Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f2a37c-a129-4c0b-9ed1-b18dac2d259b/1/Yx5-8Fspdsujf4SYUM6a37tT7L4.roa
File: Yx5-8Fspdsujf4SYUM6a37tT7L4.roa (raw, json)
Hash identifier: 1s3jRCCV8fVKQ8zYKIhXMmKvDQT0+OIWkXwQWLX/qro=
Subject key identifier: 63:1E:7E:F0:5B:29:76:CB:A3:7F:84:98:50:CE:9A:DF:BB:53:EC:BE
Certificate issuer: /CN=4f7d885393b32b5eee3a0bf4338e0faaef3c753c
Certificate serial: 018B808C8B4538224DF5B5D035393FCCCDE8
Authority key identifier: 4F:7D:88:53:93:B3:2B:5E:EE:3A:0B:F4:33:8E:0F:AA:EF:3C:75:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T32IU5OzK17uOgv0M44Pqu88dTw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f2a37c-a129-4c0b-9ed1-b18dac2d259b/1/Yx5-8Fspdsujf4SYUM6a37tT7L4.roa
Signing time: Mon 30 Oct 2023 12:26:16 +0000
ROA not before: Mon 30 Oct 2023 12:26:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14618
IP address blocks: 37.221.72.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:80:8c:8b:45:38:22:4d:f5:b5:d0:35:39:3f:cc:cd:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f7d885393b32b5eee3a0bf4338e0faaef3c753c
Validity
Not Before: Oct 30 12:26:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=631e7ef05b2976cba37f849850ce9adfbb53ecbe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:af:14:2f:59:14:bb:be:eb:a4:64:70:bf:c8:
01:72:ed:4d:d9:06:38:4c:88:a8:75:a2:cb:d4:be:
9b:eb:b6:d3:da:c9:bb:e4:e8:f2:76:2f:6e:58:39:
f5:0d:34:93:07:1d:a1:06:3a:a0:e2:10:7f:52:7c:
2a:63:2e:ec:fe:92:2b:1a:87:63:84:3f:dd:c5:8e:
d3:c9:90:62:8b:17:53:89:5d:7d:00:5b:fa:b5:e7:
d8:36:e0:79:e1:ff:60:e1:17:77:80:77:f4:c4:b4:
dd:ef:74:3e:55:1b:cb:d8:fe:ca:25:42:74:74:e8:
d7:1b:70:a5:86:a5:a6:dd:bf:73:71:90:58:2d:18:
46:2f:d0:77:be:ed:7d:2d:c7:c0:8b:e9:4e:be:9b:
9a:a0:e6:bc:45:48:f3:dd:53:aa:43:2d:58:3a:b1:
f5:1c:d0:8a:86:48:e4:33:ea:76:f3:c4:bd:3e:e0:
24:a8:0c:fa:c3:85:df:19:21:82:7e:58:bc:35:96:
6d:4f:fc:23:a7:1f:d7:d0:41:17:1d:fc:c5:e7:ab:
25:ec:9b:5f:5e:97:f7:cf:bf:0f:9d:d9:9c:e9:b7:
81:29:dc:fe:b5:71:dc:2f:a6:82:ed:c5:e9:5c:d3:
f4:13:79:df:3a:37:88:53:56:c4:b9:9d:59:35:d2:
97:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:1E:7E:F0:5B:29:76:CB:A3:7F:84:98:50:CE:9A:DF:BB:53:EC:BE
X509v3 Authority Key Identifier:
keyid:4F:7D:88:53:93:B3:2B:5E:EE:3A:0B:F4:33:8E:0F:AA:EF:3C:75:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T32IU5OzK17uOgv0M44Pqu88dTw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f2a37c-a129-4c0b-9ed1-b18dac2d259b/1/Yx5-8Fspdsujf4SYUM6a37tT7L4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f2a37c-a129-4c0b-9ed1-b18dac2d259b/1/T32IU5OzK17uOgv0M44Pqu88dTw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.221.72.0/22
Signature Algorithm: sha256WithRSAEncryption
a1:9e:90:9d:53:21:24:5a:2c:92:d0:86:f9:81:a3:f3:d9:2e:
d1:c5:5e:a6:20:89:06:bc:2a:33:22:27:20:39:26:47:a4:a0:
b7:fb:95:4e:62:4d:44:a8:61:5b:f8:90:4c:63:b3:4b:46:b4:
89:f8:4b:18:df:da:1f:05:a6:a2:aa:41:7b:12:89:6b:76:bf:
20:53:fa:ba:24:13:9e:ef:cc:b7:95:ac:06:ae:da:ab:b6:5e:
dd:c0:2b:53:d3:a9:de:64:0f:81:1d:a5:6c:b0:1e:d4:3b:72:
fa:f7:60:00:55:1c:00:42:83:f0:7c:f1:33:a1:1d:8d:15:92:
d1:30:5b:9d:4c:38:1a:48:f9:c0:04:8c:39:5a:11:e7:49:8f:
d5:91:1d:61:74:c6:e1:ab:38:59:71:e4:a2:1e:61:c9:eb:41:
83:a6:fb:1a:39:2b:02:2a:e8:0a:5e:65:fe:a8:ba:26:82:96:
a7:57:2c:01:73:ff:77:20:17:45:1c:4f:0f:b8:e4:00:a5:47:
cf:5e:48:cb:88:ff:3e:e2:71:a0:27:67:10:b9:4d:9c:4d:38:
f9:08:30:82:c8:57:2e:0a:c5:16:47:ec:5c:ba:a3:94:06:cb:
61:92:84:87:8b:8f:6a:2f:03:3c:3d:97:e5:98:66:70:d1:4c:
48:97:ca:ed
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYuAjItFOCJN9bXQNTk/zM3oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmN2Q4ODUzOTNiMzJiNWVlZTNhMGJmNDMzOGUwZmFhZWYz
Yzc1M2MwHhcNMjMxMDMwMTIyNjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzFlN2VmMDViMjk3NmNiYTM3Zjg0OTg1MGNlOWFkZmJiNTNlY2JlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm68UL1kUu77rpGRwv8gBcu1N2QY4
TIiodaLL1L6b67bT2sm75Ojydi9uWDn1DTSTBx2hBjqg4hB/UnwqYy7s/pIrGodj
hD/dxY7TyZBiixdTiV19AFv6tefYNuB54f9g4Rd3gHf0xLTd73Q+VRvL2P7KJUJ0
dOjXG3ClhqWm3b9zcZBYLRhGL9B3vu19LcfAi+lOvpuaoOa8RUjz3VOqQy1YOrH1
HNCKhkjkM+p288S9PuAkqAz6w4XfGSGCfli8NZZtT/wjpx/X0EEXHfzF56sl7Jtf
Xpf3z78Pndmc6beBKdz+tXHcL6aC7cXpXNP0E3nfOjeIU1bEuZ1ZNdKXgwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGMefvBbKXbLo3+EmFDOmt+7U+y+MB8GA1UdIwQY
MBaAFE99iFOTsyte7joL9DOOD6rvPHU8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDMySVU1T3pLMTd1T2d2ME00NFBxdTg4ZFR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mMmEzN2MtYTEyOS00YzBiLTllZDEt
YjE4ZGFjMmQyNTliLzEvWXg1LThGc3Bkc3VqZjRTWVVNNmEzN3RUN0w0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9mMmEzN2MtYTEyOS00YzBiLTllZDEtYjE4ZGFjMmQyNTli
LzEvVDMySVU1T3pLMTd1T2d2ME00NFBxdTg4ZFR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCJd1IMA0G
CSqGSIb3DQEBCwUAA4IBAQChnpCdUyEkWiyS0Ib5gaPz2S7RxV6mIIkGvCozIicg
OSZHpKC3+5VOYk1EqGFb+JBMY7NLRrSJ+EsY39ofBaaiqkF7Eolrdr8gU/q6JBOe
78y3lawGrtqrtl7dwCtT06neZA+BHaVssB7UO3L692AAVRwAQoPwfPEzoR2NFZLR
MFudTDgaSPnABIw5WhHnSY/VkR1hdMbhqzhZceSiHmHJ60GDpvsaOSsCKugKXmX+
qLomgpanVywBc/93IBdFHE8PuOQApUfPXkjLiP8+4nGgJ2cQuU2cTTj5CDCCyFcu
CsUWR+xcuqOUBsthkoSHi49qLwM8PZflmGZw0UxIl8rt
-----END CERTIFICATE-----
Generated at Mon Apr 28 17:48:31 2025 by rpki-client