Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/79733f-5332-451b-86af-142a2b98f4c8/1/zI25zBPhVh_3iQlUTYweDJ7ZHL8.roa
File: zI25zBPhVh_3iQlUTYweDJ7ZHL8.roa (raw, json)
Hash identifier: KCaGW41beCDjUmrESOZPW8q3r4r59kfsSC872/k/XC0=
Subject key identifier: CC:8D:B9:CC:13:E1:56:1F:F7:89:09:54:4D:8C:1E:0C:9E:D9:1C:BF
Certificate issuer: /CN=1c020297839c7390df20251a5c0930e6a672bee3
Certificate serial: 018AB0CEFE593B8FB8BC75B415E71E3AD1C9
Authority key identifier: 1C:02:02:97:83:9C:73:90:DF:20:25:1A:5C:09:30:E6:A6:72:BE:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HAICl4Occ5DfICUaXAkw5qZyvuM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/79733f-5332-451b-86af-142a2b98f4c8/1/zI25zBPhVh_3iQlUTYweDJ7ZHL8.roa
Signing time: Wed 20 Sep 2023 04:17:50 +0000
ROA not before: Wed 20 Sep 2023 04:17:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50558
IP address blocks: 37.32.112.0/20 maxlen: 20
37.32.112.0/21 maxlen: 21
37.32.120.0/21 maxlen: 21
185.49.96.0/24 maxlen: 24
185.49.96.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:b0:ce:fe:59:3b:8f:b8:bc:75:b4:15:e7:1e:3a:d1:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c020297839c7390df20251a5c0930e6a672bee3
Validity
Not Before: Sep 20 04:17:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cc8db9cc13e1561ff78909544d8c1e0c9ed91cbf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:ee:ae:af:86:22:34:b3:5c:21:75:15:e2:10:
63:96:d1:50:33:48:0b:47:45:09:3c:0a:81:fa:a1:
c3:14:c8:74:c5:d1:e7:68:30:da:d0:e1:d7:28:23:
f7:4c:01:2f:00:34:ef:83:ad:5a:ec:0b:52:79:07:
42:ec:5c:26:1d:7e:11:52:6a:27:3e:ed:f1:5a:3d:
5b:93:d3:2d:f6:83:a7:fd:3a:59:81:21:fc:73:71:
27:ef:89:a3:c2:1b:e8:04:38:45:7d:f7:e9:14:55:
a7:9e:33:c9:77:00:9d:e2:3a:f0:3a:2d:9f:ed:d4:
d2:d2:4c:eb:7c:e2:1d:13:35:e4:64:be:14:df:0b:
36:a5:a4:35:51:72:a9:fb:d9:51:69:65:87:e4:30:
31:a2:e5:d6:72:69:b2:af:4d:98:1a:41:90:ed:c4:
76:f9:ff:8b:a6:7b:d0:c8:fb:80:28:a5:59:de:01:
18:d5:f9:77:21:29:f5:d6:99:81:14:60:4c:26:ec:
dc:96:55:06:47:6d:d8:15:43:c7:21:da:df:e6:cd:
d3:bd:8d:5a:5f:0f:a6:f1:a7:2f:4a:60:92:81:af:
47:aa:7e:e9:6b:d9:61:15:cf:85:92:bb:9d:51:1d:
6c:91:9f:75:a4:e9:7d:06:ad:77:e8:e1:f6:b0:1e:
8d:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:8D:B9:CC:13:E1:56:1F:F7:89:09:54:4D:8C:1E:0C:9E:D9:1C:BF
X509v3 Authority Key Identifier:
keyid:1C:02:02:97:83:9C:73:90:DF:20:25:1A:5C:09:30:E6:A6:72:BE:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HAICl4Occ5DfICUaXAkw5qZyvuM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/79733f-5332-451b-86af-142a2b98f4c8/1/zI25zBPhVh_3iQlUTYweDJ7ZHL8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/79733f-5332-451b-86af-142a2b98f4c8/1/HAICl4Occ5DfICUaXAkw5qZyvuM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.32.112.0/20
185.49.96.0/22
Signature Algorithm: sha256WithRSAEncryption
61:5b:85:10:08:fe:eb:cc:df:4d:d0:7e:17:7a:88:62:e0:a7:
c6:d1:03:68:d1:50:85:27:62:42:28:d9:84:64:01:d9:3e:66:
8e:f1:ae:ba:c9:8b:41:c3:d6:46:85:10:bb:c9:8b:92:c6:cd:
9a:b5:cb:43:b2:2f:b4:f5:1b:1e:d1:67:77:cb:34:53:dc:56:
0f:e2:d7:25:14:9e:bd:3e:ef:b4:81:b2:03:3f:4b:60:f7:57:
86:3b:88:24:42:91:7d:1c:14:53:79:89:c5:04:d7:29:78:9c:
74:c6:3c:c7:20:e9:f6:e9:5d:38:32:1f:9e:ce:d7:91:07:b8:
11:71:ab:fe:44:20:48:82:d0:af:4b:95:8d:98:84:6e:00:9e:
08:5e:ff:96:65:b5:a1:6d:9d:66:26:54:f7:2b:8e:2a:93:65:
38:86:9f:1d:ec:02:a1:0c:8d:92:5e:69:2b:20:1f:e6:aa:3f:
e1:06:6b:f4:af:8b:2e:84:b7:9e:3b:79:8e:47:e4:0b:ae:a5:
eb:b1:d6:76:bb:be:dd:f9:24:38:03:5f:b9:37:9f:5e:7e:a4:
3f:83:77:24:72:7a:a4:df:fa:3c:fa:5b:31:9a:a6:e1:a6:cd:
b1:da:d4:2d:5d:7a:31:51:01:f2:71:59:97:4d:c6:07:5c:a7:
70:00:3b:aa
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYqwzv5ZO4+4vHW0FeceOtHJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMDIwMjk3ODM5YzczOTBkZjIwMjUxYTVjMDkzMGU2YTY3
MmJlZTMwHhcNMjMwOTIwMDQxNzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzhkYjljYzEzZTE1NjFmZjc4OTA5NTQ0ZDhjMWUwYzllZDkxY2JmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxu6ur4YiNLNcIXUV4hBjltFQM0gL
R0UJPAqB+qHDFMh0xdHnaDDa0OHXKCP3TAEvADTvg61a7AtSeQdC7FwmHX4RUmon
Pu3xWj1bk9Mt9oOn/TpZgSH8c3En74mjwhvoBDhFfffpFFWnnjPJdwCd4jrwOi2f
7dTS0kzrfOIdEzXkZL4U3ws2paQ1UXKp+9lRaWWH5DAxouXWcmmyr02YGkGQ7cR2
+f+LpnvQyPuAKKVZ3gEY1fl3ISn11pmBFGBMJuzcllUGR23YFUPHIdrf5s3TvY1a
Xw+m8acvSmCSga9Hqn7pa9lhFc+FkrudUR1skZ91pOl9Bq136OH2sB6NRwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMyNucwT4VYf94kJVE2MHgye2Ry/MB8GA1UdIwQY
MBaAFBwCApeDnHOQ3yAlGlwJMOamcr7jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEFJQ2w0T2NjNURmSUNVYVhBa3c1cVp5dnVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy83OTczM2YtNTMzMi00NTFiLTg2YWYt
MTQyYTJiOThmNGM4LzEvekkyNXpCUGhWaF8zaVFsVVRZd2VESjdaSEw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy83OTczM2YtNTMzMi00NTFiLTg2YWYtMTQyYTJiOThmNGM4
LzEvSEFJQ2w0T2NjNURmSUNVYVhBa3c1cVp5dnVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEJSBwAwQC
uTFgMA0GCSqGSIb3DQEBCwUAA4IBAQBhW4UQCP7rzN9N0H4Xeohi4KfG0QNo0VCF
J2JCKNmEZAHZPmaO8a66yYtBw9ZGhRC7yYuSxs2atctDsi+09Rse0Wd3yzRT3FYP
4tclFJ69Pu+0gbIDP0tg91eGO4gkQpF9HBRTeYnFBNcpeJx0xjzHIOn26V04Mh+e
zteRB7gRcav+RCBIgtCvS5WNmIRuAJ4IXv+WZbWhbZ1mJlT3K44qk2U4hp8d7AKh
DI2SXmkrIB/mqj/hBmv0r4suhLeeO3mOR+QLrqXrsdZ2u77d+SQ4A1+5N59efqQ/
g3ckcnqk3/o8+lsxmqbhps2x2tQtXXoxUQHycVmXTcYHXKdwADuq
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:33:07 2025 by rpki-client