Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/09aa61-87d7-4f53-9818-dec21eefa38b/1/pBe-gPZXHb7J41xpuMWhA8dCzsk.roa
File: pBe-gPZXHb7J41xpuMWhA8dCzsk.roa (raw, json)
Hash identifier: 5RjUr7NcMApR2GSYdk8jUj6kLeLvXxhC8Cv5gZFjyhU=
Subject key identifier: A4:17:BE:80:F6:57:1D:BE:C9:E3:5C:69:B8:C5:A1:03:C7:42:CE:C9
Certificate issuer: /CN=d73492e4d25c3bbd0c5e20c5a85ecb22ec97360a
Certificate serial: 01865AFB3AFC007BE059549290AD98BBD5B0
Authority key identifier: D7:34:92:E4:D2:5C:3B:BD:0C:5E:20:C5:A8:5E:CB:22:EC:97:36:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1zSS5NJcO70MXiDFqF7LIuyXNgo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/09aa61-87d7-4f53-9818-dec21eefa38b/1/pBe-gPZXHb7J41xpuMWhA8dCzsk.roa
Signing time: Thu 16 Feb 2023 16:07:39 +0000
ROA not before: Thu 16 Feb 2023 16:07:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208715
IP address blocks: 37.140.252.0/24 maxlen: 25
194.61.128.0/24 maxlen: 24
194.61.129.0/24 maxlen: 24
185.200.132.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:5a:fb:3a:fc:00:7b:e0:59:54:92:90:ad:98:bb:d5:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d73492e4d25c3bbd0c5e20c5a85ecb22ec97360a
Validity
Not Before: Feb 16 16:07:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a417be80f6571dbec9e35c69b8c5a103c742cec9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:4b:f3:73:85:9a:67:a2:46:70:61:e8:3f:a4:
3d:fb:d2:67:37:be:1c:7c:a1:fa:a1:81:31:20:8f:
15:09:0e:b7:9c:58:01:7d:fd:77:88:02:c4:fc:27:
cc:03:93:55:87:e7:0c:a6:bb:4e:9f:86:02:95:4c:
e1:14:e6:ea:be:bc:6f:07:7a:2e:83:39:16:37:2d:
60:7e:c6:b2:5c:e9:aa:90:76:ea:e9:09:50:53:0d:
cd:a6:a4:3b:e5:19:a7:d0:53:f5:05:82:0b:63:2e:
b1:f8:bd:17:07:20:32:58:56:8f:76:1e:dc:cc:5d:
24:92:7c:98:8d:6c:74:96:1c:31:60:de:d5:b4:fd:
74:ac:d5:cb:57:80:57:24:c8:89:91:af:ca:6f:3e:
8b:73:da:bd:bf:d1:ff:f1:07:2f:c1:fb:cb:8b:d9:
26:f6:2a:ac:83:fe:50:cb:56:7e:0b:77:a7:f3:52:
34:05:35:31:f5:67:6b:1d:3e:8a:a7:73:f8:0e:0f:
0b:51:87:7d:bc:d2:d3:1f:49:ad:22:32:00:04:8f:
ab:b1:32:51:82:3d:62:7e:86:d0:b1:14:45:1c:a2:
50:3a:3e:c8:d8:cc:94:29:ed:a6:df:4e:d0:9e:6c:
96:a6:01:87:ae:49:21:bf:23:df:4e:96:bb:1a:10:
be:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:17:BE:80:F6:57:1D:BE:C9:E3:5C:69:B8:C5:A1:03:C7:42:CE:C9
X509v3 Authority Key Identifier:
keyid:D7:34:92:E4:D2:5C:3B:BD:0C:5E:20:C5:A8:5E:CB:22:EC:97:36:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1zSS5NJcO70MXiDFqF7LIuyXNgo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/09aa61-87d7-4f53-9818-dec21eefa38b/1/pBe-gPZXHb7J41xpuMWhA8dCzsk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/09aa61-87d7-4f53-9818-dec21eefa38b/1/1zSS5NJcO70MXiDFqF7LIuyXNgo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.140.252.0/24
185.200.132.0/22
194.61.128.0/23
Signature Algorithm: sha256WithRSAEncryption
9e:e7:ee:ed:91:2d:82:bb:32:cd:35:18:7f:54:78:96:3e:c9:
5b:f0:58:b3:37:75:a1:82:90:32:08:77:e4:28:46:dc:5f:3c:
93:4c:8b:4c:6e:36:85:8b:ca:33:58:7d:dc:4f:a0:24:30:25:
df:21:0d:61:39:a0:02:8d:70:7e:09:6f:d5:c4:39:6a:f8:b8:
39:00:54:44:c1:fe:ad:4a:53:84:08:6e:8c:b6:5b:e7:23:db:
60:5c:c5:15:06:6a:11:22:99:da:e5:52:cd:d3:81:80:51:7b:
60:70:8d:42:0c:df:c4:1b:9e:d0:9d:78:23:b4:dd:fc:b0:93:
75:3a:9a:b0:48:64:6f:69:37:cf:10:a0:6e:1a:4e:b2:58:6c:
22:27:77:ff:d4:10:37:22:b8:3a:f0:00:bc:3d:f4:8d:d2:9c:
a7:ff:70:4c:92:7c:de:c6:03:a5:5c:ff:90:36:98:03:2c:16:
29:f1:b4:e4:47:5b:6d:e6:5b:c0:33:53:2c:87:a6:bd:fe:14:
8a:71:7a:cc:22:4a:a2:2e:5c:09:4a:67:79:47:aa:b4:53:d7:
b2:d1:41:27:46:e9:99:de:3e:f3:bd:c6:60:ec:24:ad:a3:d0:
1f:ed:a5:f0:06:91:76:14:2f:6c:e5:21:70:6f:51:7d:a2:51:
14:ef:af:5a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYZa+zr8AHvgWVSSkK2Yu9WwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3MzQ5MmU0ZDI1YzNiYmQwYzVlMjBjNWE4NWVjYjIyZWM5
NzM2MGEwHhcNMjMwMjE2MTYwNzM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDE3YmU4MGY2NTcxZGJlYzllMzVjNjliOGM1YTEwM2M3NDJjZWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkUvzc4WaZ6JGcGHoP6Q9+9JnN74c
fKH6oYExII8VCQ63nFgBff13iALE/CfMA5NVh+cMprtOn4YClUzhFObqvrxvB3ou
gzkWNy1gfsayXOmqkHbq6QlQUw3NpqQ75Rmn0FP1BYILYy6x+L0XByAyWFaPdh7c
zF0kknyYjWx0lhwxYN7VtP10rNXLV4BXJMiJka/Kbz6Lc9q9v9H/8QcvwfvLi9km
9iqsg/5Qy1Z+C3en81I0BTUx9WdrHT6Kp3P4Dg8LUYd9vNLTH0mtIjIABI+rsTJR
gj1ifobQsRRFHKJQOj7I2MyUKe2m307QnmyWpgGHrkkhvyPfTpa7GhC+BQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKQXvoD2Vx2+yeNcabjFoQPHQs7JMB8GA1UdIwQY
MBaAFNc0kuTSXDu9DF4gxaheyyLslzYKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXpTUzVOSmNPNzBNWGlERnFGN0xJdXlYTmdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8wOWFhNjEtODdkNy00ZjUzLTk4MTgt
ZGVjMjFlZWZhMzhiLzEvcEJlLWdQWlhIYjdKNDF4cHVNV2hBOGRDenNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8wOWFhNjEtODdkNy00ZjUzLTk4MTgtZGVjMjFlZWZhMzhi
LzEvMXpTUzVOSmNPNzBNWGlERnFGN0xJdXlYTmdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAJYz8AwQC
uciEAwQBwj2AMA0GCSqGSIb3DQEBCwUAA4IBAQCe5+7tkS2CuzLNNRh/VHiWPslb
8FizN3WhgpAyCHfkKEbcXzyTTItMbjaFi8ozWH3cT6AkMCXfIQ1hOaACjXB+CW/V
xDlq+Lg5AFREwf6tSlOECG6MtlvnI9tgXMUVBmoRIpna5VLN04GAUXtgcI1CDN/E
G57QnXgjtN38sJN1OpqwSGRvaTfPEKBuGk6yWGwiJ3f/1BA3Irg68AC8PfSN0pyn
/3BMknzexgOlXP+QNpgDLBYp8bTkR1tt5lvAM1Msh6a9/hSKcXrMIkqiLlwJSmd5
R6q0U9ey0UEnRumZ3j7zvcZg7CSto9Af7aXwBpF2FC9s5SFwb1F9olEU769a
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:33:47 2025 by rpki-client