Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1HaWZstIM5eRdG-5vObQfX8iVXw.roa
File: 1HaWZstIM5eRdG-5vObQfX8iVXw.roa (raw, json)
Hash identifier: oGao2ormDGGuZrYzw4rhi+H+8nYbcGRQfKAfJkWCxFE=
Subject key identifier: D4:76:96:66:CB:48:33:97:91:74:6F:B9:BC:E6:D0:7D:7F:22:55:7C
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 018C811F126EA4EC8EF6CE9E2B6B0D05027B
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1HaWZstIM5eRdG-5vObQfX8iVXw.roa
Signing time: Tue 19 Dec 2023 08:09:06 +0000
ROA not before: Tue 19 Dec 2023 08:09:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44208
IP address blocks: 94.74.190.0/24 maxlen: 24
109.203.161.0/24 maxlen: 24
94.74.128.0/18 maxlen: 24
94.74.136.0/24 maxlen: 24
31.170.48.0/20 maxlen: 24
94.74.165.0/24 maxlen: 24
94.74.166.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:81:1f:12:6e:a4:ec:8e:f6:ce:9e:2b:6b:0d:05:02:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Dec 19 08:09:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d4769666cb48339791746fb9bce6d07d7f22557c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:c1:db:f5:36:2a:21:2e:57:e0:50:46:3d:98:
84:68:fb:c1:34:c3:f9:66:01:c0:86:ac:90:0b:03:
41:8e:82:ce:35:1b:f8:84:3e:9d:72:39:20:95:b1:
e5:91:3a:19:f3:fe:0b:b0:fb:13:46:4c:3b:d8:ec:
c4:c8:6f:82:69:c6:fc:5f:d4:01:e2:ae:25:94:b1:
d3:67:b7:64:b2:c2:59:d4:f0:ba:74:92:54:35:6a:
d6:8f:63:fc:d5:69:b8:e4:d8:93:0e:37:c3:8a:7b:
da:a4:69:98:bf:f8:6c:7e:db:92:4c:95:93:e3:5a:
d0:ad:34:1e:4d:f4:93:e9:60:e9:fe:ed:05:1c:da:
17:37:00:58:8f:aa:a3:8b:23:90:0e:be:df:9f:07:
a0:41:c0:f8:7d:8b:ac:e8:b9:47:6d:90:02:35:3d:
3e:66:89:90:8e:6a:48:ce:00:0f:7d:3d:ee:91:bb:
ea:ea:9d:b3:79:e1:d8:b4:0b:ef:da:91:4a:91:be:
39:e9:70:c6:35:de:01:9e:46:b5:14:d0:d8:7b:66:
f6:0e:5d:34:e1:68:43:2f:0e:ea:84:ca:97:e8:bf:
30:a1:b1:38:0d:60:6a:4f:50:33:e7:07:18:66:c0:
3f:1b:33:64:d7:bd:e1:ec:4a:52:97:85:e9:5f:da:
0a:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:76:96:66:CB:48:33:97:91:74:6F:B9:BC:E6:D0:7D:7F:22:55:7C
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1HaWZstIM5eRdG-5vObQfX8iVXw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.170.48.0/20
94.74.128.0/18
109.203.161.0/24
Signature Algorithm: sha256WithRSAEncryption
09:73:3d:fe:92:88:33:b4:40:90:66:80:b3:16:3c:91:35:39:
1f:57:90:b0:c1:d1:24:dd:46:2d:46:99:44:f8:bc:53:f6:5e:
f6:f0:8b:8d:d5:af:57:b9:17:1c:7f:79:5e:94:db:ad:eb:b3:
ca:49:44:a6:6d:5e:3e:1e:53:82:4d:19:5c:ff:0a:87:8b:d5:
4f:d1:4e:79:79:d0:e5:7c:0e:3b:3d:19:e6:09:3c:2b:93:a8:
d9:9a:b9:02:cc:67:09:82:77:99:41:57:96:c1:10:72:76:09:
8c:8d:15:f3:23:53:5a:3f:f8:7f:d4:3a:05:33:c6:8e:be:d9:
5e:ea:1d:14:65:8f:7d:93:95:fd:ba:79:05:01:2e:19:2f:32:
2d:f5:3d:3c:c8:4d:b9:18:9d:16:ee:c7:60:e8:ba:41:6f:3b:
0b:5f:d6:a1:e8:e6:20:cb:ae:41:ad:18:cc:db:e2:16:01:d5:
90:18:b5:47:fe:66:10:1c:b4:6f:c4:56:a4:05:e8:f5:49:0e:
0e:28:fa:e9:f3:15:fb:d6:d0:50:f9:ec:c7:35:7e:fa:e8:20:
28:ce:73:9f:c3:3e:fd:4d:cf:2a:eb:d1:e4:7b:dc:58:17:e3:
35:f3:59:5a:c0:14:ef:92:21:24:66:fb:b2:ee:6c:aa:ac:6c:
80:c0:90:cb
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYyBHxJupOyO9s6eK2sNBQJ7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjMxMjE5MDgwOTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDc2OTY2NmNiNDgzMzk3OTE3NDZmYjliY2U2ZDA3ZDdmMjI1NTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmMHb9TYqIS5X4FBGPZiEaPvBNMP5
ZgHAhqyQCwNBjoLONRv4hD6dcjkglbHlkToZ8/4LsPsTRkw72OzEyG+Cacb8X9QB
4q4llLHTZ7dkssJZ1PC6dJJUNWrWj2P81Wm45NiTDjfDinvapGmYv/hsftuSTJWT
41rQrTQeTfST6WDp/u0FHNoXNwBYj6qjiyOQDr7fnwegQcD4fYus6LlHbZACNT0+
ZomQjmpIzgAPfT3ukbvq6p2zeeHYtAvv2pFKkb456XDGNd4Bnka1FNDYe2b2Dl00
4WhDLw7qhMqX6L8wobE4DWBqT1Az5wcYZsA/GzNk173h7EpSl4XpX9oKSwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNR2lmbLSDOXkXRvubzm0H1/IlV8MB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvMUhhV1pzdElNNWVSZEctNXZPYlFmWDhpVlh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQEH6owAwQG
XkqAAwQAbcuhMA0GCSqGSIb3DQEBCwUAA4IBAQAJcz3+kogztECQZoCzFjyRNTkf
V5CwwdEk3UYtRplE+LxT9l728IuN1a9XuRccf3lelNut67PKSUSmbV4+HlOCTRlc
/wqHi9VP0U55edDlfA47PRnmCTwrk6jZmrkCzGcJgneZQVeWwRBydgmMjRXzI1Na
P/h/1DoFM8aOvtle6h0UZY99k5X9unkFAS4ZLzIt9T08yE25GJ0W7sdg6LpBbzsL
X9ah6OYgy65BrRjM2+IWAdWQGLVH/mYQHLRvxFakBej1SQ4OKPrp8xX71tBQ+ezH
NX766CAoznOfwz79Tc8q69Hke9xYF+M181lawBTvkiEkZvuy7myqrGyAwJDL
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:05:33 2025 by rpki-client