Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/1145d2-b1bd-4a57-a44d-bb6bffe66ff3/1/3Gq1gd2WSLOz7uRDQD3qgCeioWk.roa
File: 3Gq1gd2WSLOz7uRDQD3qgCeioWk.roa (raw, json)
Hash identifier: bc8NIfjOok5YQ4FokCQA3t+YCaFLuhFDxQhgT11wXkI=
Subject key identifier: DC:6A:B5:81:DD:96:48:B3:B3:EE:E4:43:40:3D:EA:80:27:A2:A1:69
Certificate issuer: /CN=27962a33fd2348781ac123a12722a086ee8fba7d
Certificate serial: 01856F1D8F6474D1893ACEB52E9A50ABFA10
Authority key identifier: 27:96:2A:33:FD:23:48:78:1A:C1:23:A1:27:22:A0:86:EE:8F:BA:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J5YqM_0jSHgawSOhJyKghu6Pun0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/1145d2-b1bd-4a57-a44d-bb6bffe66ff3/1/3Gq1gd2WSLOz7uRDQD3qgCeioWk.roa
Signing time: Sun 01 Jan 2023 20:54:46 +0000
ROA not before: Sun 01 Jan 2023 20:54:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58081
IP address blocks: 37.75.240.0/24 maxlen: 24
37.75.241.0/24 maxlen: 24
37.75.242.0/24 maxlen: 24
2a03:49c0::/32 maxlen: 32
2a03:49c0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:1d:8f:64:74:d1:89:3a:ce:b5:2e:9a:50:ab:fa:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27962a33fd2348781ac123a12722a086ee8fba7d
Validity
Not Before: Jan 1 20:54:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dc6ab581dd9648b3b3eee443403dea8027a2a169
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:04:05:b3:63:4d:28:7f:61:e1:5c:21:3e:39:
f2:a8:73:6b:7b:95:01:0d:1e:fd:a4:6d:c8:98:d9:
1a:70:68:f6:7e:18:12:5b:39:9e:db:3a:13:fe:de:
26:04:9c:47:42:6b:77:fe:6b:97:bd:8c:1e:2e:c1:
19:12:b1:db:03:ef:80:e3:d5:ca:7f:c8:d1:8f:69:
95:58:09:d8:2a:a6:fa:8f:03:1d:9f:2c:35:43:53:
f8:af:74:83:2a:04:77:0a:fd:e5:74:d3:6c:c7:02:
bc:65:67:03:f1:4e:61:2a:fc:c6:ef:0c:05:c1:16:
dd:5b:19:d0:5d:04:bf:da:dd:1e:e8:7f:53:e3:7b:
dc:c7:d3:87:90:00:a7:e4:fa:a9:00:55:bf:10:0e:
06:6a:0b:98:0c:20:d1:24:3c:7a:77:b3:02:32:2a:
2d:bb:e4:7d:2e:20:1b:b3:68:9c:f5:0e:5b:be:de:
ee:8d:bd:89:43:29:4c:41:53:53:b5:62:1d:18:6b:
45:12:6c:01:5c:3a:15:8e:f1:63:10:83:70:d9:65:
a6:38:b3:96:cb:f7:5e:58:2d:b9:1c:c6:2b:a3:40:
50:9f:6b:72:c3:a1:0f:c6:df:25:c2:ed:fe:02:7e:
91:59:3b:73:ff:c7:60:c2:72:b3:6d:eb:65:81:0c:
2d:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:6A:B5:81:DD:96:48:B3:B3:EE:E4:43:40:3D:EA:80:27:A2:A1:69
X509v3 Authority Key Identifier:
keyid:27:96:2A:33:FD:23:48:78:1A:C1:23:A1:27:22:A0:86:EE:8F:BA:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J5YqM_0jSHgawSOhJyKghu6Pun0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/1145d2-b1bd-4a57-a44d-bb6bffe66ff3/1/3Gq1gd2WSLOz7uRDQD3qgCeioWk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/1145d2-b1bd-4a57-a44d-bb6bffe66ff3/1/J5YqM_0jSHgawSOhJyKghu6Pun0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.75.240.0-37.75.242.255
IPv6:
2a03:49c0::/32
Signature Algorithm: sha256WithRSAEncryption
82:52:59:b3:ac:a8:03:3f:21:28:14:7c:11:dd:b0:f1:88:57:
3f:fd:fb:91:38:a5:17:52:08:a1:60:4f:33:48:5e:df:03:48:
5c:a4:59:1a:47:75:64:d5:71:8e:77:92:f6:d5:2c:95:0a:85:
c1:d4:0f:c7:33:f5:4d:aa:41:28:eb:e9:68:14:61:c5:37:5e:
0d:95:89:11:3c:29:97:7a:be:2b:ce:6e:eb:e8:18:08:d4:f6:
19:8c:45:cf:2c:db:f4:fb:bc:69:0d:d6:87:d2:9a:65:a1:35:
57:f1:44:82:89:7d:77:61:22:00:bd:df:72:e9:81:c9:61:ba:
f6:1d:77:5f:a0:64:c5:c8:f2:6c:93:0b:92:21:83:3c:d3:1f:
45:b1:f1:0a:34:47:1d:6e:fc:a0:e5:8b:05:35:c5:52:bd:6d:
0f:c1:b7:9a:30:c0:b3:37:ee:a6:8a:f0:4a:42:9d:e5:66:81:
f4:22:1f:b6:86:69:50:82:84:ac:61:0e:07:d0:db:fa:35:68:
4a:cb:9c:98:1b:ac:4b:cf:10:ef:83:c4:d5:83:d4:7f:5d:1c:
fb:94:7c:a2:f6:09:61:62:34:69:22:93:84:a5:b9:d9:d9:ed:
b6:7b:23:c0:77:71:b7:b4:c9:77:98:a6:ea:1c:2c:39:3f:95:
77:af:cf:d4
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVvHY9kdNGJOs61LppQq/oQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3OTYyYTMzZmQyMzQ4NzgxYWMxMjNhMTI3MjJhMDg2ZWU4
ZmJhN2QwHhcNMjMwMTAxMjA1NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzZhYjU4MWRkOTY0OGIzYjNlZWU0NDM0MDNkZWE4MDI3YTJhMTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjQQFs2NNKH9h4VwhPjnyqHNre5UB
DR79pG3ImNkacGj2fhgSWzme2zoT/t4mBJxHQmt3/muXvYweLsEZErHbA++A49XK
f8jRj2mVWAnYKqb6jwMdnyw1Q1P4r3SDKgR3Cv3ldNNsxwK8ZWcD8U5hKvzG7wwF
wRbdWxnQXQS/2t0e6H9T43vcx9OHkACn5PqpAFW/EA4GaguYDCDRJDx6d7MCMiot
u+R9LiAbs2ic9Q5bvt7ujb2JQylMQVNTtWIdGGtFEmwBXDoVjvFjEINw2WWmOLOW
y/deWC25HMYro0BQn2tyw6EPxt8lwu3+An6RWTtz/8dgwnKzbetlgQwtMwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFNxqtYHdlkizs+7kQ0A96oAnoqFpMB8GA1UdIwQY
MBaAFCeWKjP9I0h4GsEjoScioIbuj7p9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjVZcU1fMGpTSGdhd1NPaEp5S2dodTZQdW4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi8xMTQ1ZDItYjFiZC00YTU3LWE0NGQt
YmI2YmZmZTY2ZmYzLzEvM0dxMWdkMldTTE96N3VSRFFEM3FnQ2Vpb1drLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi8xMTQ1ZDItYjFiZC00YTU3LWE0NGQtYmI2YmZmZTY2ZmYz
LzEvSjVZcU1fMGpTSGdhd1NPaEp5S2dodTZQdW4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBAQlS/AD
BAAlS/IwDQQCAAIwBwMFACoDScAwDQYJKoZIhvcNAQELBQADggEBAIJSWbOsqAM/
ISgUfBHdsPGIVz/9+5E4pRdSCKFgTzNIXt8DSFykWRpHdWTVcY53kvbVLJUKhcHU
D8cz9U2qQSjr6WgUYcU3Xg2ViRE8KZd6vivObuvoGAjU9hmMRc8s2/T7vGkN1ofS
mmWhNVfxRIKJfXdhIgC933LpgclhuvYdd1+gZMXI8myTC5IhgzzTH0Wx8Qo0Rx1u
/KDliwU1xVK9bQ/Bt5owwLM37qaK8EpCneVmgfQiH7aGaVCChKxhDgfQ2/o1aErL
nJgbrEvPEO+DxNWD1H9dHPuUfKL2CWFiNGkik4SludnZ7bZ7I8B3cbe0yXeYpuoc
LDk/lXevz9Q=
-----END CERTIFICATE-----
Generated at Sun Apr 20 03:35:40 2025 by rpki-client