Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/iQiaNXOWndOIt1OOtA7yoKLXXuA.roa
File: iQiaNXOWndOIt1OOtA7yoKLXXuA.roa (raw, json)
Hash identifier: gqp/Wcjc61M2mmmqHqv0WpKM/D2uVpnEgj0MsUsCbNw=
Subject key identifier: 89:08:9A:35:73:96:9D:D3:88:B7:53:8E:B4:0E:F2:A0:A2:D7:5E:E0
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 0184C837A4B4785FFAF1CEBDEB0E8C3ABFA6
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/iQiaNXOWndOIt1OOtA7yoKLXXuA.roa
Signing time: Wed 30 Nov 2022 11:06:40 +0000
ROA not before: Wed 30 Nov 2022 11:06:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43350
IP address blocks: 94.74.157.0/24 maxlen: 24
94.74.171.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:c8:37:a4:b4:78:5f:fa:f1:ce:bd:eb:0e:8c:3a:bf:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Nov 30 11:06:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=89089a3573969dd388b7538eb40ef2a0a2d75ee0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:f7:28:5c:a3:30:58:4c:35:12:e9:ee:fd:76:
78:da:f4:e7:cb:88:41:8f:a9:61:bc:15:47:e6:29:
32:cf:fa:ee:f7:12:b9:d0:06:41:f8:04:a8:36:91:
d5:a7:48:ba:a3:b6:97:19:e9:fe:8b:d5:30:31:a8:
a9:7b:98:c5:25:16:80:3c:96:b8:62:4b:04:0f:f0:
7a:8f:14:73:e1:36:18:18:8a:66:f4:38:2e:24:e0:
c1:7a:cd:68:1e:f8:15:c6:9f:2a:b4:9d:57:a7:cd:
01:6d:cd:7c:2c:99:52:c5:04:de:c4:1b:b1:57:70:
49:da:43:81:9d:82:a9:2c:52:f5:1d:a3:50:6b:d4:
8e:5d:04:79:48:61:89:e6:48:e3:f2:20:79:0d:67:
8c:61:e2:06:dc:06:c7:b4:28:e3:ee:3c:f8:c8:67:
98:84:8e:b2:6f:b7:c3:78:94:6e:3d:03:48:86:8c:
97:b5:b5:00:66:ad:6e:16:a1:68:e3:79:de:94:46:
3e:3d:0c:6e:c1:cd:95:87:4b:54:19:c9:7b:90:79:
07:02:2e:e2:b1:85:de:7c:93:77:df:68:dd:e1:d6:
b6:e7:30:12:4e:5d:b6:76:c3:9a:9c:ba:09:ae:b9:
19:e9:45:dd:ad:06:4b:75:b8:4a:64:04:d1:dd:86:
6b:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:08:9A:35:73:96:9D:D3:88:B7:53:8E:B4:0E:F2:A0:A2:D7:5E:E0
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/iQiaNXOWndOIt1OOtA7yoKLXXuA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.74.157.0/24
94.74.171.0/24
Signature Algorithm: sha256WithRSAEncryption
47:9f:10:1c:8d:40:55:55:49:9a:f9:54:d0:b8:03:f0:c8:ec:
1c:c6:87:fd:67:20:aa:6d:b6:f8:6f:cf:d6:a4:68:e8:a4:09:
fc:86:63:37:10:2a:f7:85:03:94:f1:96:c1:52:38:cc:35:73:
79:2f:48:77:4d:70:e9:e5:3d:ca:0c:37:f4:b2:15:19:f6:b1:
78:e1:91:92:a3:66:7b:68:ad:0c:90:f7:6c:87:2a:c5:e4:ac:
7e:11:a8:d4:28:21:bc:69:90:78:cb:78:f1:3d:aa:75:e6:72:
8d:35:d8:95:2d:95:d5:ee:17:52:84:17:78:a4:75:ac:76:7a:
da:09:1b:f4:e4:5a:f0:6b:ab:db:a2:8f:dd:b9:d5:7a:da:90:
cc:d3:6c:73:7c:07:81:63:9d:a9:72:41:11:92:4e:6d:ca:cf:
31:f1:f8:7d:5c:8f:e2:a4:59:9d:44:f6:8c:d5:5e:75:da:c0:
bd:37:d8:d9:10:4b:ac:36:c5:0d:e5:14:02:45:99:7e:63:16:
2e:da:8d:25:c8:c7:a1:18:f8:ae:63:c5:9c:cd:b7:5b:50:5c:
d7:be:05:0e:da:10:ee:90:a1:50:b7:d8:26:1b:d6:44:b8:75:
ac:ac:12:e8:2c:15:d6:33:16:6b:92:fc:5b:13:15:69:0c:59:
c4:3e:92:61
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYTIN6S0eF/68c696w6MOr+mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjIxMTMwMTEwNjQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTA4OWEzNTczOTY5ZGQzODhiNzUzOGViNDBlZjJhMGEyZDc1ZWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjfcoXKMwWEw1Eunu/XZ42vTny4hB
j6lhvBVH5ikyz/ru9xK50AZB+ASoNpHVp0i6o7aXGen+i9UwMaipe5jFJRaAPJa4
YksED/B6jxRz4TYYGIpm9DguJODBes1oHvgVxp8qtJ1Xp80Bbc18LJlSxQTexBux
V3BJ2kOBnYKpLFL1HaNQa9SOXQR5SGGJ5kjj8iB5DWeMYeIG3AbHtCjj7jz4yGeY
hI6yb7fDeJRuPQNIhoyXtbUAZq1uFqFo43nelEY+PQxuwc2Vh0tUGcl7kHkHAi7i
sYXefJN332jd4da25zASTl22dsOanLoJrrkZ6UXdrQZLdbhKZATR3YZrYQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIkImjVzlp3TiLdTjrQO8qCi117gMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvaVFpYU5YT1duZE9JdDFPT3RBN3lvS0xYWHVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAXkqdAwQA
XkqrMA0GCSqGSIb3DQEBCwUAA4IBAQBHnxAcjUBVVUma+VTQuAPwyOwcxof9ZyCq
bbb4b8/WpGjopAn8hmM3ECr3hQOU8ZbBUjjMNXN5L0h3TXDp5T3KDDf0shUZ9rF4
4ZGSo2Z7aK0MkPdshyrF5Kx+EajUKCG8aZB4y3jxPap15nKNNdiVLZXV7hdShBd4
pHWsdnraCRv05Frwa6vboo/dudV62pDM02xzfAeBY52pckERkk5tys8x8fh9XI/i
pFmdRPaM1V512sC9N9jZEEusNsUN5RQCRZl+YxYu2o0lyMehGPiuY8WczbdbUFzX
vgUO2hDukKFQt9gmG9ZEuHWsrBLoLBXWMxZrkvxbExVpDFnEPpJh
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:01:38 2025 by rpki-client