Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4d24c7-7477-4f7f-a8b4-9d63795211d3/1/M0ndSjoG2CfoXBpNfP2R0TC_xro.roa
File: M0ndSjoG2CfoXBpNfP2R0TC_xro.roa (raw, json)
Hash identifier: zK2EQbaSu9vbW2V2DKQEXq5enr08hXUzpghPG14n5z8=
Subject key identifier: 33:49:DD:4A:3A:06:D8:27:E8:5C:1A:4D:7C:FD:91:D1:30:BF:C6:BA
Certificate issuer: /CN=2b495fe56f34762026a94035f320f0a90b7a2566
Certificate serial: 0185734392EA5568BD4A939F8ED8EB78E7B1
Authority key identifier: 2B:49:5F:E5:6F:34:76:20:26:A9:40:35:F3:20:F0:A9:0B:7A:25:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K0lf5W80diAmqUA18yDwqQt6JWY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/4d24c7-7477-4f7f-a8b4-9d63795211d3/1/M0ndSjoG2CfoXBpNfP2R0TC_xro.roa
Signing time: Mon 02 Jan 2023 16:14:46 +0000
ROA not before: Mon 02 Jan 2023 16:14:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198612
IP address blocks: 37.208.0.0/19 maxlen: 19
185.166.208.0/22 maxlen: 22
2a00:c640::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:43:92:ea:55:68:bd:4a:93:9f:8e:d8:eb:78:e7:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b495fe56f34762026a94035f320f0a90b7a2566
Validity
Not Before: Jan 2 16:14:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3349dd4a3a06d827e85c1a4d7cfd91d130bfc6ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:bc:15:1d:ee:0d:7a:a4:9f:10:57:6a:cf:c7:
29:4f:33:43:a3:9f:4c:6e:77:ad:df:e4:bc:3b:50:
2a:35:83:6e:e8:15:4b:69:1f:d1:7d:52:eb:21:4c:
78:b0:ce:7c:0a:aa:8f:19:13:87:cf:cf:3f:7e:fa:
8d:4c:5e:04:22:c6:ff:5a:c0:27:64:33:e1:f3:3f:
f4:14:d7:eb:7a:52:d6:a3:2a:95:32:3b:59:d9:b2:
a4:e0:a9:9a:28:04:d0:b5:ec:92:44:92:19:0f:76:
7d:ca:ba:04:61:92:83:66:7f:66:04:56:9c:ab:dd:
52:c0:b9:93:94:4c:bb:b1:98:c5:23:79:53:c3:4e:
30:61:fa:5a:e8:34:6f:de:9d:58:24:17:59:81:d1:
7f:7a:9a:7c:b4:e8:01:0e:88:c3:03:74:63:62:9d:
92:37:76:39:50:7a:4a:6f:25:e1:04:25:a8:be:5f:
61:be:87:6e:4f:60:df:8c:6a:08:51:fd:41:5f:7e:
e1:e7:7a:f4:76:28:d5:f8:16:7b:08:88:b2:8b:35:
ff:44:51:8c:9f:0b:30:e2:7d:5e:48:de:8e:e9:4c:
16:cf:bf:9a:68:75:5e:42:df:52:30:21:ac:b8:dd:
e8:2c:a0:a7:03:4f:7d:86:0d:af:1d:6d:bb:6a:98:
df:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:49:DD:4A:3A:06:D8:27:E8:5C:1A:4D:7C:FD:91:D1:30:BF:C6:BA
X509v3 Authority Key Identifier:
keyid:2B:49:5F:E5:6F:34:76:20:26:A9:40:35:F3:20:F0:A9:0B:7A:25:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K0lf5W80diAmqUA18yDwqQt6JWY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4d24c7-7477-4f7f-a8b4-9d63795211d3/1/M0ndSjoG2CfoXBpNfP2R0TC_xro.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4d24c7-7477-4f7f-a8b4-9d63795211d3/1/K0lf5W80diAmqUA18yDwqQt6JWY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.208.0.0/19
185.166.208.0/22
IPv6:
2a00:c640::/32
Signature Algorithm: sha256WithRSAEncryption
45:4f:e9:0d:45:ee:0d:14:37:e5:3d:d0:08:69:c4:ef:26:9f:
89:40:67:96:21:34:ee:e8:9b:73:46:ce:39:ca:39:06:f2:83:
93:cd:95:e2:3a:d6:33:72:99:aa:d9:d8:22:04:85:00:75:ec:
63:bc:8e:fc:64:5d:03:f7:ed:ff:12:7d:a5:38:fb:81:0b:db:
db:45:38:63:1a:c1:76:87:2e:92:c0:c4:65:8f:89:98:c3:7d:
c0:2a:b1:ec:7c:82:44:63:bb:ba:a7:6a:1d:eb:33:07:9e:a2:
ba:2e:3e:f3:e6:6f:5b:e3:0f:12:82:02:c3:4b:cd:b8:2c:a8:
1f:18:71:7f:94:b1:24:d0:d7:d1:06:2d:a5:9a:b2:84:cc:49:
9f:0e:2b:c5:df:11:6c:a3:9f:43:20:a6:52:44:4a:45:fb:74:
10:8e:fe:a2:58:1f:15:9c:3c:33:57:18:7a:a9:52:18:24:5a:
4e:78:76:a3:20:94:28:f6:21:10:2b:62:62:75:d9:62:7e:2f:
ca:ba:aa:3f:c3:bb:ae:f1:db:ac:9c:6e:6a:7a:c4:98:21:c1:
a1:d9:c5:e9:35:48:ed:38:e0:28:f6:de:de:dd:43:8b:48:4b:
a4:d3:b0:9c:9c:c9:75:a0:b4:9e:1b:cf:c9:75:84:67:81:36:
6f:c6:23:53
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVzQ5LqVWi9SpOfjtjreOexMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiNDk1ZmU1NmYzNDc2MjAyNmE5NDAzNWYzMjBmMGE5MGI3
YTI1NjYwHhcNMjMwMTAyMTYxNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzQ5ZGQ0YTNhMDZkODI3ZTg1YzFhNGQ3Y2ZkOTFkMTMwYmZjNmJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo7wVHe4NeqSfEFdqz8cpTzNDo59M
bnet3+S8O1AqNYNu6BVLaR/RfVLrIUx4sM58CqqPGROHz88/fvqNTF4EIsb/WsAn
ZDPh8z/0FNfrelLWoyqVMjtZ2bKk4KmaKATQteySRJIZD3Z9yroEYZKDZn9mBFac
q91SwLmTlEy7sZjFI3lTw04wYfpa6DRv3p1YJBdZgdF/epp8tOgBDojDA3RjYp2S
N3Y5UHpKbyXhBCWovl9hvoduT2DfjGoIUf1BX37h53r0dijV+BZ7CIiyizX/RFGM
nwsw4n1eSN6O6UwWz7+aaHVeQt9SMCGsuN3oLKCnA099hg2vHW27apjfvQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFDNJ3Uo6Btgn6FwaTXz9kdEwv8a6MB8GA1UdIwQY
MBaAFCtJX+VvNHYgJqlANfMg8KkLeiVmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzBsZjVXODBkaUFtcVVBMTh5RHdxUXQ2SldZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80ZDI0YzctNzQ3Ny00ZjdmLWE4YjQt
OWQ2Mzc5NTIxMWQzLzEvTTBuZFNqb0cyQ2ZvWEJwTmZQMlIwVENfeHJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80ZDI0YzctNzQ3Ny00ZjdmLWE4YjQtOWQ2Mzc5NTIxMWQz
LzEvSzBsZjVXODBkaUFtcVVBMTh5RHdxUXQ2SldZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQFJdAAAwQC
uabQMA0EAgACMAcDBQAqAMZAMA0GCSqGSIb3DQEBCwUAA4IBAQBFT+kNRe4NFDfl
PdAIacTvJp+JQGeWITTu6JtzRs45yjkG8oOTzZXiOtYzcpmq2dgiBIUAdexjvI78
ZF0D9+3/En2lOPuBC9vbRThjGsF2hy6SwMRlj4mYw33AKrHsfIJEY7u6p2od6zMH
nqK6Lj7z5m9b4w8SggLDS824LKgfGHF/lLEk0NfRBi2lmrKEzEmfDivF3xFso59D
IKZSREpF+3QQjv6iWB8VnDwzVxh6qVIYJFpOeHajIJQo9iEQK2Jiddlifi/Kuqo/
w7uu8dusnG5qesSYIcGh2cXpNUjtOOAo9t7e3UOLSEuk07CcnMl1oLSeG8/JdYRn
gTZvxiNT
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:46:25 2025 by rpki-client