Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/6becb0-18fd-4add-bb41-2e1c0af4faa4/1/Ab6BjVOJyt-Q52bKYULod3W-lg0.roa
File: Ab6BjVOJyt-Q52bKYULod3W-lg0.roa (raw, json)
Hash identifier: Wz/cErGuRXhGgzCiKObcQzX1TdjDLy/2zw5TtPY6z6A=
Subject key identifier: 01:BE:81:8D:53:89:CA:DF:90:E7:66:CA:61:42:E8:77:75:BE:96:0D
Certificate issuer: /CN=0f6363d428b7915c108825f09706004b8ea3d4b5
Certificate serial: 17422EDD
Authority key identifier: 0F:63:63:D4:28:B7:91:5C:10:88:25:F0:97:06:00:4B:8E:A3:D4:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D2Nj1Ci3kVwQiCXwlwYAS46j1LU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/6becb0-18fd-4add-bb41-2e1c0af4faa4/1/Ab6BjVOJyt-Q52bKYULod3W-lg0.roa
Signing time: Mon 27 Jun 2022 10:03:51 +0000
ROA not before: Mon 27 Jun 2022 10:03:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207152
IP address blocks: 37.143.0.0/22 maxlen: 24
37.143.4.0/22 maxlen: 24
46.28.40.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 390213341 (0x17422edd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f6363d428b7915c108825f09706004b8ea3d4b5
Validity
Not Before: Jun 27 10:03:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=01be818d5389cadf90e766ca6142e87775be960d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:67:ab:a6:ee:f9:b2:60:43:c9:9b:53:9d:91:
f4:a1:64:f9:2c:ce:e4:59:bc:c7:09:b2:51:7b:93:
55:a9:3b:85:d2:d7:bb:fe:45:6a:43:00:05:5d:0a:
6e:0d:28:fc:32:85:40:06:4a:96:f9:a8:b5:b5:97:
3c:ac:c1:38:64:25:90:0a:74:74:4b:82:da:b2:28:
14:0b:21:9f:92:15:99:eb:80:42:bc:28:87:31:12:
68:27:9b:06:c2:59:47:bb:ec:cc:4e:af:8d:08:d5:
dd:1f:f4:24:e2:48:9b:9a:2e:e0:0f:3f:70:48:79:
d4:56:cd:fb:1d:9e:9e:01:41:d4:6b:66:fb:cc:67:
22:5a:d6:fb:87:87:2b:36:f0:c5:8b:0a:2b:a7:8a:
a3:ea:30:25:f8:34:2e:31:a3:17:4c:03:34:39:a9:
a1:d4:23:b8:cb:fc:a2:1c:fa:d2:b7:1a:7a:4c:ef:
12:46:e6:b6:a7:df:3e:22:3d:48:1b:4d:03:07:4c:
6f:63:95:ee:35:ed:35:e7:87:bd:3c:ee:96:f8:65:
31:7a:39:53:12:f7:ee:e7:b7:aa:92:a2:6d:24:00:
19:4a:f4:ca:2e:28:f9:dd:12:03:26:0a:38:13:ac:
e4:83:78:30:d4:9f:7e:d9:b0:b6:61:dc:35:76:71:
a4:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:BE:81:8D:53:89:CA:DF:90:E7:66:CA:61:42:E8:77:75:BE:96:0D
X509v3 Authority Key Identifier:
keyid:0F:63:63:D4:28:B7:91:5C:10:88:25:F0:97:06:00:4B:8E:A3:D4:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D2Nj1Ci3kVwQiCXwlwYAS46j1LU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/6becb0-18fd-4add-bb41-2e1c0af4faa4/1/Ab6BjVOJyt-Q52bKYULod3W-lg0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/6becb0-18fd-4add-bb41-2e1c0af4faa4/1/D2Nj1Ci3kVwQiCXwlwYAS46j1LU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.143.0.0/21
46.28.40.0/22
Signature Algorithm: sha256WithRSAEncryption
4b:62:95:4a:35:81:19:5d:d1:a3:7a:46:52:7e:ea:02:63:19:
99:1b:44:11:ab:ec:86:f9:c0:51:26:70:df:50:f3:bd:14:68:
82:a4:f9:58:3c:d3:18:6c:b2:6f:29:71:df:a0:9e:e2:57:72:
e2:bd:9c:fb:40:26:84:08:fa:52:f8:17:38:88:ec:8a:0a:33:
da:3c:5f:db:d1:4e:00:7d:72:19:b8:f4:08:7c:d5:03:a1:12:
a4:f4:5c:52:cd:e4:c8:21:2c:bf:ab:b5:bd:1c:59:0a:89:0f:
b3:4c:30:3f:a0:d2:5c:31:d9:be:95:e3:1f:f0:f8:6c:ee:86:
f0:43:7a:1e:e0:d9:36:57:84:9c:c4:b4:1c:51:e3:ea:68:6d:
06:fb:a0:d7:c1:d5:f6:e5:c2:60:eb:03:d9:0b:d2:0d:65:72:
c0:f6:8c:4f:aa:e4:3b:7e:4d:f4:d7:90:af:9b:b8:28:70:ef:
01:2e:76:45:b5:2f:f7:51:b6:6f:b5:f2:be:71:e6:ba:30:59:
00:75:dd:01:b0:38:37:19:97:26:97:95:de:fb:35:b6:b5:b5:
50:d2:7a:77:39:f5:a2:05:ae:92:b2:cf:b7:8b:f8:95:1f:74:
43:eb:9f:0c:49:22:73:53:21:bf:1e:96:13:58:98:05:44:f8:
37:fa:1d:1f
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEF0Iu3TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
ZjYzNjNkNDI4Yjc5MTVjMTA4ODI1ZjA5NzA2MDA0YjhlYTNkNGI1MB4XDTIyMDYy
NzEwMDM1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDFiZTgxOGQ1Mzg5
Y2FkZjkwZTc2NmNhNjE0MmU4Nzc3NWJlOTYwZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI5nq6bu+bJgQ8mbU52R9KFk+SzO5Fm8xwmyUXuTVak7hdLX
u/5FakMABV0Kbg0o/DKFQAZKlvmotbWXPKzBOGQlkAp0dEuC2rIoFAshn5IVmeuA
QrwohzESaCebBsJZR7vszE6vjQjV3R/0JOJIm5ou4A8/cEh51FbN+x2engFB1Gtm
+8xnIlrW+4eHKzbwxYsKK6eKo+owJfg0LjGjF0wDNDmpodQjuMv8ohz60rcaekzv
EkbmtqffPiI9SBtNAwdMb2OV7jXtNeeHvTzulvhlMXo5UxL37ue3qpKibSQAGUr0
yi4o+d0SAyYKOBOs5IN4MNSfftmwtmHcNXZxpGUCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQBvoGNU4nK35DnZsphQuh3db6WDTAfBgNVHSMEGDAWgBQPY2PUKLeRXBCI
JfCXBgBLjqPUtTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0QyTmoxQ2kza1Z3UWlDWHdsd1lBUzQ2ajFMVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDcvNmJlY2IwLTE4ZmQtNGFkZC1iYjQxLTJlMWMwYWY0ZmFhNC8x
L0FiNkJqVk9KeXQtUTUyYktZVUxvZDNXLWxnMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDcv
NmJlY2IwLTE4ZmQtNGFkZC1iYjQxLTJlMWMwYWY0ZmFhNC8xL0QyTmoxQ2kza1Z3
UWlDWHdsd1lBUzQ2ajFMVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAyWPAAMEAi4cKDANBgkqhkiG9w0B
AQsFAAOCAQEAS2KVSjWBGV3Ro3pGUn7qAmMZmRtEEavshvnAUSZw31DzvRRogqT5
WDzTGGyybylx36Ce4ldy4r2c+0AmhAj6UvgXOIjsigoz2jxf29FOAH1yGbj0CHzV
A6ESpPRcUs3kyCEsv6u1vRxZCokPs0wwP6DSXDHZvpXjH/D4bO6G8EN6HuDZNleE
nMS0HFHj6mhtBvug18HV9uXCYOsD2QvSDWVywPaMT6rkO35N9NeQr5u4KHDvAS52
RbUv91G2b7XyvnHmujBZAHXdAbA4NxmXJpeV3vs1trW1UNJ6dzn1ogWukrLPt4v4
lR90Q+ufDEkic1Mhvx6WE1iYBUT4N/odHw==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:53:01 2025 by rpki-client