Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/S4DCer6AhRv6W0uy7lBweVrRMIo.roa
File: S4DCer6AhRv6W0uy7lBweVrRMIo.roa (raw, json)
Hash identifier: wbuRVggkpt7B2HTq3OtrGLf245m6zolJfLzUPUEYREY=
Subject key identifier: 4B:80:C2:7A:BE:80:85:1B:FA:5B:4B:B2:EE:50:70:79:5A:D1:30:8A
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 018AC0C5B62E47AF71C9C988D56E78358DCF
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/S4DCer6AhRv6W0uy7lBweVrRMIo.roa
Signing time: Sat 23 Sep 2023 06:41:37 +0000
ROA not before: Sat 23 Sep 2023 06:41:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44208
IP address blocks: 94.74.190.0/24 maxlen: 24
109.203.176.0/20 maxlen: 24
94.74.128.0/18 maxlen: 24
94.74.136.0/24 maxlen: 24
31.170.48.0/20 maxlen: 24
94.74.165.0/24 maxlen: 24
94.74.166.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:c0:c5:b6:2e:47:af:71:c9:c9:88:d5:6e:78:35:8d:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Sep 23 06:41:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4b80c27abe80851bfa5b4bb2ee5070795ad1308a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:80:bf:d9:c1:d6:c8:b4:29:e7:47:ec:36:e3:
64:dc:f9:db:8c:9e:3a:88:d8:0a:a9:12:b5:8c:a1:
26:c8:08:85:92:03:c7:f5:8d:85:55:9a:0f:40:9b:
34:87:a8:4e:27:08:c8:7c:36:2c:ff:72:82:55:b1:
a7:36:92:01:9d:c0:b8:b5:2f:40:ad:a1:a2:be:97:
77:c1:47:d0:ef:d8:cd:b0:73:f8:c4:0c:77:48:2a:
9f:5c:e1:2c:82:d1:fc:d3:96:ae:09:28:4c:1d:54:
7b:c0:a6:7a:a4:bb:23:a5:4d:c8:b8:9c:8c:b4:d6:
4d:27:9c:99:db:6f:ce:25:6a:1c:12:6a:e5:0d:23:
a7:ee:df:ce:58:19:64:cc:3c:a6:63:b6:2f:76:89:
a6:b5:23:6b:e1:24:00:bc:44:3b:cc:a8:9a:5a:5d:
42:bc:4b:9d:e7:ec:7c:b9:2e:68:dc:c8:79:5f:94:
9d:9c:ef:87:67:a8:2b:25:60:15:89:d6:5b:95:36:
2d:b2:ef:3e:ea:cf:e1:88:18:ed:4b:4a:24:4d:48:
25:90:9c:1a:79:d2:56:81:9c:45:2a:29:1f:43:28:
e7:73:8d:80:a1:70:ab:67:43:08:52:e4:b5:f2:4b:
46:b7:ea:34:78:5c:f6:e3:ef:84:44:91:a7:17:7d:
22:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:80:C2:7A:BE:80:85:1B:FA:5B:4B:B2:EE:50:70:79:5A:D1:30:8A
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/S4DCer6AhRv6W0uy7lBweVrRMIo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.170.48.0/20
94.74.128.0/18
109.203.176.0/20
Signature Algorithm: sha256WithRSAEncryption
a0:55:fc:e8:c8:90:43:f2:c7:f4:13:5d:e8:e1:1c:a1:08:a2:
f7:e4:f9:54:a4:49:13:3e:48:83:54:45:45:e1:00:cf:5d:52:
95:e7:3b:e9:0f:dc:a4:bc:06:c0:65:2e:1f:39:7a:15:4c:31:
86:40:7f:ea:5d:a7:06:8c:49:4b:45:42:54:8e:4a:59:78:a7:
17:a3:fd:27:bd:43:4e:f1:1c:66:f3:c4:3b:02:15:fc:aa:17:
a0:b6:c7:70:77:70:3f:78:41:8a:11:ef:f6:6e:57:97:26:bd:
f3:46:25:89:a8:f0:75:de:64:18:04:f4:7d:56:f0:5e:ab:ee:
fb:66:90:6a:f0:94:9c:69:7c:6a:e1:4b:d1:c3:3d:1e:dd:e1:
ca:e2:e3:44:a1:8a:c7:84:81:de:45:15:ec:4f:6d:0e:37:1e:
c6:49:b8:a7:ad:06:55:a1:e5:4a:93:06:5b:a2:8c:7f:15:0c:
8d:05:b6:64:0e:c4:c8:67:9b:40:d6:ea:7e:67:43:e1:42:8d:
0b:13:a0:de:9a:3b:98:88:be:ad:b1:0e:5b:5a:16:22:29:94:
f3:3a:79:7a:51:8e:ed:05:7a:1d:b2:79:1f:9e:c3:94:60:4b:
28:91:3a:0e:25:fe:25:e2:4e:66:41:8d:1f:e1:36:04:ab:0c:
a7:bb:69:46
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYrAxbYuR69xycmI1W54NY3PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjMwOTIzMDY0MTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjgwYzI3YWJlODA4NTFiZmE1YjRiYjJlZTUwNzA3OTVhZDEzMDhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApIC/2cHWyLQp50fsNuNk3PnbjJ46
iNgKqRK1jKEmyAiFkgPH9Y2FVZoPQJs0h6hOJwjIfDYs/3KCVbGnNpIBncC4tS9A
raGivpd3wUfQ79jNsHP4xAx3SCqfXOEsgtH805auCShMHVR7wKZ6pLsjpU3IuJyM
tNZNJ5yZ22/OJWocEmrlDSOn7t/OWBlkzDymY7YvdommtSNr4SQAvEQ7zKiaWl1C
vEud5+x8uS5o3Mh5X5SdnO+HZ6grJWAVidZblTYtsu8+6s/hiBjtS0okTUglkJwa
edJWgZxFKikfQyjnc42AoXCrZ0MIUuS18ktGt+o0eFz24++ERJGnF30iiQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEuAwnq+gIUb+ltLsu5QcHla0TCKMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvUzREQ2VyNkFoUnY2VzB1eTdsQndlVnJSTUlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQEH6owAwQG
XkqAAwQEbcuwMA0GCSqGSIb3DQEBCwUAA4IBAQCgVfzoyJBD8sf0E13o4RyhCKL3
5PlUpEkTPkiDVEVF4QDPXVKV5zvpD9ykvAbAZS4fOXoVTDGGQH/qXacGjElLRUJU
jkpZeKcXo/0nvUNO8Rxm88Q7AhX8qhegtsdwd3A/eEGKEe/2bleXJr3zRiWJqPB1
3mQYBPR9VvBeq+77ZpBq8JScaXxq4UvRwz0e3eHK4uNEoYrHhIHeRRXsT20ONx7G
SbinrQZVoeVKkwZboox/FQyNBbZkDsTIZ5tA1up+Z0PhQo0LE6DemjuYiL6tsQ5b
WhYiKZTzOnl6UY7tBXodsnkfnsOUYEsokToOJf4l4k5mQY0f4TYEqwynu2lG
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:02:12 2025 by rpki-client