Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/461685-073e-41af-9bb6-cf6c305212eb/1/AQFYGcAqst8bFMsAXVw1sO-d-4o.roa
File: AQFYGcAqst8bFMsAXVw1sO-d-4o.roa (raw, json)
Hash identifier: LXL3YnfjcERP3EuVLHnicS1aojddWz/2T5QSAo0vvBA=
Subject key identifier: 01:01:58:19:C0:2A:B2:DF:1B:14:CB:00:5D:5C:35:B0:EF:9D:FB:8A
Certificate issuer: /CN=b14aba8b60749393478e83c360e6cbd75d156f89
Certificate serial: 0187482591BDCBFAE946EB1030A17BF012C4
Authority key identifier: B1:4A:BA:8B:60:74:93:93:47:8E:83:C3:60:E6:CB:D7:5D:15:6F:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sUq6i2B0k5NHjoPDYObL110Vb4k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/461685-073e-41af-9bb6-cf6c305212eb/1/AQFYGcAqst8bFMsAXVw1sO-d-4o.roa
Signing time: Mon 03 Apr 2023 17:23:54 +0000
ROA not before: Mon 03 Apr 2023 17:23:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44565
IP address blocks: 188.124.4.0/24 maxlen: 24
188.124.1.0/24 maxlen: 24
188.124.0.0/24 maxlen: 24
188.124.3.0/24 maxlen: 24
188.124.2.0/24 maxlen: 24
188.124.11.0/24 maxlen: 24
188.124.6.0/24 maxlen: 24
188.124.8.0/24 maxlen: 24
188.124.7.0/24 maxlen: 24
188.124.10.0/24 maxlen: 24
188.124.9.0/24 maxlen: 24
188.124.13.0/24 maxlen: 24
188.124.12.0/24 maxlen: 24
188.124.15.0/24 maxlen: 24
188.124.14.0/24 maxlen: 24
188.124.16.0/24 maxlen: 24
188.124.18.0/24 maxlen: 24
188.124.20.0/24 maxlen: 24
188.124.19.0/24 maxlen: 24
188.124.22.0/24 maxlen: 24
188.124.21.0/24 maxlen: 24
188.124.24.0/24 maxlen: 24
188.124.23.0/24 maxlen: 24
188.124.25.0/24 maxlen: 24
188.124.27.0/24 maxlen: 24
188.124.26.0/24 maxlen: 24
188.124.29.0/24 maxlen: 24
188.124.28.0/24 maxlen: 24
188.124.31.0/24 maxlen: 24
188.124.30.0/24 maxlen: 24
79.171.17.0/24 maxlen: 24
79.171.16.0/24 maxlen: 24
79.171.19.0/24 maxlen: 24
79.171.18.0/24 maxlen: 24
79.171.21.0/24 maxlen: 24
79.171.20.0/24 maxlen: 24
93.186.112.0/24 maxlen: 24
93.186.113.0/24 maxlen: 24
93.186.115.0/24 maxlen: 24
93.186.114.0/24 maxlen: 24
93.186.117.0/24 maxlen: 24
93.186.116.0/24 maxlen: 24
93.186.118.0/24 maxlen: 24
93.186.120.0/24 maxlen: 24
93.186.119.0/24 maxlen: 24
93.186.122.0/24 maxlen: 24
93.186.121.0/24 maxlen: 24
93.186.124.0/24 maxlen: 24
93.186.123.0/24 maxlen: 24
93.186.127.0/24 maxlen: 24
93.186.126.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:48:25:91:bd:cb:fa:e9:46:eb:10:30:a1:7b:f0:12:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b14aba8b60749393478e83c360e6cbd75d156f89
Validity
Not Before: Apr 3 17:23:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=01015819c02ab2df1b14cb005d5c35b0ef9dfb8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:d3:da:b2:3f:45:7a:86:1b:3c:06:71:e8:50:
e4:b7:30:0b:5e:c5:18:45:a9:a2:31:8d:81:53:04:
00:69:95:84:a7:7b:3e:5b:cd:61:91:49:b4:50:e4:
86:ef:d3:de:f2:26:0e:d6:11:2c:80:40:90:ea:72:
21:8a:b6:c4:68:66:95:08:71:ef:dd:66:c2:37:f9:
f6:3b:08:5d:ab:0c:7f:69:ae:cc:4d:7c:0b:c3:e1:
aa:7b:15:65:71:0e:4a:d5:ee:ac:c4:1f:42:50:ad:
6a:08:f9:af:cf:81:78:06:03:d7:52:87:18:9c:a9:
f9:c8:8e:0d:2a:37:44:62:a0:1a:c3:48:b4:83:4e:
17:23:1c:f3:02:4c:59:54:9c:d3:4d:48:ea:d4:fd:
f5:82:18:13:1b:b1:12:b7:ed:6c:13:d3:9c:aa:1a:
59:d7:33:83:48:1c:90:f5:db:93:0b:29:a1:cc:e1:
a5:bc:20:c8:e9:c7:c7:a7:f4:b2:a9:87:73:36:24:
93:03:56:ec:6c:01:ab:bd:42:3e:6d:69:0e:c5:a8:
1a:9c:1e:a2:a0:73:5a:62:f9:41:bc:ee:08:70:e6:
7e:8a:8b:a3:07:7c:57:65:61:37:96:5c:aa:f6:3f:
d1:81:37:ca:e3:bf:a1:d6:7e:8e:1b:ff:31:ac:98:
f3:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:01:58:19:C0:2A:B2:DF:1B:14:CB:00:5D:5C:35:B0:EF:9D:FB:8A
X509v3 Authority Key Identifier:
keyid:B1:4A:BA:8B:60:74:93:93:47:8E:83:C3:60:E6:CB:D7:5D:15:6F:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sUq6i2B0k5NHjoPDYObL110Vb4k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/461685-073e-41af-9bb6-cf6c305212eb/1/AQFYGcAqst8bFMsAXVw1sO-d-4o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/461685-073e-41af-9bb6-cf6c305212eb/1/sUq6i2B0k5NHjoPDYObL110Vb4k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.171.16.0-79.171.21.255
93.186.112.0-93.186.124.255
93.186.126.0/23
188.124.0.0-188.124.4.255
188.124.6.0-188.124.16.255
188.124.18.0-188.124.31.255
Signature Algorithm: sha256WithRSAEncryption
c4:76:e6:5f:86:42:8c:ae:e5:b8:d2:46:6d:b7:de:23:df:47:
cc:05:60:e1:8e:f2:29:b6:8e:84:81:27:c0:a3:19:0d:c9:54:
44:5e:36:85:23:7f:e7:a8:93:bf:08:a2:f1:9b:88:16:21:8c:
9f:cf:a3:d1:73:12:3a:e6:6a:df:c7:50:17:ca:c0:f4:54:c4:
b2:22:f7:1d:a8:2b:ab:1d:12:29:65:c3:1f:60:b8:c4:01:50:
6b:94:da:ce:99:f4:91:7f:ce:5a:90:68:43:98:11:32:95:e3:
fe:58:61:db:33:fb:02:1a:3d:5e:f7:46:01:57:99:b3:08:ae:
1e:a9:1c:2a:a4:cd:87:fc:5e:06:14:f4:9a:13:93:77:1e:99:
1d:76:e7:4e:25:df:08:e1:3c:ca:45:09:5c:cf:22:4d:a7:03:
91:5d:4b:8a:ac:b7:dc:4d:98:6c:52:e6:2f:54:38:09:e1:a9:
26:07:10:3e:37:a8:a2:87:fa:d6:73:7b:b2:0b:96:41:fe:e4:
8d:76:4c:18:e8:f7:5b:60:29:12:bb:32:99:50:9e:f2:2d:e4:
7c:ea:35:12:0a:e4:b4:5a:17:9b:2e:44:66:8e:c8:50:fd:6c:
3a:c3:3c:3f:9d:08:bc:4d:8a:91:00:44:01:59:82:79:47:90:
96:ab:ed:44
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAYdIJZG9y/rpRusQMKF78BLEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNGFiYThiNjA3NDkzOTM0NzhlODNjMzYwZTZjYmQ3NWQx
NTZmODkwHhcNMjMwNDAzMTcyMzU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTAxNTgxOWMwMmFiMmRmMWIxNGNiMDA1ZDVjMzViMGVmOWRmYjhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt9Pasj9FeoYbPAZx6FDktzALXsUY
RamiMY2BUwQAaZWEp3s+W81hkUm0UOSG79Pe8iYO1hEsgECQ6nIhirbEaGaVCHHv
3WbCN/n2Owhdqwx/aa7MTXwLw+GqexVlcQ5K1e6sxB9CUK1qCPmvz4F4BgPXUocY
nKn5yI4NKjdEYqAaw0i0g04XIxzzAkxZVJzTTUjq1P31ghgTG7ESt+1sE9OcqhpZ
1zODSByQ9duTCymhzOGlvCDI6cfHp/SyqYdzNiSTA1bsbAGrvUI+bWkOxaganB6i
oHNaYvlBvO4IcOZ+ioujB3xXZWE3llyq9j/RgTfK47+h1n6OG/8xrJjzkwIDAQAB
o4ICTjCCAkowHQYDVR0OBBYEFAEBWBnAKrLfGxTLAF1cNbDvnfuKMB8GA1UdIwQY
MBaAFLFKuotgdJOTR46Dw2Dmy9ddFW+JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1VxNmkyQjBrNU5Iam9QRFlPYkwxMTBWYjRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi80NjE2ODUtMDczZS00MWFmLTliYjYt
Y2Y2YzMwNTIxMmViLzEvQVFGWUdjQXFzdDhiRk1zQVhWdzFzTy1kLTRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi80NjE2ODUtMDczZS00MWFmLTliYjYtY2Y2YzMwNTIxMmVi
LzEvc1VxNmkyQjBrNU5Iam9QRFlPYkwxMTBWYjRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzBRBAIAATBLMAwDBARPqxAD
BAFPqxQwDAMEBF26cAMEAF26fAMEAV26fjALAwMCvHwDBAC8fAQwDAMEAbx8BgME
ALx8EDAMAwQBvHwSAwQFvHwAMA0GCSqGSIb3DQEBCwUAA4IBAQDEduZfhkKMruW4
0kZtt94j30fMBWDhjvIpto6EgSfAoxkNyVREXjaFI3/nqJO/CKLxm4gWIYyfz6PR
cxI65mrfx1AXysD0VMSyIvcdqCurHRIpZcMfYLjEAVBrlNrOmfSRf85akGhDmBEy
leP+WGHbM/sCGj1e90YBV5mzCK4eqRwqpM2H/F4GFPSaE5N3HpkddudOJd8I4TzK
RQlczyJNpwORXUuKrLfcTZhsUuYvVDgJ4akmBxA+N6iih/rWc3uyC5ZB/uSNdkwY
6PdbYCkSuzKZUJ7yLeR86jUSCuS0WhebLkRmjshQ/Ww6wzw/nQi8TYqRAEQBWYJ5
R5CWq+1E
-----END CERTIFICATE-----
Generated at Wed Apr 23 06:35:51 2025 by rpki-client