Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/RqOqP4O8uCuv6ZbP1PIRKycSmXw.roa
File: RqOqP4O8uCuv6ZbP1PIRKycSmXw.roa (raw, json)
Hash identifier: FCa6k5z0fFWR6cxS8xoZxiZGcVsYazX1YSnL58RuJMc=
Subject key identifier: 46:A3:AA:3F:83:BC:B8:2B:AF:E9:96:CF:D4:F2:11:2B:27:12:99:7C
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 01857BBD4E101A8FE24240BBAED18C77C682
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/RqOqP4O8uCuv6ZbP1PIRKycSmXw.roa
Signing time: Wed 04 Jan 2023 07:44:41 +0000
ROA not before: Wed 04 Jan 2023 07:44:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43350
IP address blocks: 94.74.157.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:7b:bd:4e:10:1a:8f:e2:42:40:bb:ae:d1:8c:77:c6:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Jan 4 07:44:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=46a3aa3f83bcb82bafe996cfd4f2112b2712997c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:76:ed:d4:12:ac:e7:21:3a:d8:23:ed:4e:21:
8f:e2:26:30:9c:61:d4:c5:37:c1:73:84:d9:f4:04:
14:6c:fe:ad:e6:2d:d5:8f:a8:36:07:ba:d9:2a:b6:
86:88:b6:0f:72:06:26:9e:3b:59:43:a6:d6:bb:21:
f9:13:8f:af:6d:d1:99:22:9a:12:5b:b6:1b:54:54:
06:6b:2c:13:a1:f0:8d:6f:12:cd:bf:3b:cd:f5:53:
e1:df:4a:0f:c7:80:c2:a8:42:6f:d3:14:7a:8c:a8:
fc:bb:82:ba:21:4b:e6:7f:56:b4:77:8b:b9:ad:86:
ac:7b:aa:6e:6a:22:14:fa:38:21:fe:8c:d1:8a:13:
60:9c:40:d1:bb:3e:57:ff:b9:b9:b3:17:9f:bf:b8:
19:8f:18:b7:70:1b:b5:09:1b:72:19:b5:b2:7c:5d:
12:17:bf:09:fd:8b:3e:b5:ab:60:4e:29:54:f8:eb:
8b:8a:24:eb:f0:ad:00:63:8d:0d:79:ff:3d:1d:eb:
51:a0:ee:ec:e8:fd:56:d0:a2:d2:ac:1e:ad:cb:5c:
6e:f2:1e:ab:03:0b:0a:29:bf:b5:89:e1:1e:30:79:
34:8c:c1:0e:74:16:c6:d3:00:7a:02:10:0f:e4:50:
5b:48:08:44:40:de:a9:a5:26:d4:53:da:6b:6e:a9:
d6:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:A3:AA:3F:83:BC:B8:2B:AF:E9:96:CF:D4:F2:11:2B:27:12:99:7C
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/RqOqP4O8uCuv6ZbP1PIRKycSmXw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.74.157.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:41:7f:4a:6b:e0:a4:b8:b8:64:8c:4e:f5:f2:68:27:33:1d:
d8:a5:55:4f:9f:ed:78:ad:59:aa:37:15:94:09:69:45:88:71:
75:8c:83:ee:d5:38:dd:55:af:95:e2:d8:93:c8:a1:d1:3b:99:
1c:ee:c8:e9:ce:95:df:f4:a9:ba:ba:10:d1:7a:2b:b9:37:7c:
19:08:ea:43:ac:f3:f2:6d:e1:8e:b3:31:65:4c:7f:ba:35:c2:
bd:06:25:23:4d:e6:88:21:15:d4:2c:26:a2:5a:c8:60:a0:fe:
dd:d7:40:25:99:05:01:c2:89:55:58:45:b7:59:a9:3e:0d:fd:
aa:a6:30:50:b8:66:c8:51:b3:28:17:1e:1c:2e:a9:22:d2:f4:
de:c2:16:b6:be:06:93:9e:a3:68:08:bd:df:cd:a3:8b:3e:34:
fb:cb:3f:23:82:97:60:2c:38:c8:80:8e:52:6b:f3:2c:e9:c7:
26:6b:9f:32:3d:aa:c0:19:e7:a1:da:3f:34:ea:a5:33:70:8b:
70:d1:d6:39:de:05:c1:ee:eb:a1:5e:05:b7:3f:cb:aa:02:6f:
08:e5:0a:76:e0:66:58:07:b0:4a:9d:7f:93:b1:02:43:5c:0c:
a8:57:94:0e:74:de:fd:30:01:8f:02:d3:56:66:21:a1:5b:aa:
36:b4:a4:b4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYV7vU4QGo/iQkC7rtGMd8aCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjMwMTA0MDc0NDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NmEzYWEzZjgzYmNiODJiYWZlOTk2Y2ZkNGYyMTEyYjI3MTI5OTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Hbt1BKs5yE62CPtTiGP4iYwnGHU
xTfBc4TZ9AQUbP6t5i3Vj6g2B7rZKraGiLYPcgYmnjtZQ6bWuyH5E4+vbdGZIpoS
W7YbVFQGaywTofCNbxLNvzvN9VPh30oPx4DCqEJv0xR6jKj8u4K6IUvmf1a0d4u5
rYase6puaiIU+jgh/ozRihNgnEDRuz5X/7m5sxefv7gZjxi3cBu1CRtyGbWyfF0S
F78J/Ys+tatgTilU+OuLiiTr8K0AY40Nef89HetRoO7s6P1W0KLSrB6ty1xu8h6r
AwsKKb+1ieEeMHk0jMEOdBbG0wB6AhAP5FBbSAhEQN6ppSbUU9prbqnWbwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEajqj+DvLgrr+mWz9TyESsnEpl8MB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvUnFPcVA0Tzh1Q3V2NlpiUDFQSVJLeWNTbVh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXkqdMA0G
CSqGSIb3DQEBCwUAA4IBAQAtQX9Ka+CkuLhkjE718mgnMx3YpVVPn+14rVmqNxWU
CWlFiHF1jIPu1TjdVa+V4tiTyKHRO5kc7sjpzpXf9Km6uhDReiu5N3wZCOpDrPPy
beGOszFlTH+6NcK9BiUjTeaIIRXULCaiWshgoP7d10AlmQUBwolVWEW3Wak+Df2q
pjBQuGbIUbMoFx4cLqki0vTewha2vgaTnqNoCL3fzaOLPjT7yz8jgpdgLDjIgI5S
a/Ms6ccma58yParAGeeh2j806qUzcItw0dY53gXB7uuhXgW3P8uqAm8I5Qp24GZY
B7BKnX+TsQJDXAyoV5QOdN79MAGPAtNWZiGhW6o2tKS0
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:09:30 2025 by rpki-client