Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/uun5yPzK_pAaIXksbnTOfySAHNM.roa
File: uun5yPzK_pAaIXksbnTOfySAHNM.roa (raw, json)
Hash identifier: XNg30Y3RvbrLJONUHxT3wwd8sjMwzbelAegqf7R+u6E=
Subject key identifier: BA:E9:F9:C8:FC:CA:FE:90:1A:21:79:2C:6E:74:CE:7F:24:80:1C:D3
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 01882FCBF05E87EB00B3CCE68D5020FE1080
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/uun5yPzK_pAaIXksbnTOfySAHNM.roa
Signing time: Thu 18 May 2023 16:57:54 +0000
ROA not before: Thu 18 May 2023 16:57:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44208
IP address blocks: 94.74.190.0/24 maxlen: 24
176.46.144.0/20 maxlen: 24
109.203.160.0/19 maxlen: 24
94.74.128.0/18 maxlen: 24
94.74.136.0/24 maxlen: 24
31.170.48.0/20 maxlen: 24
94.74.165.0/24 maxlen: 24
185.34.160.0/22 maxlen: 24
94.74.166.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:2f:cb:f0:5e:87:eb:00:b3:cc:e6:8d:50:20:fe:10:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: May 18 16:57:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bae9f9c8fccafe901a21792c6e74ce7f24801cd3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:45:fc:cb:5a:e5:26:3a:2e:bb:ad:85:51:71:
a5:ea:9f:18:f5:a6:96:43:08:8c:ba:9c:f5:f0:e0:
32:77:66:88:df:58:a0:74:74:42:e2:73:30:b6:cf:
fa:6f:10:f0:6b:2b:0b:17:0e:6e:ea:53:2b:07:a2:
16:90:0a:bb:78:3f:d0:37:ca:8e:a2:0d:56:3b:75:
29:c2:c0:e4:a5:d9:1c:0c:ef:5d:45:3f:9e:c6:0e:
9d:cc:2c:69:01:e5:8b:bc:58:d6:b7:0d:69:cf:08:
18:ca:ed:51:2c:dc:2e:46:1b:ab:72:22:cb:3c:60:
3a:01:fa:e7:f4:aa:49:46:6d:e2:0c:55:44:7a:65:
85:1f:20:70:6a:bd:8f:43:7b:11:80:49:76:41:d4:
ff:77:65:0c:d4:fa:f6:05:38:ef:d3:76:e2:56:2c:
0c:19:41:55:25:51:4c:70:d2:6a:01:3e:e9:1a:47:
29:41:95:62:3f:34:ce:f1:3c:56:54:36:c3:52:12:
98:a5:f4:5b:18:35:3b:26:a1:4b:81:a7:dc:25:b1:
f4:ee:3b:e6:53:06:39:8a:95:56:9f:f8:ac:78:07:
a7:5d:61:58:8a:16:13:bb:2d:46:6e:a8:58:c9:d9:
25:3e:78:e8:5f:35:ac:08:b1:db:65:c4:1c:e3:b7:
80:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:E9:F9:C8:FC:CA:FE:90:1A:21:79:2C:6E:74:CE:7F:24:80:1C:D3
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/uun5yPzK_pAaIXksbnTOfySAHNM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.170.48.0/20
94.74.128.0/18
109.203.160.0/19
176.46.144.0/20
185.34.160.0/22
Signature Algorithm: sha256WithRSAEncryption
56:80:d2:9d:f8:a5:6f:3e:fb:56:e2:4b:b1:94:eb:9e:0e:76:
30:7e:4d:11:d2:30:8a:05:66:f7:4a:6e:76:be:bb:c9:7b:77:
c5:4c:8c:ee:5c:be:bb:81:d3:7b:78:f0:86:54:f2:76:32:fa:
ad:0c:dd:4e:73:44:7a:3b:60:d5:af:a9:55:ff:52:45:87:4b:
b6:04:80:9c:ee:f0:9a:21:f3:30:03:73:0c:5c:fb:ed:de:50:
0f:1c:f1:bf:b1:9c:44:7d:82:44:30:bc:e6:0e:4c:db:32:62:
72:05:b5:ad:cc:78:4e:29:cb:b5:55:78:f6:64:8e:50:99:4d:
25:5c:3f:41:62:c6:f3:f2:56:df:ef:82:1f:c4:9d:47:5e:28:
d1:dd:17:70:40:91:c5:21:b2:91:dd:7d:5d:27:d2:db:02:4c:
b7:64:3b:d4:a1:ac:5e:12:2e:6c:b2:7a:08:fa:4f:80:e7:86:
1f:3b:8a:99:62:ad:bc:d3:a3:ed:6e:96:d5:5a:a6:08:f6:42:
e6:91:20:a0:14:d8:7b:e4:2f:b3:6c:34:b4:b6:f0:73:57:8b:
fb:76:81:40:e8:10:c3:38:f9:d0:ba:c0:6a:ff:e2:f7:9f:8f:
cb:4a:5c:8a:8d:a9:c4:fa:2a:10:fa:51:50:6c:23:3b:33:07:
82:9c:51:e4
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYgvy/Beh+sAs8zmjVAg/hCAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjMwNTE4MTY1NzU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWU5ZjljOGZjY2FmZTkwMWEyMTc5MmM2ZTc0Y2U3ZjI0ODAxY2QzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApkX8y1rlJjouu62FUXGl6p8Y9aaW
QwiMupz18OAyd2aI31igdHRC4nMwts/6bxDwaysLFw5u6lMrB6IWkAq7eD/QN8qO
og1WO3UpwsDkpdkcDO9dRT+exg6dzCxpAeWLvFjWtw1pzwgYyu1RLNwuRhurciLL
PGA6Afrn9KpJRm3iDFVEemWFHyBwar2PQ3sRgEl2QdT/d2UM1Pr2BTjv03biViwM
GUFVJVFMcNJqAT7pGkcpQZViPzTO8TxWVDbDUhKYpfRbGDU7JqFLgafcJbH07jvm
UwY5ipVWn/iseAenXWFYihYTuy1GbqhYydklPnjoXzWsCLHbZcQc47eAMwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFLrp+cj8yv6QGiF5LG50zn8kgBzTMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvdXVuNXlQektfcEFhSVhrc2JuVE9meVNBSE5NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQEH6owAwQG
XkqAAwQFbcugAwQEsC6QAwQCuSKgMA0GCSqGSIb3DQEBCwUAA4IBAQBWgNKd+KVv
PvtW4kuxlOueDnYwfk0R0jCKBWb3Sm52vrvJe3fFTIzuXL67gdN7ePCGVPJ2Mvqt
DN1Oc0R6O2DVr6lV/1JFh0u2BICc7vCaIfMwA3MMXPvt3lAPHPG/sZxEfYJEMLzm
DkzbMmJyBbWtzHhOKcu1VXj2ZI5QmU0lXD9BYsbz8lbf74IfxJ1HXijR3RdwQJHF
IbKR3X1dJ9LbAky3ZDvUoaxeEi5ssnoI+k+A54YfO4qZYq2806PtbpbVWqYI9kLm
kSCgFNh75C+zbDS0tvBzV4v7doFA6BDDOPnQusBq/+L3n4/LSlyKjanE+ioQ+lFQ
bCM7MweCnFHk
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:07:53 2025 by rpki-client