Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/c62e0c-4454-43c8-97bc-81674d953d56/1/9azRQfpgLdZA0TGjfPbtssG_QZI.roa
File: 9azRQfpgLdZA0TGjfPbtssG_QZI.roa (raw, json)
Hash identifier: SkquEnG+dYSgKMb9ie5/Mtbi4aQBX0b88o3QWV25VDU=
Subject key identifier: F5:AC:D1:41:FA:60:2D:D6:40:D1:31:A3:7C:F6:ED:B2:C1:BF:41:92
Certificate issuer: /CN=07da339e5cd3c1be02ce6802a0421856aa0b547b
Certificate serial: E51264
Authority key identifier: 07:DA:33:9E:5C:D3:C1:BE:02:CE:68:02:A0:42:18:56:AA:0B:54:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B9oznlzTwb4CzmgCoEIYVqoLVHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/c62e0c-4454-43c8-97bc-81674d953d56/1/9azRQfpgLdZA0TGjfPbtssG_QZI.roa
Signing time: Thu 24 Mar 2022 15:57:05 +0000
ROA not before: Thu 24 Mar 2022 15:57:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29286
IP address blocks: 37.252.111.0/24 maxlen: 24
185.19.39.0/24 maxlen: 24
37.1.166.0/23 maxlen: 24
185.19.38.0/24 maxlen: 24
37.252.104.0/21 maxlen: 21
185.19.37.0/24 maxlen: 24
185.19.36.0/24 maxlen: 24
185.19.36.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15012452 (0xe51264)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07da339e5cd3c1be02ce6802a0421856aa0b547b
Validity
Not Before: Mar 24 15:57:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f5acd141fa602dd640d131a37cf6edb2c1bf4192
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:36:44:61:ab:d3:7d:2d:c8:74:2d:c7:c3:0d:
1e:d2:75:31:95:bb:54:01:37:7b:a6:53:22:01:85:
64:11:88:18:ea:22:06:8a:7b:b4:1a:70:06:7f:8b:
19:61:6f:94:07:dc:e9:5b:99:e6:1c:7f:10:20:64:
af:be:3a:c2:0a:7a:50:2c:3e:ea:0b:87:2c:ba:bc:
be:d3:44:0f:85:81:f2:b7:87:d3:11:eb:04:89:df:
d9:16:4a:13:7b:e3:a9:eb:ac:71:41:d0:f6:da:c4:
fc:fe:58:a9:5e:d9:f9:bc:64:3d:66:08:ce:02:df:
a0:5e:cd:cd:10:c3:04:11:40:f0:00:5f:3e:74:06:
7d:56:26:80:f0:60:23:a9:9e:11:a6:dd:e8:85:8d:
67:9c:b2:00:ca:d5:83:b2:f1:46:ea:f3:e4:78:32:
24:08:70:94:8f:1a:ef:fc:a8:27:94:6f:b9:90:7e:
59:83:5b:91:f2:94:42:9a:41:a3:48:ff:dd:c6:49:
26:90:98:58:44:4d:81:9d:39:61:4b:0a:cc:38:13:
e7:66:e1:a1:8a:eb:ab:2e:4c:9f:f7:13:0f:04:3c:
b3:93:fd:e5:42:20:72:53:22:e7:05:36:3c:a2:50:
b1:84:dc:97:b2:70:20:d2:3d:a3:af:0f:e5:00:30:
fb:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:AC:D1:41:FA:60:2D:D6:40:D1:31:A3:7C:F6:ED:B2:C1:BF:41:92
X509v3 Authority Key Identifier:
keyid:07:DA:33:9E:5C:D3:C1:BE:02:CE:68:02:A0:42:18:56:AA:0B:54:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B9oznlzTwb4CzmgCoEIYVqoLVHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/c62e0c-4454-43c8-97bc-81674d953d56/1/9azRQfpgLdZA0TGjfPbtssG_QZI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/c62e0c-4454-43c8-97bc-81674d953d56/1/B9oznlzTwb4CzmgCoEIYVqoLVHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.1.166.0/23
37.252.104.0/21
185.19.36.0/22
Signature Algorithm: sha256WithRSAEncryption
7e:ae:ed:cc:a3:d1:86:68:f9:c1:4f:3a:83:b7:e5:5f:10:5b:
26:65:62:11:bf:7d:f8:5f:ae:54:23:30:16:98:f7:48:4a:93:
bd:0e:c0:08:ee:0a:5e:22:83:92:8f:23:81:f6:67:fe:a5:1f:
fd:97:6f:f3:89:92:5f:8e:2c:5c:73:9c:f1:d0:4a:e2:c2:37:
c4:d1:a7:b4:b4:0e:a7:af:e9:59:58:dd:f0:df:00:47:08:21:
bb:b4:38:0c:4b:34:af:87:61:65:6d:74:cc:d4:c2:e7:c7:74:
3c:7c:5d:25:ce:7a:35:ef:42:90:7e:b8:a5:75:de:7d:9f:0f:
b2:e9:03:a3:2d:d4:6d:7c:d6:4f:73:3f:74:52:ad:02:65:7e:
8d:cd:99:2f:31:da:76:dc:55:e0:69:46:bf:50:c4:f8:4d:6a:
12:68:7d:e2:90:da:3b:32:1a:fd:b3:9e:3e:9e:48:f1:2c:23:
75:4a:a5:f3:a3:d4:1e:26:5d:ad:77:a7:9c:b2:76:d9:1a:a7:
10:c2:09:9f:e6:0b:7b:34:17:b8:f2:d6:2a:42:32:4f:46:a2:
4c:dc:fb:24:59:4f:28:90:f2:e2:5c:f5:cd:3f:69:2a:dd:ec:
0b:de:7b:68:d2:07:c7:d9:99:4f:eb:1b:e5:6f:90:9b:37:ff:
78:10:20:df
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEAOUSZDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
N2RhMzM5ZTVjZDNjMWJlMDJjZTY4MDJhMDQyMTg1NmFhMGI1NDdiMB4XDTIyMDMy
NDE1NTcwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjVhY2QxNDFmYTYw
MmRkNjQwZDEzMWEzN2NmNmVkYjJjMWJmNDE5MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALs2RGGr030tyHQtx8MNHtJ1MZW7VAE3e6ZTIgGFZBGIGOoi
Bop7tBpwBn+LGWFvlAfc6VuZ5hx/ECBkr746wgp6UCw+6guHLLq8vtNED4WB8reH
0xHrBInf2RZKE3vjqeuscUHQ9trE/P5YqV7Z+bxkPWYIzgLfoF7NzRDDBBFA8ABf
PnQGfVYmgPBgI6meEabd6IWNZ5yyAMrVg7LxRurz5HgyJAhwlI8a7/yoJ5RvuZB+
WYNbkfKUQppBo0j/3cZJJpCYWERNgZ05YUsKzDgT52bhoYrrqy5Mn/cTDwQ8s5P9
5UIgclMi5wU2PKJQsYTcl7JwINI9o68P5QAw+98CAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBT1rNFB+mAt1kDRMaN89u2ywb9BkjAfBgNVHSMEGDAWgBQH2jOeXNPBvgLO
aAKgQhhWqgtUezAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0I5b3pubHpUd2I0Q3ptZ0NvRUlZVnFvTFZIcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTIvYzYyZTBjLTQ0NTQtNDNjOC05N2JjLTgxNjc0ZDk1M2Q1Ni8x
LzlhelJRZnBnTGRaQTBUR2pmUGJ0c3NHX1FaSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTIv
YzYyZTBjLTQ0NTQtNDNjOC05N2JjLTgxNjc0ZDk1M2Q1Ni8xL0I5b3pubHpUd2I0
Q3ptZ0NvRUlZVnFvTFZIcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEASUBpgMEAyX8aAMEArkTJDANBgkq
hkiG9w0BAQsFAAOCAQEAfq7tzKPRhmj5wU86g7flXxBbJmViEb99+F+uVCMwFpj3
SEqTvQ7ACO4KXiKDko8jgfZn/qUf/Zdv84mSX44sXHOc8dBK4sI3xNGntLQOp6/p
WVjd8N8ARwghu7Q4DEs0r4dhZW10zNTC58d0PHxdJc56Ne9CkH64pXXefZ8PsukD
oy3UbXzWT3M/dFKtAmV+jc2ZLzHadtxV4GlGv1DE+E1qEmh94pDaOzIa/bOePp5I
8SwjdUql86PUHiZdrXennLJ22RqnEMIJn+YLezQXuPLWKkIyT0aiTNz7JFlPKJDy
4lz1zT9pKt3sC957aNIHx9mZT+sb5W+Qmzf/eBAg3w==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:52:21 2025 by rpki-client