Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/d98472-f0b7-4df3-925b-0004b274630b/1/4ya_YM0HdHJUXsNUPAqBuKKF-Mg.roa
File: 4ya_YM0HdHJUXsNUPAqBuKKF-Mg.roa (raw, json)
Hash identifier: 8LOFynjUWvStDnrMsGSqWxYj5Oaj3/Zpzb2Id2bBgOQ=
Subject key identifier: E3:26:BF:60:CD:07:74:72:54:5E:C3:54:3C:0A:81:B8:A2:85:F8:C8
Certificate issuer: /CN=540b63d19d86ea345c9b5f169300c3a29d4c31c4
Certificate serial: 0DC19347
Authority key identifier: 54:0B:63:D1:9D:86:EA:34:5C:9B:5F:16:93:00:C3:A2:9D:4C:31:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VAtj0Z2G6jRcm18WkwDDop1MMcQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/d98472-f0b7-4df3-925b-0004b274630b/1/4ya_YM0HdHJUXsNUPAqBuKKF-Mg.roa
Signing time: Sat 01 Jan 2022 10:05:39 +0000
ROA not before: Sat 01 Jan 2022 10:05:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8680
IP address blocks: 185.48.78.0/24 maxlen: 24
185.48.76.0/22 maxlen: 24
37.18.136.0/23 maxlen: 23
37.18.136.0/21 maxlen: 24
37.18.138.0/23 maxlen: 23
37.18.138.0/24 maxlen: 24
37.18.140.0/23 maxlen: 23
46.31.202.0/23 maxlen: 23
46.31.204.0/23 maxlen: 23
46.31.206.0/24 maxlen: 24
46.31.200.0/21 maxlen: 24
46.31.207.0/24 maxlen: 24
2a04:b240::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 230789959 (0xdc19347)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=540b63d19d86ea345c9b5f169300c3a29d4c31c4
Validity
Not Before: Jan 1 10:05:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e326bf60cd077472545ec3543c0a81b8a285f8c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:61:49:6a:c2:2c:8b:46:e2:52:a9:cf:fe:8e:
26:9b:35:d5:5f:f5:29:04:7c:a3:7b:df:45:08:f7:
71:84:46:1c:dd:d9:5e:4a:f9:11:7a:17:8d:4b:78:
e9:f4:7d:57:e2:f1:5c:9f:61:be:cd:f1:b3:d1:44:
96:5c:08:fe:22:cc:d6:4f:89:f3:86:48:e4:71:e4:
a7:c4:02:60:6b:e0:f2:43:48:a7:86:9a:8b:73:51:
9b:88:2e:e3:97:2f:31:b3:8d:c9:26:e4:d2:13:0c:
a1:cb:81:fd:7c:63:72:e3:ed:c4:7e:8f:de:94:75:
4f:42:27:3c:4a:ca:3a:4e:75:d2:4a:ff:15:15:db:
94:ac:90:ce:85:de:ba:c9:3e:bc:3f:8f:5d:e8:49:
d1:c7:8a:36:03:1d:ec:1e:02:2a:3c:50:6b:c2:bf:
0e:ad:bb:87:53:96:97:5d:f3:19:4f:5b:6b:d8:26:
55:94:f6:44:db:5b:ed:98:10:33:a3:87:51:9e:14:
09:eb:26:8e:5d:05:c9:bd:9c:ec:0e:a4:82:a0:d3:
38:3b:5d:a4:1d:0c:23:de:9f:af:c7:43:f6:71:f5:
4e:3f:b5:b1:99:49:70:a7:d3:bc:15:0d:14:c7:ef:
5e:cd:46:89:4f:d7:90:a0:76:a3:26:66:bc:69:d1:
cc:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:26:BF:60:CD:07:74:72:54:5E:C3:54:3C:0A:81:B8:A2:85:F8:C8
X509v3 Authority Key Identifier:
keyid:54:0B:63:D1:9D:86:EA:34:5C:9B:5F:16:93:00:C3:A2:9D:4C:31:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VAtj0Z2G6jRcm18WkwDDop1MMcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/d98472-f0b7-4df3-925b-0004b274630b/1/4ya_YM0HdHJUXsNUPAqBuKKF-Mg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/d98472-f0b7-4df3-925b-0004b274630b/1/VAtj0Z2G6jRcm18WkwDDop1MMcQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.18.136.0/21
46.31.200.0/21
185.48.76.0/22
IPv6:
2a04:b240::/29
Signature Algorithm: sha256WithRSAEncryption
61:f8:01:d2:54:45:b8:b3:33:16:b2:a1:76:a1:b6:96:a0:95:
24:1b:84:49:6e:5e:ce:6c:df:3b:10:67:da:c5:dc:ea:93:23:
0c:94:88:8c:23:59:d7:25:a2:51:71:15:05:42:69:3d:fd:fd:
aa:00:fb:56:90:1b:f6:ed:36:c4:c8:f9:19:69:f1:bc:f0:40:
d8:fb:f5:17:0a:9c:4e:29:fe:81:9d:55:39:5d:8f:bc:3d:4d:
d2:05:68:c9:9f:d1:8a:60:c4:cf:73:b4:a1:39:0d:79:a4:a0:
44:04:d2:ee:6e:e4:95:58:ba:e6:74:1d:3b:2b:02:32:1e:e6:
7c:c0:78:05:21:da:9b:17:da:fd:56:ad:18:96:a1:30:c6:ea:
8a:e2:a2:05:12:4e:f7:6d:c4:16:6b:4c:d3:85:7b:4e:f6:bc:
bb:e2:4b:12:b3:df:64:f0:96:ea:8c:ca:68:b5:42:6f:72:7b:
bc:68:02:4f:74:72:8e:cb:04:e4:46:56:8a:9e:3d:d6:aa:ba:
73:96:5f:8f:d1:ce:e2:a0:22:8b:06:d8:fc:1b:5b:f6:3b:61:
61:c2:ac:0f:d5:80:0e:4a:50:58:10:98:b1:0d:c0:8b:41:ba:
c3:62:d3:c6:76:c5:5c:af:fa:7e:bf:cc:a5:d7:39:1b:df:68:
c0:73:54:36
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEDcGTRzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
NDBiNjNkMTlkODZlYTM0NWM5YjVmMTY5MzAwYzNhMjlkNGMzMWM0MB4XDTIyMDEw
MTEwMDUzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTMyNmJmNjBjZDA3
NzQ3MjU0NWVjMzU0M2MwYTgxYjhhMjg1ZjhjODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKFhSWrCLItG4lKpz/6OJps11V/1KQR8o3vfRQj3cYRGHN3Z
Xkr5EXoXjUt46fR9V+LxXJ9hvs3xs9FEllwI/iLM1k+J84ZI5HHkp8QCYGvg8kNI
p4aai3NRm4gu45cvMbONySbk0hMMocuB/XxjcuPtxH6P3pR1T0InPErKOk510kr/
FRXblKyQzoXeusk+vD+PXehJ0ceKNgMd7B4CKjxQa8K/Dq27h1OWl13zGU9ba9gm
VZT2RNtb7ZgQM6OHUZ4UCesmjl0Fyb2c7A6kgqDTODtdpB0MI96fr8dD9nH1Tj+1
sZlJcKfTvBUNFMfvXs1GiU/XkKB2oyZmvGnRzNECAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBTjJr9gzQd0clRew1Q8CoG4ooX4yDAfBgNVHSMEGDAWgBRUC2PRnYbqNFyb
XxaTAMOinUwxxDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1ZBdGowWjJHNmpSY20xOFdrd0REb3AxTU1jUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTQvZDk4NDcyLWYwYjctNGRmMy05MjViLTAwMDRiMjc0NjMwYi8x
LzR5YV9ZTTBIZEhKVVhzTlVQQXFCdUtLRi1NZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTQv
ZDk4NDcyLWYwYjctNGRmMy05MjViLTAwMDRiMjc0NjMwYi8xL1ZBdGowWjJHNmpS
Y20xOFdrd0REb3AxTU1jUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEAyUSiAMEAy4fyAMEArkwTDANBAIA
AjAHAwUDKgSyQDANBgkqhkiG9w0BAQsFAAOCAQEAYfgB0lRFuLMzFrKhdqG2lqCV
JBuESW5ezmzfOxBn2sXc6pMjDJSIjCNZ1yWiUXEVBUJpPf39qgD7VpAb9u02xMj5
GWnxvPBA2Pv1FwqcTin+gZ1VOV2PvD1N0gVoyZ/RimDEz3O0oTkNeaSgRATS7m7k
lVi65nQdOysCMh7mfMB4BSHamxfa/VatGJahMMbqiuKiBRJO923EFmtM04V7Tva8
u+JLErPfZPCW6ozKaLVCb3J7vGgCT3RyjssE5EZWip491qq6c5Zfj9HO4qAiiwbY
/Btb9jthYcKsD9WADkpQWBCYsQ3Ai0G6w2LTxnbFXK/6fr/Mpdc5G99owHNUNg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:11:03 2025 by rpki-client