Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/af2adb-ff69-4b04-a806-46dd1205dcff/1/ntM8dChTMdbEWqXL_a6olbTggBk.roa
File: ntM8dChTMdbEWqXL_a6olbTggBk.roa (raw, json)
Hash identifier: nOdIRqGDe9AIXVGmlKQHBw78SXZhvmGOM5WkAxRrOfE=
Subject key identifier: 9E:D3:3C:74:28:53:31:D6:C4:5A:A5:CB:FD:AE:A8:95:B4:E0:80:19
Certificate issuer: /CN=fc7cfab24f15cd262176af0d1ccd88127dbf6335
Certificate serial: 3350B807
Authority key identifier: FC:7C:FA:B2:4F:15:CD:26:21:76:AF:0D:1C:CD:88:12:7D:BF:63:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_Hz6sk8VzSYhdq8NHM2IEn2_YzU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/af2adb-ff69-4b04-a806-46dd1205dcff/1/ntM8dChTMdbEWqXL_a6olbTggBk.roa
Signing time: Sat 01 Jan 2022 07:02:14 +0000
ROA not before: Sat 01 Jan 2022 07:02:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57846
IP address blocks: 37.130.152.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 860928007 (0x3350b807)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fc7cfab24f15cd262176af0d1ccd88127dbf6335
Validity
Not Before: Jan 1 07:02:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9ed33c74285331d6c45aa5cbfdaea895b4e08019
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:ad:70:84:c4:27:be:2d:d2:08:48:97:7d:b3:
a9:51:27:2c:14:fe:26:c5:6f:78:70:f7:e5:63:48:
69:6c:82:7b:55:9a:30:9b:09:c7:33:6b:92:cf:d6:
47:41:3e:f8:33:58:92:71:b4:06:16:c1:a6:73:bc:
71:af:71:1d:07:15:9b:52:b8:19:45:c4:8f:35:fc:
7b:fc:25:12:05:86:bf:24:27:f2:a0:7f:2f:d6:ce:
73:a8:78:a3:da:b5:55:bc:21:2d:40:8e:9d:74:8f:
8a:97:7a:99:c9:6e:7f:c1:ac:c8:ec:6b:e7:49:ec:
ed:a9:31:21:f5:0d:6e:69:de:41:2d:f3:1d:1e:30:
ea:be:af:3e:cd:f0:99:cd:50:cf:d4:58:68:0f:a8:
a8:d6:b2:88:55:74:d0:0f:0b:98:03:39:0e:e5:3c:
17:bf:65:4a:05:22:9b:23:38:1f:f1:6d:36:5d:31:
77:55:28:6a:33:f7:ee:a5:bb:73:ae:8d:d7:6b:dd:
aa:82:5b:45:e7:ec:8a:53:95:d1:48:39:19:78:96:
3d:e9:c9:16:89:de:1f:3b:09:64:c0:24:c0:85:8a:
70:d0:ec:2e:90:d3:1d:76:f3:f1:62:65:3e:7a:dc:
1e:49:1e:c0:20:fd:ef:75:c4:1a:b9:bd:2f:e0:a7:
7b:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:D3:3C:74:28:53:31:D6:C4:5A:A5:CB:FD:AE:A8:95:B4:E0:80:19
X509v3 Authority Key Identifier:
keyid:FC:7C:FA:B2:4F:15:CD:26:21:76:AF:0D:1C:CD:88:12:7D:BF:63:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_Hz6sk8VzSYhdq8NHM2IEn2_YzU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/af2adb-ff69-4b04-a806-46dd1205dcff/1/ntM8dChTMdbEWqXL_a6olbTggBk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/af2adb-ff69-4b04-a806-46dd1205dcff/1/_Hz6sk8VzSYhdq8NHM2IEn2_YzU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.130.152.0/21
Signature Algorithm: sha256WithRSAEncryption
8c:f5:39:24:40:3b:f1:fc:f5:44:9e:61:1d:0a:78:4c:24:a3:
6f:cd:1f:55:49:f0:d4:aa:fc:6c:2c:54:ce:37:33:98:91:9d:
5f:8d:2a:c0:2e:4f:b7:15:8d:9b:05:f4:09:bc:7f:42:35:50:
50:d6:00:2d:72:6b:6c:6d:03:7f:a8:25:4c:a9:83:52:f5:37:
68:9a:6c:83:0e:fc:de:10:bf:49:d5:1b:7d:ec:04:cf:4b:21:
c4:b5:5c:c2:e2:a6:3c:ad:cf:c4:02:8a:d2:d7:45:10:00:93:
96:e8:4b:a7:f3:e5:b2:fb:60:0d:f6:8a:58:70:e1:7a:62:a6:
6b:de:60:35:d8:e6:af:67:45:c9:a2:d5:2b:7b:b0:ad:7b:53:
80:5a:5d:9c:be:a9:71:11:ea:a7:27:15:bf:13:63:dd:4c:10:
cf:e0:33:9c:27:95:5e:30:40:0e:da:7c:93:aa:58:66:68:94:
36:80:7b:b9:cf:76:94:a6:d0:58:f2:db:e6:1a:86:6b:37:04:
d5:5c:7a:06:ce:bc:62:41:4f:89:69:79:2a:05:1b:38:d8:7b:
d8:9b:3b:13:8d:76:e1:d6:7c:c3:8b:2f:62:dd:af:9f:b3:72:
d3:17:d3:2b:39:4b:3f:80:34:05:65:76:6c:4e:d8:32:9a:ee:
fb:f9:09:2d
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEM1C4BzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
YzdjZmFiMjRmMTVjZDI2MjE3NmFmMGQxY2NkODgxMjdkYmY2MzM1MB4XDTIyMDEw
MTA3MDIxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWVkMzNjNzQyODUz
MzFkNmM0NWFhNWNiZmRhZWE4OTViNGUwODAxOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALitcITEJ74t0ghIl32zqVEnLBT+JsVveHD35WNIaWyCe1Wa
MJsJxzNrks/WR0E++DNYknG0BhbBpnO8ca9xHQcVm1K4GUXEjzX8e/wlEgWGvyQn
8qB/L9bOc6h4o9q1VbwhLUCOnXSPipd6mcluf8GsyOxr50ns7akxIfUNbmneQS3z
HR4w6r6vPs3wmc1Qz9RYaA+oqNayiFV00A8LmAM5DuU8F79lSgUimyM4H/FtNl0x
d1UoajP37qW7c66N12vdqoJbRefsilOV0Ug5GXiWPenJFoneHzsJZMAkwIWKcNDs
LpDTHXbz8WJlPnrcHkkewCD973XEGrm9L+Cne90CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSe0zx0KFMx1sRapcv9rqiVtOCAGTAfBgNVHSMEGDAWgBT8fPqyTxXNJiF2
rw0czYgSfb9jNTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L19IejZzazhWelNZaGRxOE5ITTJJRW4yX1l6VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTgvYWYyYWRiLWZmNjktNGIwNC1hODA2LTQ2ZGQxMjA1ZGNmZi8x
L250TThkQ2hUTWRiRVdxWExfYTZvbGJUZ2dCay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTgv
YWYyYWRiLWZmNjktNGIwNC1hODA2LTQ2ZGQxMjA1ZGNmZi8xL19IejZzazhWelNZ
aGRxOE5ITTJJRW4yX1l6VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAyWCmDANBgkqhkiG9w0BAQsFAAOC
AQEAjPU5JEA78fz1RJ5hHQp4TCSjb80fVUnw1Kr8bCxUzjczmJGdX40qwC5PtxWN
mwX0Cbx/QjVQUNYALXJrbG0Df6glTKmDUvU3aJpsgw783hC/SdUbfewEz0shxLVc
wuKmPK3PxAKK0tdFEACTluhLp/PlsvtgDfaKWHDhemKma95gNdjmr2dFyaLVK3uw
rXtTgFpdnL6pcRHqpycVvxNj3UwQz+AznCeVXjBADtp8k6pYZmiUNoB7uc92lKbQ
WPLb5hqGazcE1Vx6Bs68YkFPiWl5KgUbONh72Js7E4124dZ8w4svYt2vn7Ny0xfT
KzlLP4A0BWV2bE7YMpru+/kJLQ==
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:46:23 2025 by rpki-client