Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/09aa61-87d7-4f53-9818-dec21eefa38b/1/PDhF8M0H0GJcTffv5C_gqvRdjpQ.roa
File: PDhF8M0H0GJcTffv5C_gqvRdjpQ.roa (raw, json)
Hash identifier: 7grp39H676QFDnO5INJljC1SfE8eAR9O7/jz5AhcydE=
Subject key identifier: 3C:38:45:F0:CD:07:D0:62:5C:4D:F7:EF:E4:2F:E0:AA:F4:5D:8E:94
Certificate issuer: /CN=d73492e4d25c3bbd0c5e20c5a85ecb22ec97360a
Certificate serial: 018571BA1E04928A76EC4BFE00EBF4FBF293
Authority key identifier: D7:34:92:E4:D2:5C:3B:BD:0C:5E:20:C5:A8:5E:CB:22:EC:97:36:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1zSS5NJcO70MXiDFqF7LIuyXNgo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/09aa61-87d7-4f53-9818-dec21eefa38b/1/PDhF8M0H0GJcTffv5C_gqvRdjpQ.roa
Signing time: Mon 02 Jan 2023 09:05:00 +0000
ROA not before: Mon 02 Jan 2023 09:05:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208715
IP address blocks: 37.140.252.0/24 maxlen: 25
185.200.132.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:ba:1e:04:92:8a:76:ec:4b:fe:00:eb:f4:fb:f2:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d73492e4d25c3bbd0c5e20c5a85ecb22ec97360a
Validity
Not Before: Jan 2 09:05:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3c3845f0cd07d0625c4df7efe42fe0aaf45d8e94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:2e:5b:3c:c9:60:d5:97:76:c2:ca:41:ed:f0:
9f:d3:3a:8a:90:3f:08:b3:f0:aa:0d:7a:cc:2d:a6:
d5:2e:56:2b:3a:ce:c5:4a:02:e6:72:01:56:da:b8:
41:b8:cf:a2:e4:6c:7b:25:79:e5:1a:85:4b:81:b7:
24:97:f2:ae:ce:8b:51:db:e8:d8:38:ce:bf:15:e2:
d6:e6:c9:e9:59:b2:ba:ec:5a:87:91:e0:a5:f7:35:
04:30:58:c7:84:55:24:9e:c5:1a:f2:fe:aa:ee:37:
ad:90:49:d9:48:45:6f:78:a6:c6:64:6e:eb:b0:10:
75:1a:9f:48:e3:68:81:18:2d:75:c2:28:42:51:05:
fe:11:0a:c2:83:90:e2:66:bd:59:e3:b3:81:4c:09:
ae:80:77:9f:42:48:47:de:26:bd:fe:49:b4:ad:03:
c2:92:74:11:84:47:31:fa:70:c5:83:48:09:71:43:
50:ba:04:e6:8a:6f:72:49:e7:8c:49:a8:d0:e4:8b:
19:84:71:ee:93:c4:c4:97:dd:0f:af:ef:ba:24:21:
0e:a9:a6:7c:1a:9f:d2:a0:a4:45:23:e3:60:08:ed:
57:7d:7a:e0:13:e0:e0:50:aa:2f:6b:af:6c:f2:fb:
5e:28:15:7f:b3:89:9b:e7:dc:99:9f:12:80:12:e7:
76:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:38:45:F0:CD:07:D0:62:5C:4D:F7:EF:E4:2F:E0:AA:F4:5D:8E:94
X509v3 Authority Key Identifier:
keyid:D7:34:92:E4:D2:5C:3B:BD:0C:5E:20:C5:A8:5E:CB:22:EC:97:36:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1zSS5NJcO70MXiDFqF7LIuyXNgo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/09aa61-87d7-4f53-9818-dec21eefa38b/1/PDhF8M0H0GJcTffv5C_gqvRdjpQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/09aa61-87d7-4f53-9818-dec21eefa38b/1/1zSS5NJcO70MXiDFqF7LIuyXNgo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.140.252.0/24
185.200.132.0/22
Signature Algorithm: sha256WithRSAEncryption
3d:70:db:86:e5:52:c5:8e:aa:21:b5:95:04:45:77:38:33:0a:
29:b0:fb:46:53:ec:97:80:c0:61:11:cb:a7:dd:69:ae:84:49:
6f:2d:a1:cd:a5:cd:05:3c:f0:d6:9b:ee:18:6e:a3:8f:92:66:
c8:9f:9c:a2:66:fe:f7:07:79:75:31:b7:92:d3:b4:bc:77:a0:
df:e0:66:64:5d:91:3f:24:8c:c4:53:50:bb:45:cb:84:db:bf:
f9:34:d0:06:ff:98:ef:e1:21:84:34:de:15:76:35:fd:4d:c7:
bf:6f:39:5d:cc:bd:fd:37:5d:91:50:79:ce:5d:e9:af:a6:e1:
87:dc:0e:7d:b4:cf:be:2f:39:ea:26:81:40:33:3e:05:69:2e:
6d:56:60:fb:29:40:b7:a5:4c:ac:59:d5:00:1f:fc:2f:47:77:
f4:31:d5:84:05:19:46:16:99:85:2c:dc:3e:6c:22:d1:aa:5b:
c0:a9:2e:3e:98:56:74:ab:ae:a8:f9:ef:c1:be:b4:82:d4:90:
72:f5:fe:61:04:3c:a7:41:7d:dc:75:ae:32:da:f7:15:22:35:
22:f7:8b:49:e8:42:c6:9d:af:d1:08:b0:92:98:88:1b:a2:74:
50:bd:b5:72:02:d5:ed:d2:da:ba:71:bc:4e:a7:ff:7e:d8:e7:
60:e3:87:03
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVxuh4Ekop27Ev+AOv0+/KTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3MzQ5MmU0ZDI1YzNiYmQwYzVlMjBjNWE4NWVjYjIyZWM5
NzM2MGEwHhcNMjMwMTAyMDkwNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzM4NDVmMGNkMDdkMDYyNWM0ZGY3ZWZlNDJmZTBhYWY0NWQ4ZTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnC5bPMlg1Zd2wspB7fCf0zqKkD8I
s/CqDXrMLabVLlYrOs7FSgLmcgFW2rhBuM+i5Gx7JXnlGoVLgbckl/KuzotR2+jY
OM6/FeLW5snpWbK67FqHkeCl9zUEMFjHhFUknsUa8v6q7jetkEnZSEVveKbGZG7r
sBB1Gp9I42iBGC11wihCUQX+EQrCg5DiZr1Z47OBTAmugHefQkhH3ia9/km0rQPC
knQRhEcx+nDFg0gJcUNQugTmim9ySeeMSajQ5IsZhHHuk8TEl90Pr++6JCEOqaZ8
Gp/SoKRFI+NgCO1XfXrgE+DgUKova69s8vteKBV/s4mb59yZnxKAEud2swIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDw4RfDNB9BiXE337+Qv4Kr0XY6UMB8GA1UdIwQY
MBaAFNc0kuTSXDu9DF4gxaheyyLslzYKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXpTUzVOSmNPNzBNWGlERnFGN0xJdXlYTmdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8wOWFhNjEtODdkNy00ZjUzLTk4MTgt
ZGVjMjFlZWZhMzhiLzEvUERoRjhNMEgwR0pjVGZmdjVDX2dxdlJkanBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8wOWFhNjEtODdkNy00ZjUzLTk4MTgtZGVjMjFlZWZhMzhi
LzEvMXpTUzVOSmNPNzBNWGlERnFGN0xJdXlYTmdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAJYz8AwQC
uciEMA0GCSqGSIb3DQEBCwUAA4IBAQA9cNuG5VLFjqohtZUERXc4MwopsPtGU+yX
gMBhEcun3WmuhElvLaHNpc0FPPDWm+4YbqOPkmbIn5yiZv73B3l1MbeS07S8d6Df
4GZkXZE/JIzEU1C7RcuE27/5NNAG/5jv4SGENN4VdjX9Tce/bzldzL39N12RUHnO
XemvpuGH3A59tM++LznqJoFAMz4FaS5tVmD7KUC3pUysWdUAH/wvR3f0MdWEBRlG
FpmFLNw+bCLRqlvAqS4+mFZ0q66o+e/BvrSC1JBy9f5hBDynQX3cda4y2vcVIjUi
94tJ6ELGna/RCLCSmIgbonRQvbVyAtXt0tq6cbxOp/9+2Odg44cD
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:37:30 2025 by rpki-client