Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/f23929-7375-41c8-9973-33d728433c11/1/52GN6n64XMwYUmLYS_OO_Cz6dDw.roa
File: 52GN6n64XMwYUmLYS_OO_Cz6dDw.roa (raw, json)
Hash identifier: e61UDgPG9Mc9pIoHa56erS/ZnMnlyBQgqHWciP68b10=
Subject key identifier: E7:61:8D:EA:7E:B8:5C:CC:18:52:62:D8:4B:F3:8E:FC:2C:FA:74:3C
Certificate issuer: /CN=aa1dc50a4b526df18e8b0a6565d7b9d58a75d315
Certificate serial: 018721BCB141B64A91F3CAEBC719CC87910B
Authority key identifier: AA:1D:C5:0A:4B:52:6D:F1:8E:8B:0A:65:65:D7:B9:D5:8A:75:D3:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh3FCktSbfGOiwplZde51Yp10xU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/f23929-7375-41c8-9973-33d728433c11/1/52GN6n64XMwYUmLYS_OO_Cz6dDw.roa
Signing time: Mon 27 Mar 2023 06:23:46 +0000
ROA not before: Mon 27 Mar 2023 06:23:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31400
IP address blocks: 37.114.96.0/19 maxlen: 24
185.171.204.0/22 maxlen: 32
84.200.0.0/16 maxlen: 32
82.211.0.0/18 maxlen: 24
84.201.0.0/18 maxlen: 32
2001:1608::/32 maxlen: 48
2001:1638::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:21:bc:b1:41:b6:4a:91:f3:ca:eb:c7:19:cc:87:91:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1dc50a4b526df18e8b0a6565d7b9d58a75d315
Validity
Not Before: Mar 27 06:23:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e7618dea7eb85ccc185262d84bf38efc2cfa743c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:71:73:41:05:f4:37:ea:13:9b:07:b3:a2:bc:
1e:f6:8b:f5:f9:20:2e:ac:7d:d0:b6:3c:17:43:c1:
d8:66:fb:91:0e:d2:11:cf:a7:9e:09:22:21:d3:71:
7d:4e:0b:a5:d4:83:bc:aa:8b:25:3f:17:22:c7:e5:
ba:d1:5b:d8:ad:a1:5f:8d:2a:e2:47:ba:73:07:47:
df:57:7f:15:71:2a:59:b8:00:ba:36:c0:c1:45:04:
05:33:65:ec:9e:af:0e:82:f5:94:62:6e:fc:bf:3c:
d0:63:47:3d:b8:ed:b8:49:9f:0b:c9:09:08:b4:a2:
da:5b:93:bf:5d:e8:a8:5c:63:62:da:a3:06:20:19:
ff:b4:7f:a1:bc:0f:1a:f5:3f:cc:bd:4d:10:bd:0f:
d3:9b:48:49:0e:d6:30:72:57:5f:1b:c6:f5:2a:16:
22:8e:b1:33:8b:9f:ea:09:a9:aa:8e:47:28:6e:d8:
37:65:bb:3d:62:96:bc:5a:62:e3:e9:2b:dd:c1:78:
09:a7:65:d4:2c:5b:e5:63:77:ee:fb:ed:96:01:03:
56:b7:93:43:26:51:fa:c3:a2:53:13:6a:a7:45:d2:
f7:57:07:65:7d:56:6c:c7:82:42:c6:b4:4a:fe:24:
7c:fe:17:fe:b0:f4:78:9c:32:66:4e:83:4b:93:02:
9b:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:61:8D:EA:7E:B8:5C:CC:18:52:62:D8:4B:F3:8E:FC:2C:FA:74:3C
X509v3 Authority Key Identifier:
keyid:AA:1D:C5:0A:4B:52:6D:F1:8E:8B:0A:65:65:D7:B9:D5:8A:75:D3:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh3FCktSbfGOiwplZde51Yp10xU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/f23929-7375-41c8-9973-33d728433c11/1/52GN6n64XMwYUmLYS_OO_Cz6dDw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/f23929-7375-41c8-9973-33d728433c11/1/qh3FCktSbfGOiwplZde51Yp10xU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.114.96.0/19
82.211.0.0/18
84.200.0.0-84.201.63.255
185.171.204.0/22
IPv6:
2001:1608::/32
2001:1638::/32
Signature Algorithm: sha256WithRSAEncryption
6c:98:c7:7b:42:5b:c4:ca:0a:b8:9e:37:c6:76:fb:5b:eb:1a:
3c:fb:6b:d3:f6:7f:28:4f:7e:eb:62:4e:9b:9f:d6:e5:b8:9f:
cc:ef:a7:8f:8f:47:3b:87:0d:ce:a7:91:79:7a:02:c2:30:ae:
d3:58:dc:86:a9:cc:52:ee:23:9e:8a:74:b3:91:5f:22:0f:d4:
84:f5:9e:a2:18:60:e6:6b:e6:79:2a:59:93:10:7e:57:de:88:
b8:c1:7e:1c:7e:4c:f8:9a:b2:5f:27:53:8c:19:57:c8:71:0a:
e9:39:c2:00:23:a8:a2:04:5e:34:49:e1:00:b4:5f:c7:2f:16:
de:4c:d0:1d:5d:24:23:37:3d:0e:14:b0:09:d1:dc:f6:b2:4c:
0c:27:10:7b:12:27:6c:82:89:7b:8a:f5:24:29:fd:de:ee:2e:
7f:4f:86:46:95:64:46:fe:53:ef:5d:9b:5a:64:20:22:0e:fa:
fb:d1:f3:cb:84:c7:62:e3:7f:92:92:f6:b9:4d:c3:45:d6:7b:
cb:af:1c:30:4b:80:57:93:43:53:6a:82:1f:8a:df:b6:6a:24:
b4:3c:aa:2b:dc:6b:94:75:e4:21:54:1e:10:c1:81:44:e7:a0:
c7:69:42:21:7f:5b:8d:eb:a6:c6:98:76:24:5d:7d:39:05:a6:
d7:6f:53:bb
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYchvLFBtkqR88rrxxnMh5ELMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWRjNTBhNGI1MjZkZjE4ZThiMGE2NTY1ZDdiOWQ1OGE3
NWQzMTUwHhcNMjMwMzI3MDYyMzQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzYxOGRlYTdlYjg1Y2NjMTg1MjYyZDg0YmYzOGVmYzJjZmE3NDNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlHFzQQX0N+oTmwezorwe9ov1+SAu
rH3QtjwXQ8HYZvuRDtIRz6eeCSIh03F9Tgul1IO8qoslPxcix+W60VvYraFfjSri
R7pzB0ffV38VcSpZuAC6NsDBRQQFM2Xsnq8OgvWUYm78vzzQY0c9uO24SZ8LyQkI
tKLaW5O/XeioXGNi2qMGIBn/tH+hvA8a9T/MvU0QvQ/Tm0hJDtYwcldfG8b1KhYi
jrEzi5/qCamqjkcobtg3Zbs9Ypa8WmLj6SvdwXgJp2XULFvlY3fu++2WAQNWt5ND
JlH6w6JTE2qnRdL3VwdlfVZsx4JCxrRK/iR8/hf+sPR4nDJmToNLkwKb/wIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFOdhjep+uFzMGFJi2Evzjvws+nQ8MB8GA1UdIwQY
MBaAFKodxQpLUm3xjosKZWXXudWKddMVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWgzRkNrdFNiZkdPaXdwbFpkZTUxWXAxMHhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9mMjM5MjktNzM3NS00MWM4LTk5NzMt
MzNkNzI4NDMzYzExLzEvNTJHTjZuNjRYTXdZVW1MWVNfT09fQ3o2ZER3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy9mMjM5MjktNzM3NS00MWM4LTk5NzMtMzNkNzI4NDMzYzEx
LzEvcWgzRkNrdFNiZkdPaXdwbFpkZTUxWXAxMHhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAlBAIAATAfAwQFJXJgAwQG
UtMAMAsDAwNUyAMEBlTJAAMEArmrzDAUBAIAAjAOAwUAIAEWCAMFACABFjgwDQYJ
KoZIhvcNAQELBQADggEBAGyYx3tCW8TKCrieN8Z2+1vrGjz7a9P2fyhPfutiTpuf
1uW4n8zvp4+PRzuHDc6nkXl6AsIwrtNY3IapzFLuI56KdLORXyIP1IT1nqIYYOZr
5nkqWZMQflfeiLjBfhx+TPiasl8nU4wZV8hxCuk5wgAjqKIEXjRJ4QC0X8cvFt5M
0B1dJCM3PQ4UsAnR3PayTAwnEHsSJ2yCiXuK9SQp/d7uLn9PhkaVZEb+U+9dm1pk
ICIO+vvR88uEx2Ljf5KS9rlNw0XWe8uvHDBLgFeTQ1Nqgh+K37ZqJLQ8qivca5R1
5CFUHhDBgUTnoMdpQiF/W43rpsaYdiRdfTkFptdvU7s=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:25:49 2025 by rpki-client