Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/CoShXRlvokIkdw5UNN7sORXd78g.roa
File: CoShXRlvokIkdw5UNN7sORXd78g.roa (raw, json)
Hash identifier: D6J99Ch267FZ/HuBU7lsjaR0H7BI0Ncn0Cde8IF7Vdc=
Subject key identifier: 0A:84:A1:5D:19:6F:A2:42:24:77:0E:54:34:DE:EC:39:15:DD:EF:C8
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 01845C5E2330A89E5898015BADD5F037F106
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/CoShXRlvokIkdw5UNN7sORXd78g.roa
Signing time: Wed 09 Nov 2022 12:29:44 +0000
ROA not before: Wed 09 Nov 2022 12:29:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15723
IP address blocks: 37.128.203.0/24 maxlen: 24
37.128.202.0/24 maxlen: 24
37.128.200.0/24 maxlen: 24
37.128.201.0/24 maxlen: 24
88.151.192.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:5c:5e:23:30:a8:9e:58:98:01:5b:ad:d5:f0:37:f1:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Nov 9 12:29:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0a84a15d196fa24224770e5434deec3915ddefc8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:00:4f:03:87:29:13:eb:ea:44:ff:9f:2b:f9:
59:a1:5f:36:f7:37:28:00:dc:4b:c5:7a:79:e1:1f:
81:e0:dd:c4:41:5c:49:db:2f:05:0b:c5:5b:e7:88:
8c:53:b8:c0:ba:eb:6d:35:6b:c1:0f:c4:d8:6b:50:
5e:56:bf:ed:b5:21:8a:86:40:9e:f3:32:6e:62:02:
22:4f:16:ff:46:bf:19:1f:4f:8b:11:a1:3b:33:c6:
7f:da:6c:88:c5:f5:68:8b:ff:86:ea:9c:fc:52:be:
b2:83:84:93:e5:17:01:29:b3:ab:f6:49:2a:6a:36:
a6:f4:14:44:f2:92:9f:e3:fd:bb:a9:4b:0d:1a:cd:
e5:57:e6:90:29:9a:f9:0b:d4:32:2d:2b:27:f5:42:
1f:96:26:a1:19:df:3b:bc:76:d9:00:25:8d:e9:e0:
fe:d4:c1:2a:b3:b9:ec:36:c0:72:d8:60:46:1f:02:
bd:03:0a:4b:fe:91:04:44:2e:f5:b4:8c:50:80:fe:
f4:44:2b:ba:1d:48:5f:2e:17:be:60:95:39:b8:15:
97:92:b9:b5:21:71:1b:93:47:1f:c9:a7:b3:4b:73:
91:b8:cc:f5:55:52:12:49:65:eb:56:e8:ee:19:ae:
49:9c:38:d4:03:2c:ff:c4:03:f1:6b:a7:43:c2:0c:
bf:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:84:A1:5D:19:6F:A2:42:24:77:0E:54:34:DE:EC:39:15:DD:EF:C8
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/CoShXRlvokIkdw5UNN7sORXd78g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.128.200.0/22
88.151.192.0/24
Signature Algorithm: sha256WithRSAEncryption
47:8e:f2:85:ef:d1:ec:8a:3a:f2:f7:84:67:b8:87:70:28:d2:
09:70:6f:01:de:5f:f7:0a:ca:b4:d2:de:9f:a7:eb:8a:52:62:
5a:34:ae:b6:b3:63:fa:bf:5c:9a:aa:05:a8:0f:32:98:83:1b:
45:7a:44:3f:ed:49:d5:99:11:a3:8a:d3:e1:62:6b:51:60:3d:
ab:32:5f:10:d9:fc:c8:11:8f:5a:21:58:cc:97:58:af:92:b6:
c0:75:24:c1:9b:fc:40:53:bc:5f:d4:69:91:fc:52:61:b3:e2:
39:84:60:88:24:1e:fd:a5:32:00:a9:13:7d:6e:12:bd:f0:ce:
ab:b5:71:2a:63:94:42:06:2f:ab:a9:29:ca:70:1f:82:41:a4:
51:2c:f8:1e:1f:1d:6b:a9:88:9a:91:b5:cf:97:3c:f4:9b:60:
b0:96:e9:ea:bf:9d:91:10:15:80:59:9e:b2:01:87:7a:63:dd:
01:a0:d5:3d:be:19:37:b7:38:a3:e0:64:75:f2:c5:ba:10:5f:
d0:49:da:c1:c0:24:d0:f0:5b:68:4c:60:73:59:a1:90:03:f4:
77:8f:f2:ba:0f:9b:88:59:19:bc:77:3e:9d:3e:9d:63:e4:9f:
30:51:47:e2:cc:b6:77:f5:ae:44:2c:26:35:55:8b:67:1d:37:
bd:88:49:d3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYRcXiMwqJ5YmAFbrdXwN/EGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjIxMTA5MTIyOTQ0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTg0YTE1ZDE5NmZhMjQyMjQ3NzBlNTQzNGRlZWMzOTE1ZGRlZmM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtwBPA4cpE+vqRP+fK/lZoV829zco
ANxLxXp54R+B4N3EQVxJ2y8FC8Vb54iMU7jAuuttNWvBD8TYa1BeVr/ttSGKhkCe
8zJuYgIiTxb/Rr8ZH0+LEaE7M8Z/2myIxfVoi/+G6pz8Ur6yg4ST5RcBKbOr9kkq
ajam9BRE8pKf4/27qUsNGs3lV+aQKZr5C9QyLSsn9UIfliahGd87vHbZACWN6eD+
1MEqs7nsNsBy2GBGHwK9AwpL/pEERC71tIxQgP70RCu6HUhfLhe+YJU5uBWXkrm1
IXEbk0cfyaezS3ORuMz1VVISSWXrVujuGa5JnDjUAyz/xAPxa6dDwgy/BwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAqEoV0Zb6JCJHcOVDTe7DkV3e/IMB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvQ29TaFhSbHZva0lrZHc1VU5ON3NPUlhkNzhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCJYDIAwQA
WJfAMA0GCSqGSIb3DQEBCwUAA4IBAQBHjvKF79Hsijry94RnuIdwKNIJcG8B3l/3
Csq00t6fp+uKUmJaNK62s2P6v1yaqgWoDzKYgxtFekQ/7UnVmRGjitPhYmtRYD2r
Ml8Q2fzIEY9aIVjMl1ivkrbAdSTBm/xAU7xf1GmR/FJhs+I5hGCIJB79pTIAqRN9
bhK98M6rtXEqY5RCBi+rqSnKcB+CQaRRLPgeHx1rqYiakbXPlzz0m2Cwlunqv52R
EBWAWZ6yAYd6Y90BoNU9vhk3tzij4GR18sW6EF/QSdrBwCTQ8FtoTGBzWaGQA/R3
j/K6D5uIWRm8dz6dPp1j5J8wUUfizLZ39a5ELCY1VYtnHTe9iEnT
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:00 2023 by rpki-client on console-fra.rpki-client.org