Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/6becb0-18fd-4add-bb41-2e1c0af4faa4/1/IuQNahPyGrqQBjpUwvno-KVIZtw.roa
File: IuQNahPyGrqQBjpUwvno-KVIZtw.roa (raw, json)
Hash identifier: bGAn45wpyA7u/1+TmQaksIOtM1muIzaYpc6fsCFpay0=
Subject key identifier: 22:E4:0D:6A:13:F2:1A:BA:90:06:3A:54:C2:F9:E8:F8:A5:48:66:DC
Certificate issuer: /CN=0f6363d428b7915c108825f09706004b8ea3d4b5
Certificate serial: 0185810EB2A1A87A0EA1C63F55A24B7B42C8
Authority key identifier: 0F:63:63:D4:28:B7:91:5C:10:88:25:F0:97:06:00:4B:8E:A3:D4:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D2Nj1Ci3kVwQiCXwlwYAS46j1LU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/6becb0-18fd-4add-bb41-2e1c0af4faa4/1/IuQNahPyGrqQBjpUwvno-KVIZtw.roa
Signing time: Thu 05 Jan 2023 08:31:42 +0000
ROA not before: Thu 05 Jan 2023 08:31:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211936
IP address blocks: 37.143.4.0/22 maxlen: 24
46.28.40.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:81:0e:b2:a1:a8:7a:0e:a1:c6:3f:55:a2:4b:7b:42:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f6363d428b7915c108825f09706004b8ea3d4b5
Validity
Not Before: Jan 5 08:31:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=22e40d6a13f21aba90063a54c2f9e8f8a54866dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:20:19:5c:d4:8a:fc:d4:b9:d5:f9:22:36:e2:
1f:30:f3:da:40:9f:c3:95:e4:2f:f7:c0:ae:51:5f:
8a:8f:eb:54:dc:23:05:d0:ef:c1:c7:4a:52:48:a0:
ff:88:bb:2e:94:e9:06:3a:d0:48:65:85:72:b5:65:
3e:0b:96:aa:4a:c0:8b:36:67:3a:29:f2:a7:9c:f4:
5c:f2:cf:9a:19:47:25:3f:09:9b:c5:14:86:1f:a3:
0c:bd:a0:3a:e0:fa:68:29:2d:03:7d:79:ea:d6:da:
bd:2e:81:64:63:e2:e5:de:39:9a:7d:fb:fc:f4:4c:
7e:5d:07:25:d8:d3:12:aa:b5:4a:c1:af:02:1f:29:
eb:8b:96:e6:c9:f4:0f:eb:ff:80:13:3a:9a:dc:62:
15:32:77:11:c6:08:48:38:6e:a6:a1:9f:be:be:7b:
26:65:d5:59:ea:49:43:43:c4:3c:f4:c4:00:26:c9:
ce:87:05:31:61:07:26:5c:a0:a0:ae:9a:cb:34:93:
db:7e:f6:96:29:fe:f8:59:56:75:21:e4:b9:2e:83:
83:6e:12:b2:22:d0:0a:f2:9d:c6:89:17:47:42:c0:
dc:2b:3f:f9:87:4a:63:66:4b:0c:46:e1:cd:d2:1c:
d7:e9:ee:26:8a:26:be:f2:1f:a2:e1:3a:40:81:ee:
21:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:E4:0D:6A:13:F2:1A:BA:90:06:3A:54:C2:F9:E8:F8:A5:48:66:DC
X509v3 Authority Key Identifier:
keyid:0F:63:63:D4:28:B7:91:5C:10:88:25:F0:97:06:00:4B:8E:A3:D4:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D2Nj1Ci3kVwQiCXwlwYAS46j1LU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/6becb0-18fd-4add-bb41-2e1c0af4faa4/1/IuQNahPyGrqQBjpUwvno-KVIZtw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/6becb0-18fd-4add-bb41-2e1c0af4faa4/1/D2Nj1Ci3kVwQiCXwlwYAS46j1LU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.143.4.0/22
46.28.40.0/22
Signature Algorithm: sha256WithRSAEncryption
36:2c:ec:25:4d:b4:34:f5:00:2a:af:23:8f:07:4d:1b:59:91:
35:a0:c7:5b:69:8e:c0:78:6c:dd:c3:f2:d5:16:02:3f:17:5e:
6e:85:1a:82:b9:c8:e4:80:3e:a5:54:26:9c:5c:bf:79:f2:82:
b8:7f:7b:7a:79:90:04:c8:ed:21:35:19:44:20:1f:9e:1f:07:
b1:d9:6d:57:f0:e4:c8:96:b7:9e:b9:4c:61:9f:db:30:1a:a2:
c0:cd:c7:5b:2d:80:ad:3a:95:fb:a8:f9:4c:b6:23:2b:96:02:
74:2a:10:dd:09:40:a0:b0:e0:e4:02:94:b8:ad:7c:e7:c1:fd:
1a:ea:b4:c7:f5:04:8b:87:af:66:6b:83:3d:24:0f:85:50:ca:
af:92:6f:47:7c:30:6e:d8:18:e4:94:d1:7e:54:2c:59:75:3f:
6b:8d:3f:c6:56:c3:f7:90:50:2d:cc:2a:be:13:f5:98:9c:c7:
ca:3f:35:a5:f1:34:a3:30:e3:32:2f:e2:81:17:1c:59:2b:31:
6f:05:74:d1:46:07:aa:9b:84:9d:fc:92:80:cd:85:68:bd:94:
6d:73:63:60:f4:af:d0:b3:5d:06:2a:94:90:d9:f1:ef:b4:97:
91:48:47:4b:70:7c:cd:9e:2d:1d:21:78:8c:41:41:0d:ec:4e:
74:f3:44:68
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYWBDrKhqHoOocY/VaJLe0LIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmNjM2M2Q0MjhiNzkxNWMxMDg4MjVmMDk3MDYwMDRiOGVh
M2Q0YjUwHhcNMjMwMTA1MDgzMTQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmU0MGQ2YTEzZjIxYWJhOTAwNjNhNTRjMmY5ZThmOGE1NDg2NmRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArCAZXNSK/NS51fkiNuIfMPPaQJ/D
leQv98CuUV+Kj+tU3CMF0O/Bx0pSSKD/iLsulOkGOtBIZYVytWU+C5aqSsCLNmc6
KfKnnPRc8s+aGUclPwmbxRSGH6MMvaA64PpoKS0DfXnq1tq9LoFkY+Ll3jmaffv8
9Ex+XQcl2NMSqrVKwa8CHynri5bmyfQP6/+AEzqa3GIVMncRxghIOG6moZ++vnsm
ZdVZ6klDQ8Q89MQAJsnOhwUxYQcmXKCgrprLNJPbfvaWKf74WVZ1IeS5LoODbhKy
ItAK8p3GiRdHQsDcKz/5h0pjZksMRuHN0hzX6e4miia+8h+i4TpAge4hNQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCLkDWoT8hq6kAY6VML56PilSGbcMB8GA1UdIwQY
MBaAFA9jY9Qot5FcEIgl8JcGAEuOo9S1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDJOajFDaTNrVndRaUNYd2x3WUFTNDZqMUxVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy82YmVjYjAtMThmZC00YWRkLWJiNDEt
MmUxYzBhZjRmYWE0LzEvSXVRTmFoUHlHcnFRQmpwVXd2bm8tS1ZJWnR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy82YmVjYjAtMThmZC00YWRkLWJiNDEtMmUxYzBhZjRmYWE0
LzEvRDJOajFDaTNrVndRaUNYd2x3WUFTNDZqMUxVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCJY8EAwQC
LhwoMA0GCSqGSIb3DQEBCwUAA4IBAQA2LOwlTbQ09QAqryOPB00bWZE1oMdbaY7A
eGzdw/LVFgI/F15uhRqCucjkgD6lVCacXL958oK4f3t6eZAEyO0hNRlEIB+eHwex
2W1X8OTIlreeuUxhn9swGqLAzcdbLYCtOpX7qPlMtiMrlgJ0KhDdCUCgsODkApS4
rXznwf0a6rTH9QSLh69ma4M9JA+FUMqvkm9HfDBu2BjklNF+VCxZdT9rjT/GVsP3
kFAtzCq+E/WYnMfKPzWl8TSjMOMyL+KBFxxZKzFvBXTRRgeqm4Sd/JKAzYVovZRt
c2Ng9K/Qs10GKpSQ2fHvtJeRSEdLcHzNni0dIXiMQUEN7E5080Ro
-----END CERTIFICATE-----
Generated at Wed Apr 9 12:58:17 2025 by rpki-client