Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/30cd0a-93cf-45dc-9356-14a09993d671/1/x72s0tP-xV_ysX979x0KJMaJPCs.roa
File: x72s0tP-xV_ysX979x0KJMaJPCs.roa (raw, json)
Hash identifier: ELpmqmCDZUElQa8eg7jSIudkivivqHbFG26K91EkeNs=
Subject key identifier: C7:BD:AC:D2:D3:FE:C5:5F:F2:B1:7F:7B:F7:1D:0A:24:C6:89:3C:2B
Certificate issuer: /CN=510b419f0c17b4c8be217f64388d268d14dc261e
Certificate serial: 018330EB30612A14B718F850C8E6094977C4
Authority key identifier: 51:0B:41:9F:0C:17:B4:C8:BE:21:7F:64:38:8D:26:8D:14:DC:26:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UQtBnwwXtMi-IX9kOI0mjRTcJh4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/30cd0a-93cf-45dc-9356-14a09993d671/1/x72s0tP-xV_ysX979x0KJMaJPCs.roa
Signing time: Mon 12 Sep 2022 08:57:43 +0000
ROA not before: Mon 12 Sep 2022 08:57:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207990
IP address blocks: 43.252.28.0/22 maxlen: 32
37.61.226.0/24 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:30:eb:30:61:2a:14:b7:18:f8:50:c8:e6:09:49:77:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=510b419f0c17b4c8be217f64388d268d14dc261e
Validity
Not Before: Sep 12 08:57:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c7bdacd2d3fec55ff2b17f7bf71d0a24c6893c2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:84:f7:ba:8c:53:0e:7b:c3:92:6e:0a:5d:0e:
ac:8a:e0:29:2f:a4:7d:dd:90:d5:9a:44:71:76:2e:
98:46:c8:a3:29:dd:f9:a4:c4:65:47:89:4d:24:0c:
1f:3d:7d:f7:4e:41:92:46:bf:65:59:8f:d6:db:fb:
fd:1d:6a:16:5b:5a:b5:64:80:5f:f4:32:dc:0d:9c:
d6:d6:5e:6a:fb:bd:cc:1f:d4:98:e9:26:ac:f9:b2:
a6:3d:6a:ec:6d:c1:16:69:71:c1:33:e8:76:07:d0:
65:83:e3:84:d5:5e:30:7a:1e:5c:d6:56:0a:36:4b:
0a:87:86:59:25:cd:c3:96:a6:c8:fb:1e:6f:37:76:
55:21:9d:9d:34:36:8f:ca:6c:74:02:a9:cd:03:8c:
71:dc:39:0e:e9:89:cf:b9:71:7f:62:5e:a8:2b:7f:
ac:f1:da:29:25:11:7e:3a:21:77:1f:9e:ca:07:29:
53:fc:8e:35:59:d8:19:ed:88:7f:77:1b:66:77:18:
2b:77:b1:47:ed:30:1c:43:de:03:73:47:f0:89:b8:
e7:34:9c:4e:a0:72:e8:57:72:38:54:dd:3f:1c:1a:
f0:9f:d2:a6:84:0a:1a:7a:36:e3:8b:0a:ab:bc:9d:
00:5e:f5:e2:8e:3d:9f:b4:ee:83:57:96:4c:c6:21:
0d:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:BD:AC:D2:D3:FE:C5:5F:F2:B1:7F:7B:F7:1D:0A:24:C6:89:3C:2B
X509v3 Authority Key Identifier:
keyid:51:0B:41:9F:0C:17:B4:C8:BE:21:7F:64:38:8D:26:8D:14:DC:26:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UQtBnwwXtMi-IX9kOI0mjRTcJh4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/30cd0a-93cf-45dc-9356-14a09993d671/1/x72s0tP-xV_ysX979x0KJMaJPCs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/30cd0a-93cf-45dc-9356-14a09993d671/1/UQtBnwwXtMi-IX9kOI0mjRTcJh4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.61.226.0/24
43.252.28.0/22
Signature Algorithm: sha256WithRSAEncryption
70:4f:98:9e:01:0b:6a:b4:2a:1b:ba:9a:98:60:42:5e:03:ba:
33:59:ea:6a:02:aa:1e:e7:4a:bc:9e:3f:09:86:b5:7f:d2:71:
8b:6c:ad:31:bb:14:b0:8b:33:18:2d:0a:04:93:09:25:e2:55:
0e:84:3d:cd:f5:00:bf:6d:01:c6:6f:b5:74:2d:13:e3:f6:a7:
fa:1f:eb:6c:26:8d:e9:c8:b0:ec:75:9a:aa:80:14:92:b8:dc:
22:66:40:5c:95:b8:ba:42:66:98:e4:11:ec:59:ed:dc:fa:fd:
06:ad:e9:a7:93:eb:59:fa:0a:4d:b9:9e:a7:c2:6a:ac:cf:b8:
7a:b9:e0:e8:87:6d:4a:aa:1f:fa:24:71:94:54:26:4a:e0:55:
b9:3c:8e:c8:78:be:ce:89:c2:10:71:e6:d6:bf:ea:85:a9:7a:
2f:52:13:53:77:6a:00:a3:2d:d4:fb:27:b2:0b:38:a3:62:5d:
3e:fe:87:25:86:14:41:e6:19:bf:6d:48:fe:d9:39:0d:1c:3b:
eb:c6:b1:af:41:bd:cf:99:e3:6c:16:6f:f6:2b:d1:5c:cf:15:
31:f8:f4:05:34:2a:16:9f:be:a3:f2:dc:32:63:9c:ad:3d:1d:
5e:20:ac:ff:94:09:d2:fc:90:f2:69:61:69:2b:65:52:17:92:
e5:d0:6b:c5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYMw6zBhKhS3GPhQyOYJSXfEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxMGI0MTlmMGMxN2I0YzhiZTIxN2Y2NDM4OGQyNjhkMTRk
YzI2MWUwHhcNMjIwOTEyMDg1NzQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjN2JkYWNkMmQzZmVjNTVmZjJiMTdmN2JmNzFkMGEyNGM2ODkzYzJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmYT3uoxTDnvDkm4KXQ6siuApL6R9
3ZDVmkRxdi6YRsijKd35pMRlR4lNJAwfPX33TkGSRr9lWY/W2/v9HWoWW1q1ZIBf
9DLcDZzW1l5q+73MH9SY6Sas+bKmPWrsbcEWaXHBM+h2B9Blg+OE1V4weh5c1lYK
NksKh4ZZJc3DlqbI+x5vN3ZVIZ2dNDaPymx0AqnNA4xx3DkO6YnPuXF/Yl6oK3+s
8dopJRF+OiF3H57KBylT/I41WdgZ7Yh/dxtmdxgrd7FH7TAcQ94Dc0fwibjnNJxO
oHLoV3I4VN0/HBrwn9KmhAoaejbjiwqrvJ0AXvXijj2ftO6DV5ZMxiENwwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMe9rNLT/sVf8rF/e/cdCiTGiTwrMB8GA1UdIwQY
MBaAFFELQZ8MF7TIviF/ZDiNJo0U3CYeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVF0Qm53d1h0TWktSVg5a09JMG1qUlRjSmg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC8zMGNkMGEtOTNjZi00NWRjLTkzNTYt
MTRhMDk5OTNkNjcxLzEveDcyczB0UC14Vl95c1g5Nzl4MEtKTWFKUENzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC8zMGNkMGEtOTNjZi00NWRjLTkzNTYtMTRhMDk5OTNkNjcx
LzEvVVF0Qm53d1h0TWktSVg5a09JMG1qUlRjSmg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAJT3iAwQC
K/wcMA0GCSqGSIb3DQEBCwUAA4IBAQBwT5ieAQtqtCobupqYYEJeA7ozWepqAqoe
50q8nj8JhrV/0nGLbK0xuxSwizMYLQoEkwkl4lUOhD3N9QC/bQHGb7V0LRPj9qf6
H+tsJo3pyLDsdZqqgBSSuNwiZkBclbi6QmaY5BHsWe3c+v0Gremnk+tZ+gpNuZ6n
wmqsz7h6ueDoh21Kqh/6JHGUVCZK4FW5PI7IeL7OicIQcebWv+qFqXovUhNTd2oA
oy3U+yeyCzijYl0+/oclhhRB5hm/bUj+2TkNHDvrxrGvQb3PmeNsFm/2K9FczxUx
+PQFNCoWn76j8twyY5ytPR1eIKz/lAnS/JDyaWFpK2VSF5Ll0GvF
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:23:07 2025 by rpki-client