Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/MSmwITV3y3Ka5UYcjmjXkqKZago.roa
File: MSmwITV3y3Ka5UYcjmjXkqKZago.roa (raw, json)
Hash identifier: nBPTtWhn7Swkhp+J1Paa2w8W54XoFT6A5qwhJhupUJ0=
Subject key identifier: 31:29:B0:21:35:77:CB:72:9A:E5:46:1C:8E:68:D7:92:A2:99:6A:0A
Certificate issuer: /CN=0ef5cb2f590d041654f4dfdb60a28f9a1544f444
Certificate serial: 04740DE1
Authority key identifier: 0E:F5:CB:2F:59:0D:04:16:54:F4:DF:DB:60:A2:8F:9A:15:44:F4:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/MSmwITV3y3Ka5UYcjmjXkqKZago.roa
Signing time: Sat 01 Jan 2022 08:57:35 +0000
ROA not before: Sat 01 Jan 2022 08:57:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43333
IP address blocks: 37.252.6.0/23 maxlen: 23
37.252.10.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 74714593 (0x4740de1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ef5cb2f590d041654f4dfdb60a28f9a1544f444
Validity
Not Before: Jan 1 08:57:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3129b0213577cb729ae5461c8e68d792a2996a0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:bd:e0:47:19:1e:41:5e:27:6f:7a:21:04:0b:
37:a7:c6:5a:2c:9e:6a:0f:6f:fb:ca:2c:25:ba:16:
18:bf:da:cc:e3:cd:2e:27:02:12:8d:e0:0a:f1:77:
b0:3e:e9:31:fe:53:ba:d4:3a:81:4b:0a:8e:a7:36:
18:f9:1e:e9:ca:41:a6:4f:1e:b9:35:71:b6:dc:a9:
75:32:97:3d:cf:ed:41:1f:a0:1f:ca:e4:59:06:8f:
fa:5d:85:81:52:69:e7:8d:2f:83:09:a1:13:e9:10:
fc:90:34:fc:7c:76:23:94:81:d9:7e:67:12:a2:37:
bb:4e:41:35:81:38:22:aa:5f:8e:b5:13:6c:6f:cd:
73:6b:80:61:82:99:e0:3b:f6:fb:cf:bc:fa:ae:3f:
4f:e7:c4:d5:04:12:c5:6b:ae:c5:15:b6:e1:89:8c:
43:cf:68:8d:f5:14:70:71:7f:e6:1b:10:84:f8:6d:
b1:26:2f:da:38:5a:de:cf:69:29:d3:31:53:91:2f:
d5:ab:4d:f1:7f:83:24:fd:94:e0:da:69:f5:e1:7d:
44:06:70:7d:be:a5:3b:b6:c4:1d:15:0b:a6:f1:91:
d9:e9:21:63:d8:7d:a3:5d:fc:ad:07:c0:97:7d:49:
23:c6:c7:15:15:23:4f:6d:81:27:cd:2a:b1:99:21:
e2:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:29:B0:21:35:77:CB:72:9A:E5:46:1C:8E:68:D7:92:A2:99:6A:0A
X509v3 Authority Key Identifier:
keyid:0E:F5:CB:2F:59:0D:04:16:54:F4:DF:DB:60:A2:8F:9A:15:44:F4:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/MSmwITV3y3Ka5UYcjmjXkqKZago.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.252.6.0/23
37.252.10.0/23
Signature Algorithm: sha256WithRSAEncryption
70:ed:14:da:bf:3c:6f:42:44:8b:d7:52:d4:41:77:63:f6:9b:
4b:63:a7:53:10:b9:3a:01:d1:16:1c:9a:82:46:0d:af:2a:7f:
44:48:a6:fb:37:31:65:29:01:07:20:75:28:f4:df:1f:6c:cf:
dd:be:bf:09:00:2c:ff:8f:72:cb:fe:17:47:48:7a:24:29:32:
a0:20:5f:77:1e:92:b8:e8:21:2c:38:8a:7d:3b:0c:48:b6:1b:
62:87:c2:52:15:7b:47:41:cc:0a:0e:d3:1f:6b:de:49:d6:0b:
52:fe:61:f9:ce:03:c9:0a:08:91:a0:6e:f6:3f:10:f0:a5:47:
66:69:1a:8e:83:7a:18:fe:7c:4d:4e:74:b3:68:b1:78:5c:bf:
75:f2:fc:fe:91:61:52:f4:0b:3c:11:d7:95:bc:96:a4:1f:f5:
4e:14:87:8d:78:ee:f8:21:5a:ed:b8:3f:2c:a4:aa:82:0a:f9:
eb:46:8d:30:57:9f:4e:4f:54:fc:e1:df:6a:a7:4c:aa:9c:13:
cc:76:aa:49:36:41:25:3d:80:71:c1:49:13:cc:e8:4c:85:5a:
dd:a0:78:c0:c9:04:ba:a8:51:8c:d4:61:8a:c0:1d:ae:f9:61:
62:be:0e:01:09:04:7e:9c:1d:fd:25:79:12:e6:bf:a2:e9:aa:
83:3c:e7:0f
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBHQN4TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
ZWY1Y2IyZjU5MGQwNDE2NTRmNGRmZGI2MGEyOGY5YTE1NDRmNDQ0MB4XDTIyMDEw
MTA4NTczNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzEyOWIwMjEzNTc3
Y2I3MjlhZTU0NjFjOGU2OGQ3OTJhMjk5NmEwYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIO94EcZHkFeJ296IQQLN6fGWiyeag9v+8osJboWGL/azOPN
LicCEo3gCvF3sD7pMf5TutQ6gUsKjqc2GPke6cpBpk8euTVxttypdTKXPc/tQR+g
H8rkWQaP+l2FgVJp540vgwmhE+kQ/JA0/Hx2I5SB2X5nEqI3u05BNYE4IqpfjrUT
bG/Nc2uAYYKZ4Dv2+8+8+q4/T+fE1QQSxWuuxRW24YmMQ89ojfUUcHF/5hsQhPht
sSYv2jha3s9pKdMxU5Ev1atN8X+DJP2U4Npp9eF9RAZwfb6lO7bEHRULpvGR2ekh
Y9h9o138rQfAl31JI8bHFRUjT22BJ80qsZkh4gsCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQxKbAhNXfLcprlRhyOaNeSoplqCjAfBgNVHSMEGDAWgBQO9csvWQ0EFlT0
39tgoo+aFUT0RDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0R2WExMMWtOQkJaVTlOX2JZS0tQbWhWRTlFUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODcvMjI2ZjA0LWY3ZGItNDkxYS1iYWZiLWVlNDM1ZDNjZDU4NS8x
L01TbXdJVFYzeTNLYTVVWWNqbWpYa3FLWmFnby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODcv
MjI2ZjA0LWY3ZGItNDkxYS1iYWZiLWVlNDM1ZDNjZDU4NS8xL0R2WExMMWtOQkJa
VTlOX2JZS0tQbWhWRTlFUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEASX8BgMEASX8CjANBgkqhkiG9w0B
AQsFAAOCAQEAcO0U2r88b0JEi9dS1EF3Y/abS2OnUxC5OgHRFhyagkYNryp/REim
+zcxZSkBByB1KPTfH2zP3b6/CQAs/49yy/4XR0h6JCkyoCBfdx6SuOghLDiKfTsM
SLYbYofCUhV7R0HMCg7TH2veSdYLUv5h+c4DyQoIkaBu9j8Q8KVHZmkajoN6GP58
TU50s2ixeFy/dfL8/pFhUvQLPBHXlbyWpB/1ThSHjXju+CFa7bg/LKSqggr560aN
MFefTk9U/OHfaqdMqpwTzHaqSTZBJT2AccFJE8zoTIVa3aB4wMkEuqhRjNRhisAd
rvlhYr4OAQkEfpwd/SV5Eua/oumqgzznDw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:57 2023 by rpki-client on console-fra.rpki-client.org