Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/SjhyKNZ6EZCDYsRyEJmP64Cax0k.roa
File: SjhyKNZ6EZCDYsRyEJmP64Cax0k.roa (raw, json)
Hash identifier: xWwkwcg5hElN9YMmlS+6ITAsm01o7f4RSnKEeqx4K00=
Subject key identifier: 4A:38:72:28:D6:7A:11:90:83:62:C4:72:10:99:8F:EB:80:9A:C7:49
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 3ECED2
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/SjhyKNZ6EZCDYsRyEJmP64Cax0k.roa
Signing time: Sat 26 Mar 2022 13:08:12 +0000
ROA not before: Sat 26 Mar 2022 13:08:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12975
IP address blocks: 37.34.83.0/24 maxlen: 24
37.34.82.0/24 maxlen: 24
37.34.81.0/24 maxlen: 24
37.34.80.0/24 maxlen: 24
46.20.213.0/24 maxlen: 24
46.20.212.0/24 maxlen: 24
46.20.211.0/24 maxlen: 24
46.20.210.0/24 maxlen: 24
46.20.209.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4116178 (0x3eced2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Mar 26 13:08:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4a387228d67a11908362c47210998feb809ac749
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:16:8e:72:9f:34:af:4f:b3:cf:44:b6:53:8e:
f1:e2:ad:be:d5:65:1c:01:1d:dc:1e:5d:09:2a:39:
ea:a4:db:e1:df:1f:c6:4a:0f:00:29:54:aa:80:b3:
6b:c7:53:f3:df:e5:11:2a:fa:f5:12:06:cb:99:9f:
cd:27:90:6c:44:3b:37:71:64:b2:86:2d:94:41:b3:
6f:9e:3d:9b:a1:4d:2c:11:79:23:0b:53:5b:4c:f2:
20:3c:ee:c7:30:7f:22:fd:d1:64:15:12:dc:8f:10:
2b:94:73:1e:12:b7:94:26:45:23:bd:fb:42:f3:ad:
9f:e7:ed:3d:76:48:57:a4:3d:84:ce:63:c8:bb:34:
d3:88:cf:3a:86:55:6e:78:36:71:10:9b:05:6c:7a:
3e:92:29:d9:80:1e:b8:e1:29:94:5a:de:9f:33:3e:
f7:55:5b:7d:17:06:57:21:38:02:ef:83:11:fb:a9:
c2:51:80:b5:ef:75:b2:84:55:b2:3a:97:7e:e7:e5:
e8:0a:40:72:19:85:59:6f:92:b3:eb:9f:18:4f:8d:
86:37:c9:51:1a:17:38:a2:10:5e:0d:c1:b4:eb:cf:
ff:28:f9:de:31:1c:7e:65:84:1e:2f:4e:16:60:04:
3c:d2:ca:d8:4f:8d:67:67:4a:61:d8:4b:ff:16:46:
69:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:38:72:28:D6:7A:11:90:83:62:C4:72:10:99:8F:EB:80:9A:C7:49
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/SjhyKNZ6EZCDYsRyEJmP64Cax0k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.34.80.0/22
46.20.209.0-46.20.213.255
Signature Algorithm: sha256WithRSAEncryption
6a:dc:10:c8:a3:c0:36:f2:89:5d:9c:ec:9b:90:07:e6:db:1b:
e7:21:9c:53:be:7c:93:5f:a1:59:91:41:4f:41:d1:9f:22:4a:
df:4e:35:1c:6e:a8:d0:ff:74:9f:be:6a:5b:ca:bc:fa:0e:54:
b4:3a:07:b9:63:97:6b:80:5c:99:72:3d:3e:bc:d8:dc:51:20:
7d:7d:6f:8a:37:2f:09:dc:c6:23:a9:74:7f:f0:b7:39:05:9d:
66:cd:84:38:66:04:fc:8c:e6:96:d2:07:ed:b2:6e:a4:58:2e:
de:75:3d:a8:e8:43:6f:62:0e:23:4a:de:5d:1e:a8:40:f7:dc:
c8:da:be:1c:bc:7e:3b:db:e8:80:b0:f4:e7:50:3b:5c:0e:d8:
68:3d:05:b9:a4:0d:e9:19:fe:54:5d:9a:a6:58:bb:18:38:26:
2a:c3:ee:a8:5b:86:dd:2e:04:09:a4:2c:f4:00:89:97:f7:55:
d9:f0:9d:07:07:1e:68:ed:60:4a:da:7e:b7:f3:f0:fe:4c:f3:
be:47:b4:78:c8:71:84:94:40:48:a1:43:15:65:18:ac:2e:60:
f3:c2:de:92:9c:47:cc:2a:79:40:e3:f7:dc:36:53:25:92:14:
ee:6c:89:03:5f:66:58:7c:e7:f3:b7:02:1f:d1:72:58:33:3f:
db:2c:74:98
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgIDPs7SMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDg2
Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2N2IxZTQwHhcNMjIwMzI2
MTMwODEyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg0YTM4NzIyOGQ2N2Ex
MTkwODM2MmM0NzIxMDk5OGZlYjgwOWFjNzQ5MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAlhaOcp80r0+zz0S2U47x4q2+1WUcAR3cHl0JKjnqpNvh3x/G
Sg8AKVSqgLNrx1Pz3+URKvr1EgbLmZ/NJ5BsRDs3cWSyhi2UQbNvnj2boU0sEXkj
C1NbTPIgPO7HMH8i/dFkFRLcjxArlHMeEreUJkUjvftC862f5+09dkhXpD2EzmPI
uzTTiM86hlVueDZxEJsFbHo+kinZgB644SmUWt6fMz73VVt9FwZXITgC74MR+6nC
UYC173WyhFWyOpd+5+XoCkByGYVZb5Kz658YT42GN8lRGhc4ohBeDcG068//KPne
MRx+ZYQeL04WYAQ80srYT41nZ0ph2Ev/FkZpTQIDAQABo4ICFzCCAhMwHQYDVR0O
BBYEFEo4cijWehGQg2LEchCZj+uAmsdJMB8GA1UdIwQYMBaAFIbM4G5w35cNkKv+
PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
aHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4LzEv
U2poeUtOWjZFWkNEWXNSeUVKbVA2NENheDBrLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82
NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4LzEvaHN6Z2JuRGZsdzJR
cV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC0G
CCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQCJSJQMAwDBAAuFNEDBAEuFNQwDQYJ
KoZIhvcNAQELBQADggEBAGrcEMijwDbyiV2c7JuQB+bbG+chnFO+fJNfoVmRQU9B
0Z8iSt9ONRxuqND/dJ++alvKvPoOVLQ6B7ljl2uAXJlyPT682NxRIH19b4o3Lwnc
xiOpdH/wtzkFnWbNhDhmBPyM5pbSB+2ybqRYLt51PajoQ29iDiNK3l0eqED33Mja
vhy8fjvb6ICw9OdQO1wO2Gg9BbmkDekZ/lRdmqZYuxg4JirD7qhbht0uBAmkLPQA
iZf3VdnwnQcHHmjtYErafrfz8P5M875HtHjIcYSUQEihQxVlGKwuYPPC3pKcR8wq
eUDj99w2UyWSFO5siQNfZlh85/O3Ah/RclgzP9ssdJg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:47 2024 by rpki-client on console-ams.rpki-client.org