Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/lLJz_4wfSZOiFbmaib0gsZRmKSI.roa
File: lLJz_4wfSZOiFbmaib0gsZRmKSI.roa (raw, json)
Hash identifier: XeGHk5h/5hQq0j3hjJpuyHapOXuYlWPys/PWOXGbBP4=
Subject key identifier: 94:B2:73:FF:8C:1F:49:93:A2:15:B9:9A:89:BD:20:B1:94:66:29:22
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 0188425DD26E61A5D12B3664C15F017C9533
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/lLJz_4wfSZOiFbmaib0gsZRmKSI.roa
Signing time: Mon 22 May 2023 07:30:24 +0000
ROA not before: Mon 22 May 2023 07:30:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44208
IP address blocks: 176.46.144.0/20 maxlen: 24
94.74.128.0/18 maxlen: 24
31.170.48.0/20 maxlen: 24
185.34.160.0/22 maxlen: 24
94.74.190.0/24 maxlen: 24
109.203.168.0/21 maxlen: 24
109.203.176.0/21 maxlen: 24
109.203.184.0/21 maxlen: 24
94.74.136.0/24 maxlen: 24
94.74.152.0/22 maxlen: 24
94.74.165.0/24 maxlen: 24
94.74.168.0/24 maxlen: 24
94.74.166.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:42:5d:d2:6e:61:a5:d1:2b:36:64:c1:5f:01:7c:95:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: May 22 07:30:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=94b273ff8c1f4993a215b99a89bd20b194662922
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:f0:a7:34:99:ac:6a:ec:d7:d3:12:6f:27:bc:
0b:d1:17:d2:a1:bb:a7:90:d2:23:0a:f0:86:41:85:
2c:1e:d0:22:7f:86:ca:d7:8c:11:4c:2c:45:4b:88:
a7:d3:88:33:18:51:86:e0:35:39:31:2b:bb:d0:b2:
23:19:3f:fd:a7:4c:14:fa:9a:8e:f4:09:44:80:d1:
21:30:3f:80:1f:8f:e0:2b:5f:0f:41:7e:36:78:79:
f4:0f:1d:a7:40:97:24:04:ae:e0:04:77:8c:f9:4d:
79:9e:2d:32:f0:5c:38:b5:c1:40:cb:46:90:f8:2b:
78:f2:e9:ba:59:05:54:5a:bc:05:f9:9c:69:34:2e:
1f:43:59:d7:b3:5b:b4:d5:26:65:b3:cd:4f:bc:71:
32:7b:05:22:5d:0d:e5:7c:01:3c:c2:9a:73:f1:1b:
5e:29:b1:3c:a6:39:75:0a:a7:76:d5:ec:96:90:ed:
3b:70:75:8b:5d:af:8f:83:5e:5e:bc:44:8d:2d:98:
b1:c6:86:f6:fe:45:73:81:48:03:66:d6:f0:2c:9d:
5c:90:2b:a9:06:1d:85:c1:b1:7f:28:9a:90:1d:aa:
57:63:3e:87:c0:ef:2f:4a:3a:92:fd:b7:56:70:a5:
c1:18:00:5e:43:a7:09:49:67:c7:e4:fe:a6:fc:18:
05:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:B2:73:FF:8C:1F:49:93:A2:15:B9:9A:89:BD:20:B1:94:66:29:22
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/lLJz_4wfSZOiFbmaib0gsZRmKSI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.170.48.0/20
94.74.128.0/18
109.203.168.0-109.203.191.255
176.46.144.0/20
185.34.160.0/22
Signature Algorithm: sha256WithRSAEncryption
02:3c:81:00:6d:38:63:2b:1f:49:41:25:8a:35:24:21:0a:71:
bc:8a:49:7e:20:30:b1:fe:58:16:f2:7a:d6:1b:80:1d:a1:ec:
0c:7b:8e:a0:d0:d5:df:98:9d:79:ed:e5:6e:a6:bc:1e:f2:5e:
82:e0:89:96:98:b6:29:31:fb:d5:7e:2f:4b:f5:32:06:7c:b6:
25:1e:f4:30:3a:f0:fd:54:64:9d:3c:8a:9d:02:af:2c:98:74:
8c:12:82:c2:c2:cd:49:50:76:82:e8:24:61:11:5a:fb:b9:05:
04:84:fb:e2:3b:f8:dc:b1:f9:79:dd:18:ec:1c:f9:2d:f5:72:
30:e6:8f:2d:45:aa:72:ee:9c:26:95:7d:ad:f7:6e:4d:ae:26:
b9:ef:b0:8f:d2:94:30:c4:46:fe:b4:b9:4f:d0:38:f2:89:6c:
57:f0:cd:1e:4c:d3:02:7d:c5:95:3b:e4:3b:d3:35:3e:af:0b:
84:5c:b9:31:4d:8a:a3:3e:4d:c1:2d:e7:93:92:00:13:c7:45:
6d:c1:d2:68:21:ad:8f:ae:37:4e:6e:97:75:d8:f9:c0:f6:b0:
5d:ec:e8:57:7b:2a:96:7a:c7:31:e3:e0:c7:a2:c1:74:ec:10:
2c:3a:47:c5:1f:f5:4b:2c:58:91:2c:ea:0e:f4:5e:bc:cf:3e:
9a:ca:a9:63
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYhCXdJuYaXRKzZkwV8BfJUzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjMwNTIyMDczMDI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGIyNzNmZjhjMWY0OTkzYTIxNWI5OWE4OWJkMjBiMTk0NjYyOTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj/CnNJmsauzX0xJvJ7wL0RfSobun
kNIjCvCGQYUsHtAif4bK14wRTCxFS4in04gzGFGG4DU5MSu70LIjGT/9p0wU+pqO
9AlEgNEhMD+AH4/gK18PQX42eHn0Dx2nQJckBK7gBHeM+U15ni0y8Fw4tcFAy0aQ
+Ct48um6WQVUWrwF+ZxpNC4fQ1nXs1u01SZls81PvHEyewUiXQ3lfAE8wppz8Rte
KbE8pjl1Cqd21eyWkO07cHWLXa+Pg15evESNLZixxob2/kVzgUgDZtbwLJ1ckCup
Bh2FwbF/KJqQHapXYz6HwO8vSjqS/bdWcKXBGABeQ6cJSWfH5P6m/BgFAQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFJSyc/+MH0mTohW5mom9ILGUZikiMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvbExKel80d2ZTWk9pRmJtYWliMGdzWlJtS1NJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQEH6owAwQG
XkqAMAwDBANty6gDBAZty4ADBASwLpADBAK5IqAwDQYJKoZIhvcNAQELBQADggEB
AAI8gQBtOGMrH0lBJYo1JCEKcbyKSX4gMLH+WBbyetYbgB2h7Ax7jqDQ1d+YnXnt
5W6mvB7yXoLgiZaYtikx+9V+L0v1MgZ8tiUe9DA68P1UZJ08ip0CryyYdIwSgsLC
zUlQdoLoJGERWvu5BQSE++I7+Nyx+XndGOwc+S31cjDmjy1FqnLunCaVfa33bk2u
JrnvsI/SlDDERv60uU/QOPKJbFfwzR5M0wJ9xZU75DvTNT6vC4RcuTFNiqM+TcEt
55OSABPHRW3B0mghrY+uN05ul3XY+cD2sF3s6Fd7KpZ6xzHj4MeiwXTsECw6R8Uf
9UssWJEs6g70XrzPPprKqWM=
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:59:23 2025 by rpki-client