Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/zKzY3DorI4l-HsOK6nzTJFDnuOA.roa
File: zKzY3DorI4l-HsOK6nzTJFDnuOA.roa (raw, json)
Hash identifier: 58qngiMBxl6v1kGa+szHF89WIqNRG26XODx3uHKAgow=
Subject key identifier: CC:AC:D8:DC:3A:2B:23:89:7E:1E:C3:8A:EA:7C:D3:24:50:E7:B8:E0
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 018453F891104CB9B5D348C84BED41062950
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/zKzY3DorI4l-HsOK6nzTJFDnuOA.roa
Signing time: Mon 07 Nov 2022 21:21:49 +0000
ROA not before: Mon 07 Nov 2022 21:21:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15723
IP address blocks: 37.128.203.0/24 maxlen: 24
37.128.202.0/24 maxlen: 24
37.128.200.0/24 maxlen: 24
37.128.201.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:53:f8:91:10:4c:b9:b5:d3:48:c8:4b:ed:41:06:29:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Nov 7 21:21:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ccacd8dc3a2b23897e1ec38aea7cd32450e7b8e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:1a:d8:c9:a3:53:f2:f9:30:52:6e:3a:89:98:
9b:c8:c1:ae:ce:a9:5f:15:71:c8:44:6f:75:ee:20:
5d:dc:03:63:79:b5:76:b9:2b:63:51:58:6c:b4:40:
02:09:f1:c3:a0:27:4b:be:d9:5d:66:d6:7b:91:b1:
4b:d1:f4:5e:46:c9:fe:8f:cc:49:1c:4f:4e:26:5b:
e0:c8:1a:89:e0:d2:68:62:54:44:4c:da:7d:b2:08:
2b:49:d6:cc:3c:d6:bb:45:05:96:29:69:42:f8:67:
ca:3d:72:7f:b9:19:8b:03:27:b3:f8:1d:4e:09:ba:
71:3d:7b:aa:0b:40:14:27:39:14:b6:56:6c:78:77:
54:02:d5:1a:31:cf:bf:60:d9:6e:13:00:92:7f:22:
04:7e:b7:68:1d:5f:2f:d5:9b:39:03:dd:2d:9e:85:
94:a6:de:dc:ac:0f:0c:72:b6:e3:b7:e4:41:c9:84:
15:d9:e5:cf:8d:3a:f8:38:67:56:a5:54:57:6f:91:
d2:80:26:d3:6b:cc:6c:17:14:57:c9:4d:e7:57:e7:
c7:84:b2:85:3b:6d:08:58:96:60:ae:2c:fa:2d:95:
9a:6c:45:f0:1b:04:55:40:90:e5:5c:ad:95:37:f5:
62:8e:fb:7a:9e:fe:28:a1:46:f6:7e:16:c6:d1:ce:
e2:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:AC:D8:DC:3A:2B:23:89:7E:1E:C3:8A:EA:7C:D3:24:50:E7:B8:E0
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/zKzY3DorI4l-HsOK6nzTJFDnuOA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.128.200.0/22
Signature Algorithm: sha256WithRSAEncryption
b2:b3:67:04:c4:ca:a4:b9:f9:54:13:16:78:ae:b7:a2:47:22:
f1:9a:d1:c2:c0:50:57:fc:df:32:51:ed:3e:a4:0e:b9:b8:9a:
82:49:88:7c:ed:f7:91:46:ed:90:96:0d:a6:d1:f5:92:44:20:
3e:70:ff:2e:df:7a:bf:0b:bc:33:7f:94:34:9e:b1:b3:f5:7c:
21:8a:86:26:1f:6e:fc:eb:2f:90:18:83:76:e7:a0:f1:e6:95:
75:ee:20:78:35:5b:1a:6e:11:04:49:e3:5d:35:4a:ba:58:1f:
c6:f6:e6:70:25:59:cc:32:b3:8d:50:7d:51:c4:03:5e:31:75:
d2:39:06:14:a3:3c:bd:88:8d:6b:66:5c:b8:4f:ea:19:98:6f:
61:e1:00:8c:bd:84:48:9a:c9:6b:ff:36:e5:a6:f4:21:a3:46:
f7:68:63:81:d9:aa:23:93:6d:c3:7e:6d:11:f5:5d:ea:d9:6b:
e8:d5:c0:91:d2:c4:5c:48:c8:ff:02:c6:d5:ed:92:8b:10:07:
b3:87:32:e6:33:4c:e7:5c:28:33:49:1b:96:03:8f:a8:bf:d9:
43:d9:fa:98:e7:a0:9c:45:1e:61:50:43:41:a2:7c:11:4a:ea:
17:04:85:03:f4:3a:fc:f7:76:7b:82:b3:2d:46:6f:9b:58:26:
c8:41:33:b9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYRT+JEQTLm100jIS+1BBilQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjIxMTA3MjEyMTQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjY2FjZDhkYzNhMmIyMzg5N2UxZWMzOGFlYTdjZDMyNDUwZTdiOGUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxhrYyaNT8vkwUm46iZibyMGuzqlf
FXHIRG917iBd3ANjebV2uStjUVhstEACCfHDoCdLvtldZtZ7kbFL0fReRsn+j8xJ
HE9OJlvgyBqJ4NJoYlRETNp9sggrSdbMPNa7RQWWKWlC+GfKPXJ/uRmLAyez+B1O
CbpxPXuqC0AUJzkUtlZseHdUAtUaMc+/YNluEwCSfyIEfrdoHV8v1Zs5A90tnoWU
pt7crA8Mcrbjt+RByYQV2eXPjTr4OGdWpVRXb5HSgCbTa8xsFxRXyU3nV+fHhLKF
O20IWJZgriz6LZWabEXwGwRVQJDlXK2VN/Vijvt6nv4ooUb2fhbG0c7iFQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMys2Nw6KyOJfh7Diup80yRQ57jgMB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvekt6WTNEb3JJNGwtSHNPSzZuelRKRkRudU9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCJYDIMA0G
CSqGSIb3DQEBCwUAA4IBAQCys2cExMqkuflUExZ4rreiRyLxmtHCwFBX/N8yUe0+
pA65uJqCSYh87feRRu2Qlg2m0fWSRCA+cP8u33q/C7wzf5Q0nrGz9XwhioYmH278
6y+QGIN256Dx5pV17iB4NVsabhEESeNdNUq6WB/G9uZwJVnMMrONUH1RxANeMXXS
OQYUozy9iI1rZly4T+oZmG9h4QCMvYRImslr/zblpvQho0b3aGOB2aojk23Dfm0R
9V3q2Wvo1cCR0sRcSMj/AsbV7ZKLEAezhzLmM0znXCgzSRuWA4+ov9lD2fqY56Cc
RR5hUENBonwRSuoXBIUD9Dr893Z7grMtRm+bWCbIQTO5
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:51 2023 by rpki-client on console-ams.rpki-client.org