Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/161c3f-b83d-45b1-aa8e-d1bb6b4dd701/1/m6TP3hbXh_n9dISrQBc3AsHBKks.roa
File: m6TP3hbXh_n9dISrQBc3AsHBKks.roa (raw, json)
Hash identifier: u0kINRtkVq7+FRApxyKAoRwLeOTF6XI2QWGYHkIwRQM=
Subject key identifier: 9B:A4:CF:DE:16:D7:87:F9:FD:74:84:AB:40:17:37:02:C1:C1:2A:4B
Certificate issuer: /CN=14bee0ebd06b4b812f9e13716e25f1c3c3d14cc6
Certificate serial: 09EF0E66
Authority key identifier: 14:BE:E0:EB:D0:6B:4B:81:2F:9E:13:71:6E:25:F1:C3:C3:D1:4C:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FL7g69BrS4EvnhNxbiXxw8PRTMY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/161c3f-b83d-45b1-aa8e-d1bb6b4dd701/1/m6TP3hbXh_n9dISrQBc3AsHBKks.roa
Signing time: Tue 08 Feb 2022 10:45:24 +0000
ROA not before: Tue 08 Feb 2022 10:45:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211252
IP address blocks: 37.0.8.0/24 maxlen: 24
37.0.10.0/23 maxlen: 24
37.0.14.0/24 maxlen: 24
85.202.168.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 166661734 (0x9ef0e66)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=14bee0ebd06b4b812f9e13716e25f1c3c3d14cc6
Validity
Not Before: Feb 8 10:45:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9ba4cfde16d787f9fd7484ab40173702c1c12a4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:3a:b0:f4:ec:31:e2:ac:9d:15:0c:f3:5f:68:
bd:df:cf:68:65:40:9a:59:b1:3c:66:bf:49:32:e1:
72:8f:62:fe:d1:7b:f5:98:45:2a:76:b9:00:30:c1:
73:6c:1f:81:17:8e:80:35:8d:af:b5:07:51:45:64:
6a:28:80:6a:59:7b:fe:00:d4:19:fe:e2:cf:eb:b5:
b2:36:1d:30:c1:0a:eb:2e:8e:86:13:0f:ed:dd:92:
0c:d6:56:96:23:96:2e:49:3e:95:83:76:a5:e5:d4:
4b:56:bc:8d:8f:5f:37:c6:d0:50:64:9c:60:42:f6:
1a:e4:56:ed:76:bc:c4:f4:42:ae:65:fb:65:b7:9c:
88:b3:4c:ed:a6:8d:ff:1b:75:a4:77:3c:6b:06:0f:
31:60:a1:4c:ed:5e:9f:ed:a4:7d:63:e6:1a:dc:17:
29:56:28:e8:c1:9a:38:fc:10:06:4b:8e:3a:3f:01:
df:d4:7e:b5:b6:79:88:66:78:2f:fa:69:65:1b:b5:
f6:bf:db:90:d2:7b:1e:d5:0a:f3:f4:28:9b:86:f4:
a6:d4:e8:c8:72:c4:3f:9b:1c:5d:11:d9:8a:c0:6f:
ac:48:c8:45:f5:0b:0f:20:3a:bc:e8:ce:37:e5:83:
2b:8d:b5:dc:cf:13:b6:95:03:62:12:f1:ac:28:b3:
49:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:A4:CF:DE:16:D7:87:F9:FD:74:84:AB:40:17:37:02:C1:C1:2A:4B
X509v3 Authority Key Identifier:
keyid:14:BE:E0:EB:D0:6B:4B:81:2F:9E:13:71:6E:25:F1:C3:C3:D1:4C:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FL7g69BrS4EvnhNxbiXxw8PRTMY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/161c3f-b83d-45b1-aa8e-d1bb6b4dd701/1/m6TP3hbXh_n9dISrQBc3AsHBKks.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/161c3f-b83d-45b1-aa8e-d1bb6b4dd701/1/FL7g69BrS4EvnhNxbiXxw8PRTMY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.0.8.0/24
37.0.10.0/23
37.0.14.0/24
85.202.168.0/23
Signature Algorithm: sha256WithRSAEncryption
71:4b:3d:c4:21:47:db:a3:66:1e:11:c0:af:9f:fd:2f:ed:c9:
5a:b2:57:fb:da:29:08:f3:71:d5:e6:f6:de:da:55:ef:95:cf:
cc:18:0d:e7:25:96:26:59:2e:47:86:90:da:f1:27:a1:94:30:
10:91:8e:f4:b6:a1:e9:6c:da:3b:cc:16:83:27:d2:98:61:5d:
f7:49:0e:42:30:ae:a0:c1:d0:cd:fb:f0:b6:fa:99:00:ed:01:
3b:17:e2:9c:45:a4:bc:7e:b9:11:1d:ea:c1:b6:21:c2:69:ca:
b4:a7:a8:44:c8:8f:39:49:55:d1:3f:9c:bc:55:c4:2f:57:75:
cf:16:fb:57:c1:96:39:4f:be:fb:fc:a2:b7:fa:21:b8:4e:15:
60:c3:67:e1:a0:8a:70:63:a0:25:c1:6a:db:e6:e0:13:46:4e:
d0:b5:01:f1:50:4a:65:d2:c7:e4:f8:05:ad:31:31:86:92:43:
d0:9b:17:8b:38:1f:c5:22:ab:24:a8:90:5a:86:8b:47:1e:d0:
9d:1c:f9:6e:f3:c3:ab:97:68:26:bf:42:91:35:5e:39:4b:a9:
f4:f1:ce:89:87:6b:3e:52:e6:a3:8a:50:f1:f1:44:17:d0:a5:
7e:af:07:18:dd:cd:99:ea:7c:96:3f:dd:2c:a0:e9:24:6a:99:
62:82:b7:e0
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIECe8OZjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
NGJlZTBlYmQwNmI0YjgxMmY5ZTEzNzE2ZTI1ZjFjM2MzZDE0Y2M2MB4XDTIyMDIw
ODEwNDUyNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWJhNGNmZGUxNmQ3
ODdmOWZkNzQ4NGFiNDAxNzM3MDJjMWMxMmE0YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANk6sPTsMeKsnRUM819ovd/PaGVAmlmxPGa/STLhco9i/tF7
9ZhFKna5ADDBc2wfgReOgDWNr7UHUUVkaiiAall7/gDUGf7iz+u1sjYdMMEK6y6O
hhMP7d2SDNZWliOWLkk+lYN2peXUS1a8jY9fN8bQUGScYEL2GuRW7Xa8xPRCrmX7
ZbeciLNM7aaN/xt1pHc8awYPMWChTO1en+2kfWPmGtwXKVYo6MGaOPwQBkuOOj8B
39R+tbZ5iGZ4L/ppZRu19r/bkNJ7HtUK8/Qom4b0ptToyHLEP5scXRHZisBvrEjI
RfULDyA6vOjON+WDK4213M8TtpUDYhLxrCizSSECAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBSbpM/eFteH+f10hKtAFzcCwcEqSzAfBgNVHSMEGDAWgBQUvuDr0GtLgS+e
E3FuJfHDw9FMxjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0ZMN2c2OUJyUzRFdm5oTnhiaVh4dzhQUlRNWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjUvMTYxYzNmLWI4M2QtNDViMS1hYThlLWQxYmI2YjRkZDcwMS8x
L202VFAzaGJYaF9uOWRJU3JRQmMzQXNIQktrcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjUv
MTYxYzNmLWI4M2QtNDViMS1hYThlLWQxYmI2YjRkZDcwMS8xL0ZMN2c2OUJyUzRF
dm5oTnhiaVh4dzhQUlRNWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEACUACAMEASUACgMEACUADgMEAVXK
qDANBgkqhkiG9w0BAQsFAAOCAQEAcUs9xCFH26NmHhHAr5/9L+3JWrJX+9opCPNx
1eb23tpV75XPzBgN5yWWJlkuR4aQ2vEnoZQwEJGO9Lah6WzaO8wWgyfSmGFd90kO
QjCuoMHQzfvwtvqZAO0BOxfinEWkvH65ER3qwbYhwmnKtKeoRMiPOUlV0T+cvFXE
L1d1zxb7V8GWOU+++/yit/ohuE4VYMNn4aCKcGOgJcFq2+bgE0ZO0LUB8VBKZdLH
5PgFrTExhpJD0JsXizgfxSKrJKiQWoaLRx7QnRz5bvPDq5doJr9CkTVeOUup9PHO
iYdrPlLmo4pQ8fFEF9Clfq8HGN3Nmep8lj/dLKDpJGqZYoK34A==
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:15:26 2025 by rpki-client