Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/abac14-6eab-4985-867a-c8e863c1a8d1/1/aYz1tkobfFKZ37IBnBtWmQZIrHQ.roa
File: aYz1tkobfFKZ37IBnBtWmQZIrHQ.roa (raw, json)
Hash identifier: m6TbkL1dei829lwtmSC372D2Zf4oTtXYNzGRXqzxL70=
Subject key identifier: 69:8C:F5:B6:4A:1B:7C:52:99:DF:B2:01:9C:1B:56:99:06:48:AC:74
Certificate issuer: /CN=d2c2b0ee187928409065d19ee9c0858e8c17ea13
Certificate serial: 01856DE640357D8DFB3EE5BB8628B05926A4
Authority key identifier: D2:C2:B0:EE:18:79:28:40:90:65:D1:9E:E9:C0:85:8E:8C:17:EA:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0sKw7hh5KECQZdGe6cCFjowX6hM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/abac14-6eab-4985-867a-c8e863c1a8d1/1/aYz1tkobfFKZ37IBnBtWmQZIrHQ.roa
Signing time: Sun 01 Jan 2023 15:14:44 +0000
ROA not before: Sun 01 Jan 2023 15:14:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1140
IP address blocks: 94.198.152.0/24 maxlen: 24
94.198.152.0/21 maxlen: 21
94.198.155.0/24 maxlen: 24
94.198.156.0/24 maxlen: 24
94.198.157.0/24 maxlen: 24
94.198.158.0/24 maxlen: 24
94.198.159.0/24 maxlen: 24
94.198.153.0/24 maxlen: 24
94.198.154.0/24 maxlen: 24
193.176.144.0/24 maxlen: 24
185.76.132.0/24 maxlen: 24
185.76.132.0/22 maxlen: 22
185.76.135.0/24 maxlen: 24
185.76.133.0/24 maxlen: 24
185.76.134.0/24 maxlen: 24
2a00:d78::/32 maxlen: 32
2a00:d78::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:e6:40:35:7d:8d:fb:3e:e5:bb:86:28:b0:59:26:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d2c2b0ee187928409065d19ee9c0858e8c17ea13
Validity
Not Before: Jan 1 15:14:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=698cf5b64a1b7c5299dfb2019c1b56990648ac74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:29:be:46:fd:d5:6d:3f:d2:db:03:eb:14:01:
d6:be:57:10:8e:2f:e8:b4:30:94:aa:8d:d2:af:e2:
ba:62:8b:72:de:5b:44:4e:a3:37:a5:7c:70:6d:06:
56:ca:17:31:84:49:94:c8:e1:79:d2:91:92:cd:4b:
69:5f:9a:55:ae:18:16:23:7a:ba:5b:e4:d3:73:78:
e6:21:57:7f:2d:d2:96:df:28:69:f8:f1:06:ed:61:
ae:04:f1:d8:cf:21:6f:eb:39:cf:75:35:af:de:42:
d0:f7:cc:fb:7b:ab:f2:e3:78:20:03:da:08:68:04:
33:c4:1f:ae:33:37:17:25:61:65:c1:55:92:6f:0a:
2d:ac:37:7c:e1:3c:01:a4:86:8a:31:bb:6a:27:9f:
b1:a7:ec:50:ea:93:20:86:f4:e0:22:24:7c:16:e1:
42:dc:1a:cb:00:09:f5:0c:f0:ab:9a:04:28:cd:70:
1d:90:5d:bf:a4:3f:1b:15:a4:08:82:de:c6:5d:d3:
58:40:d2:e8:27:f9:40:93:ec:ee:f5:bf:4b:16:3b:
6a:e7:cd:2b:91:42:a3:1d:42:4d:6b:26:82:81:fa:
aa:5e:31:5a:49:f3:2f:53:50:6c:89:f7:fe:d3:54:
72:f6:0a:4a:bb:0e:09:1e:a9:d4:af:c4:79:23:95:
6c:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:8C:F5:B6:4A:1B:7C:52:99:DF:B2:01:9C:1B:56:99:06:48:AC:74
X509v3 Authority Key Identifier:
keyid:D2:C2:B0:EE:18:79:28:40:90:65:D1:9E:E9:C0:85:8E:8C:17:EA:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0sKw7hh5KECQZdGe6cCFjowX6hM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/abac14-6eab-4985-867a-c8e863c1a8d1/1/aYz1tkobfFKZ37IBnBtWmQZIrHQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/abac14-6eab-4985-867a-c8e863c1a8d1/1/0sKw7hh5KECQZdGe6cCFjowX6hM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.198.152.0/21
185.76.132.0/22
193.176.144.0/24
IPv6:
2a00:d78::/32
Signature Algorithm: sha256WithRSAEncryption
6d:ac:48:9d:d1:6a:33:3f:ba:b0:bd:1d:84:45:e0:8e:d7:35:
fb:6a:98:91:8b:fb:f5:8e:70:91:f3:e2:3d:dc:59:62:c8:5f:
56:e8:5a:06:a1:05:10:45:bf:99:4d:5d:55:20:85:68:23:79:
72:9e:cc:24:81:bd:b3:cc:ad:de:0f:32:97:05:dc:36:94:a4:
41:d8:f0:a3:1c:12:cc:93:da:5b:c0:0f:31:8d:7e:36:27:57:
19:4b:41:18:07:ab:a1:27:a9:27:09:97:88:5e:db:90:37:68:
c5:5e:02:8b:98:e4:cd:f8:a6:86:da:13:59:28:b6:09:0f:7b:
37:58:7e:4c:d0:d7:5b:a5:c7:5b:8f:b3:9f:fc:d9:21:d5:06:
50:29:8e:6d:71:f8:79:af:12:d7:36:0b:68:89:14:10:90:cc:
4f:2a:38:3b:25:81:ce:1c:00:78:75:95:69:44:9c:02:ab:9d:
46:56:d5:2d:97:fd:ef:7b:63:41:9f:5c:98:80:69:29:0c:7a:
a7:db:b0:18:29:95:b3:a3:1c:dc:58:ac:c9:46:da:a2:89:b5:
5c:81:d4:d2:af:bb:0e:55:9d:21:9c:0e:13:ff:98:1b:94:ea:
d2:22:9a:d4:5a:c5:00:9c:52:a6:fd:1c:0e:2a:bd:c9:e2:2e:
e0:bc:65:33
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVt5kA1fY37PuW7hiiwWSakMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyYzJiMGVlMTg3OTI4NDA5MDY1ZDE5ZWU5YzA4NThlOGMx
N2VhMTMwHhcNMjMwMTAxMTUxNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OThjZjViNjRhMWI3YzUyOTlkZmIyMDE5YzFiNTY5OTA2NDhhYzc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgSm+Rv3VbT/S2wPrFAHWvlcQji/o
tDCUqo3Sr+K6Yoty3ltETqM3pXxwbQZWyhcxhEmUyOF50pGSzUtpX5pVrhgWI3q6
W+TTc3jmIVd/LdKW3yhp+PEG7WGuBPHYzyFv6znPdTWv3kLQ98z7e6vy43ggA9oI
aAQzxB+uMzcXJWFlwVWSbwotrDd84TwBpIaKMbtqJ5+xp+xQ6pMghvTgIiR8FuFC
3BrLAAn1DPCrmgQozXAdkF2/pD8bFaQIgt7GXdNYQNLoJ/lAk+zu9b9LFjtq580r
kUKjHUJNayaCgfqqXjFaSfMvU1Bsiff+01Ry9gpKuw4JHqnUr8R5I5VsJQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFGmM9bZKG3xSmd+yAZwbVpkGSKx0MB8GA1UdIwQY
MBaAFNLCsO4YeShAkGXRnunAhY6MF+oTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHNLdzdoaDVLRUNRWmRHZTZjQ0Zqb3dYNmhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9hYmFjMTQtNmVhYi00OTg1LTg2N2Et
YzhlODYzYzFhOGQxLzEvYVl6MXRrb2JmRktaMzdJQm5CdFdtUVpJckhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9hYmFjMTQtNmVhYi00OTg1LTg2N2EtYzhlODYzYzFhOGQx
LzEvMHNLdzdoaDVLRUNRWmRHZTZjQ0Zqb3dYNmhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDXsaYAwQC
uUyEAwQAwbCQMA0EAgACMAcDBQAqAA14MA0GCSqGSIb3DQEBCwUAA4IBAQBtrEid
0WozP7qwvR2EReCO1zX7apiRi/v1jnCR8+I93FliyF9W6FoGoQUQRb+ZTV1VIIVo
I3lynswkgb2zzK3eDzKXBdw2lKRB2PCjHBLMk9pbwA8xjX42J1cZS0EYB6uhJ6kn
CZeIXtuQN2jFXgKLmOTN+KaG2hNZKLYJD3s3WH5M0Ndbpcdbj7Of/Nkh1QZQKY5t
cfh5rxLXNgtoiRQQkMxPKjg7JYHOHAB4dZVpRJwCq51GVtUtl/3ve2NBn1yYgGkp
DHqn27AYKZWzoxzcWKzJRtqiibVcgdTSr7sOVZ0hnA4T/5gblOrSIprUWsUAnFKm
/RwOKr3J4i7gvGUz
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:53:12 2025 by rpki-client