Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/1bcb8b-a3f8-48cc-8db9-3df9e21f4bcc/1/37o-G43CrU1kyez-4sgCjkBZc-w.roa
File: 37o-G43CrU1kyez-4sgCjkBZc-w.roa (raw, json)
Hash identifier: 4ggHMOMJaF1L4FtZJtkAAS0vRcu9Gg84gxKFOMp2GVo=
Subject key identifier: DF:BA:3E:1B:8D:C2:AD:4D:64:C9:EC:FE:E2:C8:02:8E:40:59:73:EC
Certificate issuer: /CN=becec531e5c37756b828663f9cc20ad6217713ac
Certificate serial: 018571832D984BCAAA8AC205219FB9C0D264
Authority key identifier: BE:CE:C5:31:E5:C3:77:56:B8:28:66:3F:9C:C2:0A:D6:21:77:13:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vs7FMeXDd1a4KGY_nMIK1iF3E6w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/1bcb8b-a3f8-48cc-8db9-3df9e21f4bcc/1/37o-G43CrU1kyez-4sgCjkBZc-w.roa
Signing time: Mon 02 Jan 2023 08:05:00 +0000
ROA not before: Mon 02 Jan 2023 08:05:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213283
IP address blocks: 164.133.24.0/24 maxlen: 24
164.133.22.0/24 maxlen: 24
164.133.23.0/24 maxlen: 24
164.133.25.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:83:2d:98:4b:ca:aa:8a:c2:05:21:9f:b9:c0:d2:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=becec531e5c37756b828663f9cc20ad6217713ac
Validity
Not Before: Jan 2 08:05:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dfba3e1b8dc2ad4d64c9ecfee2c8028e405973ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:8d:d5:30:98:ee:a0:21:c5:8d:4b:26:f5:31:
04:58:9f:f1:85:ca:01:a9:25:20:e8:6a:58:be:a0:
ca:a0:19:df:f9:c5:94:55:65:97:4b:84:0e:3c:0a:
4e:88:aa:da:61:1d:d6:6d:3b:d9:12:29:fc:29:d3:
85:00:00:76:bf:7c:a9:4b:e5:c9:9f:c4:00:fd:77:
e3:62:30:56:dc:43:a1:68:3f:43:84:e0:0e:69:e8:
60:b1:65:73:71:1c:fd:36:25:c4:de:a3:8e:0e:56:
43:14:c7:a4:91:d3:6e:f4:20:b7:62:ae:8e:c2:9a:
1e:65:a5:c9:d4:f6:de:41:1b:28:b2:42:d9:df:e4:
b8:f2:a6:0f:51:9d:25:0f:f9:a5:0d:21:5c:2a:39:
09:54:95:1b:80:1f:24:57:07:e8:d7:a7:52:4c:f9:
d5:f7:3b:32:8e:19:ed:5d:1c:3f:6b:be:37:aa:f4:
5e:85:b9:2b:3b:61:38:fd:f0:ac:67:4e:5a:bb:f6:
c6:23:67:01:f3:ba:a2:2d:87:f7:b3:95:79:ef:ed:
46:be:6a:fd:c6:27:63:2e:de:c7:07:38:18:77:6e:
c8:42:16:86:89:2f:a9:d4:db:b7:f0:07:2f:1a:ea:
f6:ff:51:df:72:5f:69:b2:7d:f8:86:47:53:72:80:
d1:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:BA:3E:1B:8D:C2:AD:4D:64:C9:EC:FE:E2:C8:02:8E:40:59:73:EC
X509v3 Authority Key Identifier:
keyid:BE:CE:C5:31:E5:C3:77:56:B8:28:66:3F:9C:C2:0A:D6:21:77:13:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vs7FMeXDd1a4KGY_nMIK1iF3E6w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/1bcb8b-a3f8-48cc-8db9-3df9e21f4bcc/1/37o-G43CrU1kyez-4sgCjkBZc-w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/1bcb8b-a3f8-48cc-8db9-3df9e21f4bcc/1/vs7FMeXDd1a4KGY_nMIK1iF3E6w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
164.133.22.0-164.133.25.255
Signature Algorithm: sha256WithRSAEncryption
5b:ec:b6:40:b5:aa:03:60:70:14:38:77:51:9e:72:3e:b9:87:
06:59:64:ae:7d:79:29:c2:c0:42:c1:7f:fa:15:84:13:2f:3c:
57:c7:e4:ca:d6:5e:a9:c9:d1:30:3d:74:fa:25:4a:26:ce:57:
2e:99:d2:e7:1c:6f:b1:18:e2:fe:71:54:e6:06:ac:69:9c:09:
44:a8:8e:75:8e:b5:f3:35:7a:34:b9:21:f4:aa:7e:66:e6:67:
79:b6:64:ed:b4:98:fc:e0:40:e9:54:78:72:d0:41:7e:27:16:
66:e5:d9:e7:e7:2c:3a:8e:18:05:cf:af:e3:ec:4e:82:84:f3:
d3:d4:07:cd:16:1a:7c:c9:09:4f:37:0f:08:e9:4d:3e:69:66:
b1:23:1b:14:7d:34:9e:a1:80:01:ec:36:e0:4d:06:ee:e3:2e:
8b:fb:48:02:4b:45:d3:eb:ed:48:35:9c:40:6e:e5:09:1d:c6:
2d:93:15:c6:27:c4:dc:4e:fc:93:29:d0:49:c1:22:31:67:9c:
ac:96:d4:9a:51:c1:e8:fa:bc:9c:d4:39:6d:10:4e:d6:1f:80:
06:2c:3e:bc:7b:f0:60:1a:04:d5:2a:09:f5:a1:d9:7b:3a:08:
9a:37:d0:35:4b:b2:08:7a:97:44:b8:16:e8:85:ed:d6:ba:cd:
b2:33:bb:96
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVxgy2YS8qqisIFIZ+5wNJkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlY2VjNTMxZTVjMzc3NTZiODI4NjYzZjljYzIwYWQ2MjE3
NzEzYWMwHhcNMjMwMTAyMDgwNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmJhM2UxYjhkYzJhZDRkNjRjOWVjZmVlMmM4MDI4ZTQwNTk3M2VjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyo3VMJjuoCHFjUsm9TEEWJ/xhcoB
qSUg6GpYvqDKoBnf+cWUVWWXS4QOPApOiKraYR3WbTvZEin8KdOFAAB2v3ypS+XJ
n8QA/XfjYjBW3EOhaD9DhOAOaehgsWVzcRz9NiXE3qOODlZDFMekkdNu9CC3Yq6O
wpoeZaXJ1PbeQRsoskLZ3+S48qYPUZ0lD/mlDSFcKjkJVJUbgB8kVwfo16dSTPnV
9zsyjhntXRw/a743qvRehbkrO2E4/fCsZ05au/bGI2cB87qiLYf3s5V57+1Gvmr9
xidjLt7HBzgYd27IQhaGiS+p1Nu38AcvGur2/1Hfcl9psn34hkdTcoDRxQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFN+6PhuNwq1NZMns/uLIAo5AWXPsMB8GA1UdIwQY
MBaAFL7OxTHlw3dWuChmP5zCCtYhdxOsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdnM3Rk1lWERkMWE0S0dZX25NSUsxaUYzRTZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi8xYmNiOGItYTNmOC00OGNjLThkYjkt
M2RmOWUyMWY0YmNjLzEvMzdvLUc0M0NyVTFreWV6LTRzZ0Nqa0JaYy13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi8xYmNiOGItYTNmOC00OGNjLThkYjktM2RmOWUyMWY0YmNj
LzEvdnM3Rk1lWERkMWE0S0dZX25NSUsxaUYzRTZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAGkhRYD
BAGkhRgwDQYJKoZIhvcNAQELBQADggEBAFvstkC1qgNgcBQ4d1Gecj65hwZZZK59
eSnCwELBf/oVhBMvPFfH5MrWXqnJ0TA9dPolSibOVy6Z0uccb7EY4v5xVOYGrGmc
CUSojnWOtfM1ejS5IfSqfmbmZ3m2ZO20mPzgQOlUeHLQQX4nFmbl2efnLDqOGAXP
r+PsToKE89PUB80WGnzJCU83DwjpTT5pZrEjGxR9NJ6hgAHsNuBNBu7jLov7SAJL
RdPr7Ug1nEBu5Qkdxi2TFcYnxNxO/JMp0EnBIjFnnKyW1JpRwej6vJzUOW0QTtYf
gAYsPrx78GAaBNUqCfWh2Xs6CJo30DVLsgh6l0S4FuiF7da6zbIzu5Y=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:35:41 2025 by rpki-client