Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/eab4d8-6afd-4f81-ab10-464eb183b568/1/twGPhGvH6NR6yaEuax7OhAYPBzg.roa
File: twGPhGvH6NR6yaEuax7OhAYPBzg.roa (raw, json)
Hash identifier: hfjppH6Jlwft+ZK5UY+d4XbIxyQOaxtEUc2OfeoXpJ4=
Subject key identifier: B7:01:8F:84:6B:C7:E8:D4:7A:C9:A1:2E:6B:1E:CE:84:06:0F:07:38
Certificate issuer: /CN=e801f23ce821c264d67727536ec183537594c5f2
Certificate serial: 371D2951
Authority key identifier: E8:01:F2:3C:E8:21:C2:64:D6:77:27:53:6E:C1:83:53:75:94:C5:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6AHyPOghwmTWdydTbsGDU3WUxfI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/eab4d8-6afd-4f81-ab10-464eb183b568/1/twGPhGvH6NR6yaEuax7OhAYPBzg.roa
Signing time: Sat 01 Jan 2022 11:59:58 +0000
ROA not before: Sat 01 Jan 2022 11:59:58 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49858
IP address blocks: 37.156.194.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 924658001 (0x371d2951)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e801f23ce821c264d67727536ec183537594c5f2
Validity
Not Before: Jan 1 11:59:58 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b7018f846bc7e8d47ac9a12e6b1ece84060f0738
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:1b:73:a4:87:a0:af:2b:f1:38:48:52:78:f6:
d5:d8:a7:c4:3f:5a:02:a6:ed:c0:18:9b:0f:e2:fc:
42:d1:af:73:b0:95:6d:1c:e7:37:33:7f:90:16:18:
a9:5c:bc:6c:9b:72:fc:d8:82:3c:5d:9a:06:24:c0:
f2:12:dd:19:14:9c:df:e8:8b:fa:f2:bf:f6:66:29:
07:ad:11:24:03:fe:36:7b:43:5c:0b:64:8a:4b:c3:
0d:bf:0e:d4:db:69:f0:98:c4:6e:4b:a8:dd:45:34:
dc:26:2f:97:fa:a4:e0:5b:f6:0a:6a:cd:94:ce:89:
69:5a:b9:c4:23:de:d9:48:54:e6:d6:3e:67:91:2b:
c6:ca:96:50:9b:f0:f0:8c:97:99:5e:3a:6d:7d:1d:
f1:63:76:ac:cd:c6:52:b3:27:32:4b:42:6d:09:fb:
7d:0e:5c:1b:de:70:50:3f:74:12:e5:82:74:bc:15:
a0:50:6d:5b:2e:03:0f:c4:68:7f:95:2c:6a:18:56:
da:42:b5:ff:5b:87:9e:f7:d6:c0:1f:6a:1b:14:8a:
8d:30:a4:1f:73:39:c7:90:3f:49:ae:5a:4b:cb:16:
6b:90:9b:b3:0b:d5:5f:db:91:d7:b1:5f:ec:3b:e5:
a1:73:64:69:94:db:e0:d6:08:0b:b1:f1:1f:8a:53:
6d:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:01:8F:84:6B:C7:E8:D4:7A:C9:A1:2E:6B:1E:CE:84:06:0F:07:38
X509v3 Authority Key Identifier:
keyid:E8:01:F2:3C:E8:21:C2:64:D6:77:27:53:6E:C1:83:53:75:94:C5:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6AHyPOghwmTWdydTbsGDU3WUxfI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/eab4d8-6afd-4f81-ab10-464eb183b568/1/twGPhGvH6NR6yaEuax7OhAYPBzg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/eab4d8-6afd-4f81-ab10-464eb183b568/1/6AHyPOghwmTWdydTbsGDU3WUxfI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.156.194.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:3c:6e:0d:af:5d:76:69:7e:ff:7e:13:12:09:3e:3e:12:55:
89:a9:ba:aa:41:ae:57:61:01:cc:f6:54:97:42:e9:d7:16:c6:
c2:82:8a:2c:0b:70:13:b6:83:97:16:7c:7e:7d:27:98:7d:9f:
3a:7d:54:17:12:9d:a2:ea:13:60:64:95:c9:7f:cd:0a:12:97:
07:8f:f6:f4:70:57:cd:dd:57:e7:7b:0b:86:53:02:af:7d:df:
b4:69:83:0d:2e:15:b2:5c:70:48:03:d0:d6:d8:7c:92:f6:6e:
03:20:54:55:68:64:c3:a2:66:38:84:fb:15:b6:fa:a6:68:30:
13:79:59:c7:d8:c8:19:8e:3a:d2:f6:16:4f:89:11:22:10:30:
46:95:02:74:25:50:cb:c1:b0:5e:97:41:7c:b4:4a:6d:1f:8f:
17:84:58:3d:ee:2c:f6:ca:2c:7e:6e:f2:00:f9:94:f8:84:62:
3d:de:41:c1:98:b2:b2:94:03:30:d4:4b:b6:10:fb:92:ec:78:
2e:e7:58:a3:e7:91:41:80:c4:c5:38:2e:18:58:8f:b7:55:c7:
7a:53:a9:3c:10:75:35:04:0b:aa:9a:ff:06:bd:60:14:30:f4:
f8:ac:e3:61:1e:da:70:e4:d4:a4:d4:37:fc:ff:4c:37:ab:ef:
e5:3a:f2:4b
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIENx0pUTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
ODAxZjIzY2U4MjFjMjY0ZDY3NzI3NTM2ZWMxODM1Mzc1OTRjNWYyMB4XDTIyMDEw
MTExNTk1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjcwMThmODQ2YmM3
ZThkNDdhYzlhMTJlNmIxZWNlODQwNjBmMDczODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMQbc6SHoK8r8ThIUnj21dinxD9aAqbtwBibD+L8QtGvc7CV
bRznNzN/kBYYqVy8bJty/NiCPF2aBiTA8hLdGRSc3+iL+vK/9mYpB60RJAP+NntD
XAtkikvDDb8O1Ntp8JjEbkuo3UU03CYvl/qk4Fv2CmrNlM6JaVq5xCPe2UhU5tY+
Z5ErxsqWUJvw8IyXmV46bX0d8WN2rM3GUrMnMktCbQn7fQ5cG95wUD90EuWCdLwV
oFBtWy4DD8Rof5UsahhW2kK1/1uHnvfWwB9qGxSKjTCkH3M5x5A/Sa5aS8sWa5Cb
swvVX9uR17Ff7DvloXNkaZTb4NYIC7HxH4pTbeUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBS3AY+Ea8fo1HrJoS5rHs6EBg8HODAfBgNVHSMEGDAWgBToAfI86CHCZNZ3
J1NuwYNTdZTF8jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzZBSHlQT2dod21UV2R5ZFRic0dEVTNXVXhmSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjAvZWFiNGQ4LTZhZmQtNGY4MS1hYjEwLTQ2NGViMTgzYjU2OC8x
L3R3R1BoR3ZINk5SNnlhRXVheDdPaEFZUEJ6Zy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjAv
ZWFiNGQ4LTZhZmQtNGY4MS1hYjEwLTQ2NGViMTgzYjU2OC8xLzZBSHlQT2dod21U
V2R5ZFRic0dEVTNXVXhmSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEACWcwjANBgkqhkiG9w0BAQsFAAOC
AQEASjxuDa9ddml+/34TEgk+PhJViam6qkGuV2EBzPZUl0Lp1xbGwoKKLAtwE7aD
lxZ8fn0nmH2fOn1UFxKdouoTYGSVyX/NChKXB4/29HBXzd1X53sLhlMCr33ftGmD
DS4VslxwSAPQ1th8kvZuAyBUVWhkw6JmOIT7Fbb6pmgwE3lZx9jIGY460vYWT4kR
IhAwRpUCdCVQy8GwXpdBfLRKbR+PF4RYPe4s9sosfm7yAPmU+IRiPd5BwZiyspQD
MNRLthD7kux4LudYo+eRQYDExTguGFiPt1XHelOpPBB1NQQLqpr/Br1gFDD0+Kzj
YR7acOTUpNQ3/P9MN6vv5TrySw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:00:39 2023 by rpki-client on console-ams.rpki-client.org