Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/NDQef2zjc3z_07G_iU1xgqAj8fI.roa
File: NDQef2zjc3z_07G_iU1xgqAj8fI.roa (raw, json)
Hash identifier: 1tEjzM5cXEs0DNyhpb6+xumD78rDCdO625XZTbR0ahw=
Subject key identifier: 34:34:1E:7F:6C:E3:73:7C:FF:D3:B1:BF:89:4D:71:82:A0:23:F1:F2
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 0188425593BE1582D12EF1A0FFD6AFD8497F
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/NDQef2zjc3z_07G_iU1xgqAj8fI.roa
Signing time: Mon 22 May 2023 07:21:24 +0000
ROA not before: Mon 22 May 2023 07:21:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44208
IP address blocks: 176.46.144.0/20 maxlen: 24
94.74.128.0/18 maxlen: 24
31.170.48.0/20 maxlen: 24
185.34.160.0/22 maxlen: 24
94.74.190.0/24 maxlen: 24
109.203.160.0/19 maxlen: 24
109.203.168.0/22 maxlen: 24
109.203.172.0/22 maxlen: 24
109.203.176.0/22 maxlen: 24
109.203.184.0/21 maxlen: 24
109.203.180.0/22 maxlen: 24
94.74.136.0/24 maxlen: 24
94.74.152.0/22 maxlen: 24
94.74.165.0/24 maxlen: 24
94.74.168.0/24 maxlen: 24
94.74.166.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:42:55:93:be:15:82:d1:2e:f1:a0:ff:d6:af:d8:49:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: May 22 07:21:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=34341e7f6ce3737cffd3b1bf894d7182a023f1f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:a7:4a:00:82:06:4d:ee:00:83:ec:2c:c1:4d:
20:6c:85:2f:74:46:1e:57:b3:90:cf:40:d1:60:f6:
a8:7a:c4:f9:da:f6:ec:a9:40:cb:b9:b4:41:6b:1a:
98:7f:be:f3:0d:8d:25:2f:74:25:5d:f2:a7:b0:c9:
ce:1b:ff:66:96:6b:8c:12:13:73:d6:c8:eb:82:94:
b2:d6:38:34:06:0b:8b:2b:65:22:1d:dd:86:4e:58:
ec:ca:de:c7:0a:35:3e:44:cf:c9:5b:4c:5c:8a:2b:
c3:1b:52:25:3d:3c:c1:5e:78:f0:59:d7:41:1f:e5:
e7:90:d6:87:03:ab:c1:39:34:9b:21:f5:9d:b0:10:
1f:ab:96:22:cb:21:03:a6:9c:68:bb:c2:80:fb:52:
e8:2d:4b:39:1a:d7:4f:3f:e0:dc:30:19:33:2c:2c:
16:11:2e:4e:9b:f6:b5:44:ba:22:dc:53:40:37:6e:
45:a4:19:a3:87:c3:81:a2:f3:22:52:c0:e8:07:83:
4c:1d:78:2c:76:2c:3a:d5:87:3c:9c:29:5f:75:13:
6a:83:f7:30:57:56:07:41:91:7f:a7:ea:2f:84:5a:
62:f9:f3:22:89:1b:91:d3:3c:01:77:9c:9c:3b:b4:
ab:23:14:9e:68:53:d7:69:e6:96:b6:38:07:bd:b9:
c1:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:34:1E:7F:6C:E3:73:7C:FF:D3:B1:BF:89:4D:71:82:A0:23:F1:F2
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/NDQef2zjc3z_07G_iU1xgqAj8fI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.170.48.0/20
94.74.128.0/18
109.203.160.0/19
176.46.144.0/20
185.34.160.0/22
Signature Algorithm: sha256WithRSAEncryption
a5:07:58:85:0f:27:56:77:8b:f2:18:b7:59:ec:87:3d:8d:13:
a4:69:a0:b3:1e:42:77:08:8d:67:68:7e:13:d0:39:c6:cc:0a:
72:33:4b:1a:24:12:83:df:49:0e:72:bc:3a:d3:f4:6f:70:88:
1f:d1:04:22:6c:70:f6:b1:a9:a8:e3:5e:5d:5a:08:02:a4:f7:
d7:e9:d0:ed:f7:46:77:77:4b:c6:d8:f0:38:50:b2:bd:4b:64:
d1:7c:76:34:4b:a9:1b:5b:77:b0:d2:e8:33:88:77:ee:43:a8:
d0:07:5b:2e:66:cb:ba:a4:6a:6b:44:ae:f4:35:52:7d:e0:fb:
f4:1c:61:78:21:1c:9c:3c:01:58:0d:9e:13:63:03:6f:dc:69:
0d:bf:aa:61:26:86:f2:c6:d2:da:56:fd:34:97:93:44:37:13:
f4:a8:c7:0b:0a:ac:7d:41:16:c9:f9:07:f9:a9:68:d5:78:9a:
cc:35:09:2b:dc:ea:94:2c:63:be:43:3a:aa:df:99:d9:88:8b:
d8:6f:34:5b:e0:6c:db:12:fc:a9:a8:44:76:74:8d:80:a7:d9:
c0:85:c6:21:5b:1d:42:3d:52:05:75:c7:b2:03:56:d1:37:da:
08:dc:26:2c:35:18:86:57:47:a3:25:d4:ad:eb:36:f2:1f:76:
a9:07:d1:80
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYhCVZO+FYLRLvGg/9av2El/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjMwNTIyMDcyMTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDM0MWU3ZjZjZTM3MzdjZmZkM2IxYmY4OTRkNzE4MmEwMjNmMWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnKdKAIIGTe4Ag+wswU0gbIUvdEYe
V7OQz0DRYPaoesT52vbsqUDLubRBaxqYf77zDY0lL3QlXfKnsMnOG/9mlmuMEhNz
1sjrgpSy1jg0BguLK2UiHd2GTljsyt7HCjU+RM/JW0xciivDG1IlPTzBXnjwWddB
H+XnkNaHA6vBOTSbIfWdsBAfq5YiyyEDppxou8KA+1LoLUs5GtdPP+DcMBkzLCwW
ES5Om/a1RLoi3FNAN25FpBmjh8OBovMiUsDoB4NMHXgsdiw61Yc8nClfdRNqg/cw
V1YHQZF/p+ovhFpi+fMiiRuR0zwBd5ycO7SrIxSeaFPXaeaWtjgHvbnBMQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFDQ0Hn9s43N8/9Oxv4lNcYKgI/HyMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvTkRRZWYyempjM3pfMDdHX2lVMXhncUFqOGZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQEH6owAwQG
XkqAAwQFbcugAwQEsC6QAwQCuSKgMA0GCSqGSIb3DQEBCwUAA4IBAQClB1iFDydW
d4vyGLdZ7Ic9jROkaaCzHkJ3CI1naH4T0DnGzApyM0saJBKD30kOcrw60/RvcIgf
0QQibHD2samo415dWggCpPfX6dDt90Z3d0vG2PA4ULK9S2TRfHY0S6kbW3ew0ugz
iHfuQ6jQB1suZsu6pGprRK70NVJ94Pv0HGF4IRycPAFYDZ4TYwNv3GkNv6phJoby
xtLaVv00l5NENxP0qMcLCqx9QRbJ+Qf5qWjVeJrMNQkr3OqULGO+Qzqq35nZiIvY
bzRb4GzbEvypqER2dI2Ap9nAhcYhWx1CPVIFdceyA1bRN9oI3CYsNRiGV0ejJdSt
6zbyH3apB9GA
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:01:53 2025 by rpki-client