Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/6becb0-18fd-4add-bb41-2e1c0af4faa4/1/R-aXRN-IyNI0Si9Qwfl1dKuZbBM.roa
File: R-aXRN-IyNI0Si9Qwfl1dKuZbBM.roa (raw, json)
Hash identifier: VY4zBYrBQn6ol5tqZ9KpcvnbWigYlj/RV6cE8bX9sw8=
Subject key identifier: 47:E6:97:44:DF:88:C8:D2:34:4A:2F:50:C1:F9:75:74:AB:99:6C:13
Certificate issuer: /CN=0f6363d428b7915c108825f09706004b8ea3d4b5
Certificate serial: 1747885A
Authority key identifier: 0F:63:63:D4:28:B7:91:5C:10:88:25:F0:97:06:00:4B:8E:A3:D4:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D2Nj1Ci3kVwQiCXwlwYAS46j1LU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/6becb0-18fd-4add-bb41-2e1c0af4faa4/1/R-aXRN-IyNI0Si9Qwfl1dKuZbBM.roa
Signing time: Wed 29 Jun 2022 07:52:02 +0000
ROA not before: Wed 29 Jun 2022 07:52:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207152
IP address blocks: 37.143.0.0/22 maxlen: 24
37.143.4.0/22 maxlen: 24
46.28.40.0/22 maxlen: 24
46.28.44.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 390563930 (0x1747885a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f6363d428b7915c108825f09706004b8ea3d4b5
Validity
Not Before: Jun 29 07:52:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=47e69744df88c8d2344a2f50c1f97574ab996c13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:31:08:16:79:5d:bb:cc:54:9d:a5:87:ad:d8:
2a:af:bd:a7:e7:ad:d8:44:6c:86:3f:fe:a5:32:f6:
5c:5d:7e:e1:b6:14:23:b3:38:86:4e:4c:de:ab:b5:
5b:71:20:37:9a:6f:10:ec:a9:50:bd:95:b3:96:69:
72:03:e0:08:5a:82:8a:d3:e1:8f:4f:b7:76:cd:b9:
42:79:cc:4b:da:41:7e:b3:b7:2a:34:d1:85:53:47:
7a:2e:4e:10:52:25:3f:0a:cc:c7:9c:d3:7c:de:e7:
6d:02:96:be:31:70:7d:66:8e:29:04:a6:72:07:b4:
11:f3:07:0a:b9:00:dd:d4:c3:5a:0d:22:74:00:4f:
f1:4c:c2:fc:c9:a5:2b:9f:8d:94:a9:1d:41:f7:aa:
83:d2:0f:10:8d:b0:91:04:6b:4d:56:03:21:23:c2:
28:9e:db:79:5d:24:16:ef:fe:b2:f5:9c:37:34:4d:
42:25:e2:63:de:1b:68:96:92:7f:32:6c:72:d6:85:
8b:6d:b1:2b:16:55:a3:38:63:f6:69:54:62:1c:07:
95:9f:49:f4:57:a3:54:5e:c5:9d:08:cb:21:0e:05:
c8:d0:97:ac:de:4b:cc:16:53:f0:75:09:fb:ed:e1:
e5:ea:4f:de:42:1a:b8:56:67:84:a5:f7:6a:6c:04:
3f:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:E6:97:44:DF:88:C8:D2:34:4A:2F:50:C1:F9:75:74:AB:99:6C:13
X509v3 Authority Key Identifier:
keyid:0F:63:63:D4:28:B7:91:5C:10:88:25:F0:97:06:00:4B:8E:A3:D4:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D2Nj1Ci3kVwQiCXwlwYAS46j1LU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/6becb0-18fd-4add-bb41-2e1c0af4faa4/1/R-aXRN-IyNI0Si9Qwfl1dKuZbBM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/6becb0-18fd-4add-bb41-2e1c0af4faa4/1/D2Nj1Ci3kVwQiCXwlwYAS46j1LU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.143.0.0/21
46.28.40.0/21
Signature Algorithm: sha256WithRSAEncryption
aa:dc:26:e8:98:b7:e3:f8:02:1a:55:eb:e2:c8:f1:13:b1:4a:
0a:fd:f7:1c:42:e9:ed:14:ef:3a:93:ff:d4:07:e5:0b:2e:7e:
48:8b:33:ea:de:b5:99:ab:10:43:c1:34:f7:37:01:d5:c9:a8:
2a:ab:55:06:fd:d0:b5:6f:a6:7a:f7:61:e0:df:20:d0:e0:30:
e4:44:e8:ea:4f:86:c7:22:4f:c9:b2:76:09:41:04:fd:0c:16:
1f:e7:62:fa:7b:6c:51:40:fa:c6:bd:b7:0f:02:01:16:a7:40:
12:6b:a2:a3:51:a4:3f:2d:8c:7e:50:1f:b4:8f:53:88:e9:14:
86:a5:e0:4a:c0:c1:7c:42:c6:1f:de:5d:85:c8:99:15:7e:f7:
d3:eb:b3:fd:0e:3b:ea:e5:a8:97:bc:91:54:cc:82:20:1b:02:
a2:f0:0a:6f:03:f5:11:c6:54:61:a4:36:ab:f0:e7:0c:53:8c:
0b:5b:6c:8e:4b:9e:2a:72:4c:ba:fd:8a:ac:3f:f7:7b:b9:50:
ae:df:5d:75:93:f1:9b:11:cc:77:1c:ae:72:a2:f3:46:1f:d2:
2d:fe:77:8d:44:11:56:49:16:78:ca:3b:9b:05:38:0b:70:db:
09:9b:41:e3:bd:0d:31:df:a9:08:5c:94:67:3c:67:0f:92:6e:
d6:31:b2:ce
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEF0eIWjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
ZjYzNjNkNDI4Yjc5MTVjMTA4ODI1ZjA5NzA2MDA0YjhlYTNkNGI1MB4XDTIyMDYy
OTA3NTIwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDdlNjk3NDRkZjg4
YzhkMjM0NGEyZjUwYzFmOTc1NzRhYjk5NmMxMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJcxCBZ5XbvMVJ2lh63YKq+9p+et2ERshj/+pTL2XF1+4bYU
I7M4hk5M3qu1W3EgN5pvEOypUL2Vs5ZpcgPgCFqCitPhj0+3ds25QnnMS9pBfrO3
KjTRhVNHei5OEFIlPwrMx5zTfN7nbQKWvjFwfWaOKQSmcge0EfMHCrkA3dTDWg0i
dABP8UzC/MmlK5+NlKkdQfeqg9IPEI2wkQRrTVYDISPCKJ7beV0kFu/+svWcNzRN
QiXiY94baJaSfzJsctaFi22xKxZVozhj9mlUYhwHlZ9J9FejVF7FnQjLIQ4FyNCX
rN5LzBZT8HUJ++3h5epP3kIauFZnhKX3amwEPzUCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBRH5pdE34jI0jRKL1DB+XV0q5lsEzAfBgNVHSMEGDAWgBQPY2PUKLeRXBCI
JfCXBgBLjqPUtTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0QyTmoxQ2kza1Z3UWlDWHdsd1lBUzQ2ajFMVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDcvNmJlY2IwLTE4ZmQtNGFkZC1iYjQxLTJlMWMwYWY0ZmFhNC8x
L1ItYVhSTi1JeU5JMFNpOVF3ZmwxZEt1WmJCTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDcv
NmJlY2IwLTE4ZmQtNGFkZC1iYjQxLTJlMWMwYWY0ZmFhNC8xL0QyTmoxQ2kza1Z3
UWlDWHdsd1lBUzQ2ajFMVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAyWPAAMEAy4cKDANBgkqhkiG9w0B
AQsFAAOCAQEAqtwm6Ji34/gCGlXr4sjxE7FKCv33HELp7RTvOpP/1AflCy5+SIsz
6t61masQQ8E09zcB1cmoKqtVBv3QtW+mevdh4N8g0OAw5ETo6k+GxyJPybJ2CUEE
/QwWH+di+ntsUUD6xr23DwIBFqdAEmuio1GkPy2MflAftI9TiOkUhqXgSsDBfELG
H95dhciZFX730+uz/Q476uWol7yRVMyCIBsCovAKbwP1EcZUYaQ2q/DnDFOMC1ts
jkueKnJMuv2KrD/3e7lQrt9ddZPxmxHMdxyucqLzRh/SLf53jUQRVkkWeMo7mwU4
C3DbCZtB470NMd+pCFyUZzxnD5Ju1jGyzg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:51:37 2025 by rpki-client