Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/rgJutJjs0K0ujBvwTGQRaxpvG_U.roa
File: rgJutJjs0K0ujBvwTGQRaxpvG_U.roa (raw, json)
Hash identifier: 2uqsPJ/1fieLn0j/aNnGOVqtM2f1g3KA7kUOonQWvQY=
Subject key identifier: AE:02:6E:B4:98:EC:D0:AD:2E:8C:1B:F0:4C:64:11:6B:1A:6F:1B:F5
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 01847AC81790103F2B47C9860A813CFDD137
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/rgJutJjs0K0ujBvwTGQRaxpvG_U.roa
Signing time: Tue 15 Nov 2022 10:14:04 +0000
ROA not before: Tue 15 Nov 2022 10:14:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44208
IP address blocks: 94.74.190.0/24 maxlen: 24
109.203.160.0/19 maxlen: 24
94.74.128.0/18 maxlen: 24
94.74.136.0/24 maxlen: 24
31.170.48.0/20 maxlen: 24
185.34.160.0/22 maxlen: 24
94.74.165.0/24 maxlen: 24
94.74.166.0/23 maxlen: 23
176.46.128.0/19 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:7a:c8:17:90:10:3f:2b:47:c9:86:0a:81:3c:fd:d1:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Nov 15 10:14:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ae026eb498ecd0ad2e8c1bf04c64116b1a6f1bf5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:f0:e5:d7:db:fe:98:d3:53:92:19:e4:c9:af:
8a:43:44:db:8b:6f:e9:f0:3f:91:13:e4:40:7e:8f:
b4:92:57:ea:a7:b8:de:92:92:fe:70:f1:ed:7c:4e:
fb:2c:1e:2c:c6:58:23:5d:0a:77:56:28:30:60:9e:
69:b8:b5:9b:6c:a2:c1:13:15:f8:e9:5b:a5:b7:05:
c5:d9:62:2e:32:15:cd:32:fd:58:6a:56:40:65:71:
88:e7:6d:36:a4:95:df:9c:3f:30:b1:b8:65:ba:9b:
05:86:99:8a:f8:06:84:65:0b:c2:88:c2:94:1e:02:
36:29:5a:cb:68:0f:c5:f3:79:a2:4b:50:df:25:09:
02:85:a5:bf:21:09:f6:b1:12:d1:fe:b1:c1:ce:06:
06:3b:56:7b:fb:8e:18:5b:47:f1:4b:e6:74:d6:32:
33:a0:21:f6:42:6b:67:7b:49:b1:8a:44:fd:38:5e:
f2:86:6d:b2:96:3a:e9:74:33:8a:6e:12:c2:41:9b:
99:9b:d7:ac:9b:9c:55:9a:8b:3c:19:8b:6b:d8:9e:
ea:3d:14:1b:f8:e0:25:79:a0:c4:5f:5d:02:ae:02:
ce:df:f6:d1:af:48:fa:87:a9:7d:7b:72:be:90:94:
7e:cf:bb:a9:8e:c1:77:fc:3a:38:b9:8e:e5:97:f1:
b7:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:02:6E:B4:98:EC:D0:AD:2E:8C:1B:F0:4C:64:11:6B:1A:6F:1B:F5
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/rgJutJjs0K0ujBvwTGQRaxpvG_U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.170.48.0/20
94.74.128.0/18
109.203.160.0/19
176.46.128.0/19
185.34.160.0/22
Signature Algorithm: sha256WithRSAEncryption
82:c1:5f:e9:e7:02:c7:32:a4:0e:c5:0d:4a:7e:b9:4c:fc:98:
63:9a:34:33:ea:59:35:99:11:71:d3:f9:dd:ce:e5:64:8e:82:
c2:25:f8:68:29:9e:a2:df:1d:34:61:f4:f5:8e:d9:7e:fc:51:
a5:1b:68:34:19:e5:86:6c:a0:10:9b:b2:52:4e:3a:70:52:c5:
78:86:59:f9:5b:67:d0:0d:73:fb:e7:d6:63:7e:ee:7b:df:b9:
b2:b1:50:7f:00:01:ac:8d:f3:69:5b:ad:87:2c:db:e4:8b:b3:
30:c0:7b:76:a0:ee:3c:4d:b3:1f:48:2e:32:29:40:93:90:6a:
92:4d:ae:f0:97:60:21:3b:69:f3:92:77:99:29:ca:8c:74:53:
40:6f:da:57:a1:22:d2:db:56:ac:ee:ce:d1:7d:0d:6c:7a:7b:
39:a5:7a:e3:e1:fa:17:bf:a8:cd:3c:8e:b2:b6:48:5c:21:40:
28:f5:9a:7e:fe:3a:d0:6e:cf:36:fa:0b:07:0f:84:0e:a8:a1:
86:70:db:27:20:c1:f1:33:aa:6d:5c:ff:07:dd:5d:22:f0:97:
93:44:59:62:b8:d1:84:3f:5a:98:23:b3:3f:32:cf:2b:1c:26:
56:19:82:7a:22:b5:85:df:2d:8c:c5:c1:40:7e:5b:93:06:a2:
86:26:25:36
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYR6yBeQED8rR8mGCoE8/dE3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjIxMTE1MTAxNDA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTAyNmViNDk4ZWNkMGFkMmU4YzFiZjA0YzY0MTE2YjFhNmYxYmY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo/Dl19v+mNNTkhnkya+KQ0Tbi2/p
8D+RE+RAfo+0klfqp7jekpL+cPHtfE77LB4sxlgjXQp3VigwYJ5puLWbbKLBExX4
6VultwXF2WIuMhXNMv1YalZAZXGI5202pJXfnD8wsbhlupsFhpmK+AaEZQvCiMKU
HgI2KVrLaA/F83miS1DfJQkChaW/IQn2sRLR/rHBzgYGO1Z7+44YW0fxS+Z01jIz
oCH2Qmtne0mxikT9OF7yhm2yljrpdDOKbhLCQZuZm9esm5xVmos8GYtr2J7qPRQb
+OAleaDEX10CrgLO3/bRr0j6h6l9e3K+kJR+z7upjsF3/Do4uY7ll/G3PwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFK4CbrSY7NCtLowb8ExkEWsabxv1MB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvcmdKdXRKanMwSzB1akJ2d1RHUVJheHB2R19VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQEH6owAwQG
XkqAAwQFbcugAwQFsC6AAwQCuSKgMA0GCSqGSIb3DQEBCwUAA4IBAQCCwV/p5wLH
MqQOxQ1KfrlM/JhjmjQz6lk1mRFx0/ndzuVkjoLCJfhoKZ6i3x00YfT1jtl+/FGl
G2g0GeWGbKAQm7JSTjpwUsV4hln5W2fQDXP759Zjfu5737mysVB/AAGsjfNpW62H
LNvki7MwwHt2oO48TbMfSC4yKUCTkGqSTa7wl2AhO2nzkneZKcqMdFNAb9pXoSLS
21as7s7RfQ1sens5pXrj4foXv6jNPI6ytkhcIUAo9Zp+/jrQbs82+gsHD4QOqKGG
cNsnIMHxM6ptXP8H3V0i8JeTRFliuNGEP1qYI7M/Ms8rHCZWGYJ6IrWF3y2MxcFA
fluTBqKGJiU2
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:03:10 2025 by rpki-client