Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/36715a-32fc-4e9f-a577-5ac74dba17b8/1/c2IWtlKRNstKGhu287ofYAl_edE.roa
File: c2IWtlKRNstKGhu287ofYAl_edE.roa (raw, json)
Hash identifier: 9QVuiEB/G13jDwKuCzr70DzKwTgNv2VuYkWDHw3GQls=
Subject key identifier: 73:62:16:B6:52:91:36:CB:4A:1A:1B:B6:F3:BA:1F:60:09:7F:79:D1
Certificate issuer: /CN=456ecb3be1065e1e71589508bec6d74b5a7b1ed7
Certificate serial: 36C61FE2
Authority key identifier: 45:6E:CB:3B:E1:06:5E:1E:71:58:95:08:BE:C6:D7:4B:5A:7B:1E:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RW7LO-EGXh5xWJUIvsbXS1p7Htc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/36715a-32fc-4e9f-a577-5ac74dba17b8/1/c2IWtlKRNstKGhu287ofYAl_edE.roa
Signing time: Mon 14 Feb 2022 11:39:39 +0000
ROA not before: Mon 14 Feb 2022 11:39:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 196921
IP address blocks: 94.187.160.0/19 maxlen: 19
94.187.160.0/21 maxlen: 21
94.187.168.0/21 maxlen: 21
94.187.179.0/24 maxlen: 24
94.187.178.0/24 maxlen: 24
94.187.176.0/24 maxlen: 24
94.187.177.0/24 maxlen: 24
94.187.176.0/21 maxlen: 21
94.187.180.0/24 maxlen: 24
94.187.183.0/24 maxlen: 24
94.187.184.0/23 maxlen: 23
94.187.181.0/24 maxlen: 24
94.187.182.0/24 maxlen: 24
94.187.184.0/21 maxlen: 21
94.187.187.0/24 maxlen: 24
94.187.190.0/24 maxlen: 24
94.187.191.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 918953954 (0x36c61fe2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=456ecb3be1065e1e71589508bec6d74b5a7b1ed7
Validity
Not Before: Feb 14 11:39:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=736216b6529136cb4a1a1bb6f3ba1f60097f79d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:82:71:25:87:1e:0c:4c:1c:3c:2c:2a:40:1c:
9d:69:fa:ba:fd:3e:11:b4:90:e6:91:0f:70:34:02:
99:1e:1f:bc:23:e0:d9:7f:01:97:52:ae:51:47:cc:
19:5d:d3:41:70:af:ea:7a:ea:c4:84:dc:98:75:03:
0a:fb:69:ec:00:8f:59:42:a1:6c:26:e4:6e:7b:e2:
1e:74:bd:7a:1c:1d:4d:a2:e3:66:62:88:72:6c:94:
29:a5:2d:1d:af:07:77:e2:96:f0:d5:b3:a9:c1:59:
2e:00:ff:29:92:ac:bb:f0:2b:58:7f:6e:1c:27:6c:
75:48:b3:3c:d8:6c:b1:00:74:9c:9e:0d:cb:6a:50:
52:df:a9:f2:a0:7c:3d:42:52:0f:5c:40:33:d7:f8:
52:6d:3e:9a:72:11:84:4e:a9:12:6b:77:4e:80:aa:
da:fa:5b:c4:3e:2d:79:aa:06:f7:e9:d4:66:e3:24:
52:2e:2b:6b:30:56:fd:db:73:cf:bd:ed:73:e0:7d:
c0:ec:ea:bb:e8:6b:10:b2:66:0d:25:4c:45:cf:fe:
29:85:6e:fb:b8:16:24:ad:b4:17:6a:e7:07:15:3b:
ba:0e:3a:80:62:6a:8d:bb:4f:7a:a1:bc:cd:9c:49:
ab:8c:9d:00:e3:67:b1:7a:af:b0:f4:6f:be:6f:ea:
ec:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:62:16:B6:52:91:36:CB:4A:1A:1B:B6:F3:BA:1F:60:09:7F:79:D1
X509v3 Authority Key Identifier:
keyid:45:6E:CB:3B:E1:06:5E:1E:71:58:95:08:BE:C6:D7:4B:5A:7B:1E:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RW7LO-EGXh5xWJUIvsbXS1p7Htc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/36715a-32fc-4e9f-a577-5ac74dba17b8/1/c2IWtlKRNstKGhu287ofYAl_edE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/36715a-32fc-4e9f-a577-5ac74dba17b8/1/RW7LO-EGXh5xWJUIvsbXS1p7Htc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.187.160.0/19
Signature Algorithm: sha256WithRSAEncryption
1e:61:44:16:37:e4:5c:53:f1:23:c6:df:fc:7c:25:c9:3c:d2:
d9:3c:e5:29:df:ac:e7:f7:a4:fd:d7:f8:e3:89:a5:05:c7:77:
56:77:12:a9:69:a1:b5:75:f8:35:f6:87:62:54:c4:5b:e0:0f:
8c:40:eb:43:4a:8d:a3:0e:9b:53:f3:5a:a1:3c:af:c4:ea:69:
3b:d9:07:90:de:59:5d:00:3c:65:69:9e:84:f7:6a:ff:64:c8:
54:33:9d:0f:0d:3e:0c:8d:e0:1d:d2:ab:8c:e3:68:c3:39:13:
47:98:bd:c5:fa:fb:c2:33:65:b9:fb:1c:7d:fb:7e:03:bc:7a:
10:ff:da:eb:df:2b:b3:0f:2c:6f:04:7b:ca:37:3c:d6:87:e7:
2d:d8:85:7c:24:f8:8c:3a:29:e8:c9:8c:26:63:fc:91:49:ad:
e9:47:09:65:50:5f:4b:35:d5:80:ad:b3:90:3a:77:86:3a:ed:
29:2b:57:41:0c:e0:5d:63:7b:e5:be:8c:44:82:1a:38:da:52:
bd:4b:91:8e:e0:cb:47:0a:6c:38:7c:24:ae:2b:7d:68:c0:b2:
b5:1d:75:78:09:5f:e7:27:da:41:10:c0:0e:b0:0c:ed:22:26:
e0:8a:db:d2:33:a3:51:23:09:ae:a3:51:98:77:50:b1:64:72:
04:8e:17:0c
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIENsYf4jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
NTZlY2IzYmUxMDY1ZTFlNzE1ODk1MDhiZWM2ZDc0YjVhN2IxZWQ3MB4XDTIyMDIx
NDExMzkzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzM2MjE2YjY1Mjkx
MzZjYjRhMWExYmI2ZjNiYTFmNjAwOTdmNzlkMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJWCcSWHHgxMHDwsKkAcnWn6uv0+EbSQ5pEPcDQCmR4fvCPg
2X8Bl1KuUUfMGV3TQXCv6nrqxITcmHUDCvtp7ACPWUKhbCbkbnviHnS9ehwdTaLj
ZmKIcmyUKaUtHa8Hd+KW8NWzqcFZLgD/KZKsu/ArWH9uHCdsdUizPNhssQB0nJ4N
y2pQUt+p8qB8PUJSD1xAM9f4Um0+mnIRhE6pEmt3ToCq2vpbxD4teaoG9+nUZuMk
Ui4razBW/dtzz73tc+B9wOzqu+hrELJmDSVMRc/+KYVu+7gWJK20F2rnBxU7ug46
gGJqjbtPeqG8zZxJq4ydAONnsXqvsPRvvm/q7EkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRzYha2UpE2y0oaG7bzuh9gCX950TAfBgNVHSMEGDAWgBRFbss74QZeHnFY
lQi+xtdLWnse1zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1JXN0xPLUVHWGg1eFdKVUl2c2JYUzFwN0h0Yy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmEvMzY3MTVhLTMyZmMtNGU5Zi1hNTc3LTVhYzc0ZGJhMTdiOC8x
L2MySVd0bEtSTnN0S0dodTI4N29mWUFsX2VkRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmEv
MzY3MTVhLTMyZmMtNGU5Zi1hNTc3LTVhYzc0ZGJhMTdiOC8xL1JXN0xPLUVHWGg1
eFdKVUl2c2JYUzFwN0h0Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBV67oDANBgkqhkiG9w0BAQsFAAOC
AQEAHmFEFjfkXFPxI8bf/HwlyTzS2TzlKd+s5/ek/df444mlBcd3VncSqWmhtXX4
NfaHYlTEW+APjEDrQ0qNow6bU/NaoTyvxOppO9kHkN5ZXQA8ZWmehPdq/2TIVDOd
Dw0+DI3gHdKrjONowzkTR5i9xfr7wjNlufscfft+A7x6EP/a698rsw8sbwR7yjc8
1ofnLdiFfCT4jDop6MmMJmP8kUmt6UcJZVBfSzXVgK2zkDp3hjrtKStXQQzgXWN7
5b6MRIIaONpSvUuRjuDLRwpsOHwkrit9aMCytR11eAlf5yfaQRDADrAM7SIm4Irb
0jOjUSMJrqNRmHdQsWRyBI4XDA==
-----END CERTIFICATE-----
Generated at Mon Apr 21 01:33:01 2025 by rpki-client