Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/9151c0-3326-4801-9363-c7d19930d66d/1/1OTQ0fFK5Cc2FZAcqwpVV3f3UKc.roa
File: 1OTQ0fFK5Cc2FZAcqwpVV3f3UKc.roa (raw, json)
Hash identifier: MoNhE0itjBGtkV/wReJRpCzaimLsubPpbBnYA0Ro6P4=
Subject key identifier: D4:E4:D0:D1:F1:4A:E4:27:36:15:90:1C:AB:0A:55:57:77:F7:50:A7
Certificate issuer: /CN=b4e82ba1715d6aeae5b0102725ffe0c834735d7d
Certificate serial: 01856F799DA3531954214C1D836FF9054320
Authority key identifier: B4:E8:2B:A1:71:5D:6A:EA:E5:B0:10:27:25:FF:E0:C8:34:73:5D:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tOgroXFdaurlsBAnJf_gyDRzXX0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/9151c0-3326-4801-9363-c7d19930d66d/1/1OTQ0fFK5Cc2FZAcqwpVV3f3UKc.roa
Signing time: Sun 01 Jan 2023 22:35:19 +0000
ROA not before: Sun 01 Jan 2023 22:35:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200154
IP address blocks: 37.32.79.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:79:9d:a3:53:19:54:21:4c:1d:83:6f:f9:05:43:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4e82ba1715d6aeae5b0102725ffe0c834735d7d
Validity
Not Before: Jan 1 22:35:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d4e4d0d1f14ae4273615901cab0a555777f750a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:70:94:ca:b3:56:ee:69:a4:c4:20:18:85:f8:
42:53:9c:fa:45:08:c7:a9:d8:8a:13:8f:45:ad:e1:
85:7f:d8:53:87:91:3c:a2:47:ce:a8:a8:bb:55:d3:
93:b8:3a:72:1d:c1:63:78:35:bf:b8:85:1b:5b:a8:
49:66:17:db:d3:b7:ed:aa:2c:83:62:2e:ea:7c:23:
82:4b:3b:ae:33:17:a2:45:5b:fa:58:bf:b8:e5:39:
44:40:b9:18:18:00:a6:29:5b:4b:0e:13:1b:11:b8:
fb:59:92:d0:4c:fb:77:63:42:13:a2:c2:5f:9c:8b:
b3:27:ad:dc:45:98:eb:b5:d6:7d:ac:3a:ef:08:95:
1e:e2:9f:c1:13:60:43:45:e9:9f:7e:7e:37:70:c1:
ef:8c:d2:88:3e:56:3d:65:d7:a4:a9:2d:42:e6:b3:
5c:54:34:b7:44:33:e5:b0:53:3d:4b:d9:6e:a4:9d:
ad:8a:5c:22:71:fd:44:99:74:fb:df:06:2c:9c:f3:
c8:83:60:08:e8:30:cc:76:32:c1:52:f8:2a:36:65:
7d:3c:b3:74:6e:6d:23:43:dd:60:ce:53:a2:fe:eb:
66:a4:73:65:55:18:aa:2a:69:20:41:9e:9e:db:45:
95:3c:a9:e3:62:3d:a6:9e:ee:24:26:cf:cf:97:fc:
6f:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:E4:D0:D1:F1:4A:E4:27:36:15:90:1C:AB:0A:55:57:77:F7:50:A7
X509v3 Authority Key Identifier:
keyid:B4:E8:2B:A1:71:5D:6A:EA:E5:B0:10:27:25:FF:E0:C8:34:73:5D:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tOgroXFdaurlsBAnJf_gyDRzXX0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/9151c0-3326-4801-9363-c7d19930d66d/1/1OTQ0fFK5Cc2FZAcqwpVV3f3UKc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/9151c0-3326-4801-9363-c7d19930d66d/1/tOgroXFdaurlsBAnJf_gyDRzXX0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.32.79.0/24
Signature Algorithm: sha256WithRSAEncryption
82:9f:83:59:be:ca:4c:44:74:e5:7f:78:64:42:63:3f:c9:36:
d3:62:5e:ed:ea:b4:91:d0:89:58:21:b2:9a:2a:4a:f5:54:c3:
55:c8:aa:93:66:73:da:a0:86:72:b8:8f:64:ee:49:11:d0:27:
62:d5:92:e6:a6:06:29:aa:d2:bd:90:55:d2:a8:10:92:84:23:
d6:72:1b:75:75:f6:18:d9:a5:6d:e3:5c:d1:0b:62:08:75:de:
30:69:c6:de:33:e9:2c:8f:7e:41:46:01:b9:13:61:46:3e:6c:
ab:df:ef:d2:99:24:80:dc:00:24:05:af:a6:e2:bb:e7:73:a1:
6c:9a:5a:55:76:4f:4a:cb:9e:c8:02:85:e6:d2:87:bd:d9:9f:
b9:6d:ba:06:f7:8d:ad:9d:f1:21:fb:a7:90:37:e9:b2:78:ef:
a8:77:12:bc:ab:62:c9:8e:53:6b:c8:07:67:00:2e:7e:cc:64:
00:e0:42:4a:27:9c:de:50:9a:3c:e8:7f:94:9e:40:e9:17:68:
da:87:04:b1:04:1b:61:50:ee:e6:1e:c4:4d:d0:58:e5:62:01:
48:ed:3b:7e:4d:b8:1f:94:bb:28:28:87:4e:69:52:cd:29:06:
3e:d5:78:d6:71:99:50:50:75:0f:94:3f:79:4e:3c:4a:99:18:
1f:12:aa:7a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVveZ2jUxlUIUwdg2/5BUMgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0ZTgyYmExNzE1ZDZhZWFlNWIwMTAyNzI1ZmZlMGM4MzQ3
MzVkN2QwHhcNMjMwMTAxMjIzNTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGU0ZDBkMWYxNGFlNDI3MzYxNTkwMWNhYjBhNTU1Nzc3Zjc1MGE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg3CUyrNW7mmkxCAYhfhCU5z6RQjH
qdiKE49FreGFf9hTh5E8okfOqKi7VdOTuDpyHcFjeDW/uIUbW6hJZhfb07ftqiyD
Yi7qfCOCSzuuMxeiRVv6WL+45TlEQLkYGACmKVtLDhMbEbj7WZLQTPt3Y0ITosJf
nIuzJ63cRZjrtdZ9rDrvCJUe4p/BE2BDRemffn43cMHvjNKIPlY9ZdekqS1C5rNc
VDS3RDPlsFM9S9lupJ2tilwicf1EmXT73wYsnPPIg2AI6DDMdjLBUvgqNmV9PLN0
bm0jQ91gzlOi/utmpHNlVRiqKmkgQZ6e20WVPKnjYj2mnu4kJs/Pl/xvtQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNTk0NHxSuQnNhWQHKsKVVd391CnMB8GA1UdIwQY
MBaAFLToK6FxXWrq5bAQJyX/4Mg0c119MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdE9ncm9YRmRhdXJsc0JBbkpmX2d5RFJ6WFgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy85MTUxYzAtMzMyNi00ODAxLTkzNjMt
YzdkMTk5MzBkNjZkLzEvMU9UUTBmRks1Q2MyRlpBY3F3cFZWM2YzVUtjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy85MTUxYzAtMzMyNi00ODAxLTkzNjMtYzdkMTk5MzBkNjZk
LzEvdE9ncm9YRmRhdXJsc0JBbkpmX2d5RFJ6WFgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJSBPMA0G
CSqGSIb3DQEBCwUAA4IBAQCCn4NZvspMRHTlf3hkQmM/yTbTYl7t6rSR0IlYIbKa
Kkr1VMNVyKqTZnPaoIZyuI9k7kkR0Cdi1ZLmpgYpqtK9kFXSqBCShCPWcht1dfYY
2aVt41zRC2IIdd4wacbeM+ksj35BRgG5E2FGPmyr3+/SmSSA3AAkBa+m4rvnc6Fs
mlpVdk9Ky57IAoXm0oe92Z+5bboG942tnfEh+6eQN+myeO+odxK8q2LJjlNryAdn
AC5+zGQA4EJKJ5zeUJo86H+UnkDpF2jahwSxBBthUO7mHsRN0FjlYgFI7Tt+Tbgf
lLsoKIdOaVLNKQY+1XjWcZlQUHUPlD95TjxKmRgfEqp6
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:49:38 2025 by rpki-client