Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/a9666e-fcf0-4fb6-a452-38b392c6e1bf/1/sUQOsVUZO4X1stMdA9nbgfv7EEw.roa
File: sUQOsVUZO4X1stMdA9nbgfv7EEw.roa (raw, json)
Hash identifier: emeFIxY2/GuZUoAG0y6cHByA789S7DC3XCIg5PEtRSo=
Subject key identifier: B1:44:0E:B1:55:19:3B:85:F5:B2:D3:1D:03:D9:DB:81:FB:FB:10:4C
Certificate issuer: /CN=184fff3cf900e76aae0d2cd2e77dfeae24c5d24c
Certificate serial: 01856CAF3004833432C34E19162FFF39B052
Authority key identifier: 18:4F:FF:3C:F9:00:E7:6A:AE:0D:2C:D2:E7:7D:FE:AE:24:C5:D2:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GE__PPkA52quDSzS533-riTF0kw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/a9666e-fcf0-4fb6-a452-38b392c6e1bf/1/sUQOsVUZO4X1stMdA9nbgfv7EEw.roa
Signing time: Sun 01 Jan 2023 09:34:58 +0000
ROA not before: Sun 01 Jan 2023 09:34:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198312
IP address blocks: 37.0.97.0/24 maxlen: 24
37.0.96.0/24 maxlen: 24
37.0.100.0/24 maxlen: 24
37.0.103.0/24 maxlen: 24
37.0.102.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:af:30:04:83:34:32:c3:4e:19:16:2f:ff:39:b0:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=184fff3cf900e76aae0d2cd2e77dfeae24c5d24c
Validity
Not Before: Jan 1 09:34:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b1440eb155193b85f5b2d31d03d9db81fbfb104c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:8e:2e:a2:f3:0b:d6:bf:4a:08:21:99:82:db:
69:f3:17:78:47:40:e1:60:27:8b:e4:94:9d:8f:1b:
af:dd:4c:13:e2:e1:44:d3:09:51:5a:82:ca:88:01:
09:76:2a:d9:5f:a9:38:a7:ae:18:75:7d:2f:ae:52:
5f:f8:0c:cd:5b:66:6a:9b:89:50:29:75:9f:98:20:
fd:32:9b:a6:75:55:3b:ff:d6:30:7e:10:0e:e6:42:
a4:c8:cb:56:67:19:93:7d:ed:55:66:ad:86:4b:54:
b1:b9:4b:fe:8f:74:61:85:72:0f:9c:4b:60:62:d6:
77:61:53:94:9c:5a:7e:16:20:c6:45:ff:6d:21:51:
8a:1f:9c:df:dd:46:b1:82:34:58:0e:b0:c0:b4:55:
dd:5f:b2:b1:92:23:cb:ca:a2:0f:0c:ea:9d:98:3e:
80:05:e8:49:a5:d0:44:55:cd:18:55:a3:00:e4:ce:
c8:43:76:3e:28:f1:92:00:f6:22:52:21:49:6e:9a:
f1:ee:89:97:a0:94:db:98:23:82:6f:88:6c:b1:6a:
66:78:07:31:62:4b:98:cd:df:5e:d6:fa:71:79:92:
a2:21:fb:3d:b0:de:bb:e7:7c:da:6d:1a:77:cc:3f:
fa:e7:4e:90:1c:ed:84:a0:19:77:ca:4a:5a:07:3b:
c0:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:44:0E:B1:55:19:3B:85:F5:B2:D3:1D:03:D9:DB:81:FB:FB:10:4C
X509v3 Authority Key Identifier:
keyid:18:4F:FF:3C:F9:00:E7:6A:AE:0D:2C:D2:E7:7D:FE:AE:24:C5:D2:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GE__PPkA52quDSzS533-riTF0kw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/a9666e-fcf0-4fb6-a452-38b392c6e1bf/1/sUQOsVUZO4X1stMdA9nbgfv7EEw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/a9666e-fcf0-4fb6-a452-38b392c6e1bf/1/GE__PPkA52quDSzS533-riTF0kw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.0.96.0/23
37.0.100.0/24
37.0.102.0/23
Signature Algorithm: sha256WithRSAEncryption
3a:bc:47:47:27:8b:b0:83:af:d0:7f:10:d8:ef:1f:d8:b6:2d:
91:ee:41:ea:c0:ae:38:84:f2:6a:e0:bc:15:1c:51:13:47:5f:
d3:76:75:c9:64:b8:19:02:ad:c9:d3:06:e0:55:5e:ca:d3:a5:
dc:df:2c:22:52:da:35:08:a0:d6:d0:03:ad:1c:bd:36:2c:20:
50:0a:17:e3:d0:16:91:e2:71:c1:ee:4a:ee:62:af:78:ae:3a:
25:d0:f0:e7:15:03:fc:c7:d2:20:ef:ad:3c:5d:56:5a:ac:50:
d5:dd:0c:be:d5:a8:8d:05:48:9c:ad:d8:e8:e1:7c:de:d7:00:
3d:0a:5a:86:4d:80:b8:e4:64:9a:1f:96:5b:e6:15:af:09:cc:
08:82:eb:20:b1:d5:d2:70:5a:1f:ae:3c:e9:5d:71:14:66:c6:
bf:80:17:72:af:47:0b:38:6c:9c:7e:a8:cc:05:71:99:2c:18:
ee:00:12:d4:04:e8:67:07:49:21:4c:78:c8:9e:37:ec:5b:b1:
ac:0c:0e:42:13:2f:89:23:f4:2e:77:ae:e1:12:8b:ef:ea:40:
6b:af:5b:99:6f:6b:06:7a:37:28:8d:ae:16:ea:cd:04:d5:1c:
6a:3d:2b:16:2d:6b:c3:94:7b:5c:f7:70:08:38:df:7d:e2:46:
aa:63:49:2e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVsrzAEgzQyw04ZFi//ObBSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4NGZmZjNjZjkwMGU3NmFhZTBkMmNkMmU3N2RmZWFlMjRj
NWQyNGMwHhcNMjMwMTAxMDkzNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTQ0MGViMTU1MTkzYjg1ZjViMmQzMWQwM2Q5ZGI4MWZiZmIxMDRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6o4uovML1r9KCCGZgttp8xd4R0Dh
YCeL5JSdjxuv3UwT4uFE0wlRWoLKiAEJdirZX6k4p64YdX0vrlJf+AzNW2Zqm4lQ
KXWfmCD9MpumdVU7/9YwfhAO5kKkyMtWZxmTfe1VZq2GS1SxuUv+j3RhhXIPnEtg
YtZ3YVOUnFp+FiDGRf9tIVGKH5zf3UaxgjRYDrDAtFXdX7KxkiPLyqIPDOqdmD6A
BehJpdBEVc0YVaMA5M7IQ3Y+KPGSAPYiUiFJbprx7omXoJTbmCOCb4hssWpmeAcx
YkuYzd9e1vpxeZKiIfs9sN6753zabRp3zD/6506QHO2EoBl3ykpaBzvA6QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLFEDrFVGTuF9bLTHQPZ24H7+xBMMB8GA1UdIwQY
MBaAFBhP/zz5AOdqrg0s0ud9/q4kxdJMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0VfX1BQa0E1MnF1RFN6UzUzMy1yaVRGMGt3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS9hOTY2NmUtZmNmMC00ZmI2LWE0NTIt
MzhiMzkyYzZlMWJmLzEvc1VRT3NWVVpPNFgxc3RNZEE5bmJnZnY3RUV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS9hOTY2NmUtZmNmMC00ZmI2LWE0NTItMzhiMzkyYzZlMWJm
LzEvR0VfX1BQa0E1MnF1RFN6UzUzMy1yaVRGMGt3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBJQBgAwQA
JQBkAwQBJQBmMA0GCSqGSIb3DQEBCwUAA4IBAQA6vEdHJ4uwg6/QfxDY7x/Yti2R
7kHqwK44hPJq4LwVHFETR1/TdnXJZLgZAq3J0wbgVV7K06Xc3ywiUto1CKDW0AOt
HL02LCBQChfj0BaR4nHB7kruYq94rjol0PDnFQP8x9Ig7608XVZarFDV3Qy+1aiN
BUicrdjo4Xze1wA9ClqGTYC45GSaH5Zb5hWvCcwIgusgsdXScFofrjzpXXEUZsa/
gBdyr0cLOGycfqjMBXGZLBjuABLUBOhnB0khTHjInjfsW7GsDA5CEy+JI/Qud67h
Eovv6kBrr1uZb2sGejcoja4W6s0E1RxqPSsWLWvDlHtc93AION994kaqY0ku
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:48:14 2025 by rpki-client