Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/f23929-7375-41c8-9973-33d728433c11/1/_a5Noi_GaS69giQECGlJN0t9zCw.roa
File: _a5Noi_GaS69giQECGlJN0t9zCw.roa (raw, json)
Hash identifier: iox3Rh8Ux9D2q3vxiX6HVco0/Pz3rvXRHsvJZ6cs3Z8=
Subject key identifier: FD:AE:4D:A2:2F:C6:69:2E:BD:82:24:04:08:69:49:37:4B:7D:CC:2C
Certificate issuer: /CN=aa1dc50a4b526df18e8b0a6565d7b9d58a75d315
Certificate serial: 0B04F21B
Authority key identifier: AA:1D:C5:0A:4B:52:6D:F1:8E:8B:0A:65:65:D7:B9:D5:8A:75:D3:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh3FCktSbfGOiwplZde51Yp10xU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/f23929-7375-41c8-9973-33d728433c11/1/_a5Noi_GaS69giQECGlJN0t9zCw.roa
Signing time: Fri 01 Apr 2022 08:19:44 +0000
ROA not before: Fri 01 Apr 2022 08:19:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31400
IP address blocks: 37.114.96.0/19 maxlen: 24
185.171.204.0/22 maxlen: 22
84.200.0.0/16 maxlen: 24
82.211.0.0/18 maxlen: 24
84.201.0.0/18 maxlen: 24
2001:1608::/32 maxlen: 48
2001:1638::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 184873499 (0xb04f21b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1dc50a4b526df18e8b0a6565d7b9d58a75d315
Validity
Not Before: Apr 1 08:19:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fdae4da22fc6692ebd822404086949374b7dcc2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:ec:7c:da:0b:55:87:0d:d9:d9:3e:6f:93:c2:
e4:c6:a2:a5:3f:f8:5c:72:e8:05:42:b6:73:82:93:
77:a3:43:3e:9e:d9:c0:4c:44:c3:f7:23:c6:20:c5:
28:2b:1b:2c:9b:74:fc:09:e4:4f:56:6d:62:de:2b:
95:1c:2a:15:c9:45:c8:d2:9f:f9:29:13:e5:0d:e9:
a2:86:cf:c8:5c:e0:94:20:68:6c:1f:e5:7a:1c:7a:
43:01:ee:e4:de:a7:c7:29:2d:7d:9c:69:46:22:e0:
e1:95:9b:7f:44:2f:1b:c6:f8:29:c7:18:a1:ae:6c:
6f:6d:30:3e:9e:b8:88:96:b4:1f:5f:45:d5:b4:66:
5c:7f:49:ef:c7:98:37:67:e5:c0:d8:44:99:dc:d6:
71:2d:a6:82:01:3d:16:59:f7:0c:97:5b:14:07:37:
27:98:f5:71:61:12:de:16:ba:ce:c0:03:1e:bc:e7:
5b:22:32:1f:c4:ac:0b:cd:69:c9:01:9b:1d:8b:70:
f6:fe:74:80:27:ab:ff:44:97:49:74:07:4a:7a:a9:
d2:bc:64:99:3c:8b:3d:5f:f0:7f:1a:ca:9a:dd:a9:
18:51:90:ac:c6:73:5b:75:f0:ae:f0:18:c6:68:91:
e1:74:fa:d5:71:c4:19:59:15:71:1b:78:8b:22:05:
d7:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:AE:4D:A2:2F:C6:69:2E:BD:82:24:04:08:69:49:37:4B:7D:CC:2C
X509v3 Authority Key Identifier:
keyid:AA:1D:C5:0A:4B:52:6D:F1:8E:8B:0A:65:65:D7:B9:D5:8A:75:D3:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh3FCktSbfGOiwplZde51Yp10xU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/f23929-7375-41c8-9973-33d728433c11/1/_a5Noi_GaS69giQECGlJN0t9zCw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/f23929-7375-41c8-9973-33d728433c11/1/qh3FCktSbfGOiwplZde51Yp10xU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.114.96.0/19
82.211.0.0/18
84.200.0.0-84.201.63.255
185.171.204.0/22
IPv6:
2001:1608::/32
2001:1638::/32
Signature Algorithm: sha256WithRSAEncryption
bf:46:de:af:1a:c3:5e:1d:b7:08:72:cd:35:cf:ec:9f:b8:f0:
5d:38:01:fc:84:8c:b2:30:07:1c:82:0c:5b:f7:aa:aa:5f:cd:
ef:42:c2:9e:02:23:62:66:6f:35:a3:63:f3:32:3c:b9:f6:83:
ea:61:d0:02:a7:01:b8:ca:01:75:c8:5a:e7:47:f0:1a:f6:8d:
56:a4:9f:c4:22:fa:6d:e2:df:d7:85:e2:83:1e:af:2c:c2:01:
b9:51:dd:db:4f:d2:e6:25:26:e5:b4:c2:24:94:28:fc:62:8a:
67:03:48:12:8d:f3:9f:df:21:f7:31:6f:6d:13:fe:d1:67:cc:
c0:ce:c0:9d:c0:9a:e8:b3:44:19:c9:57:1d:3f:df:0b:30:cd:
30:a8:31:be:5e:d6:f0:d0:0f:5e:9c:57:30:d5:23:74:25:ce:
70:30:8a:4d:13:a8:63:34:9b:98:0b:82:4c:a8:2f:47:58:d5:
a6:df:6b:da:1a:c3:fc:ec:a8:8c:fe:d1:71:df:86:15:98:91:
4f:ce:b9:36:35:84:8e:91:4e:77:c8:48:f6:c9:4b:51:50:c9:
27:84:47:d5:30:4d:30:5b:50:f3:b1:e1:a6:2f:b6:89:d5:c0:
0c:f3:59:ef:af:93:38:22:54:ca:f2:a1:d5:dd:79:ac:35:a0:
d1:6d:46:80
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgIECwTyGzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
YTFkYzUwYTRiNTI2ZGYxOGU4YjBhNjU2NWQ3YjlkNThhNzVkMzE1MB4XDTIyMDQw
MTA4MTk0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmRhZTRkYTIyZmM2
NjkyZWJkODIyNDA0MDg2OTQ5Mzc0YjdkY2MyYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPDsfNoLVYcN2dk+b5PC5MaipT/4XHLoBUK2c4KTd6NDPp7Z
wExEw/cjxiDFKCsbLJt0/AnkT1ZtYt4rlRwqFclFyNKf+SkT5Q3poobPyFzglCBo
bB/lehx6QwHu5N6nxyktfZxpRiLg4ZWbf0QvG8b4KccYoa5sb20wPp64iJa0H19F
1bRmXH9J78eYN2flwNhEmdzWcS2mggE9Fln3DJdbFAc3J5j1cWES3ha6zsADHrzn
WyIyH8SsC81pyQGbHYtw9v50gCer/0SXSXQHSnqp0rxkmTyLPV/wfxrKmt2pGFGQ
rMZzW3XwrvAYxmiR4XT61XHEGVkVcRt4iyIF1z0CAwEAAaOCAjgwggI0MB0GA1Ud
DgQWBBT9rk2iL8ZpLr2CJAQIaUk3S33MLDAfBgNVHSMEGDAWgBSqHcUKS1Jt8Y6L
CmVl17nVinXTFTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3FoM0ZDa3RTYmZHT2l3cGxaZGU1MVlwMTB4VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjMvZjIzOTI5LTczNzUtNDFjOC05OTczLTMzZDcyODQzM2MxMS8x
L19hNU5vaV9HYVM2OWdpUUVDR2xKTjB0OXpDdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjMv
ZjIzOTI5LTczNzUtNDFjOC05OTczLTMzZDcyODQzM2MxMS8xL3FoM0ZDa3RTYmZH
T2l3cGxaZGU1MVlwMTB4VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBO
BggrBgEFBQcBBwEB/wQ/MD0wJQQCAAEwHwMEBSVyYAMEBlLTADALAwMDVMgDBAZU
yQADBAK5q8wwFAQCAAIwDgMFACABFggDBQAgARY4MA0GCSqGSIb3DQEBCwUAA4IB
AQC/Rt6vGsNeHbcIcs01z+yfuPBdOAH8hIyyMAccggxb96qqX83vQsKeAiNiZm81
o2PzMjy59oPqYdACpwG4ygF1yFrnR/Aa9o1WpJ/EIvpt4t/XheKDHq8swgG5Ud3b
T9LmJSbltMIklCj8YopnA0gSjfOf3yH3MW9tE/7RZ8zAzsCdwJros0QZyVcdP98L
MM0wqDG+Xtbw0A9enFcw1SN0Jc5wMIpNE6hjNJuYC4JMqC9HWNWm32vaGsP87KiM
/tFx34YVmJFPzrk2NYSOkU53yEj2yUtRUMknhEfVME0wW1DzseGmL7aJ1cAM81nv
r5M4IlTK8qHV3XmsNaDRbUaA
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:15:03 2025 by rpki-client