Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/e99b35-8cf6-4934-a591-9930f2194a0e/1/MOceNIvVBckLskv94kwBXIqVqT0.roa
File: MOceNIvVBckLskv94kwBXIqVqT0.roa (raw, json)
Hash identifier: KnCc8+MGs8236AK/ECyqcy2y0bcPFLd3zSP0PbR/QLo=
Subject key identifier: 30:E7:1E:34:8B:D5:05:C9:0B:B2:4B:FD:E2:4C:01:5C:8A:95:A9:3D
Certificate issuer: /CN=c41c7221ede3af5ee92e3206af2f18bd010d5dd9
Certificate serial: 05850FD8
Authority key identifier: C4:1C:72:21:ED:E3:AF:5E:E9:2E:32:06:AF:2F:18:BD:01:0D:5D:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xBxyIe3jr17pLjIGry8YvQENXdk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/e99b35-8cf6-4934-a591-9930f2194a0e/1/MOceNIvVBckLskv94kwBXIqVqT0.roa
Signing time: Sat 01 Jan 2022 10:58:08 +0000
ROA not before: Sat 01 Jan 2022 10:58:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 199234
IP address blocks: 37.131.166.0/24 maxlen: 24
37.131.161.0/24 maxlen: 24
37.131.162.0/23 maxlen: 23
37.131.170.0/23 maxlen: 23
37.131.172.0/22 maxlen: 22
2a00:10a0:6::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 92606424 (0x5850fd8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c41c7221ede3af5ee92e3206af2f18bd010d5dd9
Validity
Not Before: Jan 1 10:58:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=30e71e348bd505c90bb24bfde24c015c8a95a93d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:ce:8f:b1:97:0a:fd:05:5e:e8:97:ff:18:6f:
b4:54:77:5c:ed:7a:aa:b8:0a:7f:3d:d5:fb:f1:29:
1c:0e:30:43:32:e8:3f:21:c1:37:db:e0:8f:58:5b:
d7:a3:d3:91:1e:86:74:8a:2b:da:d1:de:40:45:6e:
6a:49:d3:96:2d:40:d7:f0:69:5b:20:5f:97:21:fa:
64:d6:47:77:3f:30:45:d1:65:3e:98:8d:fc:ef:48:
ea:99:0e:3f:ad:31:85:44:70:0b:39:a9:cc:67:09:
3f:60:ab:cb:e1:45:f5:fa:45:bd:b9:5d:e4:1a:98:
5e:b4:a9:bc:7f:c4:41:b8:fa:eb:3c:aa:e4:59:6b:
11:84:16:71:80:6a:cb:4a:b3:07:8b:a8:32:75:53:
62:5e:08:1b:31:68:a3:42:1c:2d:0b:a7:e0:05:75:
da:bc:a8:8f:e3:22:22:cf:ae:50:22:1e:06:14:c0:
b7:12:92:ee:8e:94:b4:ec:f9:9f:2b:20:fd:5e:7e:
fd:6c:91:b6:25:75:5b:f5:99:b7:98:94:2a:f0:26:
71:22:59:e8:d5:53:36:7d:f2:fd:ca:22:49:b9:69:
b2:6c:8d:e0:bc:f1:ea:b9:fb:dc:a2:00:ed:6c:90:
ca:e5:b6:d4:81:e0:62:e8:74:48:0d:45:52:c5:57:
f8:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:E7:1E:34:8B:D5:05:C9:0B:B2:4B:FD:E2:4C:01:5C:8A:95:A9:3D
X509v3 Authority Key Identifier:
keyid:C4:1C:72:21:ED:E3:AF:5E:E9:2E:32:06:AF:2F:18:BD:01:0D:5D:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xBxyIe3jr17pLjIGry8YvQENXdk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/e99b35-8cf6-4934-a591-9930f2194a0e/1/MOceNIvVBckLskv94kwBXIqVqT0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/e99b35-8cf6-4934-a591-9930f2194a0e/1/xBxyIe3jr17pLjIGry8YvQENXdk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.131.161.0-37.131.163.255
37.131.166.0/24
37.131.170.0-37.131.175.255
IPv6:
2a00:10a0:6::/48
Signature Algorithm: sha256WithRSAEncryption
96:d6:ae:3b:a3:45:ce:7a:56:33:af:ee:c0:b4:e8:94:b3:8b:
79:94:72:02:45:cf:e0:5d:9b:71:d4:cf:54:f8:72:27:9e:ab:
f4:e7:1d:53:f5:65:d1:5d:77:95:b1:d8:d3:c7:ea:47:37:5a:
53:47:47:d6:a8:59:34:fb:3c:fc:bf:37:89:71:c0:56:ff:59:
b8:37:5f:24:ea:4e:65:b0:91:71:fd:37:18:b5:31:84:44:ab:
1d:a5:b6:cb:34:e1:f5:87:dc:a7:31:c4:0c:03:ac:06:d9:85:
59:37:99:2d:a6:05:5e:eb:c0:7f:40:d6:71:8d:b0:d4:ab:84:
f4:18:fc:90:a7:78:02:ec:67:eb:d9:0b:4b:26:79:8d:c4:16:
98:a8:a2:41:69:5c:d1:e8:e9:07:58:4f:6d:19:83:4c:00:60:
49:81:a4:8a:6a:db:f1:58:b3:cb:f7:cb:22:57:b7:20:02:61:
48:f9:53:a4:b9:42:d2:c2:45:62:4c:59:ae:a1:9e:6e:e9:9d:
77:b0:0b:82:f9:88:fd:37:1e:24:a6:78:37:a8:fd:9a:ea:ed:
7e:1c:d3:bb:53:5d:90:c3:b0:b8:09:79:43:cd:cd:f4:2d:39:
84:47:d6:a1:99:0e:f6:03:f6:7e:2d:c8:c0:6f:18:d9:7b:00:
73:83:3a:76
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgIEBYUP2DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NDFjNzIyMWVkZTNhZjVlZTkyZTMyMDZhZjJmMThiZDAxMGQ1ZGQ5MB4XDTIyMDEw
MTEwNTgwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzBlNzFlMzQ4YmQ1
MDVjOTBiYjI0YmZkZTI0YzAxNWM4YTk1YTkzZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJrOj7GXCv0FXuiX/xhvtFR3XO16qrgKfz3V+/EpHA4wQzLo
PyHBN9vgj1hb16PTkR6GdIor2tHeQEVuaknTli1A1/BpWyBflyH6ZNZHdz8wRdFl
PpiN/O9I6pkOP60xhURwCzmpzGcJP2Cry+FF9fpFvbld5BqYXrSpvH/EQbj66zyq
5FlrEYQWcYBqy0qzB4uoMnVTYl4IGzFoo0IcLQun4AV12ryoj+MiIs+uUCIeBhTA
txKS7o6UtOz5nysg/V5+/WyRtiV1W/WZt5iUKvAmcSJZ6NVTNn3y/coiSblpsmyN
4Lzx6rn73KIA7WyQyuW21IHgYuh0SA1FUsVX+KcCAwEAAaOCAjYwggIyMB0GA1Ud
DgQWBBQw5x40i9UFyQuyS/3iTAFcipWpPTAfBgNVHSMEGDAWgBTEHHIh7eOvXuku
MgavLxi9AQ1d2TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3hCeHlJZTNqcjE3cExqSUdyeThZdlFFTlhkay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjgvZTk5YjM1LThjZjYtNDkzNC1hNTkxLTk5MzBmMjE5NGEwZS8x
L01PY2VOSXZWQmNrTHNrdjk0a3dCWElxVnFUMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjgv
ZTk5YjM1LThjZjYtNDkzNC1hNTkxLTk5MzBmMjE5NGEwZS8xL3hCeHlJZTNqcjE3
cExqSUdyeThZdlFFTlhkay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBM
BggrBgEFBQcBBwEB/wQ9MDswKAQCAAEwIjAMAwQAJYOhAwQCJYOgAwQAJYOmMAwD
BAElg6oDBAQlg6AwDwQCAAIwCQMHACoAEKAABjANBgkqhkiG9w0BAQsFAAOCAQEA
ltauO6NFznpWM6/uwLTolLOLeZRyAkXP4F2bcdTPVPhyJ56r9OcdU/Vl0V13lbHY
08fqRzdaU0dH1qhZNPs8/L83iXHAVv9ZuDdfJOpOZbCRcf03GLUxhESrHaW2yzTh
9YfcpzHEDAOsBtmFWTeZLaYFXuvAf0DWcY2w1KuE9Bj8kKd4Auxn69kLSyZ5jcQW
mKiiQWlc0ejpB1hPbRmDTABgSYGkimrb8Vizy/fLIle3IAJhSPlTpLlC0sJFYkxZ
rqGebumdd7ALgvmI/TceJKZ4N6j9murtfhzTu1NdkMOwuAl5Q83N9C05hEfWoZkO
9gP2fi3IwG8Y2XsAc4M6dg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:14 2024 by rpki-client on console-fra.rpki-client.org