Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/6becb0-18fd-4add-bb41-2e1c0af4faa4/1/1-HAvgcNriwr3mCwrOaQdd3b9iio.roa
File: 1-HAvgcNriwr3mCwrOaQdd3b9iio.roa (raw, json)
Hash identifier: kpivtClXPGUSVaWJ/xPgyhzKgUv9evbp4KGS21inhlI=
Subject key identifier: F8:70:2F:81:C3:6B:8B:0A:F7:98:2C:2B:39:A4:1D:77:76:FD:8A:2A
Certificate issuer: /CN=0f6363d428b7915c108825f09706004b8ea3d4b5
Certificate serial: 0183C74D0554DEFA9515BE720691EF13E8DA
Authority key identifier: 0F:63:63:D4:28:B7:91:5C:10:88:25:F0:97:06:00:4B:8E:A3:D4:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D2Nj1Ci3kVwQiCXwlwYAS46j1LU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/6becb0-18fd-4add-bb41-2e1c0af4faa4/1/1-HAvgcNriwr3mCwrOaQdd3b9iio.roa
Signing time: Tue 11 Oct 2022 13:47:37 +0000
ROA not before: Tue 11 Oct 2022 13:47:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204968
IP address blocks: 37.143.4.0/22 maxlen: 24
37.143.0.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:c7:4d:05:54:de:fa:95:15:be:72:06:91:ef:13:e8:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f6363d428b7915c108825f09706004b8ea3d4b5
Validity
Not Before: Oct 11 13:47:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f8702f81c36b8b0af7982c2b39a41d7776fd8a2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:c7:cf:1f:fb:a5:85:73:82:1b:c9:e9:ea:45:
bb:53:75:a0:3b:44:6c:c1:77:56:ad:d5:b6:d6:10:
bb:fb:85:e0:5e:75:c7:05:a7:b9:e6:0b:f6:62:05:
84:82:bb:0f:0d:93:bd:3c:3e:ed:a0:66:90:7e:cf:
5c:63:54:68:f9:a6:95:2d:38:53:86:5a:c1:bf:f8:
a1:9b:bd:39:a7:ea:9a:68:a2:8a:f9:5b:b1:8c:e8:
60:82:06:e0:c9:6f:f3:d5:e4:81:86:a6:7f:3d:0f:
a3:8b:9a:b2:93:de:41:5a:d6:da:9a:4d:d1:ef:b8:
49:0b:7c:aa:4c:f8:e4:80:79:82:81:18:e1:2b:a5:
1b:a0:3e:15:19:4d:57:27:c1:9c:02:e9:5b:74:9e:
79:fb:9b:87:c3:50:44:c8:fe:ec:e2:68:80:8e:57:
88:14:0b:0b:f8:63:1f:88:2e:49:4f:d4:d4:3d:61:
4f:9f:a1:bd:53:5e:88:27:6c:2e:2f:88:8d:ca:b0:
8f:a4:2b:a9:97:7c:d7:bf:32:08:f3:d1:7b:1d:04:
fd:6c:a8:12:3f:6f:f8:5a:32:6f:c9:9d:c5:9d:0a:
b6:d3:8a:34:d6:42:6a:d3:48:90:2b:36:f9:d8:8c:
ff:6c:30:30:eb:99:21:f9:fc:2e:07:d3:9d:51:ed:
3f:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:70:2F:81:C3:6B:8B:0A:F7:98:2C:2B:39:A4:1D:77:76:FD:8A:2A
X509v3 Authority Key Identifier:
keyid:0F:63:63:D4:28:B7:91:5C:10:88:25:F0:97:06:00:4B:8E:A3:D4:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D2Nj1Ci3kVwQiCXwlwYAS46j1LU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/6becb0-18fd-4add-bb41-2e1c0af4faa4/1/1-HAvgcNriwr3mCwrOaQdd3b9iio.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/6becb0-18fd-4add-bb41-2e1c0af4faa4/1/D2Nj1Ci3kVwQiCXwlwYAS46j1LU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.143.0.0/21
Signature Algorithm: sha256WithRSAEncryption
1d:8a:0b:1b:fc:87:11:4a:da:c6:5c:96:48:ad:60:9a:0b:ae:
17:44:76:ec:b0:08:f7:98:bc:96:4a:ca:c1:c4:b7:a4:a0:7a:
37:17:55:59:b5:72:f8:e1:be:71:4d:99:7f:12:30:9d:75:74:
27:1c:44:ba:2c:32:e6:2b:e0:1a:6a:ce:0a:fa:44:34:47:0b:
40:2a:2a:26:9e:fd:c7:8d:bc:5c:d9:7d:57:af:4d:dc:3f:2f:
72:59:b8:a5:01:69:02:29:e1:56:66:de:31:66:74:7e:ae:fd:
5b:fa:34:b3:5e:d1:63:3b:49:28:ce:8c:f5:f1:5a:3e:4d:46:
c3:d0:3c:86:ad:0b:68:f1:68:fa:6f:ec:c4:cf:cf:42:29:4b:
98:a1:4b:27:c3:4f:f4:a3:52:8f:fe:0f:36:2e:02:4b:11:a5:
9a:70:c4:be:26:1e:d9:92:b2:fd:17:62:6a:5e:3b:c0:2f:2f:
c0:ca:3c:b8:20:60:90:fa:32:98:0a:58:d7:e0:2f:eb:e6:a7:
00:68:5f:77:19:a4:55:3b:a6:06:a9:ef:8c:c9:fb:08:da:14:
6c:7d:0c:f4:64:f4:c4:89:bd:3d:7b:1e:d9:fa:56:fa:93:50:
4e:b2:02:90:c1:44:42:cc:d5:69:13:a7:5c:5c:39:a3:7d:72:
f4:6f:9a:5c
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYPHTQVU3vqVFb5yBpHvE+jaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmNjM2M2Q0MjhiNzkxNWMxMDg4MjVmMDk3MDYwMDRiOGVh
M2Q0YjUwHhcNMjIxMDExMTM0NzM3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODcwMmY4MWMzNmI4YjBhZjc5ODJjMmIzOWE0MWQ3Nzc2ZmQ4YTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnsfPH/ulhXOCG8np6kW7U3WgO0Rs
wXdWrdW21hC7+4XgXnXHBae55gv2YgWEgrsPDZO9PD7toGaQfs9cY1Ro+aaVLThT
hlrBv/ihm705p+qaaKKK+VuxjOhgggbgyW/z1eSBhqZ/PQ+ji5qyk95BWtbamk3R
77hJC3yqTPjkgHmCgRjhK6UboD4VGU1XJ8GcAulbdJ55+5uHw1BEyP7s4miAjleI
FAsL+GMfiC5JT9TUPWFPn6G9U16IJ2wuL4iNyrCPpCupl3zXvzII89F7HQT9bKgS
P2/4WjJvyZ3FnQq204o01kJq00iQKzb52Iz/bDAw65kh+fwuB9OdUe0/UwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPhwL4HDa4sK95gsKzmkHXd2/YoqMB8GA1UdIwQY
MBaAFA9jY9Qot5FcEIgl8JcGAEuOo9S1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDJOajFDaTNrVndRaUNYd2x3WUFTNDZqMUxVLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy82YmVjYjAtMThmZC00YWRkLWJiNDEt
MmUxYzBhZjRmYWE0LzEvMS1IQXZnY05yaXdyM21Dd3JPYVFkZDNiOWlpby5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZDcvNmJlY2IwLTE4ZmQtNGFkZC1iYjQxLTJlMWMwYWY0ZmFh
NC8xL0QyTmoxQ2kza1Z3UWlDWHdsd1lBUzQ2ajFMVS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAyWPADAN
BgkqhkiG9w0BAQsFAAOCAQEAHYoLG/yHEUraxlyWSK1gmguuF0R27LAI95i8lkrK
wcS3pKB6NxdVWbVy+OG+cU2ZfxIwnXV0JxxEuiwy5ivgGmrOCvpENEcLQCoqJp79
x428XNl9V69N3D8vclm4pQFpAinhVmbeMWZ0fq79W/o0s17RYztJKM6M9fFaPk1G
w9A8hq0LaPFo+m/sxM/PQilLmKFLJ8NP9KNSj/4PNi4CSxGlmnDEviYe2ZKy/Rdi
al47wC8vwMo8uCBgkPoymApY1+Av6+anAGhfdxmkVTumBqnvjMn7CNoUbH0M9GT0
xIm9PXse2fpW+pNQTrICkMFEQszVaROnXFw5o31y9G+aXA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:33:48 2025 by rpki-client