Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/79733f-5332-451b-86af-142a2b98f4c8/1/6kdGqSfN7-9cJgsLSOjeB18UdYg.roa
File: 6kdGqSfN7-9cJgsLSOjeB18UdYg.roa (raw, json)
Hash identifier: haFWsvBvCL148dIIXcpBLrHblHKxeu6LEfmAijeuuIo=
Subject key identifier: EA:47:46:A9:27:CD:EF:EF:5C:26:0B:0B:48:E8:DE:07:5F:14:75:88
Certificate issuer: /CN=1c020297839c7390df20251a5c0930e6a672bee3
Certificate serial: 0187245AB2B366F4DB7A65035B0DDF4FF183
Authority key identifier: 1C:02:02:97:83:9C:73:90:DF:20:25:1A:5C:09:30:E6:A6:72:BE:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HAICl4Occ5DfICUaXAkw5qZyvuM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/79733f-5332-451b-86af-142a2b98f4c8/1/6kdGqSfN7-9cJgsLSOjeB18UdYg.roa
Signing time: Mon 27 Mar 2023 18:35:36 +0000
ROA not before: Mon 27 Mar 2023 18:35:36 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50558
IP address blocks: 37.32.112.0/20 maxlen: 20
37.32.112.0/21 maxlen: 21
37.32.120.0/21 maxlen: 21
37.32.120.0/24 maxlen: 24
37.32.124.0/23 maxlen: 23
185.49.96.0/24 maxlen: 24
185.49.96.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:24:5a:b2:b3:66:f4:db:7a:65:03:5b:0d:df:4f:f1:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c020297839c7390df20251a5c0930e6a672bee3
Validity
Not Before: Mar 27 18:35:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ea4746a927cdefef5c260b0b48e8de075f147588
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:93:c4:5f:27:86:71:cd:cd:f8:f3:c6:c0:92:
d5:6c:62:1a:a5:02:1a:7e:d8:e6:9c:6d:f9:e2:94:
48:a3:04:03:fd:55:e6:9b:4d:67:98:0a:19:11:e0:
18:32:2a:29:44:8f:90:07:9f:92:8c:b0:d4:6d:71:
2d:10:8d:fb:46:25:26:0b:12:96:40:16:79:2e:a3:
8b:a2:9e:45:dd:26:61:cc:27:2d:19:b9:3c:fc:30:
61:a9:c7:f6:5b:7a:af:d7:e1:c9:76:0b:11:c4:4d:
fa:3e:ea:12:86:fd:d5:04:99:9a:7d:dc:8c:19:70:
b4:a4:81:bb:dd:71:66:5f:51:47:22:14:fc:8e:fa:
6b:a4:47:26:02:48:94:cb:0d:93:d0:6d:47:ea:28:
dc:b6:a9:4f:e9:98:84:65:4b:12:8f:67:f5:7f:f0:
cb:d6:1c:11:77:01:43:76:9e:88:53:06:c4:e9:2f:
82:9b:6c:5c:14:2a:34:f7:ed:c7:31:2f:19:91:46:
ca:7c:fb:87:de:41:8d:b2:c0:ef:c8:80:9b:f5:89:
9b:4b:66:b6:b9:f7:4c:3d:09:d7:57:ba:72:88:3c:
41:02:34:63:47:f3:a1:df:e9:ff:af:6f:8e:47:ff:
c3:40:db:39:a7:9e:11:6e:27:50:4a:69:f6:ad:b6:
73:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:47:46:A9:27:CD:EF:EF:5C:26:0B:0B:48:E8:DE:07:5F:14:75:88
X509v3 Authority Key Identifier:
keyid:1C:02:02:97:83:9C:73:90:DF:20:25:1A:5C:09:30:E6:A6:72:BE:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HAICl4Occ5DfICUaXAkw5qZyvuM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/79733f-5332-451b-86af-142a2b98f4c8/1/6kdGqSfN7-9cJgsLSOjeB18UdYg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/79733f-5332-451b-86af-142a2b98f4c8/1/HAICl4Occ5DfICUaXAkw5qZyvuM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.32.112.0/20
185.49.96.0/22
Signature Algorithm: sha256WithRSAEncryption
30:70:c7:0d:34:a5:9c:c7:80:fe:c5:71:0b:25:30:46:ad:82:
6c:2a:ae:45:3b:9e:69:4c:71:f8:51:cf:fe:7b:52:78:4f:5c:
4f:0c:f5:55:a4:89:97:9e:b4:ce:24:1e:b5:9d:19:b9:a5:48:
d6:c7:7c:fd:6a:ce:de:6f:e2:31:f8:d2:3e:43:7e:67:2c:11:
de:ac:5f:9e:34:21:5e:a9:ff:cf:5d:0e:98:ed:b1:38:ae:ac:
cd:56:91:5c:21:d1:72:3d:51:bb:64:35:c2:46:3d:15:ce:8a:
6c:ae:7c:06:59:2b:c7:33:87:3b:18:fd:f3:2d:8d:7c:81:e9:
81:2e:93:68:90:67:a6:ac:b1:dd:dd:68:fb:ec:61:53:90:db:
5e:3f:2e:ff:8e:96:13:52:e9:5b:52:bc:d3:90:19:21:ce:81:
25:2a:1e:1c:04:28:98:8d:0d:57:00:ac:1f:35:f6:90:ea:de:
b4:9a:ad:17:c7:8f:e6:cd:22:bc:77:86:d2:20:de:c1:75:ff:
4a:fd:9d:a9:d9:9b:52:c2:2c:db:76:9a:c2:b3:16:b2:fa:38:
03:55:9b:40:36:9d:b1:dc:e3:d9:ed:ae:47:86:ad:a4:b3:28:
4f:bb:00:c0:51:9e:0c:ed:8f:ec:c0:e6:43:d3:a9:f1:b5:a5:
76:f6:aa:b2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYckWrKzZvTbemUDWw3fT/GDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMDIwMjk3ODM5YzczOTBkZjIwMjUxYTVjMDkzMGU2YTY3
MmJlZTMwHhcNMjMwMzI3MTgzNTM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTQ3NDZhOTI3Y2RlZmVmNWMyNjBiMGI0OGU4ZGUwNzVmMTQ3NTg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyJPEXyeGcc3N+PPGwJLVbGIapQIa
ftjmnG354pRIowQD/VXmm01nmAoZEeAYMiopRI+QB5+SjLDUbXEtEI37RiUmCxKW
QBZ5LqOLop5F3SZhzCctGbk8/DBhqcf2W3qv1+HJdgsRxE36PuoShv3VBJmafdyM
GXC0pIG73XFmX1FHIhT8jvprpEcmAkiUyw2T0G1H6ijctqlP6ZiEZUsSj2f1f/DL
1hwRdwFDdp6IUwbE6S+Cm2xcFCo09+3HMS8ZkUbKfPuH3kGNssDvyICb9YmbS2a2
ufdMPQnXV7pyiDxBAjRjR/Oh3+n/r2+OR//DQNs5p54RbidQSmn2rbZzNQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOpHRqknze/vXCYLC0jo3gdfFHWIMB8GA1UdIwQY
MBaAFBwCApeDnHOQ3yAlGlwJMOamcr7jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEFJQ2w0T2NjNURmSUNVYVhBa3c1cVp5dnVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy83OTczM2YtNTMzMi00NTFiLTg2YWYt
MTQyYTJiOThmNGM4LzEvNmtkR3FTZk43LTljSmdzTFNPamVCMThVZFlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy83OTczM2YtNTMzMi00NTFiLTg2YWYtMTQyYTJiOThmNGM4
LzEvSEFJQ2w0T2NjNURmSUNVYVhBa3c1cVp5dnVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEJSBwAwQC
uTFgMA0GCSqGSIb3DQEBCwUAA4IBAQAwcMcNNKWcx4D+xXELJTBGrYJsKq5FO55p
THH4Uc/+e1J4T1xPDPVVpImXnrTOJB61nRm5pUjWx3z9as7eb+Ix+NI+Q35nLBHe
rF+eNCFeqf/PXQ6Y7bE4rqzNVpFcIdFyPVG7ZDXCRj0VzopsrnwGWSvHM4c7GP3z
LY18gemBLpNokGemrLHd3Wj77GFTkNtePy7/jpYTUulbUrzTkBkhzoElKh4cBCiY
jQ1XAKwfNfaQ6t60mq0Xx4/mzSK8d4bSIN7Bdf9K/Z2p2ZtSwizbdprCsxay+jgD
VZtANp2x3OPZ7a5Hhq2ksyhPuwDAUZ4M7Y/swOZD06nxtaV29qqy
-----END CERTIFICATE-----
Generated at Mon Apr 21 05:39:07 2025 by rpki-client