Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/WmLsSeUCBamRZhCt--ERRs2LSKg.roa
File: WmLsSeUCBamRZhCt--ERRs2LSKg.roa (raw, json)
Hash identifier: 52AS7835UoIGUnTaIUpYYQjD33eWL1dZ6NY6eIuOCxE=
Subject key identifier: 5A:62:EC:49:E5:02:05:A9:91:66:10:AD:FB:E1:11:46:CD:8B:48:A8
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 018AF15F099BBC35590A3DB38F4602F49FCA
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/WmLsSeUCBamRZhCt--ERRs2LSKg.roa
Signing time: Mon 02 Oct 2023 17:10:52 +0000
ROA not before: Mon 02 Oct 2023 17:10:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44208
IP address blocks: 94.74.190.0/24 maxlen: 24
94.74.128.0/18 maxlen: 24
94.74.136.0/24 maxlen: 24
31.170.48.0/20 maxlen: 24
94.74.165.0/24 maxlen: 24
94.74.166.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f1:5f:09:9b:bc:35:59:0a:3d:b3:8f:46:02:f4:9f:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Oct 2 17:10:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5a62ec49e50205a9916610adfbe11146cd8b48a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:1f:f4:41:64:3d:b7:0a:0e:8b:c5:e5:df:87:
c1:94:38:9a:64:54:51:44:2c:dd:f0:d8:35:f2:11:
95:b0:ba:1f:3f:ed:26:1f:b0:ff:4d:df:8c:4c:a7:
d6:38:b6:b9:04:cc:37:94:69:47:5c:5a:b2:cd:cf:
1a:94:37:a0:15:21:ba:89:6e:8b:f0:c6:d7:b6:0d:
04:15:be:2b:4a:4f:40:4e:ea:09:00:a8:a2:ca:08:
00:3c:1c:80:10:57:16:9a:28:e8:4f:90:57:62:b8:
74:e7:c3:af:9d:43:86:cf:57:c7:d4:7f:d7:f7:1a:
e9:6d:4c:8d:54:bd:c8:5a:76:24:e8:d2:05:b1:73:
8b:2a:22:bd:be:32:cf:8c:aa:6a:d3:d9:f6:cb:6f:
5c:57:52:38:10:89:71:fb:53:18:97:c2:77:c6:25:
76:e5:a5:ab:24:a7:7d:13:66:e2:0f:b6:7b:7f:68:
66:89:95:84:6f:c1:84:62:90:eb:32:12:c1:c0:19:
96:6c:95:ba:49:a4:5f:45:1e:95:da:e0:b3:bf:39:
ca:43:0f:c2:c2:40:cf:ac:24:f2:cc:00:d1:cc:71:
d8:01:85:dd:6b:4e:0e:29:ac:ed:07:d9:43:b9:72:
85:97:d5:a3:76:d5:fe:6d:35:3a:1b:5f:86:84:98:
a3:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:62:EC:49:E5:02:05:A9:91:66:10:AD:FB:E1:11:46:CD:8B:48:A8
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/WmLsSeUCBamRZhCt--ERRs2LSKg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.170.48.0/20
94.74.128.0/18
Signature Algorithm: sha256WithRSAEncryption
10:a2:4e:9e:d4:50:c9:8d:d2:ea:fa:cb:31:74:28:c0:ff:38:
c2:29:94:74:eb:30:85:34:65:b0:b8:91:9c:73:b7:28:60:81:
6d:c8:61:59:98:40:82:88:55:04:10:d2:cb:6e:c7:3f:ca:7b:
ef:27:7a:70:74:ef:32:5f:07:8c:4a:59:aa:8b:f6:60:38:53:
63:3c:3c:7d:dd:c0:b4:90:24:2a:d7:a3:08:03:8f:7c:5a:39:
95:3b:19:a7:25:13:74:5f:d9:a1:88:17:c1:9f:63:5b:3d:bf:
9b:cd:95:8c:31:de:77:7b:b0:5e:e8:8e:42:eb:79:c8:05:d5:
51:36:19:f7:c3:6a:fb:d3:21:56:0d:40:53:46:30:e3:af:9d:
2a:85:c4:c1:d4:51:d6:92:d7:b3:09:b4:8e:1a:8c:89:ae:aa:
0a:23:68:39:77:3f:57:f7:cc:4e:1d:07:e3:d5:fe:02:dd:a9:
13:29:f3:d7:79:97:02:49:e3:5e:ad:be:1a:54:6f:27:61:46:
a7:31:86:4d:43:34:9b:b9:b9:01:9a:e8:bf:d7:bf:d3:8e:28:
26:8c:e1:c4:1e:34:89:e7:72:c2:ef:ab:c2:83:c3:b1:ea:41:
c7:6a:c1:fc:e5:f1:3b:a6:fb:b5:c6:e3:99:37:6f:41:10:de:
5c:07:94:ac
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYrxXwmbvDVZCj2zj0YC9J/KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjMxMDAyMTcxMDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTYyZWM0OWU1MDIwNWE5OTE2NjEwYWRmYmUxMTE0NmNkOGI0OGE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmh/0QWQ9twoOi8Xl34fBlDiaZFRR
RCzd8Ng18hGVsLofP+0mH7D/Td+MTKfWOLa5BMw3lGlHXFqyzc8alDegFSG6iW6L
8MbXtg0EFb4rSk9ATuoJAKiiyggAPByAEFcWmijoT5BXYrh058OvnUOGz1fH1H/X
9xrpbUyNVL3IWnYk6NIFsXOLKiK9vjLPjKpq09n2y29cV1I4EIlx+1MYl8J3xiV2
5aWrJKd9E2biD7Z7f2hmiZWEb8GEYpDrMhLBwBmWbJW6SaRfRR6V2uCzvznKQw/C
wkDPrCTyzADRzHHYAYXda04OKaztB9lDuXKFl9WjdtX+bTU6G1+GhJijzwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFpi7EnlAgWpkWYQrfvhEUbNi0ioMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvV21Mc1NlVUNCYW1SWmhDdC0tRVJSczJMU0tnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEH6owAwQG
XkqAMA0GCSqGSIb3DQEBCwUAA4IBAQAQok6e1FDJjdLq+ssxdCjA/zjCKZR06zCF
NGWwuJGcc7coYIFtyGFZmECCiFUEENLLbsc/ynvvJ3pwdO8yXweMSlmqi/ZgOFNj
PDx93cC0kCQq16MIA498WjmVOxmnJRN0X9mhiBfBn2NbPb+bzZWMMd53e7Be6I5C
63nIBdVRNhn3w2r70yFWDUBTRjDjr50qhcTB1FHWktezCbSOGoyJrqoKI2g5dz9X
98xOHQfj1f4C3akTKfPXeZcCSeNerb4aVG8nYUanMYZNQzSbubkBmui/17/Tjigm
jOHEHjSJ53LC76vCg8Ox6kHHasH85fE7pvu1xuOZN29BEN5cB5Ss
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:07:30 2025 by rpki-client