Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/24c566-c74e-4232-a344-6072bb8b2bc0/1/2wTVMmu-IaDg0IytSVkltQoRA-k.roa
File: 2wTVMmu-IaDg0IytSVkltQoRA-k.roa (raw, json)
Hash identifier: uWzstLnKS34CDu0nRUeS27f08B0nhj7j3KYEohnz5ck=
Subject key identifier: DB:04:D5:32:6B:BE:21:A0:E0:D0:8C:AD:49:59:25:B5:0A:11:03:E9
Certificate issuer: /CN=4103292068ea3fb85bc5895379e20edbd0bc6506
Certificate serial: 0376F2C8
Authority key identifier: 41:03:29:20:68:EA:3F:B8:5B:C5:89:53:79:E2:0E:DB:D0:BC:65:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QQMpIGjqP7hbxYlTeeIO29C8ZQY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/24c566-c74e-4232-a344-6072bb8b2bc0/1/2wTVMmu-IaDg0IytSVkltQoRA-k.roa
Signing time: Sat 01 Jan 2022 14:05:59 +0000
ROA not before: Sat 01 Jan 2022 14:05:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 58084
IP address blocks: 37.221.185.0/24 maxlen: 24
37.221.186.0/24 maxlen: 24
37.221.184.0/24 maxlen: 24
37.221.188.0/24 maxlen: 24
37.221.191.0/24 maxlen: 24
37.221.189.0/24 maxlen: 24
37.221.190.0/24 maxlen: 24
37.221.187.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 58127048 (0x376f2c8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4103292068ea3fb85bc5895379e20edbd0bc6506
Validity
Not Before: Jan 1 14:05:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=db04d5326bbe21a0e0d08cad495925b50a1103e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:e3:64:78:f0:eb:78:e2:ff:61:9b:3f:1d:eb:
13:ef:e1:2f:94:3d:b8:1b:70:5e:09:38:a4:2a:a3:
b9:94:43:77:0e:6d:2a:9d:14:a1:d9:6c:1e:17:24:
fe:7d:4a:a5:b6:0a:1f:31:7f:a7:b8:34:75:c4:d9:
ca:05:e8:db:53:eb:b7:d0:c3:1b:6c:c6:a2:cb:ff:
ae:0b:3a:f9:85:64:fd:d7:31:c0:8c:29:5b:3b:c2:
a6:b7:d1:04:b8:62:36:62:1a:5d:bb:9c:08:eb:0c:
c4:87:05:23:38:b8:d9:a8:f5:f5:d5:b9:3a:c8:fc:
25:99:e9:1c:6a:1c:78:6b:1d:ad:e8:00:d7:f8:b8:
1f:38:f3:20:e1:c1:eb:a2:46:f7:89:09:bd:d3:2e:
01:70:f4:7d:6e:75:02:7a:32:ed:57:0e:f2:c5:da:
b7:38:01:04:29:87:11:3f:9e:0b:51:37:68:7c:8e:
a4:54:81:2e:f6:c5:86:e9:ae:58:8a:25:41:41:a8:
53:18:79:4b:1c:df:9d:bc:d5:65:4a:9d:76:31:51:
da:5f:a1:99:84:7a:80:48:b0:39:d1:f9:22:83:5f:
27:22:95:77:18:4f:31:0a:b3:59:0c:32:13:27:3f:
78:80:8f:25:82:e4:05:88:9d:d8:81:32:f1:b6:64:
89:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:04:D5:32:6B:BE:21:A0:E0:D0:8C:AD:49:59:25:B5:0A:11:03:E9
X509v3 Authority Key Identifier:
keyid:41:03:29:20:68:EA:3F:B8:5B:C5:89:53:79:E2:0E:DB:D0:BC:65:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QQMpIGjqP7hbxYlTeeIO29C8ZQY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/24c566-c74e-4232-a344-6072bb8b2bc0/1/2wTVMmu-IaDg0IytSVkltQoRA-k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/24c566-c74e-4232-a344-6072bb8b2bc0/1/QQMpIGjqP7hbxYlTeeIO29C8ZQY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.221.184.0/21
Signature Algorithm: sha256WithRSAEncryption
19:86:01:2d:9c:53:ff:42:8d:66:91:62:ce:38:f7:53:34:3b:
eb:b6:74:cf:3d:b2:e6:cb:de:d1:67:73:b5:1c:b8:e5:a7:18:
d6:d2:0b:2b:3e:1f:8b:c6:a5:d9:fe:79:ac:7f:95:b3:3e:6a:
c2:57:88:3e:d8:b9:2d:3b:5a:31:3a:fd:f1:e4:b6:a7:18:4c:
8c:39:67:9f:7b:7d:ec:55:8c:7b:14:95:5f:7a:b2:e4:ab:49:
42:b4:cc:30:c4:67:22:c5:ee:05:a6:f8:2e:05:a8:91:dc:df:
e4:72:ca:c4:0a:f6:69:b2:af:55:c4:42:3f:9a:cf:c3:8c:f6:
db:48:38:4c:34:c4:67:a7:b2:d0:44:a6:e3:dc:59:af:6f:73:
cd:ff:af:83:d9:c8:79:9d:0a:20:dc:77:e7:df:0a:8c:0a:44:
e0:6e:ca:23:77:ef:d7:a7:12:78:ce:7e:13:1d:16:86:46:17:
a6:8a:f6:4c:3c:ca:8f:90:21:3d:45:c7:f0:1e:32:ab:27:e0:
04:e0:b4:12:9b:fb:1b:0a:80:5d:b7:9d:9d:14:18:80:a0:8e:
c9:44:43:4f:3c:c9:46:14:5d:f2:36:c8:29:8b:2f:cc:f2:0f:
5b:73:d8:1e:55:d3:72:f1:6c:88:1b:a1:e1:7c:16:57:ed:fc:
c5:e8:3b:c5
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA3byyDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
MTAzMjkyMDY4ZWEzZmI4NWJjNTg5NTM3OWUyMGVkYmQwYmM2NTA2MB4XDTIyMDEw
MTE0MDU1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGIwNGQ1MzI2YmJl
MjFhMGUwZDA4Y2FkNDk1OTI1YjUwYTExMDNlOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANrjZHjw63ji/2GbPx3rE+/hL5Q9uBtwXgk4pCqjuZRDdw5t
Kp0UodlsHhck/n1KpbYKHzF/p7g0dcTZygXo21Prt9DDG2zGosv/rgs6+YVk/dcx
wIwpWzvCprfRBLhiNmIaXbucCOsMxIcFIzi42aj19dW5Osj8JZnpHGoceGsdregA
1/i4HzjzIOHB66JG94kJvdMuAXD0fW51Anoy7VcO8sXatzgBBCmHET+eC1E3aHyO
pFSBLvbFhumuWIolQUGoUxh5SxzfnbzVZUqddjFR2l+hmYR6gEiwOdH5IoNfJyKV
dxhPMQqzWQwyEyc/eICPJYLkBYid2IEy8bZkiYcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTbBNUya74hoODQjK1JWSW1ChED6TAfBgNVHSMEGDAWgBRBAykgaOo/uFvF
iVN54g7b0LxlBjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1FRTXBJR2pxUDdoYnhZbFRlZUlPMjlDOFpRWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGYvMjRjNTY2LWM3NGUtNDIzMi1hMzQ0LTYwNzJiYjhiMmJjMC8x
LzJ3VFZNbXUtSWFEZzBJeXRTVmtsdFFvUkEtay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGYv
MjRjNTY2LWM3NGUtNDIzMi1hMzQ0LTYwNzJiYjhiMmJjMC8xL1FRTXBJR2pxUDdo
YnhZbFRlZUlPMjlDOFpRWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAyXduDANBgkqhkiG9w0BAQsFAAOC
AQEAGYYBLZxT/0KNZpFizjj3UzQ767Z0zz2y5sve0WdztRy45acY1tILKz4fi8al
2f55rH+Vsz5qwleIPti5LTtaMTr98eS2pxhMjDlnn3t97FWMexSVX3qy5KtJQrTM
MMRnIsXuBab4LgWokdzf5HLKxAr2abKvVcRCP5rPw4z220g4TDTEZ6ey0ESm49xZ
r29zzf+vg9nIeZ0KINx3598KjApE4G7KI3fv16cSeM5+Ex0WhkYXpor2TDzKj5Ah
PUXH8B4yqyfgBOC0Epv7GwqAXbednRQYgKCOyURDTzzJRhRd8jbIKYsvzPIPW3PY
HlXTcvFsiBuh4XwWV+38xeg7xQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:28 2024 by rpki-client on console-ams.rpki-client.org