Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/YjV9J4vShUe36Ty6rUwNwleLjG8.roa
File: YjV9J4vShUe36Ty6rUwNwleLjG8.roa (raw, json)
Hash identifier: eO7i7Id/JzoEWTrn7JUnMoTYp047mmojsi6aVoi35iA=
Subject key identifier: 62:35:7D:27:8B:D2:85:47:B7:E9:3C:BA:AD:4C:0D:C2:57:8B:8C:6F
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 018330ADDD28C8B853086D7F35F42B054F59
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/YjV9J4vShUe36Ty6rUwNwleLjG8.roa
Signing time: Mon 12 Sep 2022 07:50:44 +0000
ROA not before: Mon 12 Sep 2022 07:50:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43260
IP address blocks: 94.74.187.0/24 maxlen: 24
109.203.160.0/21 maxlen: 24
37.49.144.0/21 maxlen: 24
94.74.137.0/24 maxlen: 24
94.74.147.0/24 maxlen: 24
94.74.159.0/24 maxlen: 24
94.74.164.0/24 maxlen: 24
94.74.169.0/24 maxlen: 24
176.46.128.0/19 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:30:ad:dd:28:c8:b8:53:08:6d:7f:35:f4:2b:05:4f:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Sep 12 07:50:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=62357d278bd28547b7e93cbaad4c0dc2578b8c6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:0a:74:bf:b0:6e:d6:5c:68:dc:9c:99:15:14:
62:83:41:d7:5d:97:ff:ef:3a:22:d8:ff:7c:b1:dc:
38:42:40:ea:4f:d3:dd:67:d1:e4:ed:a6:58:2b:5c:
0e:e5:87:9f:4e:fe:ea:3d:44:1f:fd:85:02:45:13:
36:d6:63:bb:3b:e2:a3:60:9e:42:9d:37:75:1d:24:
1f:ee:49:6f:cc:f1:9e:1b:7d:d5:77:3f:ba:21:cc:
20:59:2f:da:35:7e:7b:a8:fe:3f:83:96:78:88:a0:
c0:f6:74:6e:81:7c:0b:98:94:30:ca:c3:7a:02:a2:
e5:a7:f7:89:8e:3e:dc:82:60:98:58:21:6b:89:91:
00:33:15:51:5a:36:e9:b2:b1:0b:3a:c6:97:bc:3f:
70:1d:db:ac:25:7a:57:43:c2:74:7d:1a:59:da:c8:
ba:a5:c2:08:ca:a4:25:22:11:27:35:5d:e8:4b:d2:
82:1d:f6:5e:28:04:c8:8d:70:f7:a3:48:0e:ba:fc:
c3:15:42:9a:9a:0f:02:05:73:bf:03:c9:83:86:7b:
8b:3f:8e:e2:8d:6f:d9:71:84:5a:91:96:e6:11:9f:
a7:63:c0:fa:b1:cc:3d:9c:a4:2c:b0:99:94:b2:b2:
50:70:5f:2f:6d:1f:98:95:0e:e2:40:7d:0f:6e:e9:
49:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:35:7D:27:8B:D2:85:47:B7:E9:3C:BA:AD:4C:0D:C2:57:8B:8C:6F
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/YjV9J4vShUe36Ty6rUwNwleLjG8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.49.144.0/21
94.74.137.0/24
94.74.147.0/24
94.74.159.0/24
94.74.164.0/24
94.74.169.0/24
94.74.187.0/24
109.203.160.0/21
176.46.128.0/19
Signature Algorithm: sha256WithRSAEncryption
1f:12:c9:8a:ad:ff:a5:fa:af:ac:38:85:79:fc:b1:1e:68:d9:
3e:99:e0:41:1c:bc:a6:1d:ef:d3:e5:a4:0e:50:da:44:7f:79:
fd:f9:5c:4b:df:95:23:05:cf:aa:e8:50:e2:8f:19:dc:61:d1:
ac:62:f6:6f:7c:e3:24:e5:c0:49:9c:36:f3:e3:c3:71:7d:c4:
61:05:56:9f:75:d4:d3:ab:cb:b2:26:86:44:0b:7c:c1:b7:54:
7c:5f:d9:36:9a:48:bd:db:60:8f:cc:41:1f:73:5a:2b:c3:e9:
bc:cf:6f:c9:ea:08:1d:29:b5:4a:86:f1:4f:fb:c1:a1:46:34:
e9:c3:36:b0:8f:0f:99:04:e7:12:64:53:c3:b2:07:99:3c:d0:
58:7d:0f:46:11:c6:83:39:6d:c0:79:18:dc:e4:cb:15:aa:10:
cd:91:73:09:09:7b:24:1d:2a:66:a5:a7:da:63:d1:76:91:64:
98:e1:b9:50:5c:de:db:81:f3:37:ab:0a:69:d1:3d:2c:8a:2d:
ab:9a:bc:bc:59:3d:9d:c0:75:70:e2:8a:28:c2:47:8b:ff:9f:
1c:ba:a9:aa:f1:8e:54:8b:ef:02:50:06:f0:d3:1b:c1:ff:e9:
33:d3:d9:ef:25:dc:f6:e1:dc:bc:34:c6:37:c4:7f:d2:7d:05:
34:42:e7:ae
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYMwrd0oyLhTCG1/NfQrBU9ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjIwOTEyMDc1MDQ0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjM1N2QyNzhiZDI4NTQ3YjdlOTNjYmFhZDRjMGRjMjU3OGI4YzZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzgp0v7Bu1lxo3JyZFRRig0HXXZf/
7zoi2P98sdw4QkDqT9PdZ9Hk7aZYK1wO5YefTv7qPUQf/YUCRRM21mO7O+KjYJ5C
nTd1HSQf7klvzPGeG33Vdz+6IcwgWS/aNX57qP4/g5Z4iKDA9nRugXwLmJQwysN6
AqLlp/eJjj7cgmCYWCFriZEAMxVRWjbpsrELOsaXvD9wHdusJXpXQ8J0fRpZ2si6
pcIIyqQlIhEnNV3oS9KCHfZeKATIjXD3o0gOuvzDFUKamg8CBXO/A8mDhnuLP47i
jW/ZcYRakZbmEZ+nY8D6scw9nKQssJmUsrJQcF8vbR+YlQ7iQH0PbulJuQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFGI1fSeL0oVHt+k8uq1MDcJXi4xvMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvWWpWOUo0dlNoVWUzNlR5NnJVd053bGVMakc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQDJTGQAwQA
XkqJAwQAXkqTAwQAXkqfAwQAXkqkAwQAXkqpAwQAXkq7AwQDbcugAwQFsC6AMA0G
CSqGSIb3DQEBCwUAA4IBAQAfEsmKrf+l+q+sOIV5/LEeaNk+meBBHLymHe/T5aQO
UNpEf3n9+VxL35UjBc+q6FDijxncYdGsYvZvfOMk5cBJnDbz48NxfcRhBVafddTT
q8uyJoZEC3zBt1R8X9k2mki922CPzEEfc1orw+m8z2/J6ggdKbVKhvFP+8GhRjTp
wzawjw+ZBOcSZFPDsgeZPNBYfQ9GEcaDOW3AeRjc5MsVqhDNkXMJCXskHSpmpafa
Y9F2kWSY4blQXN7bgfM3qwpp0T0sii2rmry8WT2dwHVw4ooowkeL/58cuqmq8Y5U
i+8CUAbw0xvB/+kz09nvJdz24dy8NMY3xH/SfQU0Queu
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:07:50 2025 by rpki-client