Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/4d3b8c-7239-483c-a48c-7d608bee3167/1/KhFJ8vMWLc4UhjLbkZPlVrJUja4.roa
File: KhFJ8vMWLc4UhjLbkZPlVrJUja4.roa (raw, json)
Hash identifier: EbqHYswP9pBjtNRrKJQN7c0LV1ydcUpuP3AcuaD+jpM=
Subject key identifier: 2A:11:49:F2:F3:16:2D:CE:14:86:32:DB:91:93:E5:56:B2:54:8D:AE
Certificate issuer: /CN=3de4598e21736501a73944c107114c850c7d8b09
Certificate serial: 01851A8497C1D12C811840432741904BCE3B
Authority key identifier: 3D:E4:59:8E:21:73:65:01:A7:39:44:C1:07:11:4C:85:0C:7D:8B:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PeRZjiFzZQGnOUTBBxFMhQx9iwk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/4d3b8c-7239-483c-a48c-7d608bee3167/1/KhFJ8vMWLc4UhjLbkZPlVrJUja4.roa
Signing time: Fri 16 Dec 2022 10:39:35 +0000
ROA not before: Fri 16 Dec 2022 10:39:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 196750
IP address blocks: 37.153.64.0/21 maxlen: 21
37.153.0.0/18 maxlen: 18
2a0e:ba00::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:1a:84:97:c1:d1:2c:81:18:40:43:27:41:90:4b:ce:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3de4598e21736501a73944c107114c850c7d8b09
Validity
Not Before: Dec 16 10:39:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2a1149f2f3162dce148632db9193e556b2548dae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:c8:c4:d4:82:fe:23:1a:dd:9d:ab:ae:43:26:
54:ec:af:18:a8:10:0b:0f:e7:d9:b7:d2:9f:c2:c9:
82:43:1a:57:00:0a:44:bd:d8:3b:64:30:4f:cf:e0:
66:d1:fa:44:1e:2d:f9:81:40:7e:ba:b6:3e:79:ba:
41:a8:ff:3d:fb:f5:1c:bb:6e:5b:4e:39:b5:f6:c6:
bd:9b:4c:b4:b8:71:cf:a9:51:99:f8:2b:2a:d9:2d:
2a:28:4c:97:82:96:9f:44:3b:83:6f:5b:0c:79:99:
4b:3b:72:33:8f:40:9b:07:f2:a0:b3:3b:5c:00:6c:
9c:d6:f2:ed:7a:8e:fa:60:d6:ef:f2:9c:13:7d:73:
47:60:19:cd:30:31:83:55:61:a9:98:be:56:ae:cb:
3a:25:f3:76:e5:c7:12:99:80:e9:6c:54:08:eb:1a:
95:18:c3:48:f0:6d:20:79:35:99:02:30:93:6d:11:
aa:4a:76:fc:48:6f:e2:2f:23:6e:b6:ce:e3:aa:89:
ae:4e:f8:c1:68:69:71:cd:1e:f1:dd:60:db:0f:9f:
12:19:da:ad:d6:6a:bb:06:5f:46:c9:31:de:53:eb:
48:9a:66:a5:15:6b:a7:7e:a9:39:f6:93:ac:1a:fc:
ec:ef:ba:db:54:8c:82:ae:ca:7d:a8:fd:cb:64:e8:
11:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:11:49:F2:F3:16:2D:CE:14:86:32:DB:91:93:E5:56:B2:54:8D:AE
X509v3 Authority Key Identifier:
keyid:3D:E4:59:8E:21:73:65:01:A7:39:44:C1:07:11:4C:85:0C:7D:8B:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PeRZjiFzZQGnOUTBBxFMhQx9iwk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/4d3b8c-7239-483c-a48c-7d608bee3167/1/KhFJ8vMWLc4UhjLbkZPlVrJUja4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/4d3b8c-7239-483c-a48c-7d608bee3167/1/PeRZjiFzZQGnOUTBBxFMhQx9iwk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.153.0.0-37.153.71.255
IPv6:
2a0e:ba00::/29
Signature Algorithm: sha256WithRSAEncryption
7c:6a:ae:41:6c:66:f1:a4:aa:04:18:aa:71:7c:43:7e:6a:a8:
d6:e1:8b:9e:20:49:8a:c5:67:37:1f:ad:49:82:dc:fe:ca:92:
2f:3e:47:55:71:fd:3c:92:9a:bf:d1:9a:f5:8e:23:4f:95:1a:
0e:32:42:26:0c:4c:cc:77:f9:5d:02:d5:26:0c:eb:ad:6e:aa:
cf:c7:f4:ea:99:8b:83:1e:87:a0:22:c8:df:40:dd:f8:36:95:
e0:23:98:c2:60:fb:f1:83:3a:9c:c4:28:19:97:1c:06:3c:6c:
8e:e9:4e:64:f5:86:57:13:eb:6f:da:c6:e4:23:eb:bd:99:0e:
a9:eb:03:be:92:d7:e1:32:2f:bf:2d:81:29:31:70:56:8d:b8:
24:4a:8c:0f:5a:13:ab:ac:d1:a0:9b:92:97:03:24:58:4f:03:
ad:58:6a:d8:a4:f8:ea:60:28:c2:2a:cb:3c:33:29:19:ee:23:
bb:06:af:e5:38:71:a8:15:cb:b7:d3:7b:da:4c:e7:a7:03:8b:
63:aa:22:69:6a:92:10:07:df:8c:c9:54:08:36:1a:eb:eb:a3:
40:c1:3a:66:00:65:69:ff:58:3a:e3:84:12:e6:e9:53:93:3c:
bd:89:3b:6d:3e:42:20:d4:18:9e:e6:ad:16:13:11:8b:b6:01:
83:2c:8a:8d
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYUahJfB0SyBGEBDJ0GQS847MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkZTQ1OThlMjE3MzY1MDFhNzM5NDRjMTA3MTE0Yzg1MGM3
ZDhiMDkwHhcNMjIxMjE2MTAzOTM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTExNDlmMmYzMTYyZGNlMTQ4NjMyZGI5MTkzZTU1NmIyNTQ4ZGFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn8jE1IL+IxrdnauuQyZU7K8YqBAL
D+fZt9KfwsmCQxpXAApEvdg7ZDBPz+Bm0fpEHi35gUB+urY+ebpBqP89+/Ucu25b
Tjm19sa9m0y0uHHPqVGZ+Csq2S0qKEyXgpafRDuDb1sMeZlLO3Izj0CbB/Kgsztc
AGyc1vLteo76YNbv8pwTfXNHYBnNMDGDVWGpmL5Wrss6JfN25ccSmYDpbFQI6xqV
GMNI8G0geTWZAjCTbRGqSnb8SG/iLyNuts7jqomuTvjBaGlxzR7x3WDbD58SGdqt
1mq7Bl9GyTHeU+tImmalFWunfqk59pOsGvzs77rbVIyCrsp9qP3LZOgRkQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFCoRSfLzFi3OFIYy25GT5VayVI2uMB8GA1UdIwQY
MBaAFD3kWY4hc2UBpzlEwQcRTIUMfYsJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGVSWmppRnpaUUduT1VUQkJ4Rk1oUXg5aXdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi80ZDNiOGMtNzIzOS00ODNjLWE0OGMt
N2Q2MDhiZWUzMTY3LzEvS2hGSjh2TVdMYzRVaGpMYmtaUGxWckpVamE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi80ZDNiOGMtNzIzOS00ODNjLWE0OGMtN2Q2MDhiZWUzMTY3
LzEvUGVSWmppRnpaUUduT1VUQkJ4Rk1oUXg5aXdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDATBAIAATANMAsDAwAlmQME
AyWZQDANBAIAAjAHAwUDKg66ADANBgkqhkiG9w0BAQsFAAOCAQEAfGquQWxm8aSq
BBiqcXxDfmqo1uGLniBJisVnNx+tSYLc/sqSLz5HVXH9PJKav9Ga9Y4jT5UaDjJC
JgxMzHf5XQLVJgzrrW6qz8f06pmLgx6HoCLI30Dd+DaV4COYwmD78YM6nMQoGZcc
BjxsjulOZPWGVxPrb9rG5CPrvZkOqesDvpLX4TIvvy2BKTFwVo24JEqMD1oTq6zR
oJuSlwMkWE8DrVhq2KT46mAowirLPDMpGe4juwav5ThxqBXLt9N72kznpwOLY6oi
aWqSEAffjMlUCDYa6+ujQME6ZgBlaf9YOuOEEubpU5M8vYk7bT5CINQYnuatFhMR
i7YBgyyKjQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:29:59 2025 by rpki-client