Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/HTq0YimcifHXtYLhzbPBnBc3P-4.roa
File: HTq0YimcifHXtYLhzbPBnBc3P-4.roa (raw, json)
Hash identifier: UBJQnO6RgoPfdP9HzKRd4gTThr67I9rcRKcapbZLv90=
Subject key identifier: 1D:3A:B4:62:29:9C:89:F1:D7:B5:82:E1:CD:B3:C1:9C:17:37:3F:EE
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 0183D3AF816BED329D8ED9D5A34A0410E54C
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/HTq0YimcifHXtYLhzbPBnBc3P-4.roa
Signing time: Thu 13 Oct 2022 23:30:37 +0000
ROA not before: Thu 13 Oct 2022 23:30:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12679
IP address blocks: 31.170.55.0/24 maxlen: 24
94.74.191.0/24 maxlen: 24
94.74.187.0/24 maxlen: 24
94.74.137.0/24 maxlen: 24
94.74.140.0/24 maxlen: 24
94.74.145.0/24 maxlen: 24
94.74.147.0/24 maxlen: 24
94.74.156.0/24 maxlen: 24
94.74.157.0/24 maxlen: 24
94.74.159.0/24 maxlen: 24
94.74.158.0/24 maxlen: 24
94.74.164.0/24 maxlen: 24
94.74.171.0/24 maxlen: 24
94.74.173.0/24 maxlen: 24
94.74.182.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:d3:af:81:6b:ed:32:9d:8e:d9:d5:a3:4a:04:10:e5:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Oct 13 23:30:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1d3ab462299c89f1d7b582e1cdb3c19c17373fee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:13:1f:aa:55:27:9b:62:fb:0e:fd:24:67:90:
3a:7a:48:07:a1:fa:57:ca:c0:fd:a1:94:37:43:56:
3a:fe:3e:c4:40:be:2a:c2:5e:6c:35:7d:af:90:f1:
b7:cc:44:95:08:3f:f3:8e:46:be:f6:58:a6:2f:6b:
3b:77:e9:e6:d6:2c:00:ac:06:0f:af:3a:d8:6b:b8:
20:46:33:50:e7:57:54:db:da:ab:4f:ff:ed:6b:50:
0d:03:53:9b:14:4b:b6:42:ec:5f:72:43:f7:20:15:
da:bb:ce:29:d6:4a:8b:d5:3f:f6:e8:11:db:9f:e6:
7a:d0:09:43:16:55:69:83:f7:77:e3:66:6b:fd:b7:
2f:87:b7:70:22:eb:5f:6d:9f:19:d3:2d:48:54:ea:
03:6a:72:11:d9:c0:e6:2d:f8:a8:dd:fd:64:65:ca:
86:36:9d:ca:be:ea:c5:35:e4:56:14:9f:3d:35:9e:
7f:1a:00:2e:cf:79:67:b8:f8:71:d2:d6:6e:cf:de:
e2:a4:50:67:9c:ff:6a:9a:a0:3d:77:e3:12:c7:a2:
95:eb:eb:50:2d:11:e0:4f:25:e0:57:5c:41:95:28:
b9:1b:af:db:38:78:c6:33:39:60:0d:57:4b:d4:ea:
8f:95:1e:5c:2a:89:bb:fd:ed:be:4c:14:72:3f:27:
4c:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:3A:B4:62:29:9C:89:F1:D7:B5:82:E1:CD:B3:C1:9C:17:37:3F:EE
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/HTq0YimcifHXtYLhzbPBnBc3P-4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.170.55.0/24
94.74.137.0/24
94.74.140.0/24
94.74.145.0/24
94.74.147.0/24
94.74.156.0/22
94.74.164.0/24
94.74.171.0/24
94.74.173.0/24
94.74.182.0/24
94.74.187.0/24
94.74.191.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:81:cf:64:95:f5:81:66:52:c6:95:77:7d:f8:8e:31:f5:04:
63:59:7b:b4:fb:5d:b4:ce:07:f1:ef:56:e5:f6:03:21:9a:49:
4d:bf:15:72:c3:06:5c:6d:3e:4e:8c:e1:5a:b9:77:e8:45:0e:
8e:6e:63:49:55:f2:c9:8d:7f:ee:21:90:8e:11:61:b1:a9:94:
d5:ed:9f:f7:ab:09:cd:55:de:aa:a2:c7:3e:3e:37:a2:72:a1:
a7:88:4c:bb:d3:18:5e:f5:2b:22:4e:e6:9e:61:51:cd:51:c8:
b8:84:c3:4e:57:b7:c4:d4:d5:52:5b:74:ac:b3:5f:ec:2c:a2:
b2:24:0b:bb:89:82:39:25:7a:2d:6c:8a:ff:3a:50:e3:f6:75:
e4:d4:60:66:fd:55:c9:64:20:a6:8e:af:b7:5e:6f:17:da:37:
de:1c:62:87:b3:43:e8:7c:1f:cb:67:93:19:80:a8:f9:d7:05:
03:68:9f:77:c4:c3:5e:4e:3c:eb:22:40:b6:d3:1b:e2:fb:49:
d0:06:93:52:99:d7:8b:c6:e4:a0:cf:fa:64:59:8d:39:d6:3f:
a1:1e:1a:61:a4:81:a9:75:bb:76:81:18:ca:66:52:e4:06:50:
13:b0:23:fa:50:e4:cc:f6:e1:75:01:2c:fe:ce:c5:5c:bf:15:
5b:19:4e:1d
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYPTr4Fr7TKdjtnVo0oEEOVMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjIxMDEzMjMzMDM3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDNhYjQ2MjI5OWM4OWYxZDdiNTgyZTFjZGIzYzE5YzE3MzczZmVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArRMfqlUnm2L7Dv0kZ5A6ekgHofpX
ysD9oZQ3Q1Y6/j7EQL4qwl5sNX2vkPG3zESVCD/zjka+9limL2s7d+nm1iwArAYP
rzrYa7ggRjNQ51dU29qrT//ta1ANA1ObFEu2QuxfckP3IBXau84p1kqL1T/26BHb
n+Z60AlDFlVpg/d342Zr/bcvh7dwIutfbZ8Z0y1IVOoDanIR2cDmLfio3f1kZcqG
Np3KvurFNeRWFJ89NZ5/GgAuz3lnuPhx0tZuz97ipFBnnP9qmqA9d+MSx6KV6+tQ
LRHgTyXgV1xBlSi5G6/bOHjGMzlgDVdL1OqPlR5cKom7/e2+TBRyPydM+QIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFB06tGIpnInx17WC4c2zwZwXNz/uMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvSFRxMFlpbWNpZkhYdFlMaHpiUEJuQmMzUC00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQAH6o3AwQA
XkqJAwQAXkqMAwQAXkqRAwQAXkqTAwQCXkqcAwQAXkqkAwQAXkqrAwQAXkqtAwQA
Xkq2AwQAXkq7AwQAXkq/MA0GCSqGSIb3DQEBCwUAA4IBAQCmgc9klfWBZlLGlXd9
+I4x9QRjWXu0+120zgfx71bl9gMhmklNvxVywwZcbT5OjOFauXfoRQ6ObmNJVfLJ
jX/uIZCOEWGxqZTV7Z/3qwnNVd6qosc+PjeicqGniEy70xhe9SsiTuaeYVHNUci4
hMNOV7fE1NVSW3Sss1/sLKKyJAu7iYI5JXotbIr/OlDj9nXk1GBm/VXJZCCmjq+3
Xm8X2jfeHGKHs0PofB/LZ5MZgKj51wUDaJ93xMNeTjzrIkC20xvi+0nQBpNSmdeL
xuSgz/pkWY051j+hHhphpIGpdbt2gRjKZlLkBlATsCP6UOTM9uF1ASz+zsVcvxVb
GU4d
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:02:16 2025 by rpki-client