Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/pKucBQqcRGd_Ed3WO6R8cT-le9M.roa
File: pKucBQqcRGd_Ed3WO6R8cT-le9M.roa (raw, json)
Hash identifier: /yEED0rIF+FQa7qcdIyDgm4EwGZTRdFL4mP291ELAV4=
Subject key identifier: A4:AB:9C:05:0A:9C:44:67:7F:11:DD:D6:3B:A4:7C:71:3F:A5:7B:D3
Certificate issuer: /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial: 07074314
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/pKucBQqcRGd_Ed3WO6R8cT-le9M.roa
Signing time: Fri 27 May 2022 07:27:54 +0000
ROA not before: Fri 27 May 2022 07:27:54 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3320
IP address blocks: 94.26.90.0/24 maxlen: 24
91.92.33.0/24 maxlen: 24
91.92.35.0/24 maxlen: 24
78.159.131.0/24 maxlen: 24
93.152.205.0/24 maxlen: 24
93.152.209.0/24 maxlen: 24
91.92.49.0/24 maxlen: 24
93.152.215.0/24 maxlen: 24
93.152.221.0/24 maxlen: 24
93.152.225.0/24 maxlen: 24
93.152.224.0/24 maxlen: 24
212.102.107.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 117916436 (0x7074314)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Validity
Not Before: May 27 07:27:54 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a4ab9c050a9c44677f11ddd63ba47c713fa57bd3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:b1:86:c8:1d:73:48:c2:df:5f:c7:29:e7:13:
3d:92:2b:cc:26:7c:11:43:e6:5c:51:16:24:5e:2b:
a3:8a:6e:ce:49:36:e8:81:b1:14:53:24:cd:65:24:
41:93:f7:d3:13:3d:5b:5d:e6:b3:a4:4f:dd:89:c7:
42:ac:c7:e4:bd:1a:72:10:ca:e1:a0:13:02:9f:3b:
43:a1:5f:97:08:19:37:c8:2e:ba:1a:1c:bb:28:4c:
8f:00:5d:4e:24:d6:cb:f8:a5:8a:a2:19:8e:da:4b:
9d:a9:8e:ab:ba:2d:c7:4f:bc:30:a8:a0:09:95:74:
b9:0f:55:45:34:3b:07:ad:ef:da:58:2c:b0:ba:d8:
74:2d:05:1c:1c:8c:b2:3e:e3:4a:e4:68:77:6a:6d:
72:2b:cb:a1:fd:05:cb:61:ce:1a:d5:3d:75:6c:f4:
d7:a3:81:09:1d:fc:5f:74:c2:a8:7f:c9:72:b5:af:
4b:93:9d:b6:27:99:bb:12:b9:5a:66:d2:bc:a1:52:
18:9a:e9:c0:52:fc:b8:ac:3d:38:1b:e7:5f:83:b2:
e3:e2:42:53:4a:b8:9c:ec:6d:02:51:1f:18:98:49:
4b:bc:8f:74:24:6c:cb:7c:bb:d8:da:aa:14:f0:da:
8b:9c:2c:12:c0:ad:73:45:5d:75:3d:73:c3:cb:6b:
c0:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:AB:9C:05:0A:9C:44:67:7F:11:DD:D6:3B:A4:7C:71:3F:A5:7B:D3
X509v3 Authority Key Identifier:
keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/pKucBQqcRGd_Ed3WO6R8cT-le9M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.159.131.0/24
91.92.33.0/24
91.92.35.0/24
91.92.49.0/24
93.152.205.0/24
93.152.209.0/24
93.152.215.0/24
93.152.221.0/24
93.152.224.0/23
94.26.90.0/24
212.102.107.0/24
Signature Algorithm: sha256WithRSAEncryption
90:83:69:78:67:2f:c0:e9:c4:ff:95:44:79:39:3c:29:53:18:
cc:9e:8e:49:b8:37:9a:de:93:9f:55:e4:f9:c0:90:da:e1:07:
dd:c6:79:d7:75:58:1d:48:fd:f9:26:1f:ad:b6:4b:d0:f6:96:
d1:bb:cb:ca:85:28:c6:ff:0f:c2:bc:8c:e0:5b:75:5e:ff:35:
d3:bc:ed:52:25:1d:59:6b:32:97:f5:1e:d3:a6:17:e3:c4:fb:
af:d9:c0:88:6f:cc:cc:a7:ca:8f:44:f2:28:34:49:e6:73:7e:
cf:28:93:42:a3:cf:d2:7d:c5:06:da:a2:ea:08:7f:98:89:68:
c5:b3:25:12:31:01:24:fe:34:52:97:db:49:4c:01:95:3f:c7:
de:de:c1:f9:f3:91:b2:ef:95:52:bc:53:f0:a0:22:cc:e6:bb:
ac:20:9b:58:a1:47:ec:c4:1d:33:aa:21:05:0c:0d:d8:7b:55:
10:ee:22:b1:e9:ea:90:14:56:78:c7:3c:0e:45:bf:76:ad:10:
49:f9:63:9e:fc:34:c9:30:c2:36:0d:8d:ed:fb:78:53:bc:2a:
82:9a:41:cf:cc:b8:eb:d4:09:86:b8:e9:0c:81:c5:96:fe:8b:
73:cf:3f:83:ff:dc:2c:41:74:21:3d:f8:78:25:68:ab:df:7e:
25:43:7b:fe
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIEBwdDFDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ZDFjYWE2OTM1OGY4Yzk4ZjdhNzE5ZjI1OTdkNWRhZGRiZDAwMThjMB4XDTIyMDUy
NzA3Mjc1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTRhYjljMDUwYTlj
NDQ2NzdmMTFkZGQ2M2JhNDdjNzEzZmE1N2JkMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMyxhsgdc0jC31/HKecTPZIrzCZ8EUPmXFEWJF4ro4puzkk2
6IGxFFMkzWUkQZP30xM9W13ms6RP3YnHQqzH5L0achDK4aATAp87Q6FflwgZN8gu
uhocuyhMjwBdTiTWy/iliqIZjtpLnamOq7otx0+8MKigCZV0uQ9VRTQ7B63v2lgs
sLrYdC0FHByMsj7jSuRod2ptcivLof0Fy2HOGtU9dWz016OBCR38X3TCqH/JcrWv
S5OdtieZuxK5WmbSvKFSGJrpwFL8uKw9OBvnX4Oy4+JCU0q4nOxtAlEfGJhJS7yP
dCRsy3y72NqqFPDai5wsEsCtc0VddT1zw8trwJ0CAwEAAaOCAkUwggJBMB0GA1Ud
DgQWBBSkq5wFCpxEZ38R3dY7pHxxP6V70zAfBgNVHSMEGDAWgBQtHKppNY+MmPen
GfJZfV2t29ABjDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0xSeXFhVFdQakpqM3B4bnlXWDFkcmR2UUFZdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGYvYTkzNjk5LTE4OGItNDcwYS05NmI3LTI5YjA4NWRkMjNhZC8x
L3BLdWNCUXFjUkdkX0VkM1dPNlI4Y1QtbGU5TS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGYv
YTkzNjk5LTE4OGItNDcwYS05NmI3LTI5YjA4NWRkMjNhZC8xL0xSeXFhVFdQakpq
M3B4bnlXWDFkcmR2UUFZdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBb
BggrBgEFBQcBBwEB/wRMMEowSAQCAAEwQgMEAE6fgwMEAFtcIQMEAFtcIwMEAFtc
MQMEAF2YzQMEAF2Y0QMEAF2Y1wMEAF2Y3QMEAV2Y4AMEAF4aWgMEANRmazANBgkq
hkiG9w0BAQsFAAOCAQEAkINpeGcvwOnE/5VEeTk8KVMYzJ6OSbg3mt6Tn1Xk+cCQ
2uEH3cZ513VYHUj9+SYfrbZL0PaW0bvLyoUoxv8PwryM4Ft1Xv8107ztUiUdWWsy
l/Ue06YX48T7r9nAiG/MzKfKj0TyKDRJ5nN+zyiTQqPP0n3FBtqi6gh/mIloxbMl
EjEBJP40UpfbSUwBlT/H3t7B+fORsu+VUrxT8KAizOa7rCCbWKFH7MQdM6ohBQwN
2HtVEO4isenqkBRWeMc8DkW/dq0QSfljnvw0yTDCNg2N7ft4U7wqgppBz8y469QJ
hrjpDIHFlv6Lc88/g//cLEF0IT34eCVoq99+JUN7/g==
-----END CERTIFICATE-----
Generated at Tue Apr 8 23:48:50 2025 by rpki-client