Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/owVoWGEhwR-hp5O8YizPKxGvKm4.roa
File: owVoWGEhwR-hp5O8YizPKxGvKm4.roa (raw, json)
Hash identifier: dOtzgxpbq1OJFYvhaJkvw3vL0UyBtx4sRkvPU3ta6wk=
Subject key identifier: A3:05:68:58:61:21:C1:1F:A1:A7:93:BC:62:2C:CF:2B:11:AF:2A:6E
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 018466C11DE6C127CD6F6B0020E847489095
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/owVoWGEhwR-hp5O8YizPKxGvKm4.roa
Signing time: Fri 11 Nov 2022 12:54:02 +0000
ROA not before: Fri 11 Nov 2022 12:54:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44208
IP address blocks: 94.74.190.0/24 maxlen: 24
109.203.160.0/19 maxlen: 24
37.49.148.0/22 maxlen: 24
94.74.128.0/18 maxlen: 24
94.74.136.0/24 maxlen: 24
31.170.48.0/20 maxlen: 24
185.34.160.0/22 maxlen: 24
94.74.165.0/24 maxlen: 24
94.74.166.0/23 maxlen: 23
176.46.128.0/19 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:66:c1:1d:e6:c1:27:cd:6f:6b:00:20:e8:47:48:90:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Nov 11 12:54:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a30568586121c11fa1a793bc622ccf2b11af2a6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:27:2d:fd:43:c9:01:5e:4d:63:d7:87:9f:88:
6f:f6:16:d2:fd:a6:45:80:db:f5:8c:d3:00:ad:7e:
7c:f4:e6:d8:9a:3e:2a:37:4c:cb:d2:b2:08:28:2d:
9e:15:89:ae:6c:e6:3c:b0:85:91:2f:8a:cc:10:ca:
17:b5:a1:a2:df:73:af:cc:3b:ee:ad:9e:b4:3b:2c:
01:74:db:63:ea:42:89:ea:a4:41:0c:77:44:63:dc:
53:26:7e:52:1a:dd:a3:2c:65:dd:4f:4d:93:44:bc:
f5:af:bc:27:d1:09:f8:e9:55:69:9d:36:9a:f0:4e:
11:74:5d:31:15:3b:a2:f2:23:d6:a7:ea:ff:34:43:
24:8e:50:13:57:9d:c8:18:6a:c4:4d:e8:b6:0b:dc:
58:38:0a:74:2a:21:d9:f2:ea:bd:a3:86:b2:07:f6:
95:e8:55:d4:1b:2a:5b:3e:02:b9:71:27:09:b5:ae:
40:47:40:25:62:5f:db:c4:d6:f9:5a:48:7d:40:b3:
cd:33:b4:29:a8:9e:43:57:30:5e:b4:d6:48:5f:a6:
fe:4a:d7:be:a2:59:58:e8:b6:2f:b9:a4:1e:d0:b7:
67:d0:b7:e9:53:c7:4f:73:87:02:8d:d0:6e:df:7a:
90:ec:04:a9:92:f3:91:df:3f:1a:b0:5c:aa:39:d9:
c9:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:05:68:58:61:21:C1:1F:A1:A7:93:BC:62:2C:CF:2B:11:AF:2A:6E
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/owVoWGEhwR-hp5O8YizPKxGvKm4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.170.48.0/20
37.49.148.0/22
94.74.128.0/18
109.203.160.0/19
176.46.128.0/19
185.34.160.0/22
Signature Algorithm: sha256WithRSAEncryption
a7:1f:e9:f3:15:41:d5:92:8a:50:dc:0b:c0:b0:a1:17:83:1e:
2e:f4:62:bf:9d:c4:7f:d9:a6:50:08:b4:e0:77:af:fa:bb:26:
a0:de:8e:49:41:d6:a6:8d:3f:e8:f2:5a:9b:03:c9:df:7b:9f:
3d:8a:18:fb:b4:25:28:81:e4:02:d3:32:f1:78:a7:bb:3c:7c:
87:c2:67:cb:10:de:5e:f0:6a:b9:2c:60:dc:22:54:0a:0d:a8:
b4:72:d6:07:00:f0:48:50:2f:51:89:e0:f1:2c:67:21:3e:6b:
76:4b:5f:d9:d0:98:a0:7b:b9:9e:67:cc:0b:6a:e4:05:a6:eb:
59:cd:a7:af:e2:bb:33:52:4e:21:9d:f3:b0:31:25:c6:c5:db:
a6:57:58:af:f5:42:fe:60:79:52:3b:d0:d5:41:07:c6:c1:ee:
99:8b:6a:e8:31:35:92:9c:20:36:8d:63:ca:94:98:c1:16:e4:
09:49:d3:58:98:d7:ae:2b:e0:b5:3e:ab:a4:7e:95:7d:e2:3a:
8f:46:9b:00:cd:ca:74:e8:cd:db:5b:66:11:71:e5:c0:d0:f1:
0b:45:79:f8:1f:d0:6f:16:9b:51:58:b0:fd:7e:a9:17:72:bc:
ea:97:56:d5:97:5d:90:0f:b3:d5:eb:cd:39:a6:97:01:bb:ce:
28:eb:2f:96
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYRmwR3mwSfNb2sAIOhHSJCVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjIxMTExMTI1NDAyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzA1Njg1ODYxMjFjMTFmYTFhNzkzYmM2MjJjY2YyYjExYWYyYTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkCct/UPJAV5NY9eHn4hv9hbS/aZF
gNv1jNMArX589ObYmj4qN0zL0rIIKC2eFYmubOY8sIWRL4rMEMoXtaGi33OvzDvu
rZ60OywBdNtj6kKJ6qRBDHdEY9xTJn5SGt2jLGXdT02TRLz1r7wn0Qn46VVpnTaa
8E4RdF0xFTui8iPWp+r/NEMkjlATV53IGGrETei2C9xYOAp0KiHZ8uq9o4ayB/aV
6FXUGypbPgK5cScJta5AR0AlYl/bxNb5Wkh9QLPNM7QpqJ5DVzBetNZIX6b+Ste+
ollY6LYvuaQe0Ldn0LfpU8dPc4cCjdBu33qQ7ASpkvOR3z8asFyqOdnJWwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFKMFaFhhIcEfoaeTvGIszysRrypuMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvb3dWb1dHRWh3Ui1ocDVPOFlpelBLeEd2S200LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQEH6owAwQC
JTGUAwQGXkqAAwQFbcugAwQFsC6AAwQCuSKgMA0GCSqGSIb3DQEBCwUAA4IBAQCn
H+nzFUHVkopQ3AvAsKEXgx4u9GK/ncR/2aZQCLTgd6/6uyag3o5JQdamjT/o8lqb
A8nfe589ihj7tCUogeQC0zLxeKe7PHyHwmfLEN5e8Gq5LGDcIlQKDai0ctYHAPBI
UC9RieDxLGchPmt2S1/Z0Jige7meZ8wLauQFputZzaev4rszUk4hnfOwMSXGxdum
V1iv9UL+YHlSO9DVQQfGwe6Zi2roMTWSnCA2jWPKlJjBFuQJSdNYmNeuK+C1Pquk
fpV94jqPRpsAzcp06M3bW2YRceXA0PELRXn4H9BvFptRWLD9fqkXcrzql1bVl12Q
D7PV6805ppcBu84o6y+W
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:05:12 2025 by rpki-client