Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/161c3f-b83d-45b1-aa8e-d1bb6b4dd701/1/iT3Qfn-_yisUFWw3c5KlEzzkkUY.roa
File: iT3Qfn-_yisUFWw3c5KlEzzkkUY.roa (raw, json)
Hash identifier: /KYbFkVBiWay0m+KLL3521Z7NQSGeF/gbWndJu6/ZyI=
Subject key identifier: 89:3D:D0:7E:7F:BF:CA:2B:14:15:6C:37:73:92:A5:13:3C:E4:91:46
Certificate issuer: /CN=14bee0ebd06b4b812f9e13716e25f1c3c3d14cc6
Certificate serial: 09EF4AF9
Authority key identifier: 14:BE:E0:EB:D0:6B:4B:81:2F:9E:13:71:6E:25:F1:C3:C3:D1:4C:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FL7g69BrS4EvnhNxbiXxw8PRTMY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/161c3f-b83d-45b1-aa8e-d1bb6b4dd701/1/iT3Qfn-_yisUFWw3c5KlEzzkkUY.roa
Signing time: Tue 08 Feb 2022 10:45:25 +0000
ROA not before: Tue 08 Feb 2022 10:45:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 213035
IP address blocks: 37.0.9.0/24 maxlen: 24
37.0.12.0/23 maxlen: 24
85.202.170.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 166677241 (0x9ef4af9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=14bee0ebd06b4b812f9e13716e25f1c3c3d14cc6
Validity
Not Before: Feb 8 10:45:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=893dd07e7fbfca2b14156c377392a5133ce49146
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:b8:a5:97:5d:dd:36:69:ba:69:b7:db:2f:18:
a4:60:a0:7c:8e:19:07:06:0c:62:c2:89:c3:2b:9f:
93:37:2c:08:87:5d:cc:9b:d2:c4:1e:99:31:42:70:
da:64:3f:11:21:e0:ef:04:ef:2c:d1:8f:ca:fd:96:
08:9f:1c:d3:e3:c5:89:91:c6:72:eb:40:ae:2d:75:
38:97:b0:a2:5d:f0:b9:70:4f:e7:91:78:86:f5:dd:
01:76:5d:ca:bf:ed:c7:58:f2:e2:39:2e:c6:7c:48:
cf:75:32:41:b8:a7:9d:61:24:dd:91:74:b2:6d:6e:
89:0a:22:74:c3:98:1b:3a:72:40:f9:15:46:b2:99:
00:7d:f6:6f:0e:96:2a:c9:0d:2e:6d:de:ad:48:10:
e4:4b:65:9f:20:a3:e0:2b:d0:69:d4:a1:a9:40:2a:
a6:77:8f:f6:dc:6c:9b:32:d2:96:d6:38:3c:44:88:
8a:91:26:18:e5:2e:1b:2f:e2:91:d2:c6:3d:44:f6:
32:2d:88:94:98:f4:27:a4:29:2e:dc:fd:a5:74:7d:
56:9b:2b:bb:fc:da:1b:60:f3:92:a6:a5:cc:e7:df:
60:75:b3:0a:28:46:b3:09:d0:b1:c7:d3:cb:f1:32:
1b:3b:1c:b9:02:c1:1f:00:36:a5:bf:cc:ad:65:ba:
14:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:3D:D0:7E:7F:BF:CA:2B:14:15:6C:37:73:92:A5:13:3C:E4:91:46
X509v3 Authority Key Identifier:
keyid:14:BE:E0:EB:D0:6B:4B:81:2F:9E:13:71:6E:25:F1:C3:C3:D1:4C:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FL7g69BrS4EvnhNxbiXxw8PRTMY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/161c3f-b83d-45b1-aa8e-d1bb6b4dd701/1/iT3Qfn-_yisUFWw3c5KlEzzkkUY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/161c3f-b83d-45b1-aa8e-d1bb6b4dd701/1/FL7g69BrS4EvnhNxbiXxw8PRTMY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.0.9.0/24
37.0.12.0/23
85.202.170.0/23
Signature Algorithm: sha256WithRSAEncryption
76:b3:93:c4:38:f4:dd:48:89:0b:4f:bb:4f:f4:88:db:aa:bf:
87:e7:65:ca:22:00:6d:38:0f:c5:12:f8:e3:1a:6f:50:ef:8e:
57:34:de:ad:9d:bc:b1:a8:7a:f7:a7:07:6b:9e:73:b1:11:f4:
37:8f:79:f4:d2:b1:a2:92:ba:34:cc:06:9b:cb:92:c6:86:50:
b3:d5:25:d8:4e:4b:fc:1b:97:46:30:30:f4:9f:cd:0d:70:24:
f1:57:9e:50:70:c2:0b:0d:6f:dd:1f:66:dc:ac:7e:02:54:41:
22:b7:89:1f:00:d9:ab:16:57:88:72:ee:aa:47:5f:10:de:cb:
a5:e9:3d:c5:16:89:3f:a3:bc:2e:9e:93:e7:5e:ca:c8:e0:8a:
c4:57:94:a4:d6:b5:45:39:a6:cb:77:4a:0a:97:ec:d5:2b:de:
f6:54:38:76:dc:ca:58:3e:ec:2a:3d:96:75:0e:75:34:07:8f:
05:96:d7:d6:5e:60:fd:ea:b5:e5:7b:4a:f1:fb:88:23:6f:97:
5d:ec:b8:66:12:bf:f2:5d:92:e7:fd:83:0b:8c:60:54:e5:6e:
a8:9b:82:4f:33:a6:4e:2d:26:c8:ab:c3:37:eb:70:a6:34:5e:
2e:5d:1a:71:87:af:e2:b5:4b:36:51:90:8a:cb:e6:94:ec:9f:
4a:62:42:88
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIECe9K+TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
NGJlZTBlYmQwNmI0YjgxMmY5ZTEzNzE2ZTI1ZjFjM2MzZDE0Y2M2MB4XDTIyMDIw
ODEwNDUyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODkzZGQwN2U3ZmJm
Y2EyYjE0MTU2YzM3NzM5MmE1MTMzY2U0OTE0NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM+4pZdd3TZpumm32y8YpGCgfI4ZBwYMYsKJwyufkzcsCIdd
zJvSxB6ZMUJw2mQ/ESHg7wTvLNGPyv2WCJ8c0+PFiZHGcutAri11OJewol3wuXBP
55F4hvXdAXZdyr/tx1jy4jkuxnxIz3UyQbinnWEk3ZF0sm1uiQoidMOYGzpyQPkV
RrKZAH32bw6WKskNLm3erUgQ5EtlnyCj4CvQadShqUAqpneP9txsmzLSltY4PESI
ipEmGOUuGy/ikdLGPUT2Mi2IlJj0J6QpLtz9pXR9Vpsru/zaG2DzkqalzOffYHWz
CihGswnQscfTy/EyGzscuQLBHwA2pb/MrWW6FPMCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBSJPdB+f7/KKxQVbDdzkqUTPOSRRjAfBgNVHSMEGDAWgBQUvuDr0GtLgS+e
E3FuJfHDw9FMxjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0ZMN2c2OUJyUzRFdm5oTnhiaVh4dzhQUlRNWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjUvMTYxYzNmLWI4M2QtNDViMS1hYThlLWQxYmI2YjRkZDcwMS8x
L2lUM1Fmbi1feWlzVUZXdzNjNUtsRXp6a2tVWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjUv
MTYxYzNmLWI4M2QtNDViMS1hYThlLWQxYmI2YjRkZDcwMS8xL0ZMN2c2OUJyUzRF
dm5oTnhiaVh4dzhQUlRNWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEACUACQMEASUADAMEAVXKqjANBgkq
hkiG9w0BAQsFAAOCAQEAdrOTxDj03UiJC0+7T/SI26q/h+dlyiIAbTgPxRL44xpv
UO+OVzTerZ28sah696cHa55zsRH0N4959NKxopK6NMwGm8uSxoZQs9Ul2E5L/BuX
RjAw9J/NDXAk8VeeUHDCCw1v3R9m3Kx+AlRBIreJHwDZqxZXiHLuqkdfEN7Lpek9
xRaJP6O8Lp6T517KyOCKxFeUpNa1RTmmy3dKCpfs1Sve9lQ4dtzKWD7sKj2WdQ51
NAePBZbX1l5g/eq15XtK8fuII2+XXey4ZhK/8l2S5/2DC4xgVOVuqJuCTzOmTi0m
yKvDN+twpjReLl0acYev4rVLNlGQisvmlOyfSmJCiA==
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:21:34 2025 by rpki-client