Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/fU_5ApUNRMzYv_yACDP7XWsALks.roa
File: fU_5ApUNRMzYv_yACDP7XWsALks.roa (raw, json)
Hash identifier: lxFoy3qd4g0fd7nW3PU3gQZf4Qbgcrn/AusRCcP5Hc8=
Subject key identifier: 7D:4F:F9:02:95:0D:44:CC:D8:BF:FC:80:08:33:FB:5D:6B:00:2E:4B
Certificate issuer: /CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Certificate serial: 364C985F
Authority key identifier: F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/fU_5ApUNRMzYv_yACDP7XWsALks.roa
Signing time: Tue 10 May 2022 11:59:02 +0000
ROA not before: Tue 10 May 2022 11:59:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 24631
IP address blocks: 37.32.44.0/24 maxlen: 24
37.32.45.0/24 maxlen: 24
37.32.47.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 910989407 (0x364c985f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Validity
Not Before: May 10 11:59:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7d4ff902950d44ccd8bffc800833fb5d6b002e4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:83:d9:5a:47:e5:4e:f5:00:90:9f:a4:93:45:
bc:be:c4:93:a8:8a:47:44:84:7c:bc:77:51:eb:b4:
b3:c8:80:23:25:61:ba:6f:0c:48:a2:e6:dd:fa:3b:
4f:a6:e2:c3:a8:60:25:0c:46:d5:6c:37:43:47:ad:
c2:df:97:0c:04:ed:5c:db:82:bc:fe:08:44:92:eb:
04:43:67:e7:8b:14:2a:00:64:1d:37:f0:b1:13:5e:
53:4b:31:d3:b1:ef:c5:95:84:7e:b9:1c:2b:fa:c4:
91:7b:f1:1c:b6:ae:36:08:69:ad:62:8c:2c:d6:50:
60:ff:ee:5d:78:4a:6d:84:74:a9:4b:23:01:cd:02:
68:a0:f4:68:44:d9:c9:e5:61:b1:22:15:bc:e3:c2:
61:fd:ef:27:f9:f1:3f:a8:41:d8:a0:21:bd:c5:2d:
8c:b3:10:ef:70:11:b4:22:ce:ec:a5:61:72:14:d0:
d4:00:8e:c2:54:c1:8c:dd:63:55:81:7f:8f:5d:0e:
72:f9:1c:af:5c:8b:f0:fb:86:80:4e:64:ab:0b:9e:
1f:32:ed:a8:3f:f7:4c:7c:f4:43:a4:37:cb:b2:f6:
1d:d6:44:9a:e9:f4:d9:cf:02:e1:6b:65:f7:f1:b8:
15:0d:1a:52:1a:02:64:59:c6:ad:de:a5:6e:d6:d0:
a2:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:4F:F9:02:95:0D:44:CC:D8:BF:FC:80:08:33:FB:5D:6B:00:2E:4B
X509v3 Authority Key Identifier:
keyid:F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/fU_5ApUNRMzYv_yACDP7XWsALks.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.32.44.0/23
37.32.47.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:48:65:ef:8d:00:5d:25:dc:40:cc:bc:d3:84:02:01:cd:07:
31:d1:19:4d:10:07:40:48:c5:96:45:af:c4:6d:b7:28:dc:29:
86:bc:ec:d3:d2:3e:34:6d:58:3b:6f:c0:e3:cc:f6:9a:38:d5:
56:1a:f9:ff:7d:3c:82:ad:13:14:ce:eb:67:a9:11:73:4a:37:
0f:19:ad:53:74:82:95:82:f9:0c:77:02:43:78:72:93:61:be:
e5:69:b5:82:32:f8:d4:c7:b8:c9:c1:a4:60:58:5e:ee:be:8e:
89:32:ef:88:1d:2d:ef:e6:34:2b:38:98:58:fa:99:d3:c8:1b:
79:1a:35:bd:48:ec:e7:8f:bc:88:42:d0:43:75:dc:51:10:d8:
28:83:5c:2d:cd:55:e5:cd:a8:70:77:3d:18:c3:12:2a:de:d6:
32:5d:76:dc:b8:64:bd:75:c3:12:dd:c1:15:a2:03:c2:fa:f3:
5e:06:a6:50:00:52:fb:6b:44:c2:e6:a0:48:f6:c8:b8:cd:4b:
08:9d:76:ab:4f:be:c1:b4:51:01:13:80:94:8c:1d:07:8f:39:
35:a0:18:3a:9a:5f:de:94:da:e0:ee:2b:00:14:62:ed:7c:d0:
af:fb:07:b0:91:bc:f4:19:22:5f:dc:34:20:cd:8d:82:68:11:
2a:4f:6e:ea
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIENkyYXzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
MTM1MzMzOTlmNTVlYjUyZTZiMjIwMGM3Y2FlNDI3MmI3NGQ2NDY0MB4XDTIyMDUx
MDExNTkwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2Q0ZmY5MDI5NTBk
NDRjY2Q4YmZmYzgwMDgzM2ZiNWQ2YjAwMmU0YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALiD2VpH5U71AJCfpJNFvL7Ek6iKR0SEfLx3Ueu0s8iAIyVh
um8MSKLm3fo7T6biw6hgJQxG1Ww3Q0etwt+XDATtXNuCvP4IRJLrBENn54sUKgBk
HTfwsRNeU0sx07HvxZWEfrkcK/rEkXvxHLauNghprWKMLNZQYP/uXXhKbYR0qUsj
Ac0CaKD0aETZyeVhsSIVvOPCYf3vJ/nxP6hB2KAhvcUtjLMQ73ARtCLO7KVhchTQ
1ACOwlTBjN1jVYF/j10Ocvkcr1yL8PuGgE5kqwueHzLtqD/3THz0Q6Q3y7L2HdZE
mun02c8C4Wtl9/G4FQ0aUhoCZFnGrd6lbtbQos8CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBR9T/kClQ1EzNi//IAIM/tdawAuSzAfBgNVHSMEGDAWgBTxNTM5n1XrUuay
IAx8rkJyt01kZDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzhUVXpPWjlWNjFMbXNpQU1mSzVDY3JkTlpHUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTIvODQ0ZWViLWNkZjEtNDdmMS1iY2ZhLTk4OTE2Njg4MTk2OS8x
L2ZVXzVBcFVOUk16WXZfeUFDRFA3WFdzQUxrcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTIv
ODQ0ZWViLWNkZjEtNDdmMS1iY2ZhLTk4OTE2Njg4MTk2OS8xLzhUVXpPWjlWNjFM
bXNpQU1mSzVDY3JkTlpHUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEASUgLAMEACUgLzANBgkqhkiG9w0B
AQsFAAOCAQEApUhl740AXSXcQMy804QCAc0HMdEZTRAHQEjFlkWvxG23KNwphrzs
09I+NG1YO2/A48z2mjjVVhr5/308gq0TFM7rZ6kRc0o3DxmtU3SClYL5DHcCQ3hy
k2G+5Wm1gjL41Me4ycGkYFhe7r6OiTLviB0t7+Y0KziYWPqZ08gbeRo1vUjs54+8
iELQQ3XcURDYKINcLc1V5c2ocHc9GMMSKt7WMl123LhkvXXDEt3BFaIDwvrzXgam
UABS+2tEwuagSPbIuM1LCJ12q0++wbRRAROAlIwdB485NaAYOppf3pTa4O4rABRi
7XzQr/sHsJG89BkiX9w0IM2NgmgRKk9u6g==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:57:01 2025 by rpki-client