Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/5c565e-0427-4097-bc12-eb70ba1bde7b/1/b4WqaOQLYmqJ0DN-CTS-fymF8bg.roa
File: b4WqaOQLYmqJ0DN-CTS-fymF8bg.roa (raw, json)
Hash identifier: DNg++zO+ViINIHpyB74Cxd3+GF7pHQzRHKCs4HZD3G0=
Subject key identifier: 6F:85:AA:68:E4:0B:62:6A:89:D0:33:7E:09:34:BE:7F:29:85:F1:B8
Certificate issuer: /CN=d52865e83b701b8ba934101c34c11ebdf3fa83bb
Certificate serial: ECAB5A
Authority key identifier: D5:28:65:E8:3B:70:1B:8B:A9:34:10:1C:34:C1:1E:BD:F3:FA:83:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Shl6DtwG4upNBAcNMEevfP6g7s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/5c565e-0427-4097-bc12-eb70ba1bde7b/1/b4WqaOQLYmqJ0DN-CTS-fymF8bg.roa
Signing time: Wed 29 Jun 2022 07:25:02 +0000
ROA not before: Wed 29 Jun 2022 07:25:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211237
IP address blocks: 37.140.250.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15510362 (0xecab5a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d52865e83b701b8ba934101c34c11ebdf3fa83bb
Validity
Not Before: Jun 29 07:25:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6f85aa68e40b626a89d0337e0934be7f2985f1b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:9f:b1:39:97:0c:e8:c6:5d:00:04:ee:ff:3f:
ee:e4:c2:af:82:dc:d0:2e:1b:74:d7:f5:b1:ab:fd:
71:f9:ac:8f:c4:79:8c:44:8f:fe:aa:e1:7b:af:fe:
2e:c4:63:43:40:20:d2:6b:11:1d:28:f8:73:66:c1:
b6:cf:e6:0b:3a:cd:7d:12:cc:b6:f7:aa:bd:99:7a:
47:fc:16:d0:ce:22:8f:9f:1a:85:7d:cf:4b:6d:6c:
f5:cc:35:4f:7c:c6:01:58:3a:35:78:7d:87:c7:43:
c0:74:39:20:0f:69:67:6c:93:1b:e6:b6:62:12:5f:
54:8d:db:f4:5f:ae:a1:27:ea:32:1a:8a:90:b7:ab:
cf:9c:7c:b0:05:37:e8:06:04:72:74:75:04:db:77:
25:99:18:db:aa:69:b1:2b:6c:80:e1:ab:de:5a:0f:
e3:8c:f8:71:34:6c:bd:dc:e2:2c:f3:09:e4:9e:4d:
da:2b:cb:9c:62:93:0e:a0:b7:ed:2b:fb:ce:a6:96:
85:b6:0d:6b:78:9c:37:79:39:c0:86:e7:7d:3c:77:
40:d6:6d:04:49:65:7d:35:fd:78:03:25:ec:ab:e5:
11:95:8f:38:c4:d8:b6:73:55:d9:65:3f:de:54:b3:
8d:63:14:84:37:e9:cc:e3:dd:64:fe:b7:a1:5f:5a:
9c:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:85:AA:68:E4:0B:62:6A:89:D0:33:7E:09:34:BE:7F:29:85:F1:B8
X509v3 Authority Key Identifier:
keyid:D5:28:65:E8:3B:70:1B:8B:A9:34:10:1C:34:C1:1E:BD:F3:FA:83:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Shl6DtwG4upNBAcNMEevfP6g7s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/5c565e-0427-4097-bc12-eb70ba1bde7b/1/b4WqaOQLYmqJ0DN-CTS-fymF8bg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/5c565e-0427-4097-bc12-eb70ba1bde7b/1/1Shl6DtwG4upNBAcNMEevfP6g7s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.140.250.0/24
Signature Algorithm: sha256WithRSAEncryption
43:46:a8:be:a2:3a:cf:97:be:f6:58:80:d9:56:5c:0b:e6:e8:
c3:79:c0:1c:e7:04:10:01:39:3a:95:1d:22:64:8e:ea:8d:3b:
27:17:57:ca:9e:69:99:4d:01:11:6e:37:76:62:de:13:9f:b8:
ca:95:c8:7f:df:6d:22:9f:a7:5a:aa:c1:25:9d:3e:fe:c9:dd:
58:d7:f9:5c:09:87:88:6a:b0:d8:b9:c5:0f:50:25:93:47:68:
b1:59:29:3b:0c:19:ad:79:9a:f7:11:8d:04:75:de:11:f8:cf:
5d:8b:3c:42:4a:b5:9b:51:76:53:2b:52:c9:d6:28:03:43:cc:
87:85:d1:8f:cf:71:6e:e8:e1:80:13:da:f0:f1:c1:00:c4:3e:
f1:0b:56:0f:02:54:08:8b:7c:66:c9:9c:c3:41:58:7b:22:cc:
75:cb:35:53:19:a7:b2:1b:53:96:98:ee:ca:e6:b0:fb:db:11:
94:f5:38:78:e9:23:6a:62:0b:63:fb:11:61:28:76:56:00:fc:
77:50:51:c8:7a:5d:d3:17:4e:03:62:37:e2:62:f0:ba:24:f6:
fd:27:70:05:f9:ea:49:b9:69:ce:d2:52:a4:3e:f2:70:57:b1:
3e:07:64:cd:81:09:88:5f:8f:83:6c:46:5b:0b:a0:c8:10:5f:
11:00:0b:b5
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAOyrWjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NTI4NjVlODNiNzAxYjhiYTkzNDEwMWMzNGMxMWViZGYzZmE4M2JiMB4XDTIyMDYy
OTA3MjUwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmY4NWFhNjhlNDBi
NjI2YTg5ZDAzMzdlMDkzNGJlN2YyOTg1ZjFiODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALSfsTmXDOjGXQAE7v8/7uTCr4Lc0C4bdNf1sav9cfmsj8R5
jESP/qrhe6/+LsRjQ0Ag0msRHSj4c2bBts/mCzrNfRLMtveqvZl6R/wW0M4ij58a
hX3PS21s9cw1T3zGAVg6NXh9h8dDwHQ5IA9pZ2yTG+a2YhJfVI3b9F+uoSfqMhqK
kLerz5x8sAU36AYEcnR1BNt3JZkY26ppsStsgOGr3loP44z4cTRsvdziLPMJ5J5N
2ivLnGKTDqC37Sv7zqaWhbYNa3icN3k5wIbnfTx3QNZtBEllfTX9eAMl7KvlEZWP
OMTYtnNV2WU/3lSzjWMUhDfpzOPdZP63oV9anKUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRvhapo5AtiaonQM34JNL5/KYXxuDAfBgNVHSMEGDAWgBTVKGXoO3Abi6k0
EBw0wR698/qDuzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFTaGw2RHR3RzR1cE5CQWNOTUVldmZQNmc3cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGIvNWM1NjVlLTA0MjctNDA5Ny1iYzEyLWViNzBiYTFiZGU3Yi8x
L2I0V3FhT1FMWW1xSjBETi1DVFMtZnltRjhiZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGIv
NWM1NjVlLTA0MjctNDA5Ny1iYzEyLWViNzBiYTFiZGU3Yi8xLzFTaGw2RHR3RzR1
cE5CQWNOTUVldmZQNmc3cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEACWM+jANBgkqhkiG9w0BAQsFAAOC
AQEAQ0aovqI6z5e+9liA2VZcC+bow3nAHOcEEAE5OpUdImSO6o07JxdXyp5pmU0B
EW43dmLeE5+4ypXIf99tIp+nWqrBJZ0+/sndWNf5XAmHiGqw2LnFD1Alk0dosVkp
OwwZrXma9xGNBHXeEfjPXYs8Qkq1m1F2UytSydYoA0PMh4XRj89xbujhgBPa8PHB
AMQ+8QtWDwJUCIt8Zsmcw0FYeyLMdcs1UxmnshtTlpjuyuaw+9sRlPU4eOkjamIL
Y/sRYSh2VgD8d1BRyHpd0xdOA2I34mLwuiT2/SdwBfnqSblpztJSpD7ycFexPgdk
zYEJiF+Pg2xGWwugyBBfEQALtQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:44 2023 by rpki-client on console-ams.rpki-client.org