Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/_kWov9twDuZplvtoXcZzgbFjUmw.roa
File: _kWov9twDuZplvtoXcZzgbFjUmw.roa (raw, json)
Hash identifier: hiquvtIO9PdscV482X69yMhFcyeLn6KJMPK3kvmZM2I=
Subject key identifier: FE:45:A8:BF:DB:70:0E:E6:69:96:FB:68:5D:C6:73:81:B1:63:52:6C
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 0188A989ABDEADCF24FA77CCAACF476759E2
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/_kWov9twDuZplvtoXcZzgbFjUmw.roa
Signing time: Sun 11 Jun 2023 08:19:11 +0000
ROA not before: Sun 11 Jun 2023 08:19:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44208
IP address blocks: 94.74.190.0/24 maxlen: 24
176.46.144.0/20 maxlen: 24
109.203.168.0/21 maxlen: 24
109.203.176.0/20 maxlen: 24
94.74.128.0/18 maxlen: 24
94.74.136.0/24 maxlen: 24
94.74.152.0/22 maxlen: 24
31.170.48.0/20 maxlen: 24
94.74.165.0/24 maxlen: 24
185.34.160.0/22 maxlen: 24
94.74.166.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:a9:89:ab:de:ad:cf:24:fa:77:cc:aa:cf:47:67:59:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Jun 11 08:19:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fe45a8bfdb700ee66996fb685dc67381b163526c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:dc:0e:cf:0b:51:2c:0c:76:cf:df:93:49:f7:
a5:eb:cb:5e:73:47:6a:31:3f:fc:eb:08:72:0b:58:
e0:70:39:45:be:9b:8c:af:cc:bd:1e:22:a0:ba:5e:
c7:ad:9d:12:d6:65:a3:e8:bc:cb:79:76:5c:8e:2b:
de:8b:aa:23:54:49:6b:7a:aa:5d:d7:e0:24:b4:4c:
c5:d5:7a:c3:63:fe:5b:9d:df:c0:4a:d2:3d:7f:6d:
22:74:c6:14:62:a2:90:b2:0e:a9:a3:d8:8a:eb:47:
a4:34:3f:d3:79:f5:6f:a9:1d:04:9d:ed:76:c0:0e:
45:c5:df:16:d1:bd:aa:99:b5:98:ad:a3:b2:49:27:
65:6d:16:4c:3b:88:74:17:0c:ba:48:90:8c:55:3c:
cd:a3:45:c9:f6:d3:bb:40:40:9c:86:5e:e3:ae:4d:
ed:a1:9a:13:9f:31:50:df:d7:f6:95:63:4e:2f:82:
69:37:44:d3:78:9d:b0:44:77:d2:25:46:0b:d5:8d:
d2:06:db:aa:41:f5:f6:7e:2d:3a:39:58:b3:2f:51:
29:fb:8f:e9:14:1c:f6:68:6d:dd:a0:6d:28:ca:57:
fe:19:d0:c7:08:fa:4e:04:8b:5a:51:88:9d:ca:91:
fd:fd:fd:2d:3a:26:13:67:5a:ee:ee:5d:08:59:3c:
bd:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:45:A8:BF:DB:70:0E:E6:69:96:FB:68:5D:C6:73:81:B1:63:52:6C
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/_kWov9twDuZplvtoXcZzgbFjUmw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.170.48.0/20
94.74.128.0/18
109.203.168.0-109.203.191.255
176.46.144.0/20
185.34.160.0/22
Signature Algorithm: sha256WithRSAEncryption
44:14:58:5a:ba:75:79:e7:c7:e0:56:99:8e:a4:08:0d:de:4b:
2e:0e:9e:18:5e:d3:25:b5:80:37:ef:f0:b9:36:0e:27:ce:ff:
b4:8d:ba:92:51:db:e5:47:c7:3a:a4:7d:6b:7a:cb:8a:a1:26:
23:e4:27:be:e4:5f:f4:b3:dd:05:c4:e0:5e:d9:69:3a:e4:59:
7c:8c:27:a9:6d:9a:e3:52:37:ba:d6:62:7e:29:e2:d3:e0:88:
f8:49:fa:f5:ef:bd:ca:4e:31:ff:18:22:31:20:15:aa:fc:6f:
de:4f:4d:58:3f:22:15:a6:0f:f7:21:e5:d3:3e:27:87:17:d9:
6a:f4:ef:74:f5:f5:9e:20:d9:0e:6e:4a:8b:c2:64:44:4b:61:
f2:de:ac:ef:2e:0b:28:9b:e7:29:6c:1c:c9:5e:c5:58:a5:fa:
31:18:92:d0:23:80:d9:a6:47:c1:9c:c7:de:ce:3b:ab:74:a6:
fa:2f:91:44:1f:53:31:48:f9:4d:e8:cd:1b:98:09:3a:e1:7b:
d1:a2:2f:c2:af:15:c8:9e:88:fb:f2:0a:ac:29:d3:62:89:0c:
5d:3c:6b:65:ab:25:41:f9:be:88:c3:8b:ce:1c:ee:34:63:83:
26:00:9b:3e:93:ad:e8:9e:01:f9:c0:81:4f:35:1d:97:f2:19:
5b:3c:a4:52
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYipiaverc8k+nfMqs9HZ1niMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjMwNjExMDgxOTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTQ1YThiZmRiNzAwZWU2Njk5NmZiNjg1ZGM2NzM4MWIxNjM1MjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxtwOzwtRLAx2z9+TSfel68tec0dq
MT/86whyC1jgcDlFvpuMr8y9HiKgul7HrZ0S1mWj6LzLeXZcjivei6ojVElreqpd
1+AktEzF1XrDY/5bnd/AStI9f20idMYUYqKQsg6po9iK60ekND/TefVvqR0Ene12
wA5Fxd8W0b2qmbWYraOySSdlbRZMO4h0Fwy6SJCMVTzNo0XJ9tO7QECchl7jrk3t
oZoTnzFQ39f2lWNOL4JpN0TTeJ2wRHfSJUYL1Y3SBtuqQfX2fi06OVizL1Ep+4/p
FBz2aG3doG0oylf+GdDHCPpOBItaUYidypH9/f0tOiYTZ1ru7l0IWTy9swIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFP5FqL/bcA7maZb7aF3Gc4GxY1JsMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvX2tXb3Y5dHdEdVpwbHZ0b1hjWnpnYkZqVW13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQEH6owAwQG
XkqAMAwDBANty6gDBAZty4ADBASwLpADBAK5IqAwDQYJKoZIhvcNAQELBQADggEB
AEQUWFq6dXnnx+BWmY6kCA3eSy4Onhhe0yW1gDfv8Lk2DifO/7SNupJR2+VHxzqk
fWt6y4qhJiPkJ77kX/Sz3QXE4F7ZaTrkWXyMJ6ltmuNSN7rWYn4p4tPgiPhJ+vXv
vcpOMf8YIjEgFar8b95PTVg/IhWmD/ch5dM+J4cX2Wr073T19Z4g2Q5uSovCZERL
YfLerO8uCyib5ylsHMlexVil+jEYktAjgNmmR8Gcx97OO6t0pvovkUQfUzFI+U3o
zRuYCTrhe9GiL8KvFcieiPvyCqwp02KJDF08a2WrJUH5vojDi84c7jRjgyYAmz6T
reieAfnAgU81HZfyGVs8pFI=
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:57:11 2025 by rpki-client