Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/82e6f5-82f2-45e7-844e-3514841f36ae/1/v7qpBFv67R214-mym93vu3OOU5A.roa
File: v7qpBFv67R214-mym93vu3OOU5A.roa (raw, json)
Hash identifier: wc4XAJIu0CJJ7c6SG8z5bcC5pumw4gIoHNMGIwVvBdo=
Subject key identifier: BF:BA:A9:04:5B:FA:ED:1D:B5:E3:E9:B2:9B:DD:EF:BB:73:8E:53:90
Certificate issuer: /CN=95cae2c37c86630e61afdf8903fe174de8b945be
Certificate serial: 0B62BB10
Authority key identifier: 95:CA:E2:C3:7C:86:63:0E:61:AF:DF:89:03:FE:17:4D:E8:B9:45:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lcriw3yGYw5hr9-JA_4XTei5Rb4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/82e6f5-82f2-45e7-844e-3514841f36ae/1/v7qpBFv67R214-mym93vu3OOU5A.roa
Signing time: Sat 01 Jan 2022 13:59:39 +0000
ROA not before: Sat 01 Jan 2022 13:59:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43193
IP address blocks: 37.46.8.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 191019792 (0xb62bb10)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=95cae2c37c86630e61afdf8903fe174de8b945be
Validity
Not Before: Jan 1 13:59:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bfbaa9045bfaed1db5e3e9b29bddefbb738e5390
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:e6:f4:25:64:99:de:9a:7f:9b:03:e5:3c:07:
fa:9e:a7:06:08:71:32:a9:1c:a4:7f:77:3c:a3:08:
6d:9b:5f:6f:fd:7f:8a:e1:04:73:17:30:1f:b4:06:
51:72:0d:87:f1:ff:e1:81:12:1c:90:7b:f3:3c:b6:
fe:d5:04:ad:bb:2f:f0:c1:d3:2a:df:27:79:87:d9:
d2:e2:30:96:5a:a2:b6:76:93:17:79:27:83:c7:04:
af:da:64:08:1c:50:03:26:4d:56:11:dc:c9:f9:06:
c7:ad:7b:58:84:59:02:f0:6d:41:b6:9f:42:65:57:
52:87:5b:13:50:b4:a2:aa:08:2a:40:13:71:fa:35:
80:7c:30:fb:f7:21:0c:b0:a7:17:57:d3:0c:b2:7a:
91:80:44:1e:c2:76:30:41:81:24:a4:dd:84:94:6a:
20:b0:b4:29:82:11:fa:fe:9e:5d:22:9c:db:ec:48:
7a:b8:06:bf:f3:87:fe:4a:89:e8:6e:18:4c:2e:f8:
02:1b:a2:4a:3a:0a:ed:ab:ac:b3:12:9e:49:33:6e:
6b:66:17:03:07:56:21:42:07:0e:b6:18:f5:9a:7a:
32:4d:80:b5:3d:1c:e9:21:15:c9:4e:9f:7f:ca:93:
84:f5:e6:13:1f:b0:f1:89:b8:c1:8d:b4:09:69:4d:
88:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:BA:A9:04:5B:FA:ED:1D:B5:E3:E9:B2:9B:DD:EF:BB:73:8E:53:90
X509v3 Authority Key Identifier:
keyid:95:CA:E2:C3:7C:86:63:0E:61:AF:DF:89:03:FE:17:4D:E8:B9:45:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lcriw3yGYw5hr9-JA_4XTei5Rb4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/82e6f5-82f2-45e7-844e-3514841f36ae/1/v7qpBFv67R214-mym93vu3OOU5A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/82e6f5-82f2-45e7-844e-3514841f36ae/1/lcriw3yGYw5hr9-JA_4XTei5Rb4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.46.8.0/22
Signature Algorithm: sha256WithRSAEncryption
b4:f5:71:ff:e9:ce:e9:bd:5f:04:49:f3:8d:d9:55:d9:1d:c9:
d3:43:00:da:96:af:87:14:8a:47:bd:b9:bc:5d:18:37:83:7e:
e7:04:4c:d8:44:a0:b3:d1:2e:31:61:78:22:1f:6a:d2:be:03:
98:7c:5f:08:b4:02:2b:e6:d2:67:17:cc:07:26:5c:a2:ca:d4:
be:d7:e3:b9:40:f5:5a:64:05:77:cf:3a:2e:70:56:cc:f9:e0:
37:c3:1f:a6:f1:9a:2a:8d:00:ae:c5:4d:69:bf:79:4d:14:ab:
39:a6:a7:d4:e9:7b:75:da:82:f3:e4:63:9b:57:1c:c6:19:d2:
f3:61:ba:f2:e4:11:98:00:07:13:8b:50:22:bf:ea:7c:1e:1a:
d3:90:14:34:a0:f7:c5:96:b8:f3:91:9d:bf:00:80:eb:ce:9f:
3f:f3:15:b1:df:05:99:27:3a:7c:5d:7d:ff:32:8c:db:4d:dc:
36:9e:0f:45:21:e5:af:13:25:19:f9:9b:d0:07:ec:f5:3f:70:
28:07:34:2d:ad:d6:d8:48:55:1b:c2:08:f4:d5:96:8a:b5:a2:
a0:8c:0e:da:31:a0:2e:9f:ed:36:a2:4c:41:f9:cf:13:c3:84:
36:bd:f1:2b:ea:de:6e:45:5e:8a:04:89:fb:e6:0c:14:cf:09:
05:76:80:78
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEC2K7EDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
NWNhZTJjMzdjODY2MzBlNjFhZmRmODkwM2ZlMTc0ZGU4Yjk0NWJlMB4XDTIyMDEw
MTEzNTkzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmZiYWE5MDQ1YmZh
ZWQxZGI1ZTNlOWIyOWJkZGVmYmI3MzhlNTM5MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANHm9CVkmd6af5sD5TwH+p6nBghxMqkcpH93PKMIbZtfb/1/
iuEEcxcwH7QGUXINh/H/4YESHJB78zy2/tUErbsv8MHTKt8neYfZ0uIwllqitnaT
F3kng8cEr9pkCBxQAyZNVhHcyfkGx617WIRZAvBtQbafQmVXUodbE1C0oqoIKkAT
cfo1gHww+/chDLCnF1fTDLJ6kYBEHsJ2MEGBJKTdhJRqILC0KYIR+v6eXSKc2+xI
ergGv/OH/kqJ6G4YTC74AhuiSjoK7aussxKeSTNua2YXAwdWIUIHDrYY9Zp6Mk2A
tT0c6SEVyU6ff8qThPXmEx+w8Ym4wY20CWlNiDkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBS/uqkEW/rtHbXj6bKb3e+7c45TkDAfBgNVHSMEGDAWgBSVyuLDfIZjDmGv
34kD/hdN6LlFvjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2xjcml3M3lHWXc1aHI5LUpBXzRYVGVpNVJiNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWMvODJlNmY1LTgyZjItNDVlNy04NDRlLTM1MTQ4NDFmMzZhZS8x
L3Y3cXBCRnY2N1IyMTQtbXltOTN2dTNPT1U1QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWMv
ODJlNmY1LTgyZjItNDVlNy04NDRlLTM1MTQ4NDFmMzZhZS8xL2xjcml3M3lHWXc1
aHI5LUpBXzRYVGVpNVJiNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAiUuCDANBgkqhkiG9w0BAQsFAAOC
AQEAtPVx/+nO6b1fBEnzjdlV2R3J00MA2pavhxSKR725vF0YN4N+5wRM2ESgs9Eu
MWF4Ih9q0r4DmHxfCLQCK+bSZxfMByZcosrUvtfjuUD1WmQFd886LnBWzPngN8Mf
pvGaKo0ArsVNab95TRSrOaan1Ol7ddqC8+Rjm1ccxhnS82G68uQRmAAHE4tQIr/q
fB4a05AUNKD3xZa485GdvwCA686fP/MVsd8FmSc6fF19/zKM203cNp4PRSHlrxMl
Gfmb0Afs9T9wKAc0La3W2EhVG8II9NWWirWioIwO2jGgLp/tNqJMQfnPE8OENr3x
K+rebkVeigSJ++YMFM8JBXaAeA==
-----END CERTIFICATE-----
Generated at Thu Apr 17 08:10:56 2025 by rpki-client