Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/690357-dfbe-4d86-afd6-9164e352a83c/1/crATpZaTN0GAtTFOn_hG1BMM01A.roa
File: crATpZaTN0GAtTFOn_hG1BMM01A.roa (raw, json)
Hash identifier: 8IaOJQP/cD1+NUbmZLlZLW3Ve+PuTMPg+QGJa79aQo4=
Subject key identifier: 72:B0:13:A5:96:93:37:41:80:B5:31:4E:9F:F8:46:D4:13:0C:D3:50
Certificate issuer: /CN=e29b9ac2ef631b92e82f595d73e4792c816ec6e6
Certificate serial: 0182C47EB9FCB9A05F5CCA890AFCAB8AE652
Authority key identifier: E2:9B:9A:C2:EF:63:1B:92:E8:2F:59:5D:73:E4:79:2C:81:6E:C6:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4puawu9jG5LoL1ldc-R5LIFuxuY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/690357-dfbe-4d86-afd6-9164e352a83c/1/crATpZaTN0GAtTFOn_hG1BMM01A.roa
Signing time: Mon 22 Aug 2022 07:40:15 +0000
ROA not before: Mon 22 Aug 2022 07:40:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 196818
IP address blocks: 217.73.240.0/23 maxlen: 23
217.73.244.0/22 maxlen: 22
217.73.240.0/20 maxlen: 20
217.73.242.0/23 maxlen: 23
217.73.248.0/21 maxlen: 21
37.202.32.0/21 maxlen: 21
37.202.40.0/23 maxlen: 23
37.202.42.0/23 maxlen: 23
37.202.46.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:c4:7e:b9:fc:b9:a0:5f:5c:ca:89:0a:fc:ab:8a:e6:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e29b9ac2ef631b92e82f595d73e4792c816ec6e6
Validity
Not Before: Aug 22 07:40:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=72b013a59693374180b5314e9ff846d4130cd350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:6c:ee:d2:be:fc:4b:9c:a7:15:d5:dd:34:f6:
4f:7a:e2:6f:85:3f:1f:0c:13:e6:52:98:84:90:03:
96:be:04:a4:c0:ca:9d:cb:34:9c:82:e2:c9:4a:df:
17:39:ff:b4:06:2c:10:93:d2:ed:9e:64:5d:24:cb:
f3:a7:89:8e:1d:2f:b7:63:23:6a:7e:a7:5e:52:b7:
0a:b9:1d:2c:0a:21:98:24:ab:25:05:b8:d0:ed:07:
7a:d0:32:ed:cc:f8:fe:27:9b:96:2b:d7:8e:91:13:
02:57:0a:43:47:9f:95:06:f5:f2:d2:03:40:ee:84:
60:cf:e5:5a:80:c2:09:b3:7e:f1:d1:eb:0d:c4:37:
27:52:f5:18:0a:ed:5b:4d:1f:00:38:92:52:86:ed:
b2:a5:de:56:99:84:e9:c0:d4:9c:2c:7d:08:67:f0:
21:2e:9b:d7:40:52:81:86:bc:da:f1:32:f4:10:6f:
51:3f:50:64:f5:6a:34:d8:5c:18:36:38:c1:2e:7c:
41:4c:e8:4d:6d:4c:9c:0a:6c:4f:c8:7c:1c:c8:78:
e2:c4:4f:4d:02:08:a0:09:be:36:2f:4f:a8:7f:76:
58:02:5f:e8:b7:a2:9a:27:d4:5e:e1:8a:a0:24:e0:
31:25:d2:95:0b:b1:aa:e5:b1:f1:42:03:f9:ea:2b:
63:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:B0:13:A5:96:93:37:41:80:B5:31:4E:9F:F8:46:D4:13:0C:D3:50
X509v3 Authority Key Identifier:
keyid:E2:9B:9A:C2:EF:63:1B:92:E8:2F:59:5D:73:E4:79:2C:81:6E:C6:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4puawu9jG5LoL1ldc-R5LIFuxuY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/690357-dfbe-4d86-afd6-9164e352a83c/1/crATpZaTN0GAtTFOn_hG1BMM01A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/690357-dfbe-4d86-afd6-9164e352a83c/1/4puawu9jG5LoL1ldc-R5LIFuxuY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.32.0-37.202.43.255
37.202.46.0/23
217.73.240.0/20
Signature Algorithm: sha256WithRSAEncryption
68:37:29:51:30:cd:c8:8d:e7:61:e7:78:5d:df:aa:25:a3:91:
88:b0:2b:aa:f6:0b:dd:43:72:70:55:aa:a6:00:cf:74:47:a3:
68:50:47:6f:33:3b:b1:b0:fe:51:9c:9e:42:3c:95:10:52:2c:
2e:d9:3d:b1:5c:1d:9a:2f:5a:16:d1:7a:4d:37:2c:2d:5b:e8:
6b:92:27:5e:7c:b8:d7:5b:6f:f1:e5:2d:10:7c:8d:94:1b:5c:
ac:31:4e:74:ac:ea:ab:16:60:4b:1f:9c:73:96:e1:68:1a:c3:
a9:c3:77:af:ac:aa:fa:77:9f:cc:34:50:8c:26:25:c8:b4:70:
ac:a2:c9:3e:51:a1:dd:9a:08:19:40:ba:1d:47:7c:4f:fe:f4:
ff:c5:57:7e:f1:a3:dd:6b:6d:ca:7a:df:60:61:24:b6:d2:eb:
bf:9f:1e:be:7c:e6:c5:49:47:06:61:ce:f3:b2:db:bb:71:6f:
a0:4b:34:82:1c:80:90:d5:cd:88:ad:39:71:fe:eb:e8:8b:26:
5a:e5:19:e4:25:e5:ac:38:9c:04:59:09:96:4a:1f:b0:f5:08:
62:2c:45:11:40:5c:0f:d9:c7:3a:00:5b:fb:0f:b6:89:0b:25:
f1:94:49:9f:2e:3a:9e:78:02:0a:b9:d4:58:95:da:79:9a:37:
84:6c:f2:f7
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYLEfrn8uaBfXMqJCvyriuZSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyOWI5YWMyZWY2MzFiOTJlODJmNTk1ZDczZTQ3OTJjODE2
ZWM2ZTYwHhcNMjIwODIyMDc0MDE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmIwMTNhNTk2OTMzNzQxODBiNTMxNGU5ZmY4NDZkNDEzMGNkMzUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm2zu0r78S5ynFdXdNPZPeuJvhT8f
DBPmUpiEkAOWvgSkwMqdyzScguLJSt8XOf+0BiwQk9LtnmRdJMvzp4mOHS+3YyNq
fqdeUrcKuR0sCiGYJKslBbjQ7Qd60DLtzPj+J5uWK9eOkRMCVwpDR5+VBvXy0gNA
7oRgz+VagMIJs37x0esNxDcnUvUYCu1bTR8AOJJShu2ypd5WmYTpwNScLH0IZ/Ah
LpvXQFKBhrza8TL0EG9RP1Bk9Wo02FwYNjjBLnxBTOhNbUycCmxPyHwcyHjixE9N
AgigCb42L0+of3ZYAl/ot6KaJ9Re4YqgJOAxJdKVC7Gq5bHxQgP56itjQQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFHKwE6WWkzdBgLUxTp/4RtQTDNNQMB8GA1UdIwQY
MBaAFOKbmsLvYxuS6C9ZXXPkeSyBbsbmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHB1YXd1OWpHNUxvTDFsZGMtUjVMSUZ1eHVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi82OTAzNTctZGZiZS00ZDg2LWFmZDYt
OTE2NGUzNTJhODNjLzEvY3JBVHBaYVROMEdBdFRGT25faEcxQk1NMDFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi82OTAzNTctZGZiZS00ZDg2LWFmZDYtOTE2NGUzNTJhODNj
LzEvNHB1YXd1OWpHNUxvTDFsZGMtUjVMSUZ1eHVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAUlyiAD
BAIlyigDBAElyi4DBATZSfAwDQYJKoZIhvcNAQELBQADggEBAGg3KVEwzciN52Hn
eF3fqiWjkYiwK6r2C91DcnBVqqYAz3RHo2hQR28zO7Gw/lGcnkI8lRBSLC7ZPbFc
HZovWhbRek03LC1b6GuSJ158uNdbb/HlLRB8jZQbXKwxTnSs6qsWYEsfnHOW4Wga
w6nDd6+sqvp3n8w0UIwmJci0cKyiyT5Rod2aCBlAuh1HfE/+9P/FV37xo91rbcp6
32BhJLbS67+fHr585sVJRwZhzvOy27txb6BLNIIcgJDVzYitOXH+6+iLJlrlGeQl
5aw4nARZCZZKH7D1CGIsRRFAXA/ZxzoAW/sPtokLJfGUSZ8uOp54Agq51FiV2nma
N4Rs8vc=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:23:22 2025 by rpki-client