Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/f343a9-4489-457c-92c1-b6cc4d57117e/1/L-oqEfHxfgy4WcXJgkSEwXtw3gM.roa
File: L-oqEfHxfgy4WcXJgkSEwXtw3gM.roa (raw, json)
Hash identifier: 5PNb0x9oFBDkYlKKYckUNQWIo7FsY6F8XFPNYiumwtg=
Subject key identifier: 2F:EA:2A:11:F1:F1:7E:0C:B8:59:C5:C9:82:44:84:C1:7B:70:DE:03
Certificate issuer: /CN=0594f4a9b6b7fd82dd6f2fdbf393abeadd347fd1
Certificate serial: 3436BF6E
Authority key identifier: 05:94:F4:A9:B6:B7:FD:82:DD:6F:2F:DB:F3:93:AB:EA:DD:34:7F:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZT0qba3_YLdby_b85Or6t00f9E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/f343a9-4489-457c-92c1-b6cc4d57117e/1/L-oqEfHxfgy4WcXJgkSEwXtw3gM.roa
Signing time: Sat 01 Jan 2022 02:53:55 +0000
ROA not before: Sat 01 Jan 2022 02:53:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39392
IP address blocks: 46.234.96.0/19 maxlen: 19
95.168.192.0/19 maxlen: 19
46.234.121.0/24 maxlen: 24
37.235.96.0/20 maxlen: 20
95.168.223.0/24 maxlen: 24
88.86.96.0/19 maxlen: 19
2a01:28::/32 maxlen: 32
2a01:28:eeee::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 876003182 (0x3436bf6e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0594f4a9b6b7fd82dd6f2fdbf393abeadd347fd1
Validity
Not Before: Jan 1 02:53:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2fea2a11f1f17e0cb859c5c9824484c17b70de03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:28:e0:86:6b:63:04:2a:c1:0c:b1:78:56:21:
06:73:06:aa:25:11:da:78:15:7a:0d:0f:44:10:e3:
ee:f8:08:73:54:e5:93:3a:5d:72:d3:52:e3:0f:09:
db:87:57:c1:1a:6c:e0:71:56:a1:c4:81:f1:89:01:
1b:43:0e:cf:8c:c3:da:79:a9:e0:c2:17:3a:fe:1f:
9a:e3:d6:45:05:d0:68:eb:62:a5:25:94:15:a1:da:
87:91:6e:48:12:f7:04:5f:07:75:be:c7:99:4a:c1:
7f:40:53:1b:76:5e:78:57:1a:0d:b8:7e:38:3e:a5:
0e:61:60:2a:1b:35:07:a4:c8:bf:c0:90:65:b9:ae:
a4:24:f1:2b:7e:0f:16:00:22:7d:9c:38:ab:b7:27:
bd:48:c6:cb:8e:28:93:e4:17:10:19:8a:21:18:52:
89:e0:c7:28:31:00:76:af:6e:c3:5b:9a:39:99:2e:
16:d3:c7:fc:e2:ed:c9:65:59:7b:96:69:88:58:62:
2e:00:a4:a2:04:f4:f6:04:6b:78:76:17:ae:c6:0b:
2f:2a:c0:62:f8:92:59:26:38:d0:8d:38:c2:a0:62:
be:9b:4d:06:b6:6d:99:7d:d7:74:e5:f2:0e:0c:b0:
b1:7f:23:a5:99:f5:26:b5:b1:39:a3:67:e2:d5:8c:
86:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:EA:2A:11:F1:F1:7E:0C:B8:59:C5:C9:82:44:84:C1:7B:70:DE:03
X509v3 Authority Key Identifier:
keyid:05:94:F4:A9:B6:B7:FD:82:DD:6F:2F:DB:F3:93:AB:EA:DD:34:7F:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZT0qba3_YLdby_b85Or6t00f9E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/f343a9-4489-457c-92c1-b6cc4d57117e/1/L-oqEfHxfgy4WcXJgkSEwXtw3gM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/f343a9-4489-457c-92c1-b6cc4d57117e/1/BZT0qba3_YLdby_b85Or6t00f9E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.235.96.0/20
46.234.96.0/19
88.86.96.0/19
95.168.192.0/19
IPv6:
2a01:28::/32
Signature Algorithm: sha256WithRSAEncryption
1f:40:c7:a0:0c:63:f5:11:42:48:95:d9:14:1c:a8:c0:db:45:
4f:44:5a:d4:c2:9d:5a:03:2d:48:8d:78:0e:bd:7d:6e:1f:db:
59:1d:c4:7e:61:98:a9:21:35:e3:e5:77:00:06:13:07:e5:6f:
af:5c:a4:9d:92:b6:cf:a6:73:7b:db:44:7d:52:55:5e:64:17:
08:bb:3d:dc:bb:b3:65:41:39:99:10:6b:82:ad:58:d8:dd:d0:
b3:28:28:54:40:b6:24:47:6a:f9:2b:fe:ab:68:2d:cb:48:9c:
b9:91:2f:7e:e8:d5:ec:9d:db:9f:d3:6a:33:45:db:2c:15:56:
a0:ec:11:a2:ad:f9:55:99:7b:05:6f:3c:29:f8:3a:a5:97:d3:
f3:9f:76:56:63:4e:54:04:6e:c0:ff:30:5a:52:02:5e:44:6f:
f7:6e:19:7b:f3:90:e5:ca:47:00:2a:92:3e:62:55:9d:48:6a:
f3:36:09:20:c1:72:96:7a:00:af:eb:a9:cb:fc:b1:99:8b:6b:
1d:2b:48:f1:f6:cd:8b:68:3a:db:a0:af:e9:40:38:b3:c9:02:
f6:43:f7:05:29:78:7d:35:b7:be:9d:d8:e9:df:bc:93:e9:55:
16:ed:fd:7a:7a:01:9e:47:8c:2f:bc:79:66:9d:e5:62:00:a2:
db:b9:b0:1c
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIENDa/bjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NTk0ZjRhOWI2YjdmZDgyZGQ2ZjJmZGJmMzkzYWJlYWRkMzQ3ZmQxMB4XDTIyMDEw
MTAyNTM1NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmZlYTJhMTFmMWYx
N2UwY2I4NTljNWM5ODI0NDg0YzE3YjcwZGUwMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANAo4IZrYwQqwQyxeFYhBnMGqiUR2ngVeg0PRBDj7vgIc1Tl
kzpdctNS4w8J24dXwRps4HFWocSB8YkBG0MOz4zD2nmp4MIXOv4fmuPWRQXQaOti
pSWUFaHah5FuSBL3BF8Hdb7HmUrBf0BTG3ZeeFcaDbh+OD6lDmFgKhs1B6TIv8CQ
ZbmupCTxK34PFgAifZw4q7cnvUjGy44ok+QXEBmKIRhSieDHKDEAdq9uw1uaOZku
FtPH/OLtyWVZe5ZpiFhiLgCkogT09gRreHYXrsYLLyrAYviSWSY40I04wqBivptN
BrZtmX3XdOXyDgywsX8jpZn1JrWxOaNn4tWMhmcCAwEAAaOCAiowggImMB0GA1Ud
DgQWBBQv6ioR8fF+DLhZxcmCRITBe3DeAzAfBgNVHSMEGDAWgBQFlPSptrf9gt1v
L9vzk6vq3TR/0TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JaVDBxYmEzX1lMZGJ5X2I4NU9yNnQwMGY5RS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDgvZjM0M2E5LTQ0ODktNDU3Yy05MmMxLWI2Y2M0ZDU3MTE3ZS8x
L0wtb3FFZkh4Zmd5NFdjWEpna1NFd1h0dzNnTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDgv
ZjM0M2E5LTQ0ODktNDU3Yy05MmMxLWI2Y2M0ZDU3MTE3ZS8xL0JaVDBxYmEzX1lM
ZGJ5X2I4NU9yNnQwMGY5RS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEBCXrYAMEBS7qYAMEBVhWYAMEBV+o
wDANBAIAAjAHAwUAKgEAKDANBgkqhkiG9w0BAQsFAAOCAQEAH0DHoAxj9RFCSJXZ
FByowNtFT0Ra1MKdWgMtSI14Dr19bh/bWR3EfmGYqSE14+V3AAYTB+Vvr1yknZK2
z6Zze9tEfVJVXmQXCLs93LuzZUE5mRBrgq1Y2N3QsygoVEC2JEdq+Sv+q2gty0ic
uZEvfujV7J3bn9NqM0XbLBVWoOwRoq35VZl7BW88Kfg6pZfT8592VmNOVARuwP8w
WlICXkRv924Ze/OQ5cpHACqSPmJVnUhq8zYJIMFylnoAr+upy/yxmYtrHStI8fbN
i2g626Cv6UA4s8kC9kP3BSl4fTW3vp3Y6d+8k+lVFu39enoBnkeML7x5Zp3lYgCi
27mwHA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:35:37 2025 by rpki-client