Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/A42TnFgB14FmLOSsD-1PzDyt0xs.roa
File: A42TnFgB14FmLOSsD-1PzDyt0xs.roa (raw, json)
Hash identifier: lS2Q/0v0rP9xUfshAJC2flUwjps7ElSXrx0RWPnG4p0=
Subject key identifier: 03:8D:93:9C:58:01:D7:81:66:2C:E4:AC:0F:ED:4F:CC:3C:AD:D3:1B
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 0183EBB550939B844C0EE84A25CA0D5D934B
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/A42TnFgB14FmLOSsD-1PzDyt0xs.roa
Signing time: Tue 18 Oct 2022 15:27:51 +0000
ROA not before: Tue 18 Oct 2022 15:27:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44208
IP address blocks: 94.74.190.0/24 maxlen: 24
109.203.160.0/19 maxlen: 24
94.74.128.0/18 maxlen: 24
94.74.136.0/24 maxlen: 24
31.170.48.0/20 maxlen: 24
185.34.160.0/22 maxlen: 24
94.74.165.0/24 maxlen: 24
94.74.166.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:eb:b5:50:93:9b:84:4c:0e:e8:4a:25:ca:0d:5d:93:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Oct 18 15:27:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=038d939c5801d781662ce4ac0fed4fcc3cadd31b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:03:41:86:da:76:ba:e5:4b:0c:f4:36:7b:84:
73:67:28:38:a2:e4:ba:9f:fd:45:62:14:32:ac:26:
92:0b:f9:ee:b3:fa:5a:8f:2a:2f:74:00:6a:57:0c:
3c:cf:48:3d:84:f5:33:11:56:e4:85:3b:ca:e5:3b:
12:ae:db:10:80:fd:6b:4c:fd:ea:1b:13:f7:52:87:
b6:0b:ef:ef:3c:38:df:92:6d:e9:f7:d5:5d:20:2e:
87:5f:30:2f:09:a1:08:7c:af:65:51:40:82:df:80:
31:1e:5d:c9:60:41:a5:64:ba:ae:1c:61:f4:27:a2:
f4:cb:fc:8f:8a:85:93:d5:5f:d9:49:96:3f:d5:0d:
0f:23:47:70:3d:86:25:bf:6f:0d:9a:55:0e:08:26:
b1:13:a3:b8:54:f2:5a:16:71:6d:11:83:24:8b:ae:
87:f5:8d:46:3b:22:2d:fb:1c:48:bf:65:88:f6:04:
bf:7e:60:13:d5:9b:99:0c:c4:28:85:4c:f6:32:d2:
e4:b2:f1:a8:5d:2d:40:13:ef:83:09:52:b7:21:06:
68:ad:10:ec:f3:fe:bf:6b:f8:ef:90:33:54:ce:02:
70:ec:d7:42:74:82:2a:80:1b:99:dc:50:76:bc:1a:
94:68:e0:9b:f1:2f:8a:8e:2b:46:10:1e:cc:56:17:
f5:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:8D:93:9C:58:01:D7:81:66:2C:E4:AC:0F:ED:4F:CC:3C:AD:D3:1B
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/A42TnFgB14FmLOSsD-1PzDyt0xs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.170.48.0/20
94.74.128.0/18
109.203.160.0/19
185.34.160.0/22
Signature Algorithm: sha256WithRSAEncryption
8e:f3:4e:80:df:be:40:14:3c:58:56:32:a3:5b:14:13:e4:21:
88:af:ab:a8:25:9a:29:dd:0a:86:2b:f7:84:f4:c1:4a:6a:a9:
2e:4a:81:ec:b3:e0:01:10:00:bc:c4:3c:e7:83:a8:d5:7f:f9:
dd:8d:5a:84:f4:9c:93:30:a0:ee:a4:44:af:30:69:a3:18:9a:
a2:d6:58:3f:76:52:1a:6f:a0:17:45:02:f7:d8:fd:27:94:77:
45:cb:16:29:66:34:67:19:88:89:bc:18:86:75:e7:a1:4f:df:
17:34:57:dd:8a:07:a1:d7:0d:0c:5c:dd:7c:18:25:88:2f:7c:
5f:2d:ee:25:8c:21:bc:7e:35:07:1a:17:13:34:bd:cd:d2:0b:
6c:6f:ac:c6:95:97:c2:76:3a:93:f6:ca:b8:c7:23:15:0c:1f:
a1:9e:8f:bf:ad:eb:b9:df:e3:ee:18:75:44:06:b9:bd:d3:e9:
7a:03:26:cd:46:13:50:77:75:71:27:1e:84:82:25:e1:6d:0e:
4a:a2:e5:a2:7c:54:f7:a6:ca:33:54:90:90:67:db:1a:0e:08:
39:e5:59:de:4f:ec:98:27:d3:f6:33:26:1a:c4:0f:d8:72:15:
e5:c9:a1:2d:2a:0b:f2:73:7b:b5:8e:27:a0:6d:d7:76:0b:b1:
aa:95:f1:2f
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYPrtVCTm4RMDuhKJcoNXZNLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjIxMDE4MTUyNzUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzhkOTM5YzU4MDFkNzgxNjYyY2U0YWMwZmVkNGZjYzNjYWRkMzFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxQNBhtp2uuVLDPQ2e4RzZyg4ouS6
n/1FYhQyrCaSC/nus/pajyovdABqVww8z0g9hPUzEVbkhTvK5TsSrtsQgP1rTP3q
GxP3Uoe2C+/vPDjfkm3p99VdIC6HXzAvCaEIfK9lUUCC34AxHl3JYEGlZLquHGH0
J6L0y/yPioWT1V/ZSZY/1Q0PI0dwPYYlv28NmlUOCCaxE6O4VPJaFnFtEYMki66H
9Y1GOyIt+xxIv2WI9gS/fmAT1ZuZDMQohUz2MtLksvGoXS1AE++DCVK3IQZorRDs
8/6/a/jvkDNUzgJw7NdCdIIqgBuZ3FB2vBqUaOCb8S+KjitGEB7MVhf13QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFAONk5xYAdeBZizkrA/tT8w8rdMbMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvQTQyVG5GZ0IxNEZtTE9Tc0QtMVB6RHl0MHhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQEH6owAwQG
XkqAAwQFbcugAwQCuSKgMA0GCSqGSIb3DQEBCwUAA4IBAQCO806A375AFDxYVjKj
WxQT5CGIr6uoJZop3QqGK/eE9MFKaqkuSoHss+ABEAC8xDzng6jVf/ndjVqE9JyT
MKDupESvMGmjGJqi1lg/dlIab6AXRQL32P0nlHdFyxYpZjRnGYiJvBiGdeehT98X
NFfdigeh1w0MXN18GCWIL3xfLe4ljCG8fjUHGhcTNL3N0gtsb6zGlZfCdjqT9sq4
xyMVDB+hno+/reu53+PuGHVEBrm90+l6AybNRhNQd3VxJx6EgiXhbQ5KouWifFT3
psozVJCQZ9saDgg55VneT+yYJ9P2MyYaxA/YchXlyaEtKgvyc3u1jiegbdd2C7Gq
lfEv
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:57:40 2025 by rpki-client