Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/JHlXngF1hZJi4vrlxeA5FF86JL4.roa
File: JHlXngF1hZJi4vrlxeA5FF86JL4.roa (raw, json)
Hash identifier: ylKKaRs5CkJa1bckZzdxlNJIWtVrdXl8TF4fmS8HFWk=
Subject key identifier: 24:79:57:9E:01:75:85:92:62:E2:FA:E5:C5:E0:39:14:5F:3A:24:BE
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 0182C54CBFE6B458A4DC9D3B5D6D39EC037B
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/JHlXngF1hZJi4vrlxeA5FF86JL4.roa
Signing time: Mon 22 Aug 2022 11:25:17 +0000
ROA not before: Mon 22 Aug 2022 11:25:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15723
IP address blocks: 37.128.203.0/24 maxlen: 24
37.128.202.0/24 maxlen: 24
37.128.200.0/24 maxlen: 24
37.128.201.0/24 maxlen: 24
88.151.195.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:c5:4c:bf:e6:b4:58:a4:dc:9d:3b:5d:6d:39:ec:03:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Aug 22 11:25:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2479579e0175859262e2fae5c5e039145f3a24be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:4b:28:55:78:85:a1:57:08:e0:ff:47:1b:de:
0d:9e:cc:23:c9:5a:f7:30:3b:be:ca:4c:8d:e6:bb:
83:89:58:b2:a5:52:bb:55:96:32:58:ee:6e:cf:5b:
f2:5f:3e:27:8c:19:dd:97:f9:fc:1b:eb:4a:c1:ff:
09:98:ac:8a:61:c6:54:3f:21:fa:4a:6f:87:cf:92:
35:f9:41:79:7e:43:c8:76:99:3d:cf:4e:97:3e:a1:
e1:57:b2:e1:7d:d1:a8:45:f0:b8:be:b8:1b:13:a0:
06:61:bf:e7:39:0e:d2:dc:d4:a4:43:cd:10:69:a7:
47:33:a7:69:11:fc:5a:f2:66:be:89:31:51:94:a1:
88:a9:d7:53:98:c3:e1:e4:4d:30:ee:4c:4e:84:07:
2f:ce:2f:91:e6:2b:6f:81:cb:2a:ea:4a:4a:ba:d6:
4c:fa:58:83:74:03:0c:b3:93:79:cd:00:3a:e2:d8:
5c:64:22:c0:4e:ee:1a:48:1d:d2:23:db:0f:b4:0e:
35:a0:c7:1f:06:49:c2:3a:aa:70:23:63:49:7e:58:
a5:8e:e3:1b:ba:4f:c3:78:81:8b:c1:20:3c:de:c2:
4a:72:d3:d0:39:b0:8e:49:79:19:7e:12:22:aa:c3:
62:c4:4b:4b:5f:3d:f3:04:44:e2:f4:2a:84:80:f6:
fd:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:79:57:9E:01:75:85:92:62:E2:FA:E5:C5:E0:39:14:5F:3A:24:BE
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/JHlXngF1hZJi4vrlxeA5FF86JL4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.128.200.0/22
88.151.195.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:12:da:3a:dd:39:18:dd:59:65:c3:ae:ea:69:f5:99:52:36:
6a:86:26:ec:e9:26:60:4a:b6:4f:a9:79:eb:fd:b8:3a:58:8b:
8f:25:10:07:d9:59:5b:7a:0a:18:86:2b:3a:93:be:7e:98:bf:
31:19:22:5d:a5:19:d9:62:4b:39:ed:4f:3f:2b:40:6b:ac:44:
55:6e:06:6f:ef:1b:2f:17:ac:35:39:f2:62:f7:ab:d5:bc:9d:
91:42:4c:20:67:73:e5:20:b3:88:04:92:d6:0e:03:b8:73:01:
75:76:ca:2a:ab:3b:11:7d:06:f2:d1:14:12:ad:71:b7:4e:61:
ec:69:2d:3b:0b:3d:35:ba:fc:89:e2:17:5f:e0:c6:1b:1a:a9:
9e:71:3d:d7:bf:9a:97:89:9c:89:55:ad:56:fd:d8:68:de:f5:
06:d0:e5:46:23:52:e2:48:d6:94:f1:58:24:e3:e6:7c:3e:5a:
53:0c:66:15:52:d3:b2:9c:ac:63:b9:75:34:df:93:7f:98:3f:
06:f0:cb:0c:94:fb:4b:74:2e:f6:87:f4:c5:5e:5b:8b:48:d9:
42:cc:ac:6b:a0:9c:d5:3d:55:91:91:f8:7e:2d:6a:ad:c0:91:
03:c5:73:8f:9a:63:44:75:68:04:7d:d5:79:95:5a:75:91:f5:
dd:09:19:b3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYLFTL/mtFik3J07XW057AN7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjIwODIyMTEyNTE3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDc5NTc5ZTAxNzU4NTkyNjJlMmZhZTVjNWUwMzkxNDVmM2EyNGJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmUsoVXiFoVcI4P9HG94NnswjyVr3
MDu+ykyN5ruDiViypVK7VZYyWO5uz1vyXz4njBndl/n8G+tKwf8JmKyKYcZUPyH6
Sm+Hz5I1+UF5fkPIdpk9z06XPqHhV7LhfdGoRfC4vrgbE6AGYb/nOQ7S3NSkQ80Q
aadHM6dpEfxa8ma+iTFRlKGIqddTmMPh5E0w7kxOhAcvzi+R5itvgcsq6kpKutZM
+liDdAMMs5N5zQA64thcZCLATu4aSB3SI9sPtA41oMcfBknCOqpwI2NJfliljuMb
uk/DeIGLwSA83sJKctPQObCOSXkZfhIiqsNixEtLXz3zBETi9CqEgPb91QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCR5V54BdYWSYuL65cXgORRfOiS+MB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvSkhsWG5nRjFoWkppNHZybHhlQTVGRjg2Skw0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCJYDIAwQA
WJfDMA0GCSqGSIb3DQEBCwUAA4IBAQA7Eto63TkY3Vllw67qafWZUjZqhibs6SZg
SrZPqXnr/bg6WIuPJRAH2VlbegoYhis6k75+mL8xGSJdpRnZYks57U8/K0BrrERV
bgZv7xsvF6w1OfJi96vVvJ2RQkwgZ3PlILOIBJLWDgO4cwF1dsoqqzsRfQby0RQS
rXG3TmHsaS07Cz01uvyJ4hdf4MYbGqmecT3Xv5qXiZyJVa1W/dho3vUG0OVGI1Li
SNaU8Vgk4+Z8PlpTDGYVUtOynKxjuXU035N/mD8G8MsMlPtLdC72h/TFXluLSNlC
zKxroJzVPVWRkfh+LWqtwJEDxXOPmmNEdWgEfdV5lVp1kfXdCRmz
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:46:11 2025 by rpki-client