Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/SlYvZZ_sL40B3u-5UTCjvH4ZW3Y.roa
File: SlYvZZ_sL40B3u-5UTCjvH4ZW3Y.roa (raw, json)
Hash identifier: SWVdThIyet18xBFzlTVtzV24p9WW+j0J18+m0l+VRic=
Subject key identifier: 4A:56:2F:65:9F:EC:2F:8D:01:DE:EF:B9:51:30:A3:BC:7E:19:5B:76
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 0184155BC464B42D431819E850A24CC47EE3
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/SlYvZZ_sL40B3u-5UTCjvH4ZW3Y.roa
Signing time: Wed 26 Oct 2022 17:34:06 +0000
ROA not before: Wed 26 Oct 2022 17:34:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208485
IP address blocks: 109.203.160.0/22 maxlen: 24
109.203.164.0/22 maxlen: 24
37.49.144.0/22 maxlen: 24
37.49.148.0/22 maxlen: 24
176.46.128.0/19 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:15:5b:c4:64:b4:2d:43:18:19:e8:50:a2:4c:c4:7e:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Oct 26 17:34:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4a562f659fec2f8d01deefb95130a3bc7e195b76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:45:77:73:1e:9a:dd:7d:5f:22:1e:9b:33:61:
a1:c5:a4:ed:4e:5d:d9:4b:06:03:30:2f:12:0f:17:
cf:61:ea:d8:03:15:71:48:ff:ad:cf:2d:a4:22:cb:
9a:5a:2b:3b:93:33:29:a8:d6:f7:60:33:42:8d:94:
60:0d:2e:f9:3f:b3:d1:86:15:86:1f:fc:5f:3b:8f:
34:4e:f9:dd:82:17:63:1d:a6:b2:99:15:c9:8b:ad:
e5:26:1b:28:b7:69:59:9e:b2:e9:7f:bb:c0:8c:e4:
db:af:ce:7b:47:a2:cf:05:ff:2a:16:a3:38:27:f3:
f6:f7:10:8c:40:29:b4:77:e2:96:09:d7:19:11:fd:
d2:8a:d1:9e:9d:24:19:18:3e:03:4c:7a:d4:d3:fd:
b1:10:01:f4:0f:f9:a9:9a:f8:49:b0:44:c3:34:07:
67:7a:e0:1a:70:7b:7b:9a:6c:69:04:44:3b:45:87:
70:e5:76:88:84:5f:f6:46:e8:5d:d2:bd:c0:19:06:
6a:51:e9:08:25:5c:3f:7d:59:4e:9e:c4:2f:9e:fd:
f4:97:f9:2c:2c:95:60:4b:84:68:8a:80:4a:60:49:
16:f2:9d:b6:a3:d9:3f:93:0b:c4:91:66:cb:bf:48:
f8:57:a7:a4:9b:0f:43:d1:3a:f3:1d:b2:a0:fc:53:
1b:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:56:2F:65:9F:EC:2F:8D:01:DE:EF:B9:51:30:A3:BC:7E:19:5B:76
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/SlYvZZ_sL40B3u-5UTCjvH4ZW3Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.49.144.0/21
109.203.160.0/21
176.46.128.0/19
Signature Algorithm: sha256WithRSAEncryption
87:c1:37:ad:4c:22:e7:2a:96:7a:74:7b:41:12:37:b2:ac:87:
d1:70:b5:67:3a:a2:d1:a7:b1:99:03:3c:6a:0f:dc:27:25:8e:
f8:3d:9e:1e:e2:08:4d:30:50:61:1d:0e:d7:59:89:80:62:6b:
8e:b6:f0:ee:5c:40:8a:22:9f:e6:98:ed:b7:99:2b:3e:c9:d2:
e8:c5:cc:1f:97:82:b7:12:2d:d2:83:ff:f8:8c:4c:14:1a:2a:
b9:54:6a:e8:32:fa:43:2b:5c:dd:43:ed:37:23:4a:58:9b:0e:
c9:6b:20:81:dd:03:0e:80:7a:67:83:26:0b:8c:cb:50:cf:1c:
63:a8:0a:ec:bb:0f:d0:67:83:81:30:e1:16:e6:4a:02:be:9f:
49:05:9d:8a:94:cd:47:85:90:4d:e5:c1:35:55:ea:a1:8f:cf:
a4:30:87:0f:33:16:63:93:ed:0c:09:d3:a6:a9:d4:f0:72:84:
bc:85:dc:d6:31:17:47:59:71:b2:80:59:e5:47:e4:8b:80:65:
bc:0c:2c:6c:96:12:3e:db:01:d4:ea:f2:85:6c:f2:33:66:60:
c4:7a:b6:4a:e5:5a:bb:b7:4a:de:4c:15:dd:de:ab:12:40:16:
ef:8e:2b:cb:b5:20:f7:28:2f:87:60:d0:23:41:e1:8b:b7:fa:
0b:68:27:ab
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYQVW8RktC1DGBnoUKJMxH7jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjIxMDI2MTczNDA2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTU2MmY2NTlmZWMyZjhkMDFkZWVmYjk1MTMwYTNiYzdlMTk1Yjc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgUV3cx6a3X1fIh6bM2GhxaTtTl3Z
SwYDMC8SDxfPYerYAxVxSP+tzy2kIsuaWis7kzMpqNb3YDNCjZRgDS75P7PRhhWG
H/xfO480TvndghdjHaaymRXJi63lJhsot2lZnrLpf7vAjOTbr857R6LPBf8qFqM4
J/P29xCMQCm0d+KWCdcZEf3SitGenSQZGD4DTHrU0/2xEAH0D/mpmvhJsETDNAdn
euAacHt7mmxpBEQ7RYdw5XaIhF/2Ruhd0r3AGQZqUekIJVw/fVlOnsQvnv30l/ks
LJVgS4RoioBKYEkW8p22o9k/kwvEkWbLv0j4V6ekmw9D0TrzHbKg/FMb3QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEpWL2Wf7C+NAd7vuVEwo7x+GVt2MB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvU2xZdlpaX3NMNDBCM3UtNVVUQ2p2SDRaVzNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDJTGQAwQD
bcugAwQFsC6AMA0GCSqGSIb3DQEBCwUAA4IBAQCHwTetTCLnKpZ6dHtBEjeyrIfR
cLVnOqLRp7GZAzxqD9wnJY74PZ4e4ghNMFBhHQ7XWYmAYmuOtvDuXECKIp/mmO23
mSs+ydLoxcwfl4K3Ei3Sg//4jEwUGiq5VGroMvpDK1zdQ+03I0pYmw7JayCB3QMO
gHpngyYLjMtQzxxjqArsuw/QZ4OBMOEW5koCvp9JBZ2KlM1HhZBN5cE1Veqhj8+k
MIcPMxZjk+0MCdOmqdTwcoS8hdzWMRdHWXGygFnlR+SLgGW8DCxslhI+2wHU6vKF
bPIzZmDEerZK5Vq7t0reTBXd3qsSQBbvjivLtSD3KC+HYNAjQeGLt/oLaCer
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:01:23 2025 by rpki-client