Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/oZajW1lLxhxVoAbqxDfLUcPa9aI.roa
File: oZajW1lLxhxVoAbqxDfLUcPa9aI.roa (raw, json)
Hash identifier: ZdZzDBo1kROmZReXL/tYhQVU0SxUjrqVVjukmMn+HJI=
Subject key identifier: A1:96:A3:5B:59:4B:C6:1C:55:A0:06:EA:C4:37:CB:51:C3:DA:F5:A2
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 01842259A48536EC13B1C00913AAE38BF9CC
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/oZajW1lLxhxVoAbqxDfLUcPa9aI.roa
Signing time: Sat 29 Oct 2022 06:06:50 +0000
ROA not before: Sat 29 Oct 2022 06:06:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44208
IP address blocks: 94.74.190.0/24 maxlen: 24
109.203.160.0/19 maxlen: 24
37.49.144.0/22 maxlen: 24
94.74.128.0/18 maxlen: 24
94.74.136.0/24 maxlen: 24
31.170.48.0/20 maxlen: 24
185.34.160.0/22 maxlen: 24
94.74.165.0/24 maxlen: 24
94.74.168.0/23 maxlen: 24
94.74.166.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:22:59:a4:85:36:ec:13:b1:c0:09:13:aa:e3:8b:f9:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Oct 29 06:06:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a196a35b594bc61c55a006eac437cb51c3daf5a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:af:10:da:64:91:5f:af:dc:a1:5a:ab:37:61:
80:64:9d:64:04:a9:d8:4a:b4:66:19:94:8e:19:fe:
32:20:f6:7c:fc:e2:f9:5b:a1:5e:68:dd:9d:c5:12:
e3:b2:74:13:dd:9c:ea:e7:b6:52:3a:f4:c6:cf:a9:
45:d9:e7:7a:14:f3:2f:32:a0:08:3c:d1:51:e6:e4:
50:36:44:d0:24:ad:3f:aa:b4:c9:a6:0a:c6:3d:cd:
8a:39:e2:39:00:d4:95:d2:0b:fe:cb:39:a3:cd:a5:
ea:2c:eb:01:07:0c:35:5a:eb:44:a0:ff:f1:35:bc:
72:76:a6:16:64:35:5b:24:61:54:46:6a:4c:aa:76:
f6:26:3c:c5:3c:f8:a4:01:c2:21:20:2b:7e:ad:11:
54:01:7c:73:99:cf:1e:99:c2:55:7e:c5:40:ba:28:
78:d3:87:50:fc:56:73:dc:35:3e:41:81:aa:dc:50:
5d:5a:c7:fb:68:83:59:60:41:e7:86:c4:60:e6:31:
b7:65:cf:06:ed:e3:01:b7:a6:f4:1a:ff:0e:c0:d1:
f4:d5:25:38:63:4f:01:0c:2f:aa:c4:f9:b5:fe:02:
5e:5a:bc:39:fb:b4:0b:91:46:fa:7b:f3:24:72:22:
67:1a:0a:54:bd:63:84:61:8a:a0:f9:df:1c:c6:73:
4f:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:96:A3:5B:59:4B:C6:1C:55:A0:06:EA:C4:37:CB:51:C3:DA:F5:A2
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/oZajW1lLxhxVoAbqxDfLUcPa9aI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.170.48.0/20
37.49.144.0/22
94.74.128.0/18
109.203.160.0/19
185.34.160.0/22
Signature Algorithm: sha256WithRSAEncryption
56:8a:93:86:7f:59:86:13:c8:f3:37:54:e7:a2:a9:7b:b1:4d:
11:8e:aa:32:97:ac:9e:6b:c3:14:4b:d7:78:0e:07:a9:d3:99:
d5:82:84:df:41:f9:f3:d4:db:dd:cd:e0:26:df:0a:db:a8:cb:
ec:07:d4:af:77:82:1a:55:42:82:30:88:2b:93:4f:f7:63:31:
f7:65:c7:7e:9a:29:d1:c1:c6:ba:cb:e2:b5:16:fd:99:bf:df:
b5:4b:2d:41:84:7e:98:df:a0:ab:18:5a:93:e1:a4:85:a1:da:
97:55:37:3a:c6:20:89:70:5e:67:2d:38:0f:9b:11:24:de:75:
a1:68:b9:5e:56:28:55:23:b1:b6:16:66:70:50:a5:2b:2c:62:
69:2f:93:7b:d8:e6:78:87:84:99:e0:30:22:49:41:3e:c8:35:
5e:e5:58:5e:e0:30:4d:3a:05:3f:c1:86:af:5e:97:cc:63:7a:
25:f7:4b:9f:10:60:92:65:5f:23:d0:7a:8d:80:10:d0:c7:3d:
54:88:ec:f6:e2:77:20:6f:b5:3c:a7:58:f9:16:70:b9:8a:e4:
df:89:e2:1c:e8:0d:bd:d0:a8:4d:0a:ed:f0:65:a8:a2:29:43:
e4:59:e5:00:34:8a:bb:d2:84:1c:15:97:a6:72:cb:47:02:7a:
15:70:ce:94
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYQiWaSFNuwTscAJE6rji/nMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjIxMDI5MDYwNjUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTk2YTM1YjU5NGJjNjFjNTVhMDA2ZWFjNDM3Y2I1MWMzZGFmNWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr68Q2mSRX6/coVqrN2GAZJ1kBKnY
SrRmGZSOGf4yIPZ8/OL5W6FeaN2dxRLjsnQT3Zzq57ZSOvTGz6lF2ed6FPMvMqAI
PNFR5uRQNkTQJK0/qrTJpgrGPc2KOeI5ANSV0gv+yzmjzaXqLOsBBww1WutEoP/x
NbxydqYWZDVbJGFURmpMqnb2JjzFPPikAcIhICt+rRFUAXxzmc8emcJVfsVAuih4
04dQ/FZz3DU+QYGq3FBdWsf7aINZYEHnhsRg5jG3Zc8G7eMBt6b0Gv8OwNH01SU4
Y08BDC+qxPm1/gJeWrw5+7QLkUb6e/MkciJnGgpUvWOEYYqg+d8cxnNPuQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFKGWo1tZS8YcVaAG6sQ3y1HD2vWiMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvb1phalcxbEx4aHhWb0FicXhEZkxVY1BhOWFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQEH6owAwQC
JTGQAwQGXkqAAwQFbcugAwQCuSKgMA0GCSqGSIb3DQEBCwUAA4IBAQBWipOGf1mG
E8jzN1Tnoql7sU0Rjqoyl6yea8MUS9d4Dgep05nVgoTfQfnz1NvdzeAm3wrbqMvs
B9Svd4IaVUKCMIgrk0/3YzH3Zcd+minRwca6y+K1Fv2Zv9+1Sy1BhH6Y36CrGFqT
4aSFodqXVTc6xiCJcF5nLTgPmxEk3nWhaLleVihVI7G2FmZwUKUrLGJpL5N72OZ4
h4SZ4DAiSUE+yDVe5Vhe4DBNOgU/wYavXpfMY3ol90ufEGCSZV8j0HqNgBDQxz1U
iOz24ncgb7U8p1j5FnC5iuTfieIc6A290KhNCu3wZaiiKUPkWeUANIq70oQcFZem
cstHAnoVcM6U
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:39 2023 by rpki-client on console.sobornost.net