Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/07476c-2c5b-40e9-b562-54fa30864c21/1/c32rRd_VK823HExtAcmuDnZLMOs.roa
File: c32rRd_VK823HExtAcmuDnZLMOs.roa (raw, json)
Hash identifier: aw2e0gizotH0nCiw8nC8hE0VJUvxVagKE8N8c5tYHFM=
Subject key identifier: 73:7D:AB:45:DF:D5:2B:CD:B7:1C:4C:6D:01:C9:AE:0E:76:4B:30:EB
Certificate issuer: /CN=ce56aa0e21558c92a48654244e05961a1fcfa0f2
Certificate serial: 01856FF949ABF67CF519EB0C60A7C3284931
Authority key identifier: CE:56:AA:0E:21:55:8C:92:A4:86:54:24:4E:05:96:1A:1F:CF:A0:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zlaqDiFVjJKkhlQkTgWWGh_PoPI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/07476c-2c5b-40e9-b562-54fa30864c21/1/c32rRd_VK823HExtAcmuDnZLMOs.roa
Signing time: Mon 02 Jan 2023 00:54:46 +0000
ROA not before: Mon 02 Jan 2023 00:54:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1103
IP address blocks: 137.224.0.0/16 maxlen: 16
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:f9:49:ab:f6:7c:f5:19:eb:0c:60:a7:c3:28:49:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ce56aa0e21558c92a48654244e05961a1fcfa0f2
Validity
Not Before: Jan 2 00:54:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=737dab45dfd52bcdb71c4c6d01c9ae0e764b30eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:37:b1:55:3b:87:e2:4e:62:49:6f:88:fe:52:
10:b0:c5:50:92:d2:49:64:ef:67:60:8b:7d:7f:bd:
73:03:96:5b:79:54:d6:be:7e:00:11:a6:90:ff:15:
83:b9:32:e1:7e:7d:c5:97:81:c7:64:36:aa:4c:65:
11:f4:23:08:95:2b:52:6d:01:85:fc:51:ee:d4:0a:
3c:59:41:5d:b5:2a:9d:ae:b7:f4:ea:71:a4:b4:15:
e0:40:ef:f3:b3:a8:c9:e5:d0:20:6c:64:b2:ca:92:
01:07:b7:ba:ba:7c:06:98:19:b7:dd:d8:15:9a:22:
1f:aa:ec:80:fa:db:1e:95:9a:5a:e9:37:49:0a:a6:
0f:a0:77:ef:fb:60:30:c7:ed:b2:68:a9:d3:40:27:
ca:10:ac:62:54:53:85:d3:b1:83:f3:15:cf:ae:cd:
43:4d:14:23:b0:5b:8d:d8:cc:af:d8:db:02:46:a8:
07:9c:37:8e:14:1c:3d:4b:35:86:5a:2e:e5:00:ae:
4d:b8:a1:7a:6d:0f:70:8c:d1:1d:b6:fa:67:13:2d:
34:b2:fe:3b:21:e9:25:07:49:f4:fb:14:e3:26:cf:
52:e2:fc:05:bf:59:4f:19:58:50:60:d7:a2:b3:33:
b6:93:52:bb:34:6a:64:cd:9d:c1:83:23:31:61:72:
b6:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:7D:AB:45:DF:D5:2B:CD:B7:1C:4C:6D:01:C9:AE:0E:76:4B:30:EB
X509v3 Authority Key Identifier:
keyid:CE:56:AA:0E:21:55:8C:92:A4:86:54:24:4E:05:96:1A:1F:CF:A0:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zlaqDiFVjJKkhlQkTgWWGh_PoPI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/07476c-2c5b-40e9-b562-54fa30864c21/1/c32rRd_VK823HExtAcmuDnZLMOs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/07476c-2c5b-40e9-b562-54fa30864c21/1/zlaqDiFVjJKkhlQkTgWWGh_PoPI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
137.224.0.0/16
Signature Algorithm: sha256WithRSAEncryption
0b:67:bd:cb:ce:59:f1:45:8e:3f:46:09:05:73:eb:2b:ec:b5:
9b:f2:b0:d0:ce:82:c6:79:2e:62:39:b8:62:6d:21:75:c7:ef:
52:6d:87:c8:91:b2:75:b4:76:77:2c:31:a5:aa:04:5f:a4:cb:
ed:c0:4f:50:f9:59:34:6d:c7:2e:44:2f:ee:1a:d4:cd:db:78:
8a:07:6d:4e:fe:1a:6c:7d:5f:8f:d6:d8:76:c4:1d:db:79:ce:
02:61:ec:fb:d9:b9:cf:1b:22:63:8d:7a:a3:cb:76:4f:1f:66:
70:c3:2d:37:53:b7:a9:69:b5:75:b3:01:49:3b:11:06:0d:9d:
25:0e:1d:68:c3:bb:7b:47:3e:1d:e7:d7:b6:20:b8:ce:e9:e3:
8e:ee:14:f3:e7:a8:0a:37:65:28:c3:2d:24:d6:5a:3b:a6:93:
48:64:7e:1c:d8:24:92:d4:53:9e:43:f1:99:04:b6:59:2d:b9:
63:28:cd:3d:3c:dd:33:49:e9:16:d8:f3:8e:f7:08:cc:24:7c:
3b:dd:f3:bb:16:1c:5e:de:be:b5:50:25:cc:57:73:18:50:a3:
e3:45:f2:4a:1c:1c:27:87:d7:05:5d:8f:f6:c9:c1:4f:71:15:
4b:93:33:0d:f8:cb:63:12:49:a5:d8:b4:f8:3d:c6:f5:8b:f4:
87:18:54:4e
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYVv+Umr9nz1GesMYKfDKEkxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlNTZhYTBlMjE1NThjOTJhNDg2NTQyNDRlMDU5NjFhMWZj
ZmEwZjIwHhcNMjMwMTAyMDA1NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzdkYWI0NWRmZDUyYmNkYjcxYzRjNmQwMWM5YWUwZTc2NGIzMGViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtzexVTuH4k5iSW+I/lIQsMVQktJJ
ZO9nYIt9f71zA5ZbeVTWvn4AEaaQ/xWDuTLhfn3Fl4HHZDaqTGUR9CMIlStSbQGF
/FHu1Ao8WUFdtSqdrrf06nGktBXgQO/zs6jJ5dAgbGSyypIBB7e6unwGmBm33dgV
miIfquyA+tselZpa6TdJCqYPoHfv+2Awx+2yaKnTQCfKEKxiVFOF07GD8xXPrs1D
TRQjsFuN2Myv2NsCRqgHnDeOFBw9SzWGWi7lAK5NuKF6bQ9wjNEdtvpnEy00sv47
IeklB0n0+xTjJs9S4vwFv1lPGVhQYNeiszO2k1K7NGpkzZ3BgyMxYXK21QIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFHN9q0Xf1SvNtxxMbQHJrg52SzDrMB8GA1UdIwQY
MBaAFM5Wqg4hVYySpIZUJE4Flhofz6DyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemxhcURpRlZqSktraGxRa1RnV1dHaF9Qb1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi8wNzQ3NmMtMmM1Yi00MGU5LWI1NjIt
NTRmYTMwODY0YzIxLzEvYzMyclJkX1ZLODIzSEV4dEFjbXVEblpMTU9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi8wNzQ3NmMtMmM1Yi00MGU5LWI1NjItNTRmYTMwODY0YzIx
LzEvemxhcURpRlZqSktraGxRa1RnV1dHaF9Qb1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAieAwDQYJ
KoZIhvcNAQELBQADggEBAAtnvcvOWfFFjj9GCQVz6yvstZvysNDOgsZ5LmI5uGJt
IXXH71Jth8iRsnW0dncsMaWqBF+ky+3AT1D5WTRtxy5EL+4a1M3beIoHbU7+Gmx9
X4/W2HbEHdt5zgJh7PvZuc8bImONeqPLdk8fZnDDLTdTt6lptXWzAUk7EQYNnSUO
HWjDu3tHPh3n17YguM7p447uFPPnqAo3ZSjDLSTWWjumk0hkfhzYJJLUU55D8ZkE
tlktuWMozT083TNJ6RbY8473CMwkfDvd87sWHF7evrVQJcxXcxhQo+NF8kocHCeH
1wVdj/bJwU9xFUuTMw34y2MSSaXYtPg9xvWL9IcYVE4=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:45:15 2025 by rpki-client