Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/c4f80c-7b69-4fec-aa54-e5f98ddafc98/1/N74bgHgcM6Xm8KB34JAnH-uomZA.roa
File: N74bgHgcM6Xm8KB34JAnH-uomZA.roa (raw, json)
Hash identifier: NAGOxJXZE/5Y+MdCMzm12q+dSyoKuq05yGZ2zHbHecs=
Subject key identifier: 37:BE:1B:80:78:1C:33:A5:E6:F0:A0:77:E0:90:27:1F:EB:A8:99:90
Certificate issuer: /CN=1517d4f58af84f50ce42f13293ede4aff12d173f
Certificate serial: 01856F798E81D6BF8C22BE8430769E625A56
Authority key identifier: 15:17:D4:F5:8A:F8:4F:50:CE:42:F1:32:93:ED:E4:AF:F1:2D:17:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FRfU9Yr4T1DOQvEyk-3kr_EtFz8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/c4f80c-7b69-4fec-aa54-e5f98ddafc98/1/N74bgHgcM6Xm8KB34JAnH-uomZA.roa
Signing time: Sun 01 Jan 2023 22:35:15 +0000
ROA not before: Sun 01 Jan 2023 22:35:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29447
IP address blocks: 37.164.0.0/16 maxlen: 17
37.160.0.0/14 maxlen: 18
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:79:8e:81:d6:bf:8c:22:be:84:30:76:9e:62:5a:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1517d4f58af84f50ce42f13293ede4aff12d173f
Validity
Not Before: Jan 1 22:35:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=37be1b80781c33a5e6f0a077e090271feba89990
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:cc:ba:3d:6a:71:52:c6:8b:c3:52:49:e1:1a:
a7:45:ea:8e:43:89:ab:b2:7a:42:27:09:79:dc:05:
3f:ac:77:91:83:50:0a:34:14:d6:ea:bb:54:af:7f:
cd:2d:92:aa:13:d7:43:fa:41:9b:a5:67:4c:17:89:
6d:0c:bd:c9:3e:cc:5c:b7:60:b5:0e:a0:7a:5c:06:
6b:23:5e:29:46:11:20:c0:1f:2c:bf:26:56:50:73:
be:b6:37:88:0f:2c:5b:a2:d0:75:1c:cd:a3:cb:aa:
e7:61:b5:a9:3d:0c:2d:c2:d0:5f:a0:56:e8:6c:71:
0b:aa:f9:ab:2f:26:91:ea:f0:ce:53:58:33:6a:95:
53:db:b4:40:b3:71:08:f3:95:55:65:5d:20:95:8c:
d6:86:e5:b2:66:9d:be:01:7f:12:56:85:01:c9:ca:
d3:81:19:b3:da:0f:73:8a:91:b9:fa:c2:8f:19:a6:
ab:1a:18:da:81:eb:f5:15:c1:1a:5c:d1:95:21:0f:
9d:b8:24:42:e9:99:6f:14:af:a4:69:cc:0f:89:28:
15:27:08:68:8b:7d:00:45:62:e1:f2:3c:14:86:1f:
fd:e6:36:09:7a:fa:39:c6:9b:10:f9:d3:28:cb:3c:
a0:1a:dd:31:6c:98:5a:58:89:4a:f5:cc:4b:c4:c3:
24:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:BE:1B:80:78:1C:33:A5:E6:F0:A0:77:E0:90:27:1F:EB:A8:99:90
X509v3 Authority Key Identifier:
keyid:15:17:D4:F5:8A:F8:4F:50:CE:42:F1:32:93:ED:E4:AF:F1:2D:17:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FRfU9Yr4T1DOQvEyk-3kr_EtFz8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/c4f80c-7b69-4fec-aa54-e5f98ddafc98/1/N74bgHgcM6Xm8KB34JAnH-uomZA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/c4f80c-7b69-4fec-aa54-e5f98ddafc98/1/FRfU9Yr4T1DOQvEyk-3kr_EtFz8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.160.0.0-37.164.255.255
Signature Algorithm: sha256WithRSAEncryption
bb:f8:05:e5:96:7e:17:a4:f7:00:e2:6f:e1:4f:ea:43:2d:43:
e9:d0:3a:35:ff:77:ae:68:81:e7:ee:ec:69:12:9a:cd:26:dd:
db:03:be:0b:51:94:52:ec:e8:e2:35:e8:43:36:f1:97:4c:be:
f3:1e:f7:ad:f0:f1:74:96:73:15:d2:43:36:18:78:fd:94:d7:
b2:9e:f0:5c:1c:02:19:13:c8:91:ad:2f:84:94:99:3e:b9:f6:
cf:44:49:27:0f:07:f2:c3:1b:6c:f2:76:d1:c9:06:62:04:34:
f4:2b:bb:b1:ac:e2:a7:65:2b:ed:86:6b:4d:04:b7:db:e2:74:
30:78:8a:f0:23:ca:6d:07:23:7b:42:f0:69:2f:84:9d:06:8b:
a4:c8:1c:e9:8f:1a:8e:31:0a:1d:d8:8f:66:4c:5b:0e:a6:80:
90:f3:6b:ad:f6:a2:b2:13:8c:14:6e:92:89:d7:fb:88:28:70:
cd:bd:5e:79:04:e0:b6:dc:5a:dd:dc:26:f4:54:a2:f6:f8:94:
34:14:b5:52:ae:e4:9b:64:e5:3a:85:31:b3:d7:6b:43:ff:c2:
4e:74:d3:df:c2:b5:20:c6:92:ea:dd:5c:2d:68:fb:31:af:58:
74:ca:6f:6b:86:e8:9f:1c:54:be:ff:76:5a:e6:9a:4b:ca:d7:
1c:69:9b:b4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVveY6B1r+MIr6EMHaeYlpWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1MTdkNGY1OGFmODRmNTBjZTQyZjEzMjkzZWRlNGFmZjEy
ZDE3M2YwHhcNMjMwMTAxMjIzNTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzN2JlMWI4MDc4MWMzM2E1ZTZmMGEwNzdlMDkwMjcxZmViYTg5OTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgMy6PWpxUsaLw1JJ4RqnReqOQ4mr
snpCJwl53AU/rHeRg1AKNBTW6rtUr3/NLZKqE9dD+kGbpWdMF4ltDL3JPsxct2C1
DqB6XAZrI14pRhEgwB8svyZWUHO+tjeIDyxbotB1HM2jy6rnYbWpPQwtwtBfoFbo
bHELqvmrLyaR6vDOU1gzapVT27RAs3EI85VVZV0glYzWhuWyZp2+AX8SVoUBycrT
gRmz2g9zipG5+sKPGaarGhjagev1FcEaXNGVIQ+duCRC6ZlvFK+kacwPiSgVJwho
i30ARWLh8jwUhh/95jYJevo5xpsQ+dMoyzygGt0xbJhaWIlK9cxLxMMkgwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDe+G4B4HDOl5vCgd+CQJx/rqJmQMB8GA1UdIwQY
MBaAFBUX1PWK+E9QzkLxMpPt5K/xLRc/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRlJmVTlZcjRUMURPUXZFeWstM2tyX0V0Rno4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9jNGY4MGMtN2I2OS00ZmVjLWFhNTQt
ZTVmOThkZGFmYzk4LzEvTjc0YmdIZ2NNNlhtOEtCMzRKQW5ILXVvbVpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9jNGY4MGMtN2I2OS00ZmVjLWFhNTQtZTVmOThkZGFmYzk4
LzEvRlJmVTlZcjRUMURPUXZFeWstM2tyX0V0Rno4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMMAoDAwUloAMD
ACWkMA0GCSqGSIb3DQEBCwUAA4IBAQC7+AXlln4XpPcA4m/hT+pDLUPp0Do1/3eu
aIHn7uxpEprNJt3bA74LUZRS7OjiNehDNvGXTL7zHvet8PF0lnMV0kM2GHj9lNey
nvBcHAIZE8iRrS+ElJk+ufbPREknDwfywxts8nbRyQZiBDT0K7uxrOKnZSvthmtN
BLfb4nQweIrwI8ptByN7QvBpL4SdBoukyBzpjxqOMQod2I9mTFsOpoCQ82ut9qKy
E4wUbpKJ1/uIKHDNvV55BOC23Frd3Cb0VKL2+JQ0FLVSruSbZOU6hTGz12tD/8JO
dNPfwrUgxpLq3VwtaPsxr1h0ym9rhuifHFS+/3Za5ppLytccaZu0
-----END CERTIFICATE-----
Generated at Sun Apr 27 22:19:04 2025 by rpki-client