Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/wxohsZMOHRvvwbpAv28eS7aNHDg.roa
File: wxohsZMOHRvvwbpAv28eS7aNHDg.roa (raw, json)
Hash identifier: 9O3ELERP3ZckxZvxfOuwHRM2GhamCS5W5k9e9MZ5dqs=
Subject key identifier: C3:1A:21:B1:93:0E:1D:1B:EF:C1:BA:40:BF:6F:1E:4B:B6:8D:1C:38
Certificate issuer: /CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Certificate serial: 752567
Authority key identifier: A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/wxohsZMOHRvvwbpAv28eS7aNHDg.roa
Signing time: Sat 01 Jan 2022 03:01:07 +0000
ROA not before: Sat 01 Jan 2022 03:01:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 397231
IP address blocks: 37.209.192.0/24 maxlen: 24
37.209.198.0/24 maxlen: 24
37.209.196.0/24 maxlen: 24
37.209.194.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7677287 (0x752567)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Validity
Not Before: Jan 1 03:01:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c31a21b1930e1d1befc1ba40bf6f1e4bb68d1c38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:f7:90:99:5d:d7:ee:41:70:fb:ff:b0:1e:40:
71:d0:76:90:14:77:2e:83:9d:1d:39:84:a5:3e:2d:
ee:1e:63:7b:e7:5c:3d:b6:82:66:65:7a:e8:76:2a:
55:99:7c:c4:58:41:a8:c4:6e:6a:71:db:ba:94:ed:
5c:dd:c5:29:d2:ec:46:24:1e:78:4e:10:da:7b:49:
e5:7a:96:de:15:2d:2c:8f:f8:cb:c8:bf:36:2f:96:
69:dc:8d:e2:de:39:da:1d:34:30:b2:68:8c:78:75:
e6:bd:7c:58:cd:dd:a5:b7:e2:b0:7c:62:e2:dc:53:
c8:06:83:8c:1d:6e:00:5f:26:5c:b6:c2:32:e6:27:
03:f5:77:33:44:a3:e3:88:d7:f8:a6:9d:b2:1c:46:
78:f3:5d:93:2d:7e:35:1d:d9:fa:78:b6:94:6b:1a:
50:d2:b2:c6:71:14:cc:b7:35:a4:4b:02:0a:f7:de:
94:27:3b:7a:55:62:7a:d5:7b:7a:09:08:3e:13:6a:
72:c6:41:54:2a:7b:ed:05:72:73:99:39:eb:2b:4f:
fb:58:70:b3:55:dd:58:e5:cf:66:f0:a9:b1:9b:df:
f3:00:d9:a5:c5:65:f1:dd:04:3e:78:8c:0a:d0:18:
35:69:7e:da:9f:e7:7e:1f:ba:f6:4a:2b:bf:87:a1:
d0:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:1A:21:B1:93:0E:1D:1B:EF:C1:BA:40:BF:6F:1E:4B:B6:8D:1C:38
X509v3 Authority Key Identifier:
keyid:A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/wxohsZMOHRvvwbpAv28eS7aNHDg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.209.192.0/24
37.209.194.0/24
37.209.196.0/24
37.209.198.0/24
Signature Algorithm: sha256WithRSAEncryption
65:22:6d:61:7f:25:68:46:bd:77:42:6c:f1:23:45:8a:35:a5:
26:a4:43:29:93:4d:50:3b:95:4c:77:c8:a2:d8:95:bf:97:7f:
a0:3c:7b:b0:d9:8a:99:17:cc:a6:8d:58:81:f3:e4:ff:f9:1a:
87:38:b0:b5:0b:fc:e4:83:ff:ea:82:f3:e4:6b:3a:71:13:17:
10:ad:8e:6a:18:ab:a9:13:b7:d9:59:0a:cb:06:89:16:fe:32:
de:56:3f:c9:10:23:86:f2:1f:7f:ca:30:52:c7:69:21:e8:bd:
f0:a9:8e:49:56:2c:d7:51:88:af:7a:67:18:60:5a:7c:8a:81:
25:d4:fe:0b:c8:2a:66:ea:f4:57:62:c2:56:df:6a:5f:09:a7:
ae:cb:9e:f5:51:81:be:36:c3:68:21:54:2c:09:a7:47:c8:7b:
fb:36:17:96:d6:a3:33:90:f6:a1:48:8f:92:8e:e8:df:26:f7:
94:4a:1c:27:03:0b:39:54:99:6d:de:20:a4:36:d2:9c:09:0c:
0b:35:0f:40:b1:8c:25:53:b7:92:64:49:90:cf:1d:8e:25:b7:
04:81:f6:ee:21:bd:c9:d5:c7:2e:26:61:93:ad:87:31:a0:d1:
89:05:f0:79:c3:96:75:2a:fa:d1:16:30:30:f5:34:c5:f5:e2:
16:20:7d:94
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIDdSVnMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGE1
YWU4YTNkOGJkYWFiZjQ3NjVmZGE3OWQ1NWVjYThjNjljOGJmMmMwHhcNMjIwMTAx
MDMwMTA3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhjMzFhMjFiMTkzMGUx
ZDFiZWZjMWJhNDBiZjZmMWU0YmI2OGQxYzM4MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEArfeQmV3X7kFw+/+wHkBx0HaQFHcug50dOYSlPi3uHmN751w9
toJmZXrodipVmXzEWEGoxG5qcdu6lO1c3cUp0uxGJB54ThDae0nlepbeFS0sj/jL
yL82L5Zp3I3i3jnaHTQwsmiMeHXmvXxYzd2lt+KwfGLi3FPIBoOMHW4AXyZctsIy
5icD9XczRKPjiNf4pp2yHEZ4812TLX41Hdn6eLaUaxpQ0rLGcRTMtzWkSwIK996U
Jzt6VWJ61Xt6CQg+E2pyxkFUKnvtBXJzmTnrK0/7WHCzVd1Y5c9m8Kmxm9/zANml
xWXx3QQ+eIwK0Bg1aX7an+d+H7r2Siu/h6HQyQIDAQABo4ICGzCCAhcwHQYDVR0O
BBYEFMMaIbGTDh0b78G6QL9vHku2jRw4MB8GA1UdIwQYMBaAFKWuij2L2qv0dl/a
edVeyoxpyL8sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
cGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEtNDE2Zjg1ZWUyMzdiLzEv
d3hvaHNaTU9IUnZ2d2JwQXYyOGVTN2FOSERnLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8w
ZDI4MGMtOWQ4OC00YWVhLWI1MjEtNDE2Zjg1ZWUyMzdiLzEvcGE2S1BZdmFxX1Iy
WDlwNTFWN0tqR25Jdnl3LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDEG
CCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAJdHAAwQAJdHCAwQAJdHEAwQAJdHG
MA0GCSqGSIb3DQEBCwUAA4IBAQBlIm1hfyVoRr13QmzxI0WKNaUmpEMpk01QO5VM
d8ii2JW/l3+gPHuw2YqZF8ymjViB8+T/+RqHOLC1C/zkg//qgvPkazpxExcQrY5q
GKupE7fZWQrLBokW/jLeVj/JECOG8h9/yjBSx2kh6L3wqY5JVizXUYivemcYYFp8
ioEl1P4LyCpm6vRXYsJW32pfCaeuy571UYG+NsNoIVQsCadHyHv7NheW1qMzkPah
SI+SjujfJveUShwnAws5VJlt3iCkNtKcCQwLNQ9AsYwlU7eSZEmQzx2OJbcEgfbu
Ib3J1ccuJmGTrYcxoNGJBfB5w5Z1KvrRFjAw9TTF9eIWIH2U
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:38 2023 by rpki-client on console-fra.rpki-client.org