Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/61N418ECsBPbG_Yr5doV8UW4TiY.roa
File: 61N418ECsBPbG_Yr5doV8UW4TiY.roa (raw, json)
Hash identifier: mD9AR+a6JoTEs5/DZD7jkI+DqGW3k5mH3hUq6C6pG40=
Subject key identifier: EB:53:78:D7:C1:02:B0:13:DB:1B:F6:2B:E5:DA:15:F1:45:B8:4E:26
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 0183D7A150EB603ACEA809CF252706D78AD9
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/61N418ECsBPbG_Yr5doV8UW4TiY.roa
Signing time: Fri 14 Oct 2022 17:53:36 +0000
ROA not before: Fri 14 Oct 2022 17:53:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208485
IP address blocks: 109.203.164.0/22 maxlen: 24
37.49.148.0/22 maxlen: 24
94.74.168.0/24 maxlen: 24
94.74.169.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:d7:a1:50:eb:60:3a:ce:a8:09:cf:25:27:06:d7:8a:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Oct 14 17:53:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=eb5378d7c102b013db1bf62be5da15f145b84e26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:d3:ff:5c:2f:2e:41:68:84:65:ee:1c:b5:b5:
9b:f4:5e:32:c6:21:9a:f2:9e:23:1e:44:0d:b3:62:
70:70:4d:67:ab:29:c7:18:6a:80:a2:43:24:cd:14:
42:6b:97:71:8d:35:c6:85:c3:51:db:34:bc:c5:6c:
e6:5e:30:02:88:b6:49:b3:c0:81:40:ec:27:68:9b:
02:13:4f:16:bf:bb:3f:a5:3a:a6:ba:e9:2c:c3:02:
e3:f6:fe:92:52:d8:1f:96:67:9a:8d:51:59:c9:ba:
3d:3f:0e:20:d7:4a:3c:ae:03:02:a2:64:fa:fe:cd:
f9:1e:53:ea:81:15:cf:cf:05:c7:43:8a:0e:68:7d:
97:48:9b:6b:4b:26:89:a3:96:e2:13:51:ed:67:a4:
32:45:ca:cb:e8:cb:28:73:e8:17:3d:d6:5a:c9:dd:
d2:51:9c:3a:c3:60:e2:c9:95:6d:63:2b:7d:61:2c:
23:81:ff:66:90:51:66:19:6a:a5:af:fd:26:38:ac:
54:67:e3:84:1a:c2:b1:b7:9b:2c:38:bc:f6:47:45:
e6:36:c0:c6:4b:3f:c3:de:c2:10:00:30:84:ee:38:
68:13:01:45:25:f8:5b:f9:6d:dc:20:d3:e7:13:97:
de:0c:5a:25:8f:ed:ac:f2:b5:e2:7f:92:02:0b:e5:
39:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:53:78:D7:C1:02:B0:13:DB:1B:F6:2B:E5:DA:15:F1:45:B8:4E:26
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/61N418ECsBPbG_Yr5doV8UW4TiY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.49.148.0/22
94.74.168.0/23
109.203.164.0/22
Signature Algorithm: sha256WithRSAEncryption
14:63:2d:a0:32:d8:ea:55:7f:42:03:44:40:6c:fc:e5:fd:e6:
2c:a0:bb:55:40:6f:c4:a2:ee:27:b1:0b:f4:09:10:a3:05:d1:
4b:fd:00:a8:82:14:e1:b2:0f:7a:50:28:d1:9d:4f:87:25:38:
ab:6b:55:e6:c9:c7:57:6f:8e:0d:3f:c1:45:af:69:f1:18:00:
82:08:f4:17:a7:fa:e6:cd:2b:dd:78:77:6e:94:90:18:a2:28:
3c:44:bd:6b:69:3d:76:4b:58:b8:10:fe:55:44:b1:6f:0e:df:
93:a4:57:2c:f1:2f:30:a1:d0:a3:a6:31:12:3b:5b:4a:07:e4:
0c:4f:71:20:2a:b6:79:b0:c1:e6:4d:fb:1e:c3:5b:0c:d9:cc:
7d:98:14:72:ae:e1:54:c0:df:85:05:05:1b:fb:f6:bb:6c:69:
5e:7b:7d:f7:77:ae:f7:f9:89:6a:bc:47:09:a9:0e:f9:a9:62:
bb:22:d3:25:18:86:76:d7:ed:42:d3:f7:ec:66:98:d9:30:6d:
65:26:ff:6f:fd:6e:bb:a3:dd:f5:02:18:17:40:20:1d:77:89:
45:65:39:82:96:6a:86:7e:04:cf:38:80:f8:0e:68:c2:0d:9d:
ed:31:3f:48:6a:10:6f:03:0d:60:60:7b:2b:b8:38:ab:d8:a9:
64:20:7f:07
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYPXoVDrYDrOqAnPJScG14rZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjIxMDE0MTc1MzM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjUzNzhkN2MxMDJiMDEzZGIxYmY2MmJlNWRhMTVmMTQ1Yjg0ZTI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsNP/XC8uQWiEZe4ctbWb9F4yxiGa
8p4jHkQNs2JwcE1nqynHGGqAokMkzRRCa5dxjTXGhcNR2zS8xWzmXjACiLZJs8CB
QOwnaJsCE08Wv7s/pTqmuukswwLj9v6SUtgflmeajVFZybo9Pw4g10o8rgMComT6
/s35HlPqgRXPzwXHQ4oOaH2XSJtrSyaJo5biE1HtZ6QyRcrL6Msoc+gXPdZayd3S
UZw6w2DiyZVtYyt9YSwjgf9mkFFmGWqlr/0mOKxUZ+OEGsKxt5ssOLz2R0XmNsDG
Sz/D3sIQADCE7jhoEwFFJfhb+W3cINPnE5feDFolj+2s8rXif5ICC+U5AQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOtTeNfBArAT2xv2K+XaFfFFuE4mMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvNjFONDE4RUNzQlBiR19ZcjVkb1Y4VVc0VGlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCJTGUAwQB
XkqoAwQCbcukMA0GCSqGSIb3DQEBCwUAA4IBAQAUYy2gMtjqVX9CA0RAbPzl/eYs
oLtVQG/Eou4nsQv0CRCjBdFL/QCoghThsg96UCjRnU+HJTira1XmycdXb44NP8FF
r2nxGACCCPQXp/rmzSvdeHdulJAYoig8RL1raT12S1i4EP5VRLFvDt+TpFcs8S8w
odCjpjESO1tKB+QMT3EgKrZ5sMHmTfsew1sM2cx9mBRyruFUwN+FBQUb+/a7bGle
e333d673+YlqvEcJqQ75qWK7ItMlGIZ21+1C0/fsZpjZMG1lJv9v/W67o931AhgX
QCAdd4lFZTmClmqGfgTPOID4DmjCDZ3tMT9IahBvAw1gYHsruDir2KlkIH8H
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:07:39 2025 by rpki-client