Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/y2Pxl2EJUAVf68YOnkHIBZ8rhJI.roa
File: y2Pxl2EJUAVf68YOnkHIBZ8rhJI.roa (raw, json)
Hash identifier: Zk6QYyli7nF51DCQhWpBcAihEAY7nyRDNEaXF5rH1VA=
Subject key identifier: CB:63:F1:97:61:09:50:05:5F:EB:C6:0E:9E:41:C8:05:9F:2B:84:92
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 06B28A16
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/y2Pxl2EJUAVf68YOnkHIBZ8rhJI.roa
Signing time: Sat 01 Jan 2022 07:52:31 +0000
ROA not before: Sat 01 Jan 2022 07:52:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44208
IP address blocks: 94.74.190.0/24 maxlen: 24
94.74.128.0/18 maxlen: 24
94.74.136.0/24 maxlen: 24
31.170.48.0/20 maxlen: 24
94.74.165.0/24 maxlen: 24
94.74.166.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 112364054 (0x6b28a16)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Jan 1 07:52:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cb63f197610950055febc60e9e41c8059f2b8492
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:ab:f9:1b:f4:71:0e:fa:99:b5:4b:25:34:76:
a3:69:12:e5:7d:2e:e7:43:44:41:5e:b1:df:ba:a8:
76:fd:2d:25:3f:6f:bb:66:eb:7c:72:15:47:38:28:
2f:3e:b8:1b:2f:80:f9:25:3e:6b:5a:d5:17:40:80:
33:b7:3f:b1:4b:75:64:ac:65:ac:61:73:66:4b:c4:
f3:75:63:22:01:43:cc:bb:73:42:97:05:aa:8a:c0:
c2:21:41:17:23:cd:01:05:c1:d1:4a:4a:0c:2a:af:
4d:80:cc:d5:75:b0:fd:d9:6d:0c:bd:90:19:3a:12:
20:46:df:1a:44:17:59:12:8d:06:f4:98:3e:a6:7a:
b5:6e:9f:f7:b6:60:69:36:4c:38:2f:c1:fa:cc:69:
5e:0b:52:ff:58:b0:e1:74:bd:e4:86:1f:1f:ee:d9:
52:5c:a8:b9:fb:2a:75:fa:fc:2b:65:eb:89:2f:e8:
c6:e5:d5:40:86:db:2d:cf:9e:97:8c:0a:62:e0:ec:
6c:31:8b:3d:d1:8c:99:7f:b1:59:ee:b9:05:cd:62:
04:bb:9a:80:e5:f9:73:f9:3e:64:04:1c:a7:0b:6c:
c6:1a:52:3b:a2:ba:cf:6a:6e:d4:65:6b:0f:f2:76:
bd:f0:6f:9e:05:ed:0b:92:c4:ea:60:0e:45:e7:c3:
0c:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:63:F1:97:61:09:50:05:5F:EB:C6:0E:9E:41:C8:05:9F:2B:84:92
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/y2Pxl2EJUAVf68YOnkHIBZ8rhJI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.170.48.0/20
94.74.128.0/18
Signature Algorithm: sha256WithRSAEncryption
54:3c:25:5a:c3:f4:d6:f3:37:cf:15:dd:e1:eb:5c:ec:8e:05:
d0:78:07:f6:ec:72:a6:54:e2:84:e8:7c:82:ce:77:9f:fa:54:
65:6c:3e:c0:47:0b:17:83:1c:df:cc:01:40:81:1e:ed:c5:b5:
36:0c:70:7c:02:78:3d:7d:bd:ab:83:8d:71:0f:aa:51:4c:8a:
84:da:fd:7a:d4:f7:59:10:14:1c:ff:b2:50:70:f3:86:09:02:
2c:e6:3d:a1:b8:f4:1b:9e:7c:47:e0:d3:95:86:f2:ca:4b:fa:
a8:0a:d4:12:bc:e0:af:e7:e1:99:e7:ac:91:97:31:dc:92:1a:
3b:aa:35:55:4f:04:8e:e9:8d:93:23:d9:3d:e6:b6:26:30:62:
24:26:eb:bc:73:a0:43:49:1f:be:15:a2:cb:b5:59:9a:24:1d:
12:7e:fa:84:73:82:05:f9:2f:89:da:42:66:26:9f:d5:aa:ce:
41:97:7f:4c:bf:71:40:02:8b:08:57:ca:90:7b:63:4b:55:cf:
0d:de:f3:54:28:1c:8f:a5:ad:3b:91:9f:08:4c:3e:2f:c6:b4:
b1:aa:53:9b:a2:fd:32:e7:b1:5f:f5:bb:16:54:a8:84:e1:ef:
f0:3a:e7:c8:3d:3a:6a:bf:f6:33:d2:fc:dc:f2:08:81:4f:ee:
3a:49:f0:96
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBrKKFjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NjA0NzVlYmU3ZjA3ZDc0MTUzY2IxY2NhMzM4YzE2ZDgwMWY0NWY3MB4XDTIyMDEw
MTA3NTIzMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2I2M2YxOTc2MTA5
NTAwNTVmZWJjNjBlOWU0MWM4MDU5ZjJiODQ5MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMGr+Rv0cQ76mbVLJTR2o2kS5X0u50NEQV6x37qodv0tJT9v
u2brfHIVRzgoLz64Gy+A+SU+a1rVF0CAM7c/sUt1ZKxlrGFzZkvE83VjIgFDzLtz
QpcFqorAwiFBFyPNAQXB0UpKDCqvTYDM1XWw/dltDL2QGToSIEbfGkQXWRKNBvSY
PqZ6tW6f97ZgaTZMOC/B+sxpXgtS/1iw4XS95IYfH+7ZUlyoufsqdfr8K2XriS/o
xuXVQIbbLc+el4wKYuDsbDGLPdGMmX+xWe65Bc1iBLuagOX5c/k+ZAQcpwtsxhpS
O6K6z2pu1GVrD/J2vfBvngXtC5LE6mAORefDDGMCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTLY/GXYQlQBV/rxg6eQcgFnyuEkjAfBgNVHSMEGDAWgBTWBHXr5/B9dBU8
scyjOMFtgB9F9zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFnUjE2LWZ3ZlhRVlBMSE1vempCYllBZlJmYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjgvNTJlYmFlLWUwMDYtNDc3OC1hYzNjLTQ5NmY4ZWJiMmQ2MS8x
L3kyUHhsMkVKVUFWZjY4WU9ua0hJQlo4cmhKSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjgv
NTJlYmFlLWUwMDYtNDc3OC1hYzNjLTQ5NmY4ZWJiMmQ2MS8xLzFnUjE2LWZ3ZlhR
VlBMSE1vempCYllBZlJmYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEBB+qMAMEBl5KgDANBgkqhkiG9w0B
AQsFAAOCAQEAVDwlWsP01vM3zxXd4etc7I4F0HgH9uxyplTihOh8gs53n/pUZWw+
wEcLF4Mc38wBQIEe7cW1NgxwfAJ4PX29q4ONcQ+qUUyKhNr9etT3WRAUHP+yUHDz
hgkCLOY9obj0G558R+DTlYbyykv6qArUErzgr+fhmeeskZcx3JIaO6o1VU8EjumN
kyPZPea2JjBiJCbrvHOgQ0kfvhWiy7VZmiQdEn76hHOCBfkvidpCZiaf1arOQZd/
TL9xQAKLCFfKkHtjS1XPDd7zVCgcj6WtO5GfCEw+L8a0sapTm6L9MuexX/W7FlSo
hOHv8DrnyD06ar/2M9L83PIIgU/uOknwlg==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:06:57 2025 by rpki-client