Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/B97y9n4Yp5dwdxFnJZfGmFBqvgg.roa
File: B97y9n4Yp5dwdxFnJZfGmFBqvgg.roa (raw, json)
Hash identifier: ITIV28T5que6Tj6I7ASrtruapii3I5SPLonPTxsHZkM=
Subject key identifier: 07:DE:F2:F6:7E:18:A7:97:70:77:11:67:25:97:C6:98:50:6A:BE:08
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 018987B0A1966F8CAD4A069B956B73B197D9
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/B97y9n4Yp5dwdxFnJZfGmFBqvgg.roa
Signing time: Mon 24 Jul 2023 11:37:27 +0000
ROA not before: Mon 24 Jul 2023 11:37:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9009
IP address blocks: 94.74.187.0/24 maxlen: 24
176.46.140.0/24 maxlen: 24
176.46.143.0/24 maxlen: 24
176.46.144.0/20 maxlen: 24
109.203.166.0/24 maxlen: 24
37.49.144.0/24 maxlen: 24
94.74.164.0/24 maxlen: 24
31.170.55.0/24 maxlen: 24
94.74.171.0/24 maxlen: 24
176.46.128.0/24 maxlen: 24
176.46.131.0/24 maxlen: 24
176.46.132.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:87:b0:a1:96:6f:8c:ad:4a:06:9b:95:6b:73:b1:97:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Jul 24 11:37:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=07def2f67e18a797707711672597c698506abe08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:6f:c3:69:dc:05:1b:98:29:e4:a9:b7:fb:97:
06:e6:26:18:19:27:79:fc:bc:41:0a:84:62:17:21:
38:39:60:0d:c1:ca:75:b4:47:df:c8:13:05:21:a2:
55:c1:ff:22:bd:8f:74:00:37:ee:22:ba:4d:12:b8:
38:3a:55:10:d4:5e:ce:ac:d6:5a:ea:d3:52:e9:ec:
e4:24:f7:df:68:6e:da:f6:de:42:e2:06:3c:f3:ac:
93:81:3e:f7:83:cd:2e:a7:a4:25:c9:05:8b:0c:7d:
cd:1b:db:14:27:09:9e:9b:31:f8:d7:8b:b6:0c:b6:
d7:5b:12:cb:7a:fc:4a:b9:e3:43:1c:88:80:17:f3:
88:dd:b4:aa:08:55:70:74:85:54:c3:06:e5:f1:46:
c8:22:ec:3b:5d:42:b3:d6:b9:54:f7:c3:ea:1a:3e:
4e:6c:3b:73:8b:12:b2:99:69:96:18:93:22:70:5d:
d8:57:47:96:1b:37:44:c1:91:f3:3f:08:e5:43:ad:
54:4a:73:90:95:30:52:7b:4e:88:0f:73:59:30:f3:
e5:ed:b4:d5:35:f6:f9:f4:0c:ad:13:ae:47:9b:1d:
e8:ba:c5:88:e0:b5:b0:20:4c:05:9a:cd:76:e0:12:
62:83:6b:0e:46:ce:49:c7:44:03:af:75:4d:cc:66:
b9:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:DE:F2:F6:7E:18:A7:97:70:77:11:67:25:97:C6:98:50:6A:BE:08
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/B97y9n4Yp5dwdxFnJZfGmFBqvgg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.170.55.0/24
37.49.144.0/24
94.74.164.0/24
94.74.171.0/24
94.74.187.0/24
109.203.166.0/24
176.46.128.0/24
176.46.131.0-176.46.132.255
176.46.140.0/24
176.46.143.0-176.46.159.255
Signature Algorithm: sha256WithRSAEncryption
71:0e:81:82:dc:85:f8:0f:c4:c7:83:cb:8d:cd:7b:c7:09:ef:
d3:38:69:f5:bc:8e:ab:35:77:8e:a4:a7:ee:b3:27:ae:2a:31:
42:ce:f9:11:a2:4b:b7:39:16:7d:12:37:8e:2a:5c:6d:fd:72:
10:41:d8:71:7c:da:15:f3:2b:e3:d4:ed:ce:c2:9c:f8:7f:b9:
1c:0d:de:cc:0f:88:c4:ac:98:7f:b9:dd:2b:f6:67:39:da:7b:
d3:bb:f8:a6:14:3d:be:a1:6c:05:2d:84:a4:9f:04:19:7a:4a:
7a:5d:1f:52:07:9b:52:81:dd:38:a5:99:55:04:f3:28:b0:55:
b9:4c:75:3e:15:6b:44:74:41:2c:2b:fe:19:a2:c7:b9:59:a0:
19:1e:44:5c:15:7b:86:49:37:c2:a5:8b:af:fd:04:f2:6e:a6:
90:f5:2d:6c:1e:80:c4:31:4b:0e:de:fa:4c:00:f2:c3:54:3c:
a2:14:07:c1:2d:07:7e:75:e1:db:07:b5:72:51:14:d6:5d:1b:
57:b1:ca:62:f3:93:04:2e:24:25:a4:0c:3d:3b:37:b1:55:78:
c6:f0:f0:81:72:db:0c:0c:ca:95:d3:dc:67:fd:33:6e:fe:3a:
6b:19:1b:03:59:aa:ff:45:3a:97:1f:ef:e6:e4:c4:d3:ed:6b:
b6:90:1e:73
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAYmHsKGWb4ytSgablWtzsZfZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjMwNzI0MTEzNzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwN2RlZjJmNjdlMThhNzk3NzA3NzExNjcyNTk3YzY5ODUwNmFiZTA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj2/DadwFG5gp5Km3+5cG5iYYGSd5
/LxBCoRiFyE4OWANwcp1tEffyBMFIaJVwf8ivY90ADfuIrpNErg4OlUQ1F7OrNZa
6tNS6ezkJPffaG7a9t5C4gY886yTgT73g80up6QlyQWLDH3NG9sUJwmemzH414u2
DLbXWxLLevxKueNDHIiAF/OI3bSqCFVwdIVUwwbl8UbIIuw7XUKz1rlU98PqGj5O
bDtzixKymWmWGJMicF3YV0eWGzdEwZHzPwjlQ61USnOQlTBSe06ID3NZMPPl7bTV
Nfb59AytE65Hmx3ousWI4LWwIEwFms124BJig2sORs5Jx0QDr3VNzGa5pQIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFAfe8vZ+GKeXcHcRZyWXxphQar4IMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvQjk3eTluNFlwNWR3ZHhGbkpaZkdtRkJxdmdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAATBMAwQAH6o3AwQA
JTGQAwQAXkqkAwQAXkqrAwQAXkq7AwQAbcumAwQAsC6AMAwDBACwLoMDBACwLoQD
BACwLowwDAMEALAujwMEBbAugDANBgkqhkiG9w0BAQsFAAOCAQEAcQ6BgtyF+A/E
x4PLjc17xwnv0zhp9byOqzV3jqSn7rMnrioxQs75EaJLtzkWfRI3jipcbf1yEEHY
cXzaFfMr49TtzsKc+H+5HA3ezA+IxKyYf7ndK/ZnOdp707v4phQ9vqFsBS2EpJ8E
GXpKel0fUgebUoHdOKWZVQTzKLBVuUx1PhVrRHRBLCv+GaLHuVmgGR5EXBV7hkk3
wqWLr/0E8m6mkPUtbB6AxDFLDt76TADyw1Q8ohQHwS0HfnXh2we1clEU1l0bV7HK
YvOTBC4kJaQMPTs3sVV4xvDwgXLbDAzKldPcZ/0zbv46axkbA1mq/0U6lx/v5uTE
0+1rtpAecw==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:05:33 2025 by rpki-client