Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/e7fa55-5925-4ba9-ad38-be7c81948324/1/94YOoabiE4C66LbM2XgtdT611PE.roa
File: 94YOoabiE4C66LbM2XgtdT611PE.roa (raw, json)
Hash identifier: YB1TRWM4/BHZrSSVwo36k20++ofswIV0xkbraK17qFU=
Subject key identifier: F7:86:0E:A1:A6:E2:13:80:BA:E8:B6:CC:D9:78:2D:75:3E:B5:D4:F1
Certificate issuer: /CN=ea0f76282df53209a58c0302e74f8a97ca3aff05
Certificate serial: 01856D9D1ADE0910896EB7DB8C9071A7AFED
Authority key identifier: EA:0F:76:28:2D:F5:32:09:A5:8C:03:02:E7:4F:8A:97:CA:3A:FF:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6g92KC31MgmljAMC50-Kl8o6_wU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/e7fa55-5925-4ba9-ad38-be7c81948324/1/94YOoabiE4C66LbM2XgtdT611PE.roa
Signing time: Sun 01 Jan 2023 13:54:50 +0000
ROA not before: Sun 01 Jan 2023 13:54:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42512
IP address blocks: 91.208.65.0/24 maxlen: 24
193.110.79.0/24 maxlen: 24
91.225.120.0/22 maxlen: 22
91.225.120.0/24 maxlen: 24
91.225.123.0/24 maxlen: 24
91.225.122.0/24 maxlen: 24
91.225.121.0/24 maxlen: 24
31.43.168.0/24 maxlen: 24
31.43.168.0/22 maxlen: 22
31.43.171.0/24 maxlen: 24
31.43.170.0/24 maxlen: 24
31.43.169.0/24 maxlen: 24
31.43.182.0/24 maxlen: 24
31.43.181.0/24 maxlen: 24
31.43.180.0/22 maxlen: 22
31.43.180.0/24 maxlen: 24
31.43.183.0/24 maxlen: 24
193.110.78.0/24 maxlen: 24
193.110.77.0/24 maxlen: 24
193.110.76.0/22 maxlen: 22
193.110.76.0/24 maxlen: 24
2001:67c:a28::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:9d:1a:de:09:10:89:6e:b7:db:8c:90:71:a7:af:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ea0f76282df53209a58c0302e74f8a97ca3aff05
Validity
Not Before: Jan 1 13:54:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f7860ea1a6e21380bae8b6ccd9782d753eb5d4f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:04:99:3e:9c:12:77:db:d4:7b:83:25:00:98:
bf:2f:e2:5b:e0:cb:59:87:ef:6b:ee:90:e1:98:f9:
d4:e8:67:f4:92:3f:7f:ed:1e:0f:29:f6:56:b3:15:
12:68:79:b9:f3:f3:05:57:15:5b:d9:39:24:5f:21:
b7:d6:be:57:d0:f9:48:28:f8:f9:19:95:4f:9a:c3:
a8:b0:6c:13:8a:39:13:7c:92:b5:40:fb:75:eb:fd:
41:aa:71:54:4e:4a:d7:28:e6:3a:e0:ef:00:8a:55:
cd:ab:0d:ef:a3:90:77:a8:5e:05:f5:3f:10:89:e2:
be:2e:63:c1:71:50:0c:27:0f:43:8b:72:7d:b5:b5:
a8:eb:5a:18:a1:1e:59:67:40:0f:d1:49:44:27:5f:
8d:43:74:a4:b9:be:a4:8e:a1:5b:91:43:68:57:33:
08:91:46:1b:88:ac:c3:8f:52:6b:0c:89:a6:89:d9:
0a:81:bd:da:88:a8:36:11:1e:d3:58:bf:c7:91:66:
b3:fd:78:04:15:b7:24:19:7f:57:05:ea:28:a4:d5:
d4:19:31:f2:52:b3:03:ce:32:3e:a5:db:ab:38:84:
d5:38:b3:7f:e2:05:18:af:89:91:5c:81:d6:91:d1:
81:2b:3b:18:f1:3b:cf:d3:af:1a:29:d2:f9:d1:dc:
26:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:86:0E:A1:A6:E2:13:80:BA:E8:B6:CC:D9:78:2D:75:3E:B5:D4:F1
X509v3 Authority Key Identifier:
keyid:EA:0F:76:28:2D:F5:32:09:A5:8C:03:02:E7:4F:8A:97:CA:3A:FF:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6g92KC31MgmljAMC50-Kl8o6_wU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/e7fa55-5925-4ba9-ad38-be7c81948324/1/94YOoabiE4C66LbM2XgtdT611PE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/e7fa55-5925-4ba9-ad38-be7c81948324/1/6g92KC31MgmljAMC50-Kl8o6_wU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.43.168.0/22
31.43.180.0/22
91.208.65.0/24
91.225.120.0/22
193.110.76.0/22
IPv6:
2001:67c:a28::/48
Signature Algorithm: sha256WithRSAEncryption
7c:b1:0d:cf:e4:ed:ad:16:85:e4:fc:6e:e2:a3:02:e7:aa:b7:
41:4f:a2:4f:ce:37:db:45:ae:62:11:9d:fc:5a:5f:ed:b6:63:
9b:ed:70:41:8a:c7:b7:77:d5:88:6f:d9:b5:54:5b:7d:1d:26:
1d:7d:58:e8:70:63:12:df:b2:a0:0d:66:e1:2c:7f:7b:71:30:
f7:46:10:98:1b:55:09:1e:bb:58:89:f4:8a:fa:a5:5f:a4:cf:
67:fa:3c:65:19:a3:e6:a3:bc:38:4c:d7:d7:e1:07:ab:b6:dd:
d1:19:93:e3:71:a7:ea:66:fc:f1:e0:cc:17:f8:ee:5c:8f:b7:
05:ac:82:f9:0e:43:c9:85:be:a0:e1:e7:be:d2:5d:33:0d:92:
85:28:30:01:0a:85:68:b4:70:75:0c:b2:e5:d2:b9:db:d8:25:
3b:f6:56:da:26:47:d4:00:6b:44:53:21:17:61:5b:9b:bd:84:
85:62:29:c4:12:d2:5d:bc:f5:53:bd:8c:f8:f8:ba:ff:10:80:
f0:d4:18:cd:8f:eb:aa:22:77:dd:0e:d8:b7:94:84:0d:02:83:
a4:cb:04:c7:39:9b:af:d0:4b:0c:e6:6c:26:cf:8d:23:03:13:
44:fa:ec:11:5e:02:6b:22:f0:94:90:4f:ef:b5:18:15:3a:dd:
7d:5d:d6:86
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYVtnRreCRCJbrfbjJBxp6/tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhMGY3NjI4MmRmNTMyMDlhNThjMDMwMmU3NGY4YTk3Y2Ez
YWZmMDUwHhcNMjMwMTAxMTM1NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzg2MGVhMWE2ZTIxMzgwYmFlOGI2Y2NkOTc4MmQ3NTNlYjVkNGYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAogSZPpwSd9vUe4MlAJi/L+Jb4MtZ
h+9r7pDhmPnU6Gf0kj9/7R4PKfZWsxUSaHm58/MFVxVb2TkkXyG31r5X0PlIKPj5
GZVPmsOosGwTijkTfJK1QPt16/1BqnFUTkrXKOY64O8AilXNqw3vo5B3qF4F9T8Q
ieK+LmPBcVAMJw9Di3J9tbWo61oYoR5ZZ0AP0UlEJ1+NQ3Skub6kjqFbkUNoVzMI
kUYbiKzDj1JrDImmidkKgb3aiKg2ER7TWL/HkWaz/XgEFbckGX9XBeoopNXUGTHy
UrMDzjI+pdurOITVOLN/4gUYr4mRXIHWkdGBKzsY8TvP068aKdL50dwmjwIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFPeGDqGm4hOAuui2zNl4LXU+tdTxMB8GA1UdIwQY
MBaAFOoPdigt9TIJpYwDAudPipfKOv8FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmc5MktDMzFNZ21sakFNQzUwLUtsOG82X3dVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni9lN2ZhNTUtNTkyNS00YmE5LWFkMzgt
YmU3YzgxOTQ4MzI0LzEvOTRZT29hYmlFNEM2NkxiTTJYZ3RkVDYxMVBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni9lN2ZhNTUtNTkyNS00YmE5LWFkMzgtYmU3YzgxOTQ4MzI0
LzEvNmc5MktDMzFNZ21sakFNQzUwLUtsOG82X3dVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAkBAIAATAeAwQCHyuoAwQC
Hyu0AwQAW9BBAwQCW+F4AwQCwW5MMA8EAgACMAkDBwAgAQZ8CigwDQYJKoZIhvcN
AQELBQADggEBAHyxDc/k7a0WheT8buKjAueqt0FPok/ON9tFrmIRnfxaX+22Y5vt
cEGKx7d31Yhv2bVUW30dJh19WOhwYxLfsqANZuEsf3txMPdGEJgbVQkeu1iJ9Ir6
pV+kz2f6PGUZo+ajvDhM19fhB6u23dEZk+Nxp+pm/PHgzBf47lyPtwWsgvkOQ8mF
vqDh577SXTMNkoUoMAEKhWi0cHUMsuXSudvYJTv2VtomR9QAa0RTIRdhW5u9hIVi
KcQS0l289VO9jPj4uv8QgPDUGM2P66oid90O2LeUhA0Cg6TLBMc5m6/QSwzmbCbP
jSMDE0T67BFeAmsi8JSQT++1GBU63X1d1oY=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:12:35 2025 by rpki-client