Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/JPSwEAE5GKrwzZA1g7wB2JKugC0.roa
File: JPSwEAE5GKrwzZA1g7wB2JKugC0.roa (raw, json)
Hash identifier: eUNKiEwzc/FRrvHnclFMWkRnB2apV9fPGPRdIUVUf2k=
Subject key identifier: 24:F4:B0:10:01:39:18:AA:F0:CD:90:35:83:BC:01:D8:92:AE:80:2D
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 0186B63DFC3C9B45A0EB2A18805F8D0BDA59
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/JPSwEAE5GKrwzZA1g7wB2JKugC0.roa
Signing time: Mon 06 Mar 2023 09:26:00 +0000
ROA not before: Mon 06 Mar 2023 09:26:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44208
IP address blocks: 176.46.138.0/23 maxlen: 24
176.46.144.0/20 maxlen: 24
176.46.140.0/22 maxlen: 24
94.74.128.0/18 maxlen: 24
31.170.48.0/20 maxlen: 24
185.34.160.0/22 maxlen: 24
94.74.190.0/24 maxlen: 24
109.203.160.0/19 maxlen: 24
94.74.137.0/24 maxlen: 24
94.74.136.0/24 maxlen: 24
94.74.140.0/24 maxlen: 24
94.74.165.0/24 maxlen: 24
94.74.166.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:b6:3d:fc:3c:9b:45:a0:eb:2a:18:80:5f:8d:0b:da:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Mar 6 09:26:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=24f4b010013918aaf0cd903583bc01d892ae802d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:c0:19:d9:47:23:96:31:52:94:44:d4:47:17:
e1:fa:e0:66:26:d4:36:7d:9c:e4:6a:18:9d:f4:01:
ec:5a:43:b0:26:9b:65:71:85:a0:c4:78:14:0d:39:
57:36:33:a7:23:16:1e:82:a3:bf:2b:ca:19:ea:ab:
b8:94:4d:e3:ff:5d:81:19:f1:23:17:38:c4:25:13:
3a:bc:ac:c2:83:f7:3c:af:42:d0:43:eb:e1:95:e6:
13:b4:a6:f0:39:24:8d:07:e6:f9:92:00:ef:f5:40:
c9:3e:be:2b:e8:ae:5d:e5:06:8e:2f:9d:48:3c:e2:
96:fb:86:b6:16:ea:ae:1c:10:5a:39:60:b5:f3:e9:
0b:e9:54:e3:eb:6f:ef:31:34:04:f7:fc:82:b1:f8:
2d:bd:25:b2:20:ea:fb:5d:90:cf:1a:fe:4f:10:39:
e5:58:0f:63:a7:24:6f:d8:39:23:c2:6e:e4:54:45:
20:cf:f8:5f:d0:c5:85:8f:6a:da:32:dc:3f:5f:1c:
fc:29:6c:47:19:73:e3:de:9a:8b:c3:bd:e9:c1:ce:
ab:72:fe:82:7f:e1:62:27:84:d2:b6:82:89:0f:81:
83:2f:b0:b6:21:f5:6e:07:ac:0e:c3:6f:09:9c:d2:
5c:a9:0c:7f:88:ea:a2:c2:9e:1e:98:90:94:6b:6e:
8b:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:F4:B0:10:01:39:18:AA:F0:CD:90:35:83:BC:01:D8:92:AE:80:2D
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/JPSwEAE5GKrwzZA1g7wB2JKugC0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.170.48.0/20
94.74.128.0/18
109.203.160.0/19
176.46.138.0-176.46.159.255
185.34.160.0/22
Signature Algorithm: sha256WithRSAEncryption
4b:8a:af:18:55:37:f8:29:74:5c:cd:68:80:52:85:63:3e:ae:
4f:d8:ad:f7:80:09:d6:92:5f:c6:db:fa:d9:1f:5f:f0:04:10:
da:bc:be:39:92:e5:e9:6f:fb:b0:7b:89:66:f6:ba:96:c5:ed:
2b:36:4a:b1:e4:bb:86:c9:87:4f:ae:b4:42:6e:81:6b:d1:09:
87:38:20:0b:a3:65:17:2d:d2:7f:04:2b:7b:be:99:d2:f8:46:
98:3c:1e:eb:d1:97:e5:30:03:12:78:1e:0a:81:6f:73:fd:0b:
dc:08:0c:73:53:02:c8:8b:aa:35:9c:dd:38:86:76:3e:6d:7d:
33:f8:6e:0a:1a:73:0c:82:37:e6:59:a3:ea:8b:68:35:5d:e5:
09:f9:d8:3c:74:f8:6b:99:79:c0:6d:22:b1:40:6b:26:6e:38:
cb:45:aa:17:f9:d0:c0:cc:d8:28:18:46:1b:32:14:3d:e8:37:
ae:13:ca:7e:1c:29:da:ea:8b:f5:e0:c4:8b:8d:c4:50:3b:6f:
b3:de:ad:8b:8f:1f:db:cd:d9:6e:66:53:81:87:f5:2f:3b:24:
05:fe:90:22:6b:b1:3b:da:b3:bf:cb:6e:29:a2:05:47:15:07:
a0:31:b5:16:4a:2d:9b:08:25:88:bb:ea:8a:23:a0:f4:18:e9:
f5:2d:07:36
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYa2Pfw8m0Wg6yoYgF+NC9pZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjMwMzA2MDkyNjAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNGY0YjAxMDAxMzkxOGFhZjBjZDkwMzU4M2JjMDFkODkyYWU4MDJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAksAZ2UcjljFSlETURxfh+uBmJtQ2
fZzkahid9AHsWkOwJptlcYWgxHgUDTlXNjOnIxYegqO/K8oZ6qu4lE3j/12BGfEj
FzjEJRM6vKzCg/c8r0LQQ+vhleYTtKbwOSSNB+b5kgDv9UDJPr4r6K5d5QaOL51I
POKW+4a2FuquHBBaOWC18+kL6VTj62/vMTQE9/yCsfgtvSWyIOr7XZDPGv5PEDnl
WA9jpyRv2Dkjwm7kVEUgz/hf0MWFj2raMtw/Xxz8KWxHGXPj3pqLw73pwc6rcv6C
f+FiJ4TStoKJD4GDL7C2IfVuB6wOw28JnNJcqQx/iOqiwp4emJCUa26LAwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFCT0sBABORiq8M2QNYO8AdiSroAtMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvSlBTd0VBRTVHS3J3elpBMWc3d0IySkt1Z0MwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQEH6owAwQG
XkqAAwQFbcugMAwDBAGwLooDBAWwLoADBAK5IqAwDQYJKoZIhvcNAQELBQADggEB
AEuKrxhVN/gpdFzNaIBShWM+rk/YrfeACdaSX8bb+tkfX/AEENq8vjmS5elv+7B7
iWb2upbF7Ss2SrHku4bJh0+utEJugWvRCYc4IAujZRct0n8EK3u+mdL4Rpg8HuvR
l+UwAxJ4HgqBb3P9C9wIDHNTAsiLqjWc3TiGdj5tfTP4bgoacwyCN+ZZo+qLaDVd
5Qn52Dx0+GuZecBtIrFAayZuOMtFqhf50MDM2CgYRhsyFD3oN64Tyn4cKdrqi/Xg
xIuNxFA7b7PerYuPH9vN2W5mU4GH9S87JAX+kCJrsTvas7/LbimiBUcVB6AxtRZK
LZsIJYi76oojoPQY6fUtBzY=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:02:08 2025 by rpki-client