Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/c4c861-b327-41f2-820c-4c0a1c33fa8a/1/mQ3S7caaIVBYDkDKat1In-eRGN0.roa
File: mQ3S7caaIVBYDkDKat1In-eRGN0.roa (raw, json)
Hash identifier: HVQ4ifhqHlLN+ueFvkv9J6Y0OBQ8BMQBxJnvqabwhHk=
Subject key identifier: 99:0D:D2:ED:C6:9A:21:50:58:0E:40:CA:6A:DD:48:9F:E7:91:18:DD
Certificate issuer: /CN=084059a0ca6078a9b75daa66db806ff22c0eaad9
Certificate serial: 011D01
Authority key identifier: 08:40:59:A0:CA:60:78:A9:B7:5D:AA:66:DB:80:6F:F2:2C:0E:AA:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CEBZoMpgeKm3Xapm24Bv8iwOqtk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/c4c861-b327-41f2-820c-4c0a1c33fa8a/1/mQ3S7caaIVBYDkDKat1In-eRGN0.roa
Signing time: Tue 11 Jan 2022 19:07:41 +0000
ROA not before: Tue 11 Jan 2022 19:07:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 36236
IP address blocks: 185.37.38.0/24 maxlen: 24
185.37.39.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 72961 (0x11d01)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=084059a0ca6078a9b75daa66db806ff22c0eaad9
Validity
Not Before: Jan 11 19:07:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=990dd2edc69a2150580e40ca6add489fe79118dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:21:d5:9a:86:d3:a6:ba:d9:0a:ff:5a:2f:47:
f7:18:35:88:ad:3e:6e:1e:c6:fa:fb:17:f5:3b:ef:
2b:12:2c:c1:24:25:3e:45:54:3e:7d:fa:46:64:0c:
a5:d1:11:0a:c0:9c:d0:90:56:1f:7f:59:4f:8b:73:
45:ad:4f:87:58:b8:68:d3:54:70:1a:e7:8c:67:ea:
59:68:a6:d7:8d:86:0b:65:e3:23:e9:27:34:89:65:
dd:84:6a:15:87:79:0f:ed:fd:04:7a:f1:fa:84:42:
63:3f:15:0f:b1:4f:1d:05:04:75:f7:0f:dd:0f:46:
ce:fe:1b:5d:5b:74:6e:59:64:13:ed:86:d7:8b:cc:
66:0f:f6:5d:d3:00:6b:e8:23:67:c8:60:fc:12:98:
79:84:bf:07:c8:ca:47:a7:98:15:a5:9d:59:fd:f0:
5f:75:38:95:95:e3:65:ff:ca:57:28:fd:81:09:1b:
e2:b3:4a:25:60:75:a8:c1:dd:ba:c5:74:49:3c:c2:
e2:cd:56:8e:96:09:59:ef:06:74:a4:95:36:66:df:
be:ad:57:93:c4:bc:e1:c7:7d:32:08:50:f1:cf:19:
af:cb:2f:7c:8e:3f:f7:7b:d8:96:7f:10:5f:1a:40:
85:76:c7:a0:6f:d7:01:b1:bd:bb:4b:23:20:05:8f:
b9:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:0D:D2:ED:C6:9A:21:50:58:0E:40:CA:6A:DD:48:9F:E7:91:18:DD
X509v3 Authority Key Identifier:
keyid:08:40:59:A0:CA:60:78:A9:B7:5D:AA:66:DB:80:6F:F2:2C:0E:AA:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CEBZoMpgeKm3Xapm24Bv8iwOqtk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/c4c861-b327-41f2-820c-4c0a1c33fa8a/1/mQ3S7caaIVBYDkDKat1In-eRGN0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/c4c861-b327-41f2-820c-4c0a1c33fa8a/1/CEBZoMpgeKm3Xapm24Bv8iwOqtk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.37.38.0/23
Signature Algorithm: sha256WithRSAEncryption
83:d6:f4:c8:d8:e3:a2:fd:32:2a:b0:64:62:3d:66:a7:d9:b7:
49:e0:5e:36:1c:6a:c6:33:f7:f5:a7:fd:69:18:96:4b:f6:84:
a3:d9:04:b1:fe:4d:88:90:5a:42:d5:e5:df:00:3e:6a:4c:f0:
dc:e7:43:02:0c:9e:c7:73:af:2f:6c:bb:91:32:e7:46:b4:7b:
bb:db:1b:0f:ab:be:d9:2b:f9:ab:7a:de:99:ed:d0:f3:c3:15:
e0:23:67:41:60:da:bb:b9:65:5c:f8:75:3e:9a:cb:54:af:5d:
e1:ae:ba:58:2f:6e:86:cb:f3:dd:8f:83:4c:b4:a5:23:73:51:
07:b2:80:03:03:9b:dd:3f:35:d0:e0:19:cc:23:ca:8b:ca:67:
ea:25:68:4f:b4:bc:5b:de:cf:c1:32:2a:d1:29:b6:7b:20:30:
41:46:0d:d5:0d:58:7c:fd:23:95:f7:53:61:9e:d2:b7:08:4f:
91:59:55:d8:95:54:49:ae:21:6c:de:55:b0:42:5f:1e:c3:2e:
42:17:21:5c:69:ff:17:ac:0c:06:79:04:11:4b:0f:28:cb:49:
7b:7a:38:28:33:53:97:b5:21:73:1f:6e:50:0d:d4:9d:2b:78:
09:15:ad:f9:9e:99:66:c4:fa:34:88:8d:6a:9d:64:7b:13:9f:
7a:59:be:91
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDAR0BMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDA4
NDA1OWEwY2E2MDc4YTliNzVkYWE2NmRiODA2ZmYyMmMwZWFhZDkwHhcNMjIwMTEx
MTkwNzQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg5OTBkZDJlZGM2OWEy
MTUwNTgwZTQwY2E2YWRkNDg5ZmU3OTExOGRkMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAtSHVmobTprrZCv9aL0f3GDWIrT5uHsb6+xf1O+8rEizBJCU+
RVQ+ffpGZAyl0REKwJzQkFYff1lPi3NFrU+HWLho01RwGueMZ+pZaKbXjYYLZeMj
6Sc0iWXdhGoVh3kP7f0EevH6hEJjPxUPsU8dBQR19w/dD0bO/htdW3RuWWQT7YbX
i8xmD/Zd0wBr6CNnyGD8Eph5hL8HyMpHp5gVpZ1Z/fBfdTiVleNl/8pXKP2BCRvi
s0olYHWowd26xXRJPMLizVaOlglZ7wZ0pJU2Zt++rVeTxLzhx30yCFDxzxmvyy98
jj/3e9iWfxBfGkCFdsegb9cBsb27SyMgBY+5swIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFJkN0u3GmiFQWA5AymrdSJ/nkRjdMB8GA1UdIwQYMBaAFAhAWaDKYHipt12q
ZtuAb/IsDqrZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
Q0VCWm9NcGdlS20zWGFwbTI0QnY4aXdPcXRrLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jOC9jNGM4NjEtYjMyNy00MWYyLTgyMGMtNGMwYTFjMzNmYThhLzEv
bVEzUzdjYWFJVkJZRGtES2F0MUluLWVSR04wLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9j
NGM4NjEtYjMyNy00MWYyLTgyMGMtNGMwYTFjMzNmYThhLzEvQ0VCWm9NcGdlS20z
WGFwbTI0QnY4aXdPcXRrLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuSUmMA0GCSqGSIb3DQEBCwUAA4IB
AQCD1vTI2OOi/TIqsGRiPWan2bdJ4F42HGrGM/f1p/1pGJZL9oSj2QSx/k2IkFpC
1eXfAD5qTPDc50MCDJ7Hc68vbLuRMudGtHu72xsPq77ZK/mret6Z7dDzwxXgI2dB
YNq7uWVc+HU+mstUr13hrrpYL26Gy/Pdj4NMtKUjc1EHsoADA5vdPzXQ4BnMI8qL
ymfqJWhPtLxb3s/BMirRKbZ7IDBBRg3VDVh8/SOV91NhntK3CE+RWVXYlVRJriFs
3lWwQl8ewy5CFyFcaf8XrAwGeQQRSw8oy0l7ejgoM1OXtSFzH25QDdSdK3gJFa35
nplmxPo0iI1qnWR7E596Wb6R
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:54 2023 by rpki-client on console-fra.rpki-client.org