Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/u2bCGhZEYAEoJIFxBqxc07-kPJk.roa
File: u2bCGhZEYAEoJIFxBqxc07-kPJk.roa (raw, json)
Hash identifier: wS9FVx5RXLF5BCn36wodEtStOlY4tkaWHk/k7Aqf1t4=
Subject key identifier: BB:66:C2:1A:16:44:60:01:28:24:81:71:06:AC:5C:D3:BF:A4:3C:99
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 0187178C5B7B978EB4CB7B77993E636590E5
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/u2bCGhZEYAEoJIFxBqxc07-kPJk.roa
Signing time: Sat 25 Mar 2023 06:54:46 +0000
ROA not before: Sat 25 Mar 2023 06:54:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44208
IP address blocks: 176.46.138.0/23 maxlen: 24
94.74.190.0/24 maxlen: 24
176.46.144.0/20 maxlen: 24
176.46.140.0/22 maxlen: 24
109.203.160.0/19 maxlen: 24
94.74.128.0/18 maxlen: 24
94.74.136.0/24 maxlen: 24
31.170.48.0/20 maxlen: 24
94.74.165.0/24 maxlen: 24
185.34.160.0/22 maxlen: 24
94.74.166.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:17:8c:5b:7b:97:8e:b4:cb:7b:77:99:3e:63:65:90:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Mar 25 06:54:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bb66c21a164460012824817106ac5cd3bfa43c99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:b1:de:7c:33:ac:24:16:53:59:9e:8a:a8:36:
45:15:74:75:1f:ea:1c:b8:1a:af:06:99:74:6c:ba:
fe:33:e9:38:ef:58:14:37:b4:62:94:71:ef:33:92:
6b:0a:23:47:39:d1:46:ae:31:a5:cf:63:33:b2:0e:
f6:1a:81:94:73:58:9a:3b:a3:cb:3c:cd:c7:ec:8d:
b5:87:c2:ca:5b:f9:95:3f:f8:fb:90:42:56:52:0d:
b1:98:fc:f8:28:c6:b4:b0:41:8f:07:52:ba:e0:37:
f3:83:6e:98:bf:87:38:4a:8e:98:76:fd:fa:f5:26:
82:4b:cc:40:f9:0c:30:2b:ac:9e:e2:c0:1a:36:38:
6d:43:f4:10:1d:3d:1d:50:a3:a4:a7:33:27:a1:92:
0e:c2:d4:0c:a4:c4:4a:46:d6:e8:65:99:19:17:cb:
ef:d5:01:4b:cf:48:29:91:e9:75:c2:fb:60:b4:2e:
a4:d3:1b:46:43:23:fe:b8:6a:82:15:e1:08:ac:db:
67:45:52:ee:57:8b:43:05:0d:ae:2d:19:81:fa:09:
64:11:51:91:d3:5f:73:fb:11:f6:36:08:36:7b:dd:
80:03:c5:ba:b3:99:8b:11:27:1d:d4:3e:7e:10:05:
66:d0:c2:d9:ba:4f:6c:81:9f:db:0c:9c:1d:b3:be:
92:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:66:C2:1A:16:44:60:01:28:24:81:71:06:AC:5C:D3:BF:A4:3C:99
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/u2bCGhZEYAEoJIFxBqxc07-kPJk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.170.48.0/20
94.74.128.0/18
109.203.160.0/19
176.46.138.0-176.46.159.255
185.34.160.0/22
Signature Algorithm: sha256WithRSAEncryption
1d:ca:f2:94:a2:65:b6:4c:6c:e2:da:c7:e9:a0:2f:2b:ea:40:
49:a3:01:c3:37:05:58:98:2c:c7:3f:0b:0e:7e:94:7c:c0:30:
cc:25:b4:70:ae:86:ce:d9:42:2c:59:02:ae:4e:fc:7f:06:43:
41:09:8a:6c:09:d7:a6:23:80:ac:87:43:d4:35:02:50:ac:ce:
23:bb:73:ef:db:a2:06:c4:1c:47:36:0f:50:34:56:31:f8:8a:
b6:cb:cb:89:96:22:d0:0a:5d:1b:a0:65:08:88:4c:c5:7f:44:
6b:76:af:b2:d4:af:7c:a6:89:b8:d5:b4:de:ab:83:f4:05:54:
22:1a:67:10:1d:bf:1c:73:ad:ef:b0:de:c6:18:50:7e:b8:fe:
80:f6:3f:eb:b3:4c:c2:a8:f8:ce:ec:3b:72:21:37:df:5e:3a:
d8:04:32:c4:29:fb:d7:46:a3:87:ab:73:a9:99:f4:d1:7b:f5:
ca:33:3a:4b:e5:c6:f7:f8:84:9f:7e:aa:b4:1c:4f:92:1c:4f:
c1:aa:55:3b:c9:96:fa:08:e4:88:ed:1f:ba:8e:cf:ad:d0:55:
8b:10:75:0a:98:f0:dc:47:af:42:71:30:f4:b3:8e:f0:48:af:
7c:36:f0:dc:2a:2e:6c:1b:67:b3:95:d8:8b:6a:b0:2a:b8:50:
b1:83:34:a8
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYcXjFt7l460y3t3mT5jZZDlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjMwMzI1MDY1NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjY2YzIxYTE2NDQ2MDAxMjgyNDgxNzEwNmFjNWNkM2JmYTQzYzk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAurHefDOsJBZTWZ6KqDZFFXR1H+oc
uBqvBpl0bLr+M+k471gUN7RilHHvM5JrCiNHOdFGrjGlz2Mzsg72GoGUc1iaO6PL
PM3H7I21h8LKW/mVP/j7kEJWUg2xmPz4KMa0sEGPB1K64Dfzg26Yv4c4So6Ydv36
9SaCS8xA+QwwK6ye4sAaNjhtQ/QQHT0dUKOkpzMnoZIOwtQMpMRKRtboZZkZF8vv
1QFLz0gpkel1wvtgtC6k0xtGQyP+uGqCFeEIrNtnRVLuV4tDBQ2uLRmB+glkEVGR
019z+xH2Ngg2e92AA8W6s5mLEScd1D5+EAVm0MLZuk9sgZ/bDJwds76SwQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFLtmwhoWRGABKCSBcQasXNO/pDyZMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvdTJiQ0doWkVZQUVvSklGeEJxeGMwNy1rUEprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQEH6owAwQG
XkqAAwQFbcugMAwDBAGwLooDBAWwLoADBAK5IqAwDQYJKoZIhvcNAQELBQADggEB
AB3K8pSiZbZMbOLax+mgLyvqQEmjAcM3BViYLMc/Cw5+lHzAMMwltHCuhs7ZQixZ
Aq5O/H8GQ0EJimwJ16YjgKyHQ9Q1AlCsziO7c+/bogbEHEc2D1A0VjH4irbLy4mW
ItAKXRugZQiITMV/RGt2r7LUr3ymibjVtN6rg/QFVCIaZxAdvxxzre+w3sYYUH64
/oD2P+uzTMKo+M7sO3IhN99eOtgEMsQp+9dGo4erc6mZ9NF79cozOkvlxvf4hJ9+
qrQcT5IcT8GqVTvJlvoI5IjtH7qOz63QVYsQdQqY8NxHr0JxMPSzjvBIr3w28Nwq
LmwbZ7OV2ItqsCq4ULGDNKg=
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:57:40 2025 by rpki-client