Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/0771e1-39af-4353-947f-01facc747c24/1/dKgy5Yznwf_MQyAn2RvDFTMuQXY.roa
File: dKgy5Yznwf_MQyAn2RvDFTMuQXY.roa (raw, json)
Hash identifier: f3FV6vtoe7tFfldRAbjphtZDgVxHtBImfi7FMU7IV4g=
Subject key identifier: 74:A8:32:E5:8C:E7:C1:FF:CC:43:20:27:D9:1B:C3:15:33:2E:41:76
Certificate issuer: /CN=2d119754fc14ffe7968a6516bd49bdb25633b887
Certificate serial: 01857246C038D386E12E7D1A8CFFDED53417
Authority key identifier: 2D:11:97:54:FC:14:FF:E7:96:8A:65:16:BD:49:BD:B2:56:33:B8:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRGXVPwU_-eWimUWvUm9slYzuIc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/0771e1-39af-4353-947f-01facc747c24/1/dKgy5Yznwf_MQyAn2RvDFTMuQXY.roa
Signing time: Mon 02 Jan 2023 11:38:37 +0000
ROA not before: Mon 02 Jan 2023 11:38:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25160
IP address blocks: 185.121.76.0/22 maxlen: 22
185.135.164.0/22 maxlen: 22
185.135.166.0/24 maxlen: 24
94.126.43.0/24 maxlen: 24
94.126.47.0/24 maxlen: 24
178.18.116.0/24 maxlen: 24
178.18.117.0/24 maxlen: 24
178.18.119.0/24 maxlen: 24
31.28.70.0/24 maxlen: 24
31.28.65.0/24 maxlen: 24
31.28.68.0/24 maxlen: 24
31.28.67.0/24 maxlen: 24
31.28.72.0/24 maxlen: 24
31.28.75.0/24 maxlen: 24
31.28.84.0/23 maxlen: 23
31.28.80.0/22 maxlen: 22
31.28.86.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:46:c0:38:d3:86:e1:2e:7d:1a:8c:ff:de:d5:34:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d119754fc14ffe7968a6516bd49bdb25633b887
Validity
Not Before: Jan 2 11:38:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=74a832e58ce7c1ffcc432027d91bc315332e4176
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:63:97:aa:35:f7:89:60:47:51:58:af:ce:2f:
15:15:12:5d:2e:43:5e:67:ce:58:17:df:50:1a:05:
66:2d:c4:33:37:46:e0:c9:81:b1:26:46:fa:02:54:
6f:01:01:3a:cd:bb:48:2e:01:16:45:89:03:f0:0d:
03:8f:e9:c3:f9:99:6f:69:82:40:0f:83:8b:54:d9:
95:dd:a8:79:4f:01:8f:47:7f:1d:4d:06:c7:9d:70:
6e:89:e7:71:24:e4:ca:a6:35:ee:f1:8f:93:68:49:
c9:c0:0c:9b:d2:e2:8f:ac:6e:c4:68:f2:0b:b1:a0:
f7:d4:ce:c2:5c:20:a1:a4:fb:40:06:ab:3c:12:51:
4d:ef:31:57:58:02:3c:8e:1a:8f:2b:ec:09:06:ee:
ba:49:cc:2e:1c:03:04:48:8e:6e:fd:5b:bd:05:88:
0f:bd:6b:9d:c9:df:2f:8c:d4:65:66:78:12:8a:96:
be:d2:7e:c5:ad:0c:90:5b:e9:e3:ea:a5:9f:5c:80:
89:d8:05:87:6e:fe:99:3e:89:71:5b:64:d7:74:23:
27:7a:1b:64:e9:da:46:a8:fb:bf:d0:fb:cf:67:88:
5a:d9:b6:28:88:b2:62:18:72:9e:19:8a:a4:1a:ae:
05:89:7a:b9:da:15:04:66:79:05:78:02:5b:47:9f:
5b:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:A8:32:E5:8C:E7:C1:FF:CC:43:20:27:D9:1B:C3:15:33:2E:41:76
X509v3 Authority Key Identifier:
keyid:2D:11:97:54:FC:14:FF:E7:96:8A:65:16:BD:49:BD:B2:56:33:B8:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRGXVPwU_-eWimUWvUm9slYzuIc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/0771e1-39af-4353-947f-01facc747c24/1/dKgy5Yznwf_MQyAn2RvDFTMuQXY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/0771e1-39af-4353-947f-01facc747c24/1/LRGXVPwU_-eWimUWvUm9slYzuIc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.28.65.0/24
31.28.67.0-31.28.68.255
31.28.70.0/24
31.28.72.0/24
31.28.75.0/24
31.28.80.0-31.28.86.255
94.126.43.0/24
94.126.47.0/24
178.18.116.0/23
178.18.119.0/24
185.121.76.0/22
185.135.164.0/22
Signature Algorithm: sha256WithRSAEncryption
66:31:c9:78:5f:fa:da:f5:b2:c3:6d:9c:03:f1:8f:3a:5d:e2:
e5:0a:22:f6:9b:2d:5b:5a:8c:92:e0:21:fa:00:41:cb:5f:1e:
4b:31:4b:45:a3:8f:0b:9e:bd:fb:bc:57:fc:5f:fa:03:00:6a:
bb:37:f3:65:07:7b:5b:c9:7d:53:3b:6f:35:ff:82:2c:58:11:
45:0e:c9:0e:ae:d9:c8:b6:be:1f:e0:75:64:e3:b2:62:07:9f:
f0:2b:8b:26:c6:c1:5e:9b:96:b9:8c:79:ec:27:db:cc:8c:ec:
08:42:3b:92:05:22:2c:43:d4:f3:4c:f3:f2:e5:71:2b:c9:d9:
b8:e2:df:cb:5f:63:9b:8e:32:08:2f:fe:b3:3c:d4:15:94:a9:
0e:39:b8:ce:5c:0a:0b:ef:23:3b:9b:84:43:5e:e1:6b:b5:21:
2d:a3:cf:1e:ed:88:9d:f3:52:ad:b0:a1:03:fb:b1:ad:c9:7e:
f2:fa:f6:ef:31:da:3e:84:9f:87:0e:44:53:cd:94:e7:87:0d:
e9:b7:e4:2d:94:00:3e:5f:c8:cf:48:5a:1d:57:ae:b6:6d:1a:
08:d4:e6:33:08:c9:09:14:e4:c5:cd:90:e5:0a:a8:0d:37:a8:
64:4f:3b:bb:cf:3c:9a:5c:50:c3:6f:fd:62:9c:d0:8c:26:85:
d5:6b:0e:d4
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAYVyRsA404bhLn0ajP/e1TQXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMTE5NzU0ZmMxNGZmZTc5NjhhNjUxNmJkNDliZGIyNTYz
M2I4ODcwHhcNMjMwMTAyMTEzODM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NGE4MzJlNThjZTdjMWZmY2M0MzIwMjdkOTFiYzMxNTMzMmU0MTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0mOXqjX3iWBHUVivzi8VFRJdLkNe
Z85YF99QGgVmLcQzN0bgyYGxJkb6AlRvAQE6zbtILgEWRYkD8A0Dj+nD+ZlvaYJA
D4OLVNmV3ah5TwGPR38dTQbHnXBuiedxJOTKpjXu8Y+TaEnJwAyb0uKPrG7EaPIL
saD31M7CXCChpPtABqs8ElFN7zFXWAI8jhqPK+wJBu66ScwuHAMESI5u/Vu9BYgP
vWudyd8vjNRlZngSipa+0n7FrQyQW+nj6qWfXICJ2AWHbv6ZPolxW2TXdCMnehtk
6dpGqPu/0PvPZ4ha2bYoiLJiGHKeGYqkGq4FiXq52hUEZnkFeAJbR59bLQIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFHSoMuWM58H/zEMgJ9kbwxUzLkF2MB8GA1UdIwQY
MBaAFC0Rl1T8FP/nloplFr1JvbJWM7iHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFJHWFZQd1VfLWVXaW1VV3ZVbTlzbFl6dUljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS8wNzcxZTEtMzlhZi00MzUzLTk0N2Yt
MDFmYWNjNzQ3YzI0LzEvZEtneTVZem53Zl9NUXlBbjJSdkRGVE11UVhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS8wNzcxZTEtMzlhZi00MzUzLTk0N2YtMDFmYWNjNzQ3YzI0
LzEvTFJHWFZQd1VfLWVXaW1VV3ZVbTlzbFl6dUljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBeBAIAATBYAwQAHxxBMAwD
BAAfHEMDBAAfHEQDBAAfHEYDBAAfHEgDBAAfHEswDAMEBB8cUAMEAB8cVgMEAF5+
KwMEAF5+LwMEAbISdAMEALISdwMEArl5TAMEArmHpDANBgkqhkiG9w0BAQsFAAOC
AQEAZjHJeF/62vWyw22cA/GPOl3i5Qoi9pstW1qMkuAh+gBBy18eSzFLRaOPC569
+7xX/F/6AwBquzfzZQd7W8l9UztvNf+CLFgRRQ7JDq7ZyLa+H+B1ZOOyYgef8CuL
JsbBXpuWuYx57CfbzIzsCEI7kgUiLEPU80zz8uVxK8nZuOLfy19jm44yCC/+szzU
FZSpDjm4zlwKC+8jO5uEQ17ha7UhLaPPHu2InfNSrbChA/uxrcl+8vr27zHaPoSf
hw5EU82U54cN6bfkLZQAPl/Iz0haHVeutm0aCNTmMwjJCRTkxc2Q5QqoDTeoZE87
u888mlxQw2/9YpzQjCaF1WsO1A==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:20:55 2025 by rpki-client