Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/4yeknpGus57E72soyH4zfMWLbcg.roa
File: 4yeknpGus57E72soyH4zfMWLbcg.roa (raw, json)
Hash identifier: OUies0Dy2z+Ut4hDXKIhfcSACpi4h/djLQ2xkqJ/eGA=
Subject key identifier: E3:27:A4:9E:91:AE:B3:9E:C4:EF:6B:28:C8:7E:33:7C:C5:8B:6D:C8
Certificate issuer: /CN=c6a249a0eacd8abcbea0d82ef71016d386e8ef94
Certificate serial: 01884402B7E7565471B096DB0F64B8F4CBFE
Authority key identifier: C6:A2:49:A0:EA:CD:8A:BC:BE:A0:D8:2E:F7:10:16:D3:86:E8:EF:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xqJJoOrNiry-oNgu9xAW04bo75Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/4yeknpGus57E72soyH4zfMWLbcg.roa
Signing time: Mon 22 May 2023 15:10:08 +0000
ROA not before: Mon 22 May 2023 15:10:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34968
IP address blocks: 37.148.128.0/21 maxlen: 24
152.89.84.0/22 maxlen: 24
93.88.152.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:44:02:b7:e7:56:54:71:b0:96:db:0f:64:b8:f4:cb:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c6a249a0eacd8abcbea0d82ef71016d386e8ef94
Validity
Not Before: May 22 15:10:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e327a49e91aeb39ec4ef6b28c87e337cc58b6dc8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:fe:12:3f:1b:59:97:3c:2b:75:c6:a1:79:dd:
bd:9a:bc:c0:e0:f0:0d:d3:5c:90:4a:3d:10:50:4f:
6b:63:72:f7:84:ac:a4:b5:84:e3:5c:82:f9:94:d8:
2b:f0:be:0f:ed:58:0b:66:42:17:a6:40:ca:9a:8f:
88:6d:6b:d7:ed:0a:68:b4:66:4c:a0:3a:42:5a:74:
49:a3:c7:68:15:bf:66:c0:6e:96:08:dc:4c:62:a9:
d3:f9:90:2b:0c:56:3b:cc:88:8d:6f:2b:f1:48:3a:
28:3d:a3:c5:af:d5:86:b9:9c:b9:1e:ee:7c:7c:9d:
da:4e:2a:1f:bf:f9:5b:5b:8a:c3:f4:36:17:77:0d:
92:a7:f4:83:07:1e:a1:8c:91:48:ca:49:a3:92:6c:
23:c8:80:3f:77:af:29:83:f4:e3:6c:cc:65:6a:47:
68:19:76:02:62:46:40:34:29:a6:10:ca:bb:09:a6:
0b:d5:59:64:b8:b0:cf:10:b5:24:bc:af:7f:d5:7f:
94:5a:6c:70:0a:d2:eb:3e:c9:f5:66:b2:76:76:b2:
33:1f:94:41:50:72:e9:6c:ea:73:70:27:35:a9:7a:
61:8f:d8:ad:93:7d:d5:7e:5e:65:c6:ef:8a:6a:ae:
7e:60:3d:e0:05:95:ff:b4:d9:70:e6:a4:e6:3a:91:
42:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:27:A4:9E:91:AE:B3:9E:C4:EF:6B:28:C8:7E:33:7C:C5:8B:6D:C8
X509v3 Authority Key Identifier:
keyid:C6:A2:49:A0:EA:CD:8A:BC:BE:A0:D8:2E:F7:10:16:D3:86:E8:EF:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xqJJoOrNiry-oNgu9xAW04bo75Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/4yeknpGus57E72soyH4zfMWLbcg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/xqJJoOrNiry-oNgu9xAW04bo75Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.148.128.0/21
93.88.152.0/21
152.89.84.0/22
Signature Algorithm: sha256WithRSAEncryption
82:6f:31:9c:d9:25:3f:f6:11:57:e1:b9:20:2e:e4:18:76:71:
f8:b1:2f:f1:da:6d:1e:b4:cd:85:8c:58:a4:7a:db:c4:77:b6:
10:60:16:c4:2c:4c:af:96:6c:e0:49:93:93:d4:f8:53:e1:27:
3a:c6:f6:c7:20:cf:bd:18:28:91:13:1f:52:e9:c3:e7:0d:2a:
46:22:a5:fb:2d:3f:58:c6:69:4e:15:47:f8:ba:f0:e1:1f:9f:
7f:97:b3:f8:6e:9f:dd:f5:26:4e:db:2e:6e:6b:d9:b5:c2:d1:
88:02:83:cf:b7:e4:a0:3d:dd:cb:03:3e:09:1e:f5:07:0f:71:
7f:3a:7e:a6:54:ed:be:9c:07:a3:a2:f7:32:2d:93:56:66:0d:
3a:89:53:47:0a:d7:d9:13:dc:ea:cf:18:0f:ec:9f:3a:e9:e6:
31:b3:8f:45:e1:d2:df:a4:fa:99:96:9b:4e:6b:b3:f7:84:16:
40:7a:ed:1e:c2:df:31:90:bd:42:0c:83:f3:b2:75:80:ce:ff:
86:26:60:8e:40:e4:4c:da:91:72:dc:41:dc:fb:d5:4f:41:66:
98:f9:21:37:07:3e:22:ff:b5:e9:30:54:05:a4:90:ff:e1:72:
a1:dd:92:f8:fe:44:a2:50:64:4c:7d:0f:ac:93:b1:12:1c:24:
7b:e3:e3:42
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYhEArfnVlRxsJbbD2S49Mv+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2YTI0OWEwZWFjZDhhYmNiZWEwZDgyZWY3MTAxNmQzODZl
OGVmOTQwHhcNMjMwNTIyMTUxMDA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzI3YTQ5ZTkxYWViMzllYzRlZjZiMjhjODdlMzM3Y2M1OGI2ZGM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjP4SPxtZlzwrdcahed29mrzA4PAN
01yQSj0QUE9rY3L3hKyktYTjXIL5lNgr8L4P7VgLZkIXpkDKmo+IbWvX7QpotGZM
oDpCWnRJo8doFb9mwG6WCNxMYqnT+ZArDFY7zIiNbyvxSDooPaPFr9WGuZy5Hu58
fJ3aTiofv/lbW4rD9DYXdw2Sp/SDBx6hjJFIykmjkmwjyIA/d68pg/TjbMxlakdo
GXYCYkZANCmmEMq7CaYL1VlkuLDPELUkvK9/1X+UWmxwCtLrPsn1ZrJ2drIzH5RB
UHLpbOpzcCc1qXphj9itk33Vfl5lxu+Kaq5+YD3gBZX/tNlw5qTmOpFCbwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOMnpJ6RrrOexO9rKMh+M3zFi23IMB8GA1UdIwQY
MBaAFMaiSaDqzYq8vqDYLvcQFtOG6O+UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHFKSm9Pck5pcnktb05ndTl4QVcwNGJvNzVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC8zMGYxODYtOTBlMi00Y2E2LTkxN2Ut
MjEwNTdkMjI4ZDA1LzEvNHlla25wR3VzNTdFNzJzb3lINHpmTVdMYmNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC8zMGYxODYtOTBlMi00Y2E2LTkxN2UtMjEwNTdkMjI4ZDA1
LzEveHFKSm9Pck5pcnktb05ndTl4QVcwNGJvNzVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDJZSAAwQD
XViYAwQCmFlUMA0GCSqGSIb3DQEBCwUAA4IBAQCCbzGc2SU/9hFX4bkgLuQYdnH4
sS/x2m0etM2FjFiketvEd7YQYBbELEyvlmzgSZOT1PhT4Sc6xvbHIM+9GCiREx9S
6cPnDSpGIqX7LT9YxmlOFUf4uvDhH59/l7P4bp/d9SZO2y5ua9m1wtGIAoPPt+Sg
Pd3LAz4JHvUHD3F/On6mVO2+nAejovcyLZNWZg06iVNHCtfZE9zqzxgP7J866eYx
s49F4dLfpPqZlptOa7P3hBZAeu0ewt8xkL1CDIPzsnWAzv+GJmCOQORM2pFy3EHc
+9VPQWaY+SE3Bz4i/7XpMFQFpJD/4XKh3ZL4/kSiUGRMfQ+sk7ESHCR74+NC
-----END CERTIFICATE-----
Generated at Wed Apr 16 08:06:59 2025 by rpki-client