Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/c62e0c-4454-43c8-97bc-81674d953d56/1/H4y1oadctJ6B5nEDfXJsg82F4Z4.roa
File: H4y1oadctJ6B5nEDfXJsg82F4Z4.roa (raw, json)
Hash identifier: zB/g1etC7CU8TdQT/yaUDTBAYXO3iyfp0o+uVV/RMUc=
Subject key identifier: 1F:8C:B5:A1:A7:5C:B4:9E:81:E6:71:03:7D:72:6C:83:CD:85:E1:9E
Certificate issuer: /CN=07da339e5cd3c1be02ce6802a0421856aa0b547b
Certificate serial: 92EF30
Authority key identifier: 07:DA:33:9E:5C:D3:C1:BE:02:CE:68:02:A0:42:18:56:AA:0B:54:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B9oznlzTwb4CzmgCoEIYVqoLVHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/c62e0c-4454-43c8-97bc-81674d953d56/1/H4y1oadctJ6B5nEDfXJsg82F4Z4.roa
Signing time: Tue 22 Feb 2022 08:03:58 +0000
ROA not before: Tue 22 Feb 2022 08:03:58 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29286
IP address blocks: 37.252.111.0/24 maxlen: 24
37.1.160.0/21 maxlen: 21
37.1.166.0/23 maxlen: 24
37.252.104.0/21 maxlen: 21
185.19.36.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9629488 (0x92ef30)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07da339e5cd3c1be02ce6802a0421856aa0b547b
Validity
Not Before: Feb 22 08:03:58 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1f8cb5a1a75cb49e81e671037d726c83cd85e19e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:22:e2:ef:9f:c6:ab:1e:92:c2:31:22:f1:56:
92:6f:ea:86:64:fa:5b:a4:51:30:97:18:22:6c:4e:
fa:4b:b2:49:40:cf:5f:ae:f1:33:c3:25:b5:e1:12:
5f:1b:ad:31:da:6b:c1:07:8a:f5:9c:7e:12:d7:bb:
39:cd:47:db:78:88:c5:08:ea:dc:7b:9e:01:b5:a6:
9f:22:92:f6:e6:3a:95:5d:9d:69:8a:46:49:cc:94:
de:09:f7:b7:92:20:bf:02:ec:f6:d0:81:f7:8b:c6:
61:1b:1c:e8:ed:13:26:4d:58:2c:86:4e:5b:18:d6:
9c:c2:12:46:82:f3:d4:5d:86:e2:92:eb:d5:b2:38:
50:39:a9:91:d4:3c:a9:89:0f:56:f4:93:bf:74:de:
b9:e6:bf:37:d8:d3:98:25:a5:0c:83:79:1c:e0:97:
dc:ba:bf:cc:e8:a1:1c:24:6f:28:0c:f0:57:62:d6:
9d:1f:29:bf:99:ab:7f:57:f8:a9:62:57:d9:8d:25:
ef:63:b5:aa:fd:d8:80:b4:2e:60:7c:db:fe:3b:fb:
0f:9b:10:f4:0a:21:b8:66:27:76:08:5c:30:52:73:
c2:66:81:20:22:69:2e:07:87:19:8d:d2:f5:71:bd:
eb:0f:b6:77:e3:1b:05:db:21:00:8c:7e:6a:5d:b9:
ab:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:8C:B5:A1:A7:5C:B4:9E:81:E6:71:03:7D:72:6C:83:CD:85:E1:9E
X509v3 Authority Key Identifier:
keyid:07:DA:33:9E:5C:D3:C1:BE:02:CE:68:02:A0:42:18:56:AA:0B:54:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B9oznlzTwb4CzmgCoEIYVqoLVHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/c62e0c-4454-43c8-97bc-81674d953d56/1/H4y1oadctJ6B5nEDfXJsg82F4Z4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/c62e0c-4454-43c8-97bc-81674d953d56/1/B9oznlzTwb4CzmgCoEIYVqoLVHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.1.160.0/21
37.252.104.0/21
185.19.36.0/22
Signature Algorithm: sha256WithRSAEncryption
26:5a:a7:4b:87:6a:3c:5f:82:47:ee:03:86:56:24:ab:a9:44:
93:be:d9:5f:7b:24:c0:9a:d2:16:e4:15:6b:6f:d9:a0:24:1b:
c3:6c:2e:a0:67:41:57:d6:9d:dc:3d:df:0f:1f:b7:50:5c:48:
69:b1:a4:d4:95:f1:b8:1d:bc:79:7d:19:03:a4:75:55:72:93:
ec:41:63:c2:5f:7f:86:34:10:31:69:af:ad:af:8e:29:64:65:
b5:fc:c0:a4:0c:bd:54:17:94:8b:f5:89:f9:67:d9:89:f4:02:
3c:91:13:c9:d5:6c:ab:98:62:14:76:e9:2f:10:2d:e1:7f:b7:
be:8a:94:e3:01:6d:48:3a:6d:ce:f5:ae:b0:86:b2:6d:f8:ca:
43:23:c1:2e:ee:7e:a2:4c:97:c1:59:8e:8e:65:d4:5d:f7:d2:
bb:e3:59:31:e4:e4:d2:2b:7b:f9:c6:8f:1d:16:bf:fa:a2:d9:
85:ba:2e:ae:0e:3c:d8:04:4e:82:98:0f:f8:c4:b1:fc:a3:8b:
dd:ea:11:82:d0:a9:67:28:ef:99:d2:4f:9a:c2:70:aa:b1:be:
65:c2:f6:69:4a:5c:c2:db:c1:f1:f6:79:63:67:49:31:3d:65:
c1:21:e9:8a:ea:c5:2e:dd:e8:1f:38:ff:8d:7e:15:f8:5c:ee:
4b:0a:56:d4
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEAJLvMDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
N2RhMzM5ZTVjZDNjMWJlMDJjZTY4MDJhMDQyMTg1NmFhMGI1NDdiMB4XDTIyMDIy
MjA4MDM1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWY4Y2I1YTFhNzVj
YjQ5ZTgxZTY3MTAzN2Q3MjZjODNjZDg1ZTE5ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMUi4u+fxqseksIxIvFWkm/qhmT6W6RRMJcYImxO+kuySUDP
X67xM8MlteESXxutMdprwQeK9Zx+Ete7Oc1H23iIxQjq3HueAbWmnyKS9uY6lV2d
aYpGScyU3gn3t5IgvwLs9tCB94vGYRsc6O0TJk1YLIZOWxjWnMISRoLz1F2G4pLr
1bI4UDmpkdQ8qYkPVvSTv3Teuea/N9jTmCWlDIN5HOCX3Lq/zOihHCRvKAzwV2LW
nR8pv5mrf1f4qWJX2Y0l72O1qv3YgLQuYHzb/jv7D5sQ9AohuGYndghcMFJzwmaB
ICJpLgeHGY3S9XG96w+2d+MbBdshAIx+al25q3MCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBQfjLWhp1y0noHmcQN9cmyDzYXhnjAfBgNVHSMEGDAWgBQH2jOeXNPBvgLO
aAKgQhhWqgtUezAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0I5b3pubHpUd2I0Q3ptZ0NvRUlZVnFvTFZIcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTIvYzYyZTBjLTQ0NTQtNDNjOC05N2JjLTgxNjc0ZDk1M2Q1Ni8x
L0g0eTFvYWRjdEo2QjVuRURmWEpzZzgyRjRaNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTIv
YzYyZTBjLTQ0NTQtNDNjOC05N2JjLTgxNjc0ZDk1M2Q1Ni8xL0I5b3pubHpUd2I0
Q3ptZ0NvRUlZVnFvTFZIcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAyUBoAMEAyX8aAMEArkTJDANBgkq
hkiG9w0BAQsFAAOCAQEAJlqnS4dqPF+CR+4DhlYkq6lEk77ZX3skwJrSFuQVa2/Z
oCQbw2wuoGdBV9ad3D3fDx+3UFxIabGk1JXxuB28eX0ZA6R1VXKT7EFjwl9/hjQQ
MWmvra+OKWRltfzApAy9VBeUi/WJ+WfZifQCPJETydVsq5hiFHbpLxAt4X+3voqU
4wFtSDptzvWusIaybfjKQyPBLu5+okyXwVmOjmXUXffSu+NZMeTk0it7+caPHRa/
+qLZhbourg482AROgpgP+MSx/KOL3eoRgtCpZyjvmdJPmsJwqrG+ZcL2aUpcwtvB
8fZ5Y2dJMT1lwSHpiurFLt3oHzj/jX4V+FzuSwpW1A==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:33 2023 by rpki-client on console-fra.rpki-client.org