Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/c8f02b-0abc-41fe-bc54-ac800c6d976f/1/VzaM6cvmgM0xDtMS90aLf-v001c.roa
File: VzaM6cvmgM0xDtMS90aLf-v001c.roa (raw, json)
Hash identifier: BMxTfLVUfTqTO+im/gY3sYq02cYZ7EB/zxyZ5AJmDYs=
Subject key identifier: 57:36:8C:E9:CB:E6:80:CD:31:0E:D3:12:F7:46:8B:7F:EB:F4:D3:57
Certificate issuer: /CN=2ac78fd517a75f77f3f4fd229ac5e6732560c6e1
Certificate serial: 0A4670E6
Authority key identifier: 2A:C7:8F:D5:17:A7:5F:77:F3:F4:FD:22:9A:C5:E6:73:25:60:C6:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KseP1RenX3fz9P0imsXmcyVgxuE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/c8f02b-0abc-41fe-bc54-ac800c6d976f/1/VzaM6cvmgM0xDtMS90aLf-v001c.roa
Signing time: Sat 01 Jan 2022 06:04:49 +0000
ROA not before: Sat 01 Jan 2022 06:04:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 56860
IP address blocks: 37.235.76.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 172388582 (0xa4670e6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac78fd517a75f77f3f4fd229ac5e6732560c6e1
Validity
Not Before: Jan 1 06:04:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=57368ce9cbe680cd310ed312f7468b7febf4d357
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:2c:6f:81:ce:60:b5:0d:57:5c:f5:49:22:5b:
9f:a2:4d:67:a4:05:19:a9:20:28:c5:94:be:b5:c5:
ed:c5:58:21:77:50:20:ca:ec:83:89:d2:63:e9:c9:
fe:12:a2:5a:b5:99:89:c9:80:91:0d:30:ca:48:44:
be:6e:58:18:53:b3:9a:42:12:21:61:92:61:58:8c:
33:18:82:ad:47:bb:14:c6:e4:69:41:c0:a4:d6:ed:
6b:44:4b:f0:cc:46:59:e7:57:21:31:33:eb:df:e8:
29:00:e1:74:2b:84:c6:c1:6c:f5:ab:f8:5c:10:dd:
8e:b5:e5:9b:49:a8:ed:49:b8:33:8f:51:4c:98:5e:
75:1c:f0:a2:68:3b:99:8a:99:5c:f6:71:3b:d2:59:
62:e3:05:f6:fe:27:70:8a:6e:69:c6:39:35:70:49:
66:42:c2:71:ad:a4:4d:28:32:dc:84:83:12:16:ac:
e2:f1:28:5f:ea:9a:9e:a4:e8:2d:ae:f8:92:34:8b:
41:e7:cd:84:78:e7:91:42:ca:30:62:3d:98:ad:86:
53:cc:e2:22:1a:49:67:6e:6e:1d:7e:a9:4e:1a:02:
84:e5:67:9d:dc:0a:48:da:92:59:4f:f9:e2:62:3a:
ac:6f:b3:87:99:d7:7f:c7:cf:0a:df:53:4c:dd:83:
69:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:36:8C:E9:CB:E6:80:CD:31:0E:D3:12:F7:46:8B:7F:EB:F4:D3:57
X509v3 Authority Key Identifier:
keyid:2A:C7:8F:D5:17:A7:5F:77:F3:F4:FD:22:9A:C5:E6:73:25:60:C6:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KseP1RenX3fz9P0imsXmcyVgxuE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/c8f02b-0abc-41fe-bc54-ac800c6d976f/1/VzaM6cvmgM0xDtMS90aLf-v001c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/c8f02b-0abc-41fe-bc54-ac800c6d976f/1/KseP1RenX3fz9P0imsXmcyVgxuE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.235.76.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:1d:af:79:53:a5:b0:d9:98:e6:b1:f5:11:09:39:fd:4a:c9:
ec:4b:36:d9:fd:7b:76:2e:19:db:32:d5:82:d1:89:76:5f:ed:
96:dd:bc:ca:dc:57:9c:f6:00:19:bd:34:00:4c:bb:ce:9e:4f:
ab:2a:01:e1:e0:29:5e:e4:88:c2:17:f9:6f:7d:05:e4:61:6f:
0d:88:4e:1f:70:c0:07:94:90:58:2c:91:8e:47:b2:87:f8:20:
6d:78:31:c7:32:af:f4:1f:03:ab:10:75:68:f3:00:bc:6b:fb:
04:c3:5b:09:29:2f:cb:8b:14:e8:7e:8b:b9:3e:62:6f:02:41:
91:b2:0f:f1:59:2b:a3:f4:1c:b1:03:3d:48:0c:94:3d:d3:4f:
ff:96:9c:cb:5b:24:ad:8c:c9:91:76:00:1e:77:a1:fb:ba:a4:
20:03:b0:25:60:19:1e:53:39:7d:4b:66:a6:11:a5:4c:6e:38:
39:5f:b2:f3:a3:34:34:84:84:1d:f8:f2:5c:cd:0b:fa:7c:8e:
dc:bf:2d:47:c4:e3:ff:97:a0:e1:02:a1:9c:4f:f5:08:66:27:
71:a3:a0:bc:bc:d7:71:ab:9e:b8:76:90:16:5b:ba:ee:ab:ac:
bc:88:5e:c9:1c:e6:0e:f7:b1:ef:3a:d3:b6:bc:99:d6:39:71:
15:fd:ea:9a
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECkZw5jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
YWM3OGZkNTE3YTc1Zjc3ZjNmNGZkMjI5YWM1ZTY3MzI1NjBjNmUxMB4XDTIyMDEw
MTA2MDQ0OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTczNjhjZTljYmU2
ODBjZDMxMGVkMzEyZjc0NjhiN2ZlYmY0ZDM1NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKgsb4HOYLUNV1z1SSJbn6JNZ6QFGakgKMWUvrXF7cVYIXdQ
IMrsg4nSY+nJ/hKiWrWZicmAkQ0wykhEvm5YGFOzmkISIWGSYViMMxiCrUe7FMbk
aUHApNbta0RL8MxGWedXITEz69/oKQDhdCuExsFs9av4XBDdjrXlm0mo7Um4M49R
TJhedRzwomg7mYqZXPZxO9JZYuMF9v4ncIpuacY5NXBJZkLCca2kTSgy3ISDEhas
4vEoX+qanqToLa74kjSLQefNhHjnkULKMGI9mK2GU8ziIhpJZ25uHX6pThoChOVn
ndwKSNqSWU/54mI6rG+zh5nXf8fPCt9TTN2DaTMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRXNozpy+aAzTEO0xL3Rot/6/TTVzAfBgNVHSMEGDAWgBQqx4/VF6dfd/P0
/SKaxeZzJWDG4TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tzZVAxUmVuWDNmejlQMGltc1htY3lWZ3h1RS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmMvYzhmMDJiLTBhYmMtNDFmZS1iYzU0LWFjODAwYzZkOTc2Zi8x
L1Z6YU02Y3ZtZ00weER0TVM5MGFMZi12MDAxYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmMv
YzhmMDJiLTBhYmMtNDFmZS1iYzU0LWFjODAwYzZkOTc2Zi8xL0tzZVAxUmVuWDNm
ejlQMGltc1htY3lWZ3h1RS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEACXrTDANBgkqhkiG9w0BAQsFAAOC
AQEACh2veVOlsNmY5rH1EQk5/UrJ7Es22f17di4Z2zLVgtGJdl/tlt28ytxXnPYA
Gb00AEy7zp5PqyoB4eApXuSIwhf5b30F5GFvDYhOH3DAB5SQWCyRjkeyh/ggbXgx
xzKv9B8DqxB1aPMAvGv7BMNbCSkvy4sU6H6LuT5ibwJBkbIP8Vkro/QcsQM9SAyU
PdNP/5acy1skrYzJkXYAHneh+7qkIAOwJWAZHlM5fUtmphGlTG44OV+y86M0NISE
HfjyXM0L+nyO3L8tR8Tj/5eg4QKhnE/1CGYncaOgvLzXcaueuHaQFlu67qusvIhe
yRzmDvex7zrTtryZ1jlxFf3qmg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:15 2024 by rpki-client on console-ams.rpki-client.org