Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/0y7HBEBH-waaQuDK-TgU14exwFY.roa
File: 0y7HBEBH-waaQuDK-TgU14exwFY.roa (raw, json)
Hash identifier: iwwySkO0Xd8YrZgdMREYJyLeIh5eXNNc1DDRLffbTSQ=
Subject key identifier: D3:2E:C7:04:40:47:FB:06:9A:42:E0:CA:F9:38:14:D7:87:B1:C0:56
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 03813491
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/0y7HBEBH-waaQuDK-TgU14exwFY.roa
Signing time: Fri 06 May 2022 13:38:48 +0000
ROA not before: Fri 06 May 2022 13:38:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15723
IP address blocks: 109.205.212.0/24 maxlen: 24
37.128.203.0/24 maxlen: 24
37.128.202.0/24 maxlen: 24
37.128.200.0/24 maxlen: 24
37.128.201.0/24 maxlen: 24
88.151.194.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 58799249 (0x3813491)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: May 6 13:38:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d32ec7044047fb069a42e0caf93814d787b1c056
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:52:78:43:f1:53:f6:bf:7b:83:e7:2e:64:47:
aa:d3:f1:2d:e7:41:59:1d:57:32:32:b5:e7:4b:82:
c4:14:d0:65:4d:2e:2c:40:92:20:d4:53:56:de:98:
c9:bc:24:1b:fb:8a:ef:64:5b:9d:9b:d1:61:f2:95:
2c:08:9b:38:af:8d:fa:34:72:aa:a2:a1:2d:3a:81:
70:45:e8:c6:9b:22:af:8c:52:1d:ba:07:42:18:27:
59:b4:23:a0:d7:3f:2e:76:a8:63:9f:e6:79:d5:02:
2f:df:45:70:ee:5d:49:49:0d:e7:63:ac:a4:ec:de:
42:ea:e4:f4:23:25:2b:da:fc:cb:f5:f4:79:a0:ce:
5b:51:1f:21:d7:50:06:31:df:11:ab:6e:c0:e1:d1:
37:70:ab:ae:71:99:c1:08:33:e3:d7:f6:94:37:90:
87:11:1e:2d:e3:f0:4d:29:85:9c:23:fd:a7:e6:94:
dd:2e:db:8d:0e:19:c9:0d:6a:28:2f:cf:f8:8c:e2:
38:88:60:9f:28:ce:e5:3b:24:d1:9f:28:1a:61:3a:
fc:70:eb:91:e4:7d:18:47:19:e6:29:7a:96:1d:3e:
3c:a6:1d:52:ae:ad:e0:5b:6a:5e:33:0a:49:47:5c:
50:6a:af:c8:20:b4:c6:2b:85:a3:19:f6:e1:4e:c5:
fd:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:2E:C7:04:40:47:FB:06:9A:42:E0:CA:F9:38:14:D7:87:B1:C0:56
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/0y7HBEBH-waaQuDK-TgU14exwFY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.128.200.0/22
88.151.194.0/24
109.205.212.0/24
Signature Algorithm: sha256WithRSAEncryption
b8:5a:c7:e4:57:5a:3f:bf:a8:eb:93:16:c6:50:91:1d:35:cd:
dd:a0:35:16:f3:bb:f1:23:74:7b:7d:ef:72:86:46:d0:03:7e:
45:89:17:a1:a6:83:a1:fd:01:60:72:5b:32:3a:da:89:ab:fe:
64:aa:63:6f:55:66:87:8b:98:46:74:9e:31:7a:29:f4:0f:67:
6a:13:a3:b8:8b:06:5b:ef:2b:67:75:5d:ab:03:9f:5e:70:fa:
b1:1a:b7:cd:59:05:f8:41:d0:10:bf:28:5b:d2:9d:8f:c8:ea:
df:18:e6:ed:22:bf:a4:d8:ef:e9:9c:fb:be:4b:93:c2:19:68:
35:95:ce:5f:03:74:c9:75:a4:c5:d1:ce:c2:f4:b5:32:20:31:
fd:4e:6f:aa:d4:fc:08:88:89:3e:e7:3c:b4:56:2f:59:0a:86:
29:69:ec:d3:f8:2c:b6:62:df:a9:8f:4c:4d:27:7f:60:6a:8b:
6f:33:65:24:47:54:87:31:81:9b:f6:20:2a:3d:30:2c:1a:75:
d9:cd:4d:53:fb:ee:24:df:64:5a:20:8f:9e:08:5e:7b:90:f8:
0e:bd:47:48:12:f1:f8:a5:30:1c:47:a5:03:55:5b:77:e8:d9:
82:62:d0:39:7b:7d:57:60:3c:f4:96:64:d6:12:1b:a7:31:9d:
5a:19:c5:b2
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEA4E0kTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
ZDA2YTQyYmIyNDQ2ZTUxZjE5MmVhMzc1YmRmN2VlYzVhNTFjNzdmMB4XDTIyMDUw
NjEzMzg0OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDMyZWM3MDQ0MDQ3
ZmIwNjlhNDJlMGNhZjkzODE0ZDc4N2IxYzA1NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJFSeEPxU/a/e4PnLmRHqtPxLedBWR1XMjK150uCxBTQZU0u
LECSINRTVt6YybwkG/uK72RbnZvRYfKVLAibOK+N+jRyqqKhLTqBcEXoxpsir4xS
HboHQhgnWbQjoNc/LnaoY5/medUCL99FcO5dSUkN52OspOzeQurk9CMlK9r8y/X0
eaDOW1EfIddQBjHfEatuwOHRN3CrrnGZwQgz49f2lDeQhxEeLePwTSmFnCP9p+aU
3S7bjQ4ZyQ1qKC/P+IziOIhgnyjO5Tsk0Z8oGmE6/HDrkeR9GEcZ5il6lh0+PKYd
Uq6t4FtqXjMKSUdcUGqvyCC0xiuFoxn24U7F/XsCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBTTLscEQEf7BppC4Mr5OBTXh7HAVjAfBgNVHSMEGDAWgBR9BqQrskRuUfGS
6jdb337sWlHHfzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2ZRYWtLN0pFYmxIeGt1bzNXOTktN0ZwUngzOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWMvNzgwMDJhLTRmYzAtNGRiZi04NTg1LTJjZjgwNmIyZDBmMi8x
LzB5N0hCRUJILXdhYVF1REstVGdVMTRleHdGWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWMv
NzgwMDJhLTRmYzAtNGRiZi04NTg1LTJjZjgwNmIyZDBmMi8xL2ZRYWtLN0pFYmxI
eGt1bzNXOTktN0ZwUngzOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAiWAyAMEAFiXwgMEAG3N1DANBgkq
hkiG9w0BAQsFAAOCAQEAuFrH5FdaP7+o65MWxlCRHTXN3aA1FvO78SN0e33vcoZG
0AN+RYkXoaaDof0BYHJbMjraiav+ZKpjb1Vmh4uYRnSeMXop9A9nahOjuIsGW+8r
Z3VdqwOfXnD6sRq3zVkF+EHQEL8oW9Kdj8jq3xjm7SK/pNjv6Zz7vkuTwhloNZXO
XwN0yXWkxdHOwvS1MiAx/U5vqtT8CIiJPuc8tFYvWQqGKWns0/gstmLfqY9MTSd/
YGqLbzNlJEdUhzGBm/YgKj0wLBp12c1NU/vuJN9kWiCPnghee5D4Dr1HSBLx+KUw
HEelA1Vbd+jZgmLQOXt9V2A89JZk1hIbpzGdWhnFsg==
-----END CERTIFICATE-----
Generated at Mon Apr 21 06:14:43 2025 by rpki-client