Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/69c389-17c9-4461-a390-7aa290e857e9/1/tJvaHzou4fCPmiSsS9F1ZCYrXeI.roa
File: tJvaHzou4fCPmiSsS9F1ZCYrXeI.roa (raw, json)
Hash identifier: tXxP/mgWK5DGBakplNeMTjmcbczDErBPuPL0/8mrHzE=
Subject key identifier: B4:9B:DA:1F:3A:2E:E1:F0:8F:9A:24:AC:4B:D1:75:64:26:2B:5D:E2
Certificate issuer: /CN=19ac1498860e2bb0958173854bd04c869a369017
Certificate serial: 018571B0D1636D30F71EF50FF3B3D24F2567
Authority key identifier: 19:AC:14:98:86:0E:2B:B0:95:81:73:85:4B:D0:4C:86:9A:36:90:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GawUmIYOK7CVgXOFS9BMhpo2kBc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/69c389-17c9-4461-a390-7aa290e857e9/1/tJvaHzou4fCPmiSsS9F1ZCYrXeI.roa
Signing time: Mon 02 Jan 2023 08:54:51 +0000
ROA not before: Mon 02 Jan 2023 08:54:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 136258
IP address blocks: 37.143.130.0/24 maxlen: 24
37.143.128.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:b0:d1:63:6d:30:f7:1e:f5:0f:f3:b3:d2:4f:25:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19ac1498860e2bb0958173854bd04c869a369017
Validity
Not Before: Jan 2 08:54:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b49bda1f3a2ee1f08f9a24ac4bd17564262b5de2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:f5:09:9b:4f:32:25:f7:bc:7e:9e:63:8d:ba:
c1:80:c2:8e:cc:b4:39:60:cd:68:2b:2c:d2:33:8d:
a2:67:14:96:7a:67:a1:a5:9c:8e:02:30:ec:55:53:
09:e2:c2:fa:8f:04:76:a9:42:63:32:93:97:5b:8c:
f4:6a:a2:ca:e2:89:fb:5e:53:2a:e3:3f:bd:65:6b:
79:09:8a:de:6a:32:78:22:ae:1f:be:77:c3:ce:bd:
cf:e6:05:23:08:c7:b3:45:d6:e5:b9:33:8f:88:60:
4e:10:07:0c:3f:26:c0:84:28:73:58:7e:2f:35:7a:
cf:d4:27:b2:9e:95:3b:4e:5c:58:26:49:17:56:68:
40:83:8c:68:e3:3a:26:25:35:45:12:48:82:38:e7:
5b:06:79:c6:b0:61:68:74:a0:13:bf:f9:8d:a9:b9:
0c:9f:0a:9f:45:e6:54:ca:2a:83:ab:4b:50:70:9f:
9e:74:7a:67:00:6f:e0:1f:31:39:7f:d4:d0:e7:af:
b6:22:89:36:22:de:8e:90:45:82:16:ef:9d:5d:a2:
b4:a5:e9:46:ff:0f:73:75:6c:5d:9e:ca:a7:62:01:
79:cd:18:9c:27:85:94:91:d7:43:a2:99:51:f4:0c:
ed:71:46:34:da:d0:c4:6a:76:9f:39:c8:93:c2:1f:
82:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:9B:DA:1F:3A:2E:E1:F0:8F:9A:24:AC:4B:D1:75:64:26:2B:5D:E2
X509v3 Authority Key Identifier:
keyid:19:AC:14:98:86:0E:2B:B0:95:81:73:85:4B:D0:4C:86:9A:36:90:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GawUmIYOK7CVgXOFS9BMhpo2kBc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/69c389-17c9-4461-a390-7aa290e857e9/1/tJvaHzou4fCPmiSsS9F1ZCYrXeI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/69c389-17c9-4461-a390-7aa290e857e9/1/GawUmIYOK7CVgXOFS9BMhpo2kBc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.143.128.0/24
37.143.130.0/24
Signature Algorithm: sha256WithRSAEncryption
37:11:f6:c3:5e:20:e2:fc:1f:65:8a:a4:5e:6f:ea:ba:bc:55:
47:34:59:55:ad:c7:48:56:cd:e1:29:bb:fa:d9:42:ed:cc:e7:
d8:4c:72:ef:dd:89:d1:5a:da:40:6a:68:00:b0:2f:96:e6:d9:
c3:af:82:43:a4:e2:1c:f1:90:1d:17:93:a4:92:88:a7:ed:8a:
00:1c:3a:8c:eb:df:5f:91:b5:d0:0a:03:22:44:37:bd:cd:ab:
08:21:db:ff:a8:e7:bb:8f:49:12:43:15:40:54:4d:28:ff:a1:
ea:68:5d:e0:47:5f:56:03:0e:25:e5:95:3b:d4:12:ca:91:c3:
b3:aa:56:31:4b:3a:29:4a:c5:35:04:07:06:b2:68:10:2e:ae:
f2:b9:d3:d9:52:dc:31:6c:1a:dd:4f:b3:53:19:a0:f6:a8:c8:
45:a1:71:65:5f:3e:8f:89:2d:09:b5:91:8c:e3:97:74:73:3e:
47:2d:5d:50:52:2c:52:82:06:36:fc:36:8f:f7:85:ad:cc:be:
17:1f:fe:38:ec:69:47:b4:19:f9:ad:e2:36:db:60:8b:22:b6:
e3:6c:9b:f5:99:68:d6:b4:2d:df:c7:35:17:af:c1:d1:4f:6d:
9f:e9:44:ac:be:7c:f5:85:89:8f:31:12:37:02:fc:b7:86:c6:
9e:1a:e2:1d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVxsNFjbTD3HvUP87PSTyVnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5YWMxNDk4ODYwZTJiYjA5NTgxNzM4NTRiZDA0Yzg2OWEz
NjkwMTcwHhcNMjMwMTAyMDg1NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDliZGExZjNhMmVlMWYwOGY5YTI0YWM0YmQxNzU2NDI2MmI1ZGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAivUJm08yJfe8fp5jjbrBgMKOzLQ5
YM1oKyzSM42iZxSWemehpZyOAjDsVVMJ4sL6jwR2qUJjMpOXW4z0aqLK4on7XlMq
4z+9ZWt5CYreajJ4Iq4fvnfDzr3P5gUjCMezRdbluTOPiGBOEAcMPybAhChzWH4v
NXrP1CeynpU7TlxYJkkXVmhAg4xo4zomJTVFEkiCOOdbBnnGsGFodKATv/mNqbkM
nwqfReZUyiqDq0tQcJ+edHpnAG/gHzE5f9TQ56+2Iok2It6OkEWCFu+dXaK0pelG
/w9zdWxdnsqnYgF5zRicJ4WUkddDoplR9AztcUY02tDEanafOciTwh+CNwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLSb2h86LuHwj5okrEvRdWQmK13iMB8GA1UdIwQY
MBaAFBmsFJiGDiuwlYFzhUvQTIaaNpAXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2F3VW1JWU9LN0NWZ1hPRlM5Qk1ocG8ya0JjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82OWMzODktMTdjOS00NDYxLWEzOTAt
N2FhMjkwZTg1N2U5LzEvdEp2YUh6b3U0ZkNQbWlTc1M5RjFaQ1lyWGVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82OWMzODktMTdjOS00NDYxLWEzOTAtN2FhMjkwZTg1N2U5
LzEvR2F3VW1JWU9LN0NWZ1hPRlM5Qk1ocG8ya0JjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAJY+AAwQA
JY+CMA0GCSqGSIb3DQEBCwUAA4IBAQA3EfbDXiDi/B9liqReb+q6vFVHNFlVrcdI
Vs3hKbv62ULtzOfYTHLv3YnRWtpAamgAsC+W5tnDr4JDpOIc8ZAdF5Okkoin7YoA
HDqM699fkbXQCgMiRDe9zasIIdv/qOe7j0kSQxVAVE0o/6HqaF3gR19WAw4l5ZU7
1BLKkcOzqlYxSzopSsU1BAcGsmgQLq7yudPZUtwxbBrdT7NTGaD2qMhFoXFlXz6P
iS0JtZGM45d0cz5HLV1QUixSggY2/DaP94WtzL4XH/447GlHtBn5reI222CLIrbj
bJv1mWjWtC3fxzUXr8HRT22f6USsvnz1hYmPMRI3Avy3hsaeGuId
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:47:04 2025 by rpki-client