Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/_iECFHy7gH6-ZFEPFgEgD1F6f-k.roa
File: _iECFHy7gH6-ZFEPFgEgD1F6f-k.roa (raw, json)
Hash identifier: vtd1+LaboiK1mCfRN/uTeapOnzaIVOD80CpZznQ+IAw=
Subject key identifier: FE:21:02:14:7C:BB:80:7E:BE:64:51:0F:16:01:20:0F:51:7A:7F:E9
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 01885B56F246B48F38BC3F9447B861529E9F
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/_iECFHy7gH6-ZFEPFgEgD1F6f-k.roa
Signing time: Sat 27 May 2023 03:53:24 +0000
ROA not before: Sat 27 May 2023 03:53:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44208
IP address blocks: 94.74.190.0/24 maxlen: 24
176.46.144.0/20 maxlen: 24
109.203.168.0/21 maxlen: 24
109.203.176.0/21 maxlen: 24
109.203.184.0/21 maxlen: 24
94.74.128.0/18 maxlen: 24
94.74.136.0/24 maxlen: 24
94.74.152.0/22 maxlen: 24
31.170.48.0/20 maxlen: 24
94.74.165.0/24 maxlen: 24
185.34.160.0/22 maxlen: 24
94.74.166.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:5b:56:f2:46:b4:8f:38:bc:3f:94:47:b8:61:52:9e:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: May 27 03:53:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fe2102147cbb807ebe64510f1601200f517a7fe9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:8a:c0:b3:70:bd:17:d7:85:4b:2a:27:2c:e9:
a3:37:80:98:91:9f:36:8f:c2:3d:02:4f:04:97:90:
8c:ab:65:6f:4e:0b:88:9e:d7:dc:37:74:db:54:3e:
56:84:95:c1:d2:38:38:5c:fc:7f:86:ec:8d:aa:c8:
70:b8:e8:0d:f2:a7:6b:9b:e6:2c:4c:51:ca:3e:8d:
04:df:96:88:8e:19:18:18:22:8c:99:02:ae:bb:11:
bb:5c:dc:c9:f9:27:ea:05:40:cd:51:b5:76:2c:a6:
bd:00:f2:a0:3c:19:55:6a:68:12:5b:07:94:5a:d9:
2b:41:49:c6:b5:79:4f:a5:03:52:5f:d6:6d:e6:88:
5a:01:a0:3f:33:b1:ac:f3:92:3f:db:fb:e3:f7:93:
8a:5d:52:1e:8d:50:57:09:03:a3:50:55:87:2f:ff:
ca:88:f5:77:ca:25:3b:b8:2b:b5:34:94:00:65:78:
cd:fb:2d:69:2d:98:eb:f9:98:9f:8d:4d:c4:22:2c:
34:26:e7:4f:39:b9:95:61:96:e4:9f:36:02:d8:e2:
84:1b:c7:c9:81:81:e5:7d:71:06:40:de:a3:9d:fa:
95:88:f9:37:49:59:b9:20:38:1d:5f:b1:16:9f:a8:
f4:50:49:51:ec:c0:35:75:d3:90:c6:2a:b3:16:dd:
4c:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:21:02:14:7C:BB:80:7E:BE:64:51:0F:16:01:20:0F:51:7A:7F:E9
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/_iECFHy7gH6-ZFEPFgEgD1F6f-k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.170.48.0/20
94.74.128.0/18
109.203.168.0-109.203.191.255
176.46.144.0/20
185.34.160.0/22
Signature Algorithm: sha256WithRSAEncryption
8b:86:65:3d:f5:76:5a:17:43:c0:ea:df:94:41:11:74:2f:a1:
08:4d:81:74:db:2e:58:39:03:8d:85:8c:66:56:97:e2:be:05:
06:7d:80:25:ff:f2:2e:f1:e2:45:f3:1e:b8:ad:b6:05:a7:25:
46:f4:c2:b1:ed:61:87:b9:63:f9:1a:3c:a4:60:3f:57:24:e0:
76:29:fa:22:f1:65:46:fd:d7:13:7e:9f:0d:60:c1:5b:3a:57:
95:6d:64:2e:d1:dc:03:c2:d2:72:28:ad:5f:c7:c9:31:72:97:
c5:5f:ce:cf:28:5b:4e:5a:c2:25:f1:d7:92:72:58:48:e8:c0:
da:aa:cd:3d:51:c1:22:c6:78:fd:cc:9d:db:05:89:3d:cd:2f:
91:02:b5:56:ec:34:67:7a:cf:a7:51:96:6f:59:6e:39:74:10:
4a:31:bd:3d:a6:ed:76:8b:9b:e7:bc:ed:02:96:70:e3:8f:92:
9a:22:2c:61:5a:91:7c:16:62:47:52:a9:81:28:4b:59:8d:bb:
f9:2d:a1:6c:7d:e9:d0:21:aa:1c:14:d3:8c:cf:b3:bb:e3:f4:
37:ac:0d:d8:4f:84:83:49:f2:e8:e6:5b:4d:1b:41:98:36:7a:
74:65:92:78:83:83:5a:a6:01:68:53:3b:d6:7c:f0:33:15:b0:
5c:1a:e0:22
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYhbVvJGtI84vD+UR7hhUp6fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjMwNTI3MDM1MzI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTIxMDIxNDdjYmI4MDdlYmU2NDUxMGYxNjAxMjAwZjUxN2E3ZmU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1YrAs3C9F9eFSyonLOmjN4CYkZ82
j8I9Ak8El5CMq2VvTguIntfcN3TbVD5WhJXB0jg4XPx/huyNqshwuOgN8qdrm+Ys
TFHKPo0E35aIjhkYGCKMmQKuuxG7XNzJ+SfqBUDNUbV2LKa9APKgPBlVamgSWweU
WtkrQUnGtXlPpQNSX9Zt5ohaAaA/M7Gs85I/2/vj95OKXVIejVBXCQOjUFWHL//K
iPV3yiU7uCu1NJQAZXjN+y1pLZjr+ZifjU3EIiw0JudPObmVYZbknzYC2OKEG8fJ
gYHlfXEGQN6jnfqViPk3SVm5IDgdX7EWn6j0UElR7MA1ddOQxiqzFt1MIQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFP4hAhR8u4B+vmRRDxYBIA9Ren/pMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvX2lFQ0ZIeTdnSDYtWkZFUEZnRWdEMUY2Zi1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQEH6owAwQG
XkqAMAwDBANty6gDBAZty4ADBASwLpADBAK5IqAwDQYJKoZIhvcNAQELBQADggEB
AIuGZT31dloXQ8Dq35RBEXQvoQhNgXTbLlg5A42FjGZWl+K+BQZ9gCX/8i7x4kXz
HrittgWnJUb0wrHtYYe5Y/kaPKRgP1ck4HYp+iLxZUb91xN+nw1gwVs6V5VtZC7R
3APC0nIorV/HyTFyl8Vfzs8oW05awiXx15JyWEjowNqqzT1RwSLGeP3MndsFiT3N
L5ECtVbsNGd6z6dRlm9Zbjl0EEoxvT2m7XaLm+e87QKWcOOPkpoiLGFakXwWYkdS
qYEoS1mNu/ktoWx96dAhqhwU04zPs7vj9DesDdhPhINJ8ujmW00bQZg2enRlkniD
g1qmAWhTO9Z88DMVsFwa4CI=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:03:23 2025 by rpki-client