Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/3bf23a-904c-4e4f-9f02-f999e1beb961/1/7tYJOLmVk1-LDXXPdK-LHub2mfQ.roa
File: 7tYJOLmVk1-LDXXPdK-LHub2mfQ.roa (raw, json)
Hash identifier: kdUDHFDvKPdN9s/0yoDfNPntQ2WsXpPznmUYcbaaAoY=
Subject key identifier: EE:D6:09:38:B9:95:93:5F:8B:0D:75:CF:74:AF:8B:1E:E6:F6:99:F4
Certificate issuer: /CN=8d7faa5bb9b3ea40137db86c4072fce158f6a5cf
Certificate serial: 01837438E29382DC1958C6FDF051A4AA9EE1
Authority key identifier: 8D:7F:AA:5B:B9:B3:EA:40:13:7D:B8:6C:40:72:FC:E1:58:F6:A5:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jX-qW7mz6kATfbhsQHL84Vj2pc8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/3bf23a-904c-4e4f-9f02-f999e1beb961/1/7tYJOLmVk1-LDXXPdK-LHub2mfQ.roa
Signing time: Sun 25 Sep 2022 10:37:08 +0000
ROA not before: Sun 25 Sep 2022 10:37:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12897
IP address blocks: 37.16.92.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:74:38:e2:93:82:dc:19:58:c6:fd:f0:51:a4:aa:9e:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d7faa5bb9b3ea40137db86c4072fce158f6a5cf
Validity
Not Before: Sep 25 10:37:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=eed60938b995935f8b0d75cf74af8b1ee6f699f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:dd:2e:83:7c:5b:53:dd:0c:3a:9b:d9:df:45:
3b:dc:1f:f2:97:dd:4c:76:8d:e4:ad:4e:9a:2b:b7:
b8:89:95:be:af:e4:ff:77:7b:b4:88:78:46:04:6e:
26:9e:e9:c0:d7:82:7b:a5:e9:ae:3f:27:a1:7c:e2:
98:b4:0c:c6:cd:78:da:8a:29:ba:c0:74:1f:fd:73:
06:1c:8b:ed:76:54:c3:50:3e:03:36:ff:33:3f:b0:
5b:69:b7:8b:62:fb:2e:84:60:da:14:9c:cb:fa:7d:
a2:61:a9:9a:96:8e:9c:05:65:e4:02:b7:e5:0f:0c:
8e:05:2e:d0:c8:d3:89:c7:c5:fe:ed:81:0c:a4:ae:
ab:88:5c:9e:ad:63:d0:a8:fb:41:c0:56:01:be:84:
7d:27:93:d8:4d:11:75:64:3d:85:8c:01:fe:9f:c2:
5c:57:43:cb:04:ee:c1:11:8a:d9:b7:c3:d2:06:12:
7e:5a:9a:a4:70:0e:20:b6:8c:92:e4:c9:2f:eb:28:
56:12:a8:5a:20:26:cc:bc:34:a7:86:00:ac:e5:4e:
c1:81:6b:44:a8:65:09:8c:e8:3c:65:13:18:80:f2:
6f:67:37:16:4c:43:76:3b:c1:15:2f:dc:cb:77:56:
72:8d:33:00:7e:0d:27:d4:fc:4b:8f:b5:ba:97:9a:
11:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:D6:09:38:B9:95:93:5F:8B:0D:75:CF:74:AF:8B:1E:E6:F6:99:F4
X509v3 Authority Key Identifier:
keyid:8D:7F:AA:5B:B9:B3:EA:40:13:7D:B8:6C:40:72:FC:E1:58:F6:A5:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jX-qW7mz6kATfbhsQHL84Vj2pc8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/3bf23a-904c-4e4f-9f02-f999e1beb961/1/7tYJOLmVk1-LDXXPdK-LHub2mfQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/3bf23a-904c-4e4f-9f02-f999e1beb961/1/jX-qW7mz6kATfbhsQHL84Vj2pc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.16.92.0/22
Signature Algorithm: sha256WithRSAEncryption
4c:89:64:66:57:c2:c5:af:b7:4f:67:76:65:b5:24:2c:c3:f8:
75:81:4b:7b:51:8f:28:91:d2:79:a1:0a:a7:11:64:c4:f1:41:
e6:1c:94:cd:c0:9d:1b:38:b1:f8:e7:6b:68:17:24:62:2d:65:
65:e7:21:24:a7:0b:cb:ed:7f:23:d3:f1:28:ff:a3:8b:a5:66:
6a:be:c1:1e:33:da:c1:d0:a6:17:c2:96:95:1f:ab:ae:c6:54:
f1:9c:72:d3:5b:4a:e8:79:d2:08:8e:50:22:ea:9e:c2:f5:16:
f8:17:5e:29:af:e4:1b:03:d8:95:47:ce:6f:a6:0a:b1:b6:17:
35:b0:72:23:42:d9:2b:69:85:ad:49:26:18:f5:40:5a:52:d6:
34:95:65:bf:52:d6:ad:2c:23:a0:03:a9:69:b9:21:6f:f3:86:
63:c9:38:2c:9f:4a:ea:0f:9c:2d:7b:35:1f:fb:29:40:ce:f8:
a2:2b:7b:3d:4e:2e:af:e6:b3:e1:db:2e:38:7e:ed:24:2c:07:
5e:1e:71:1d:f1:22:42:d8:d0:1c:21:3b:92:7a:59:22:81:5c:
c5:b9:16:77:94:62:b4:62:74:e7:b1:c2:0e:1f:be:d2:3a:65:
3e:60:0d:3a:af:cc:50:26:1e:38:dc:5b:5b:72:55:fb:49:79:
0c:13:14:d6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYN0OOKTgtwZWMb98FGkqp7hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkN2ZhYTViYjliM2VhNDAxMzdkYjg2YzQwNzJmY2UxNThm
NmE1Y2YwHhcNMjIwOTI1MTAzNzA4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZWQ2MDkzOGI5OTU5MzVmOGIwZDc1Y2Y3NGFmOGIxZWU2ZjY5OWY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4N0ug3xbU90MOpvZ30U73B/yl91M
do3krU6aK7e4iZW+r+T/d3u0iHhGBG4mnunA14J7pemuPyehfOKYtAzGzXjaiim6
wHQf/XMGHIvtdlTDUD4DNv8zP7BbabeLYvsuhGDaFJzL+n2iYamalo6cBWXkArfl
DwyOBS7QyNOJx8X+7YEMpK6riFyerWPQqPtBwFYBvoR9J5PYTRF1ZD2FjAH+n8Jc
V0PLBO7BEYrZt8PSBhJ+WpqkcA4gtoyS5Mkv6yhWEqhaICbMvDSnhgCs5U7BgWtE
qGUJjOg8ZRMYgPJvZzcWTEN2O8EVL9zLd1ZyjTMAfg0n1PxLj7W6l5oRkwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO7WCTi5lZNfiw11z3Svix7m9pn0MB8GA1UdIwQY
MBaAFI1/qlu5s+pAE324bEBy/OFY9qXPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalgtcVc3bXo2a0FUZmJoc1FITDg0VmoycGM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi8zYmYyM2EtOTA0Yy00ZTRmLTlmMDIt
Zjk5OWUxYmViOTYxLzEvN3RZSk9MbVZrMS1MRFhYUGRLLUxIdWIybWZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi8zYmYyM2EtOTA0Yy00ZTRmLTlmMDItZjk5OWUxYmViOTYx
LzEvalgtcVc3bXo2a0FUZmJoc1FITDg0VmoycGM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCJRBcMA0G
CSqGSIb3DQEBCwUAA4IBAQBMiWRmV8LFr7dPZ3ZltSQsw/h1gUt7UY8okdJ5oQqn
EWTE8UHmHJTNwJ0bOLH452toFyRiLWVl5yEkpwvL7X8j0/Eo/6OLpWZqvsEeM9rB
0KYXwpaVH6uuxlTxnHLTW0roedIIjlAi6p7C9Rb4F14pr+QbA9iVR85vpgqxthc1
sHIjQtkraYWtSSYY9UBaUtY0lWW/UtatLCOgA6lpuSFv84ZjyTgsn0rqD5wtezUf
+ylAzviiK3s9Ti6v5rPh2y44fu0kLAdeHnEd8SJC2NAcITuSelkigVzFuRZ3lGK0
YnTnscIOH77SOmU+YA06r8xQJh443FtbclX7SXkMExTW
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:18 2023 by rpki-client on console-ams.rpki-client.org