Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/f23929-7375-41c8-9973-33d728433c11/1/k_lKHdgtBGGreKRhPKnDnl7AOH4.roa
File: k_lKHdgtBGGreKRhPKnDnl7AOH4.roa (raw, json)
Hash identifier: iC4KtI9vwlL74CNuC+o0l0opLMY5fJ5rf4cpr66VW5c=
Subject key identifier: 93:F9:4A:1D:D8:2D:04:61:AB:78:A4:61:3C:A9:C3:9E:5E:C0:38:7E
Certificate issuer: /CN=aa1dc50a4b526df18e8b0a6565d7b9d58a75d315
Certificate serial: 01856F26E6CC7BB1A953B84F578BC7EFA4E3
Authority key identifier: AA:1D:C5:0A:4B:52:6D:F1:8E:8B:0A:65:65:D7:B9:D5:8A:75:D3:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh3FCktSbfGOiwplZde51Yp10xU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/f23929-7375-41c8-9973-33d728433c11/1/k_lKHdgtBGGreKRhPKnDnl7AOH4.roa
Signing time: Sun 01 Jan 2023 21:04:58 +0000
ROA not before: Sun 01 Jan 2023 21:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62255
IP address blocks: 37.114.96.0/19 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:26:e6:cc:7b:b1:a9:53:b8:4f:57:8b:c7:ef:a4:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1dc50a4b526df18e8b0a6565d7b9d58a75d315
Validity
Not Before: Jan 1 21:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=93f94a1dd82d0461ab78a4613ca9c39e5ec0387e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:19:0e:1c:77:06:c2:67:3c:78:e1:12:ee:3c:
8c:d6:86:73:4a:bc:b5:23:92:8a:1d:14:fe:6c:04:
0b:d6:87:7a:00:7d:b7:0d:f6:8d:c7:a5:6d:89:a4:
1d:58:7e:1c:56:9b:c1:63:a2:30:7c:7a:35:e7:a8:
e2:06:70:7b:10:56:8a:14:f7:23:63:e0:07:7b:3f:
fe:74:0c:e6:80:c8:53:ae:e6:43:49:05:69:91:8d:
fa:60:25:22:30:05:5f:da:d9:1e:b4:83:f4:4e:b7:
c4:81:1e:97:9b:c2:af:ba:f2:6a:c9:1f:d6:2e:43:
c3:b9:bb:06:c9:4c:20:51:56:96:20:5a:b1:0a:d9:
83:a5:01:9c:79:56:7e:ea:3d:99:81:b0:4b:43:b5:
46:76:b5:1e:bf:fa:eb:25:11:34:8a:88:1c:5f:65:
33:64:07:f8:91:3a:ca:a2:3d:90:4c:d6:a8:21:4c:
fb:ac:53:5c:dc:d4:b5:b8:0b:97:64:f8:05:69:1c:
8e:75:af:53:b2:85:2a:36:ec:94:cd:94:d3:30:23:
37:07:f0:65:23:38:00:a2:c3:3c:63:69:b9:2c:18:
e4:04:95:5b:74:62:1a:da:ff:5a:da:d2:d5:7c:19:
e9:f4:f2:9c:77:0c:50:fb:35:f3:c8:d3:c9:3c:d9:
b6:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:F9:4A:1D:D8:2D:04:61:AB:78:A4:61:3C:A9:C3:9E:5E:C0:38:7E
X509v3 Authority Key Identifier:
keyid:AA:1D:C5:0A:4B:52:6D:F1:8E:8B:0A:65:65:D7:B9:D5:8A:75:D3:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh3FCktSbfGOiwplZde51Yp10xU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/f23929-7375-41c8-9973-33d728433c11/1/k_lKHdgtBGGreKRhPKnDnl7AOH4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/f23929-7375-41c8-9973-33d728433c11/1/qh3FCktSbfGOiwplZde51Yp10xU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.114.96.0/19
Signature Algorithm: sha256WithRSAEncryption
2c:c2:02:d4:72:77:36:19:22:b9:54:1d:cb:3b:0b:6a:05:3f:
d8:46:20:a2:c8:d8:56:ef:b6:c3:5d:d4:42:43:27:3a:23:74:
d1:01:34:98:9d:53:d9:1b:84:fc:19:76:06:e5:25:7e:94:fa:
d0:1a:90:0a:ab:42:e8:d3:a2:4c:50:6a:fe:3a:ce:a5:e5:af:
6d:41:ca:35:d5:2b:4d:02:1d:8c:52:12:74:75:84:5d:d6:6a:
e0:8e:cf:fc:b6:35:1c:b8:5a:fc:41:0d:53:36:0d:f5:88:ff:
83:ce:21:bd:8b:76:71:d2:9b:60:6a:aa:64:ca:cb:58:97:5b:
36:78:6f:f4:77:b6:60:16:47:f3:93:80:be:74:bb:05:e7:0c:
e0:37:cf:35:dd:04:58:4e:d4:8c:ac:70:2e:c1:94:01:fc:ab:
56:ec:85:c9:13:dc:a7:bc:90:5d:49:d6:6e:58:d2:21:58:10:
60:36:75:ae:0c:e3:9a:57:d4:94:f2:14:37:83:bd:a4:17:0b:
dc:0a:a5:27:81:ee:63:b5:de:33:e6:12:ff:46:76:53:fc:55:
fe:61:e3:3d:3a:3e:84:84:79:38:48:8c:e1:4a:23:c9:c5:0b:
53:f8:26:a7:ef:16:6c:c0:99:85:49:b0:0a:7c:6b:64:e3:d7:
43:fb:cb:21
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvJubMe7GpU7hPV4vH76TjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWRjNTBhNGI1MjZkZjE4ZThiMGE2NTY1ZDdiOWQ1OGE3
NWQzMTUwHhcNMjMwMTAxMjEwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5M2Y5NGExZGQ4MmQwNDYxYWI3OGE0NjEzY2E5YzM5ZTVlYzAzODdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAthkOHHcGwmc8eOES7jyM1oZzSry1
I5KKHRT+bAQL1od6AH23DfaNx6VtiaQdWH4cVpvBY6IwfHo156jiBnB7EFaKFPcj
Y+AHez/+dAzmgMhTruZDSQVpkY36YCUiMAVf2tketIP0TrfEgR6Xm8KvuvJqyR/W
LkPDubsGyUwgUVaWIFqxCtmDpQGceVZ+6j2ZgbBLQ7VGdrUev/rrJRE0iogcX2Uz
ZAf4kTrKoj2QTNaoIUz7rFNc3NS1uAuXZPgFaRyOda9TsoUqNuyUzZTTMCM3B/Bl
IzgAosM8Y2m5LBjkBJVbdGIa2v9a2tLVfBnp9PKcdwxQ+zXzyNPJPNm2mQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJP5Sh3YLQRhq3ikYTypw55ewDh+MB8GA1UdIwQY
MBaAFKodxQpLUm3xjosKZWXXudWKddMVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWgzRkNrdFNiZkdPaXdwbFpkZTUxWXAxMHhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9mMjM5MjktNzM3NS00MWM4LTk5NzMt
MzNkNzI4NDMzYzExLzEva19sS0hkZ3RCR0dyZUtSaFBLbkRubDdBT0g0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy9mMjM5MjktNzM3NS00MWM4LTk5NzMtMzNkNzI4NDMzYzEx
LzEvcWgzRkNrdFNiZkdPaXdwbFpkZTUxWXAxMHhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFJXJgMA0G
CSqGSIb3DQEBCwUAA4IBAQAswgLUcnc2GSK5VB3LOwtqBT/YRiCiyNhW77bDXdRC
Qyc6I3TRATSYnVPZG4T8GXYG5SV+lPrQGpAKq0Lo06JMUGr+Os6l5a9tQco11StN
Ah2MUhJ0dYRd1mrgjs/8tjUcuFr8QQ1TNg31iP+DziG9i3Zx0ptgaqpkystYl1s2
eG/0d7ZgFkfzk4C+dLsF5wzgN8813QRYTtSMrHAuwZQB/KtW7IXJE9ynvJBdSdZu
WNIhWBBgNnWuDOOaV9SU8hQ3g72kFwvcCqUnge5jtd4z5hL/RnZT/FX+YeM9Oj6E
hHk4SIzhSiPJxQtT+Can7xZswJmFSbAKfGtk49dD+8sh
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:12:38 2025 by rpki-client