Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/17C0IpEunjNjjKUz-NqvWjKcbBY.roa
File: 17C0IpEunjNjjKUz-NqvWjKcbBY.roa (raw, json)
Hash identifier: Ou8BwdYusQTVI6tX6USWkmDg2rsEEeY/Kmzt6+80JqU=
Subject key identifier: D7:B0:B4:22:91:2E:9E:33:63:8C:A5:33:F8:DA:AF:5A:32:9C:6C:16
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 018BB716F7057B622915D121B7601E4A21B0
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/17C0IpEunjNjjKUz-NqvWjKcbBY.roa
Signing time: Fri 10 Nov 2023 02:36:57 +0000
ROA not before: Fri 10 Nov 2023 02:36:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12679
IP address blocks: 176.46.140.0/24 maxlen: 24
176.46.132.0/24 maxlen: 24
94.74.191.0/24 maxlen: 24
94.74.187.0/24 maxlen: 24
109.203.164.0/22 maxlen: 24
109.203.160.0/22 maxlen: 24
37.49.144.0/24 maxlen: 24
37.49.146.0/24 maxlen: 24
37.49.151.0/24 maxlen: 24
37.49.150.0/24 maxlen: 24
37.49.149.0/24 maxlen: 24
37.49.148.0/24 maxlen: 24
94.74.137.0/24 maxlen: 24
94.74.173.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:b7:16:f7:05:7b:62:29:15:d1:21:b7:60:1e:4a:21:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Nov 10 02:36:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d7b0b422912e9e33638ca533f8daaf5a329c6c16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:fc:9f:fa:1a:8d:78:6d:fd:9c:de:ca:54:2d:
7a:a3:95:bb:16:19:0f:b7:95:95:47:53:cb:4e:f1:
7f:7d:91:e2:6b:fb:19:68:06:0e:1f:56:bc:a3:a8:
25:41:27:61:c0:ba:c7:00:6a:6b:5e:3d:58:46:3e:
78:3b:b8:64:58:4f:26:1f:d6:4b:92:9e:c5:8c:4c:
4c:59:96:25:79:e3:fc:55:f1:9d:d9:3a:6c:63:a8:
93:03:af:ff:6f:7c:ab:ae:6c:59:9f:18:23:79:1b:
83:e3:38:e7:ee:f2:e2:55:5b:41:14:5c:6b:c3:39:
96:41:06:31:b6:24:30:be:cd:52:c7:c1:55:74:13:
ff:6d:df:25:4a:19:de:4a:1f:64:3e:2e:a9:fb:05:
31:54:e3:3f:e6:36:6b:c4:b7:91:32:aa:f5:a5:42:
da:b2:fe:bd:23:cf:5f:dd:2b:10:fb:0b:0a:98:d8:
82:f8:94:1b:ee:1a:52:ef:46:a1:12:f1:c7:a3:0b:
97:db:b8:47:3f:9b:6f:25:d3:ca:d2:cf:4c:7d:8d:
ac:b3:97:84:fe:23:e5:aa:29:01:27:cc:db:4f:d1:
c2:24:59:28:76:40:07:f6:87:11:42:ab:da:48:47:
0c:82:b1:81:4b:c1:e2:2b:69:ad:cb:8d:9d:81:0b:
ad:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:B0:B4:22:91:2E:9E:33:63:8C:A5:33:F8:DA:AF:5A:32:9C:6C:16
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/17C0IpEunjNjjKUz-NqvWjKcbBY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.49.144.0/24
37.49.146.0/24
37.49.148.0/22
94.74.137.0/24
94.74.173.0/24
94.74.187.0/24
94.74.191.0/24
109.203.160.0/21
176.46.132.0/24
176.46.140.0/24
Signature Algorithm: sha256WithRSAEncryption
75:0d:36:4a:5c:b5:28:54:bc:21:65:bb:de:c6:01:61:33:c1:
a1:72:26:97:00:06:67:99:26:66:88:61:e9:11:c0:3e:c4:28:
e7:4d:bc:f9:dd:42:e2:67:d9:a7:89:6c:ab:cb:ce:5d:f2:92:
47:3f:2e:9a:f9:29:54:a1:1d:b9:d1:ba:6f:5d:66:32:48:16:
a7:65:77:c1:89:25:16:59:a6:0e:8f:ef:68:63:6a:04:0e:47:
3d:fc:2e:9f:71:6d:71:b4:1e:4f:f0:f5:1a:9e:b6:56:a4:05:
63:bc:e8:58:27:e4:88:90:0a:44:6b:1a:d4:ad:54:3e:a1:a2:
f6:7d:76:16:f9:8a:ef:bf:e1:0e:62:72:d0:b0:0b:68:e6:37:
e2:79:81:cb:37:d1:cc:b9:bd:15:4f:ef:36:f6:35:67:49:bc:
aa:c4:e5:dc:b4:5c:1b:21:cb:18:b3:9d:4c:58:d4:d2:63:61:
f9:34:d1:37:47:44:6f:9f:dd:b9:11:9d:54:96:b1:97:c6:6a:
d6:9b:e7:8d:c2:f8:2d:48:c4:c8:eb:7e:89:9d:6e:c9:b6:02:
cb:6c:19:b9:b2:37:d4:48:fd:40:c2:8c:5c:2a:b2:c1:bd:fa:
54:12:58:33:9d:e0:5f:6b:19:db:d4:aa:fb:b0:c9:5e:e3:e4:
73:46:1f:58
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYu3FvcFe2IpFdEht2AeSiGwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjMxMTEwMDIzNjU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkN2IwYjQyMjkxMmU5ZTMzNjM4Y2E1MzNmOGRhYWY1YTMyOWM2YzE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsvyf+hqNeG39nN7KVC16o5W7FhkP
t5WVR1PLTvF/fZHia/sZaAYOH1a8o6glQSdhwLrHAGprXj1YRj54O7hkWE8mH9ZL
kp7FjExMWZYleeP8VfGd2TpsY6iTA6//b3yrrmxZnxgjeRuD4zjn7vLiVVtBFFxr
wzmWQQYxtiQwvs1Sx8FVdBP/bd8lShneSh9kPi6p+wUxVOM/5jZrxLeRMqr1pULa
sv69I89f3SsQ+wsKmNiC+JQb7hpS70ahEvHHowuX27hHP5tvJdPK0s9MfY2ss5eE
/iPlqikBJ8zbT9HCJFkodkAH9ocRQqvaSEcMgrGBS8HiK2mty42dgQuttwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFNewtCKRLp4zY4ylM/jar1oynGwWMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvMTdDMElwRXVuak5qaktVei1OcXZXaktjYkJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAJTGQAwQA
JTGSAwQCJTGUAwQAXkqJAwQAXkqtAwQAXkq7AwQAXkq/AwQDbcugAwQAsC6EAwQA
sC6MMA0GCSqGSIb3DQEBCwUAA4IBAQB1DTZKXLUoVLwhZbvexgFhM8GhciaXAAZn
mSZmiGHpEcA+xCjnTbz53ULiZ9mniWyry85d8pJHPy6a+SlUoR250bpvXWYySBan
ZXfBiSUWWaYOj+9oY2oEDkc9/C6fcW1xtB5P8PUanrZWpAVjvOhYJ+SIkApEaxrU
rVQ+oaL2fXYW+Yrvv+EOYnLQsAto5jfieYHLN9HMub0VT+829jVnSbyqxOXctFwb
IcsYs51MWNTSY2H5NNE3R0Rvn925EZ1UlrGXxmrWm+eNwvgtSMTI636JnW7JtgLL
bBm5sjfUSP1AwoxcKrLBvfpUElgzneBfaxnb1Kr7sMle4+RzRh9Y
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:58:37 2025 by rpki-client