Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/abac14-6eab-4985-867a-c8e863c1a8d1/1/sCzPTr1n6sz2pzq-pxbZyMmXm_U.roa
File: sCzPTr1n6sz2pzq-pxbZyMmXm_U.roa (raw, json)
Hash identifier: td4uZIhdpBtlABl5kpARSvg7mfweYQRODEo64r58DQQ=
Subject key identifier: B0:2C:CF:4E:BD:67:EA:CC:F6:A7:3A:BE:A7:16:D9:C8:C9:97:9B:F5
Certificate issuer: /CN=d2c2b0ee187928409065d19ee9c0858e8c17ea13
Certificate serial: 1629DD74
Authority key identifier: D2:C2:B0:EE:18:79:28:40:90:65:D1:9E:E9:C0:85:8E:8C:17:EA:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0sKw7hh5KECQZdGe6cCFjowX6hM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/abac14-6eab-4985-867a-c8e863c1a8d1/1/sCzPTr1n6sz2pzq-pxbZyMmXm_U.roa
Signing time: Sat 01 Jan 2022 14:06:21 +0000
ROA not before: Sat 01 Jan 2022 14:06:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 19905
IP address blocks: 94.198.152.0/24 maxlen: 24
94.198.154.0/24 maxlen: 24
94.198.155.0/24 maxlen: 24
94.198.156.0/24 maxlen: 24
94.198.157.0/24 maxlen: 24
94.198.153.0/24 maxlen: 24
94.198.158.0/24 maxlen: 24
94.198.159.0/24 maxlen: 24
185.76.134.0/24 maxlen: 24
185.76.135.0/24 maxlen: 24
193.176.144.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 371842420 (0x1629dd74)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d2c2b0ee187928409065d19ee9c0858e8c17ea13
Validity
Not Before: Jan 1 14:06:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b02ccf4ebd67eaccf6a73abea716d9c8c9979bf5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:d3:59:10:7e:43:80:17:7a:7a:99:bd:4b:b2:
7a:d3:2f:ea:81:10:92:a0:00:c6:07:a0:fa:02:a0:
5f:f4:93:c6:9a:f5:a2:bb:94:08:c6:ed:8e:31:08:
0a:c0:c7:d5:09:ec:1f:12:26:e8:c4:ef:2b:28:44:
04:c6:d2:da:31:d6:ba:80:62:0b:31:73:c2:24:e6:
19:6f:a8:31:a7:39:c7:e0:ab:6d:65:bd:2d:ec:77:
86:9b:f9:ff:73:19:4f:9d:87:a6:58:01:04:75:7b:
d3:61:a0:5c:05:4b:f3:98:8d:23:9b:bf:3b:df:50:
cb:e5:5d:0e:a6:1e:ab:86:f5:62:ff:f0:54:94:b8:
d2:af:e7:2e:24:44:13:86:a3:ea:7d:16:ca:4d:e7:
95:fe:b4:f0:c5:40:57:b6:ef:c1:f5:c8:3a:98:08:
07:52:32:6d:8e:08:2d:92:43:f6:c9:4a:9a:ab:e1:
20:a3:c1:8a:a9:c1:33:a2:4e:b5:4b:77:0f:05:7f:
18:11:c9:9a:5c:58:fa:dd:30:bb:1f:45:91:ed:ce:
ad:7b:d0:a3:84:11:60:97:52:c9:82:7b:0e:11:e3:
f3:e0:59:4d:6b:97:4b:b7:3a:73:87:41:35:eb:39:
15:db:ce:93:94:cc:1f:fa:ee:ae:76:e7:64:fb:59:
cf:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:2C:CF:4E:BD:67:EA:CC:F6:A7:3A:BE:A7:16:D9:C8:C9:97:9B:F5
X509v3 Authority Key Identifier:
keyid:D2:C2:B0:EE:18:79:28:40:90:65:D1:9E:E9:C0:85:8E:8C:17:EA:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0sKw7hh5KECQZdGe6cCFjowX6hM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/abac14-6eab-4985-867a-c8e863c1a8d1/1/sCzPTr1n6sz2pzq-pxbZyMmXm_U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/abac14-6eab-4985-867a-c8e863c1a8d1/1/0sKw7hh5KECQZdGe6cCFjowX6hM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.198.152.0/21
185.76.134.0/23
193.176.144.0/24
Signature Algorithm: sha256WithRSAEncryption
83:45:ac:bb:9e:ca:65:0f:ed:0f:bb:13:6d:17:89:e7:7a:13:
de:b3:ac:40:fd:f1:28:af:8d:dc:a4:f4:d7:4c:c1:00:53:30:
e6:0d:b5:c0:ed:2c:25:11:d4:33:ae:f2:a1:33:40:e9:de:86:
19:97:d0:12:4e:90:50:4f:b5:b6:43:b1:70:55:89:86:d7:41:
ec:5b:a0:03:bb:f8:b6:a3:db:9a:54:3f:51:7f:0d:b0:5d:d8:
4d:b4:a3:a4:d8:5c:fe:84:0c:1e:42:03:54:b3:24:1e:86:b4:
23:16:30:cd:ba:c6:d2:bf:9d:13:aa:1e:a5:33:bd:59:f6:70:
06:af:96:44:87:84:f3:ad:06:bb:0e:7f:13:fa:c1:6c:0f:68:
0d:5e:e1:c3:a3:3e:fb:67:cf:4f:0e:02:b4:fc:e2:f7:84:3a:
2a:8b:50:d1:0b:27:be:41:b6:2d:93:f0:6e:02:4b:11:07:16:
b8:c8:7c:56:bf:e2:1b:a9:0a:e0:29:cb:b4:7e:c9:56:79:c4:
a2:cd:38:4f:9d:3b:7f:e9:37:1b:32:ca:87:42:45:2d:da:f1:
f7:26:8d:fd:0a:9d:29:0a:c3:58:a7:de:19:fe:87:db:05:20:
10:d0:48:6d:70:c3:a7:1a:35:d8:2c:7f:67:8c:f6:d3:ab:c9:
61:ca:90:fe
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEFinddDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MmMyYjBlZTE4NzkyODQwOTA2NWQxOWVlOWMwODU4ZThjMTdlYTEzMB4XDTIyMDEw
MTE0MDYyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjAyY2NmNGViZDY3
ZWFjY2Y2YTczYWJlYTcxNmQ5YzhjOTk3OWJmNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOHTWRB+Q4AXenqZvUuyetMv6oEQkqAAxgeg+gKgX/STxpr1
oruUCMbtjjEICsDH1QnsHxIm6MTvKyhEBMbS2jHWuoBiCzFzwiTmGW+oMac5x+Cr
bWW9Lex3hpv5/3MZT52HplgBBHV702GgXAVL85iNI5u/O99Qy+VdDqYeq4b1Yv/w
VJS40q/nLiREE4aj6n0Wyk3nlf608MVAV7bvwfXIOpgIB1IybY4ILZJD9slKmqvh
IKPBiqnBM6JOtUt3DwV/GBHJmlxY+t0wux9Fke3OrXvQo4QRYJdSyYJ7DhHj8+BZ
TWuXS7c6c4dBNes5FdvOk5TMH/rurnbnZPtZz+0CAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBSwLM9OvWfqzPanOr6nFtnIyZeb9TAfBgNVHSMEGDAWgBTSwrDuGHkoQJBl
0Z7pwIWOjBfqEzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzBzS3c3aGg1S0VDUVpkR2U2Y0NGam93WDZoTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWMvYWJhYzE0LTZlYWItNDk4NS04NjdhLWM4ZTg2M2MxYThkMS8x
L3NDelBUcjFuNnN6MnB6cS1weGJaeU1tWG1fVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWMv
YWJhYzE0LTZlYWItNDk4NS04NjdhLWM4ZTg2M2MxYThkMS8xLzBzS3c3aGg1S0VD
UVpkR2U2Y0NGam93WDZoTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEA17GmAMEAblMhgMEAMGwkDANBgkq
hkiG9w0BAQsFAAOCAQEAg0Wsu57KZQ/tD7sTbReJ53oT3rOsQP3xKK+N3KT010zB
AFMw5g21wO0sJRHUM67yoTNA6d6GGZfQEk6QUE+1tkOxcFWJhtdB7FugA7v4tqPb
mlQ/UX8NsF3YTbSjpNhc/oQMHkIDVLMkHoa0IxYwzbrG0r+dE6oepTO9WfZwBq+W
RIeE860Guw5/E/rBbA9oDV7hw6M++2fPTw4CtPzi94Q6KotQ0QsnvkG2LZPwbgJL
EQcWuMh8Vr/iG6kK4CnLtH7JVnnEos04T507f+k3GzLKh0JFLdrx9yaN/QqdKQrD
WKfeGf6H2wUgENBIbXDDpxo12Cx/Z4z206vJYcqQ/g==
-----END CERTIFICATE-----
Generated at Mon Apr 14 16:54:40 2025 by rpki-client