Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/D0vG1G14SxgyLQH1lo4ifs9nJFE.roa
File: D0vG1G14SxgyLQH1lo4ifs9nJFE.roa (raw, json)
Hash identifier: JsRVnHkNZf/1/YBkUSeN0kN3MO8uPXSGhHjmVEDd48Y=
Subject key identifier: 0F:4B:C6:D4:6D:78:4B:18:32:2D:01:F5:96:8E:22:7E:CF:67:24:51
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 3F2784
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/D0vG1G14SxgyLQH1lo4ifs9nJFE.roa
Signing time: Sat 26 Mar 2022 13:08:13 +0000
ROA not before: Sat 26 Mar 2022 13:08:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51737
IP address blocks: 37.34.80.0/21 maxlen: 21
37.34.80.0/20 maxlen: 20
37.34.88.0/21 maxlen: 21
46.20.208.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4138884 (0x3f2784)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Mar 26 13:08:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0f4bc6d46d784b18322d01f5968e227ecf672451
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:5e:a3:56:13:b0:81:51:e7:91:fd:5c:29:cf:
87:ef:57:7c:f9:a7:f7:77:56:20:8f:aa:1d:05:b0:
ca:e6:2a:3d:d0:b8:e2:97:24:dd:c7:7b:96:2a:e1:
8b:fa:89:c9:45:af:c8:bc:d4:50:b9:54:17:65:b0:
c7:d2:07:b1:7f:f7:1f:bd:98:5b:92:2e:7b:2f:a5:
eb:28:b9:88:ad:43:45:9d:a7:92:c6:28:d6:4c:12:
4a:e9:e4:90:91:2f:b6:9f:10:de:67:08:aa:bc:4d:
b3:85:d3:54:28:0f:04:93:03:67:f2:e8:5c:c3:96:
e1:44:77:fc:52:1a:05:fb:79:4c:ed:33:bb:b9:6e:
d3:b9:04:63:08:19:bd:61:54:93:32:8f:55:6e:95:
c6:11:21:4e:07:93:f3:d8:b6:de:54:30:3e:df:73:
9a:19:95:83:64:69:6d:93:70:f9:21:60:1c:68:0e:
67:06:4d:31:81:b2:98:95:b9:4b:4b:4b:02:d5:7a:
5d:19:1c:2c:35:80:50:91:3f:dc:a9:d0:ba:3d:fa:
fa:31:2e:74:0b:f1:a4:83:34:fa:2a:b1:c5:16:c4:
da:0f:57:a8:2b:bb:cb:8d:e6:1c:59:b7:3a:c6:b6:
a7:c0:f0:4e:8b:05:57:cf:2c:89:a0:27:e3:7a:49:
84:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:4B:C6:D4:6D:78:4B:18:32:2D:01:F5:96:8E:22:7E:CF:67:24:51
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/D0vG1G14SxgyLQH1lo4ifs9nJFE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.34.80.0/20
46.20.208.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:2c:25:98:9b:b4:11:40:68:9e:57:3b:43:7e:af:6a:7c:44:
25:e6:08:da:47:cf:47:19:28:e5:f7:8d:d6:79:3b:69:0d:45:
9f:04:ac:e1:8a:c8:29:5d:2d:a8:15:9a:bc:a8:5f:5a:1e:da:
22:54:1d:84:57:a8:bd:21:0f:90:15:b8:35:6e:cd:ff:20:56:
f8:ee:91:ee:fc:31:54:1d:29:b4:e4:fc:95:29:f2:99:45:44:
4d:9a:34:08:e2:7d:e6:12:26:d5:03:e4:87:5b:de:9c:6a:d7:
9a:7f:b6:aa:fb:ac:7b:fc:63:4b:34:72:be:03:d3:df:eb:59:
e2:42:2d:f9:c6:88:8c:e8:56:d7:b6:89:c0:80:3a:13:7f:2f:
2d:8c:d6:ae:fd:70:89:f6:05:ae:99:57:ca:2f:1d:cc:5a:a9:
9c:ef:82:54:3e:7b:40:00:a2:0c:cd:47:17:d3:d0:80:68:d0:
64:bf:f1:95:a2:72:d6:dd:a8:3d:2a:a8:1d:f3:7b:d6:4d:7e:
9d:47:fc:7c:40:b3:cb:52:cc:25:06:cb:ab:bb:7d:7e:50:dc:
61:1e:44:4d:18:40:78:bb:2c:89:9e:1d:e2:fc:8a:f2:7f:d7:
ca:d0:9d:ed:2b:51:7a:af:05:9b:f8:36:35:57:5b:d7:48:ab:
81:44:c7:45
-----BEGIN CERTIFICATE-----
MIIE9DCCA9ygAwIBAgIDPyeEMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDg2
Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2N2IxZTQwHhcNMjIwMzI2
MTMwODEzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygwZjRiYzZkNDZkNzg0
YjE4MzIyZDAxZjU5NjhlMjI3ZWNmNjcyNDUxMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAmF6jVhOwgVHnkf1cKc+H71d8+af3d1Ygj6odBbDK5io90Lji
lyTdx3uWKuGL+onJRa/IvNRQuVQXZbDH0gexf/cfvZhbki57L6XrKLmIrUNFnaeS
xijWTBJK6eSQkS+2nxDeZwiqvE2zhdNUKA8EkwNn8uhcw5bhRHf8UhoF+3lM7TO7
uW7TuQRjCBm9YVSTMo9VbpXGESFOB5Pz2LbeVDA+33OaGZWDZGltk3D5IWAcaA5n
Bk0xgbKYlblLS0sC1XpdGRwsNYBQkT/cqdC6Pfr6MS50C/GkgzT6KrHFFsTaD1eo
K7vLjeYcWbc6xranwPBOiwVXzyyJoCfjekmEBwIDAQABo4ICDzCCAgswHQYDVR0O
BBYEFA9LxtRteEsYMi0B9ZaOIn7PZyRRMB8GA1UdIwQYMBaAFIbM4G5w35cNkKv+
PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
aHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4LzEv
RDB2RzFHMTRTeGd5TFFIMWxvNGlmczluSkZFLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82
NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4LzEvaHN6Z2JuRGZsdzJR
cV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUG
CCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEJSJQAwQALhTQMA0GCSqGSIb3DQEB
CwUAA4IBAQAKLCWYm7QRQGieVztDfq9qfEQl5gjaR89HGSjl943WeTtpDUWfBKzh
isgpXS2oFZq8qF9aHtoiVB2EV6i9IQ+QFbg1bs3/IFb47pHu/DFUHSm05PyVKfKZ
RURNmjQI4n3mEibVA+SHW96cateaf7aq+6x7/GNLNHK+A9Pf61niQi35xoiM6FbX
tonAgDoTfy8tjNau/XCJ9gWumVfKLx3MWqmc74JUPntAAKIMzUcX09CAaNBkv/GV
onLW3ag9Kqgd83vWTX6dR/x8QLPLUswlBsuru31+UNxhHkRNGEB4uyyJnh3i/Iry
f9fK0J3tK1F6rwWb+DY1V1vXSKuBRMdF
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:47 2024 by rpki-client on console-ams.rpki-client.org