:57:7b:38:
67:79:ba:04:2c:d8:8c:de:b5:54:45:41:7d:6c:bd:8c:30:a9:
cb:e0:97:01:54:4f:55:a7:ea:57:fa:a7:d7:a5:30:e0:b3:ad:
09:e8:4d:5b:9a:9b:9b:d8:aa:ed:6e:00:d2:ed:84:a9:69:cb:
7d:c0:f0:a5:32:cf:f2:0e:f4:32:8e:6c:30:7e:94:2d:7c:f5:
71:83:2e:10:69:e1:2d:c7:6d:d7:05:84:53:9f:22:e0:93:89:
ef:f5:38:25:2a:33:a3:0d:8f:fe:e2:d2:70:52:fa:18:90:2a:
74:b0:dd:a2:ea:71:00:cb:02:49:49:96:e4:17:a8:fb:cf:10:
83:50:a8:94:f1:07:ee:37:57:6a:f9:6b:b5:6d:e1:3b:e2:38:
0c:2d:f2:70:52:3d:27:1f:cc:06:34:44:f4:a4:a1:b5:3a:2c:
41:8f:f5:10
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIDepKoMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGE1
YWU4YTNkOGJkYWFiZjQ3NjVmZGE3OWQ1NWVjYThjNjljOGJmMmMwHhcNMjIwMTAx
MDMwMTExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg5ZmEzNjUzOTI3YTgy
MjBmMzljZjg1MDM5OTRhYTE1OWIwOGRmOTIwMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAp2sfF7dhLk0wZQhxpv4IxX/EnRL6wqAdWurA9kBmQkZHChXo
nS9mFDQwrzGLkhGJlWHSmyMfr3O1woVpWyoG45e2cNBJPS068Dd6/ecOFzFDr3s/
HWFd1cjGIU8b96MBok+bSZl7JhJ9d3zQx82thM5+Nrd7nIbrBPpKGgdzLcFBVwsV
bC5kjFUYL2uH/upWudAaDhSAhGgKEl1kuqdr5UZdz94NvBPNTnzSPlEmMNjx5hCU
fFS7AymF0ekPc6cHE/h87+55EgFqx6JhO5tYitxpkNBZjObcEP0u7e90AaUKny4c
TAKXYIqKQRKAmEHfuDdBA3zCGnQn3hDXdwPajwIDAQABo4ICGzCCAhcwHQYDVR0O
BBYEFJ+jZTknqCIPOc+FA5lKoVmwjfkgMB8GA1UdIwQYMBaAFKWuij2L2qv0dl/a
edVeyoxpyL8sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
cGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEtNDE2Zjg1ZWUyMzdiLzEv
bjZObE9TZW9JZzg1ejRVRG1VcWhXYkNOLVNBLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8w
ZDI4MGMtOWQ4OC00YWVhLWI1MjEtNDE2Zjg1ZWUyMzdiLzEvcGE2S1BZdmFxX1Iy
WDlwNTFWN0tqR25Jdnl3LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDEG
CCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAJdHAAwQAJdHCAwQAJdHEAwQAJdHG
MA0GCSqGSIb3DQEBCwUAA4IBAQBpBU/ZmExoYB28ImMk+/7eagQgFNwUJE0D6ySc
HJ21ce0lVrATYqrxpIqxQtyRIwKq3CWeanimScD5WJVF4bGccLULb+4mWxum7DvV
xaLHseIIebCYtPlXezhneboELNiM3rVURUF9bL2MMKnL4JcBVE9Vp+pX+qfXpTDg
s60J6E1bmpub2KrtbgDS7YSpact9wPClMs/yDvQyjmwwfpQtfPVxgy4QaeEtx23X
BYRTnyLgk4nv9TglKjOjDY/+4tJwUvoYkCp0sN2i6nEAywJJSZbkF6j7zxCDUKiU
8QfuN1dq+Wu1beE74jgMLfJwUj0nH8wGNET0pKG1OixBj/UQ
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:38 2023 by rpki-client on console-fra.rpki-client.org