Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/luGY6r_zP6Z7c26fBfl4_paG090.roa
File: luGY6r_zP6Z7c26fBfl4_paG090.roa (raw, json)
Hash identifier: ubscMCxnErE8APHJTFytCOaznnFH3hnHv3VIPgHlMec=
Subject key identifier: 96:E1:98:EA:BF:F3:3F:A6:7B:73:6E:9F:05:F9:78:FE:96:86:D3:DD
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 0183C6BB9E3182EB6FD5FD82A1FE677C03FD
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/luGY6r_zP6Z7c26fBfl4_paG090.roa
Signing time: Tue 11 Oct 2022 11:08:47 +0000
ROA not before: Tue 11 Oct 2022 11:08:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15723
IP address blocks: 37.128.203.0/24 maxlen: 24
37.128.202.0/24 maxlen: 24
37.128.200.0/24 maxlen: 24
37.128.201.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:c6:bb:9e:31:82:eb:6f:d5:fd:82:a1:fe:67:7c:03:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Oct 11 11:08:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=96e198eabff33fa67b736e9f05f978fe9686d3dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:66:18:11:d2:5f:8d:42:1c:a2:52:d9:12:ca:
6e:d3:97:6a:22:9c:f9:81:30:12:3f:b3:6d:31:1b:
d5:d1:7b:6d:67:de:51:6a:07:80:04:88:25:b3:07:
56:38:88:bb:32:40:7a:0d:4d:27:d1:c7:22:39:04:
be:fe:44:b0:f5:af:84:b5:30:12:3b:a5:62:da:db:
f3:2e:8f:3a:0c:83:23:4e:48:4c:fd:51:84:45:20:
8c:a0:ce:e0:35:d6:93:09:c1:b1:f6:ef:09:d8:c7:
e2:56:7e:01:be:1c:75:3a:1c:94:4c:43:58:56:28:
db:a1:0e:6f:5b:25:61:a5:19:31:02:25:30:b0:6c:
5e:cd:6e:50:a9:76:39:13:35:bd:e2:ef:6b:dd:86:
d6:78:3c:22:d0:78:39:bb:78:54:fe:21:87:ce:c8:
25:24:0c:96:25:ed:c0:a1:aa:fd:f4:d0:80:f0:78:
a5:c1:2b:8b:b2:cb:fd:4a:48:5b:99:6e:c1:88:20:
44:61:6c:d1:c1:19:6c:77:b3:9e:16:7a:bc:78:b5:
44:e4:12:74:e5:d1:fb:f6:62:4f:5d:61:5b:66:5f:
a2:aa:af:aa:8f:75:78:cd:cd:33:8a:e4:50:fe:e9:
dc:0c:7e:73:45:f9:59:0c:0d:b7:ee:0e:3e:a4:d3:
aa:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:E1:98:EA:BF:F3:3F:A6:7B:73:6E:9F:05:F9:78:FE:96:86:D3:DD
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/luGY6r_zP6Z7c26fBfl4_paG090.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.128.200.0/22
Signature Algorithm: sha256WithRSAEncryption
c6:2b:5b:2c:a6:08:00:c8:e7:57:3c:1f:50:ce:9f:3d:55:58:
01:01:1c:4e:81:0f:b7:92:36:e1:81:d6:b3:bd:fe:62:ca:dd:
71:23:eb:96:6a:df:8e:f3:52:4b:61:41:c2:df:f3:ab:b4:01:
c5:8d:3f:0c:bd:1a:a8:1b:4f:c2:05:04:b3:e6:0a:7c:a2:b0:
5e:65:1c:aa:81:23:61:e8:44:1e:a1:c9:6d:e4:d7:72:d3:e4:
81:ca:d0:a1:e9:90:34:ed:8a:3a:58:ef:fc:e6:c6:0b:93:5f:
a8:14:75:5c:c5:30:44:14:c6:16:d2:5f:bf:64:f4:19:fa:50:
af:b3:e2:ae:90:3f:51:3a:05:a8:b7:e3:db:f1:cd:46:4d:da:
ab:14:8e:6c:8b:d8:c2:c5:1f:47:0a:5c:87:1c:34:79:6e:0a:
ed:4f:2a:80:45:31:c6:a2:3b:87:e0:fd:d8:4a:bc:5e:cb:50:
d7:4c:e4:39:c9:61:14:62:9c:cf:8a:dc:3d:ee:72:47:38:fe:
5f:00:90:ff:bf:90:46:68:83:0f:c1:57:05:c3:c1:ce:cd:e6:
bf:f7:0f:3e:0c:e5:fd:df:f2:14:62:de:6d:b6:c2:11:16:d2:
f4:34:76:44:d0:99:95:37:35:cb:6e:a7:28:67:8d:82:f9:8d:
79:b2:21:4c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYPGu54xgutv1f2Cof5nfAP9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjIxMDExMTEwODQ3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NmUxOThlYWJmZjMzZmE2N2I3MzZlOWYwNWY5NzhmZTk2ODZkM2RkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhWYYEdJfjUIcolLZEspu05dqIpz5
gTASP7NtMRvV0XttZ95RageABIglswdWOIi7MkB6DU0n0cciOQS+/kSw9a+EtTAS
O6Vi2tvzLo86DIMjTkhM/VGERSCMoM7gNdaTCcGx9u8J2MfiVn4Bvhx1OhyUTENY
VijboQ5vWyVhpRkxAiUwsGxezW5QqXY5EzW94u9r3YbWeDwi0Hg5u3hU/iGHzsgl
JAyWJe3Aoar99NCA8HilwSuLssv9SkhbmW7BiCBEYWzRwRlsd7OeFnq8eLVE5BJ0
5dH79mJPXWFbZl+iqq+qj3V4zc0ziuRQ/uncDH5zRflZDA237g4+pNOq0wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJbhmOq/8z+me3NunwX5eP6WhtPdMB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvbHVHWTZyX3pQNlo3YzI2ZkJmbDRfcGFHMDkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCJYDIMA0G
CSqGSIb3DQEBCwUAA4IBAQDGK1sspggAyOdXPB9Qzp89VVgBARxOgQ+3kjbhgdaz
vf5iyt1xI+uWat+O81JLYUHC3/OrtAHFjT8MvRqoG0/CBQSz5gp8orBeZRyqgSNh
6EQeoclt5Ndy0+SBytCh6ZA07Yo6WO/85sYLk1+oFHVcxTBEFMYW0l+/ZPQZ+lCv
s+KukD9ROgWot+Pb8c1GTdqrFI5si9jCxR9HClyHHDR5bgrtTyqARTHGojuH4P3Y
Srxey1DXTOQ5yWEUYpzPitw97nJHOP5fAJD/v5BGaIMPwVcFw8HOzea/9w8+DOX9
3/IUYt5ttsIRFtL0NHZE0JmVNzXLbqcoZ42C+Y15siFM
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:01 2023 by rpki-client on console-fra.rpki-client.org