Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/H7n4fs8A-KnYIzz0exb7FO5dwJI.roa
File: H7n4fs8A-KnYIzz0exb7FO5dwJI.roa (raw, json)
Hash identifier: l7vMSu8x1qkYiORpk9Qx6UuA5SfgHkwcYdq9bENVQqk=
Subject key identifier: 1F:B9:F8:7E:CF:00:F8:A9:D8:23:3C:F4:7B:16:FB:14:EE:5D:C0:92
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 018B964CCA283E5A8D3CB1C7F3A973923E9D
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/H7n4fs8A-KnYIzz0exb7FO5dwJI.roa
Signing time: Fri 03 Nov 2023 17:48:16 +0000
ROA not before: Fri 03 Nov 2023 17:48:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12679
IP address blocks: 176.46.140.0/24 maxlen: 24
176.46.143.0/24 maxlen: 24
176.46.132.0/24 maxlen: 24
94.74.191.0/24 maxlen: 24
94.74.187.0/24 maxlen: 24
109.203.164.0/22 maxlen: 24
109.203.160.0/22 maxlen: 24
37.49.144.0/24 maxlen: 24
37.49.146.0/24 maxlen: 24
37.49.151.0/24 maxlen: 24
37.49.150.0/24 maxlen: 24
37.49.149.0/24 maxlen: 24
37.49.148.0/24 maxlen: 24
94.74.137.0/24 maxlen: 24
94.74.173.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:96:4c:ca:28:3e:5a:8d:3c:b1:c7:f3:a9:73:92:3e:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Nov 3 17:48:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1fb9f87ecf00f8a9d8233cf47b16fb14ee5dc092
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:67:7c:1d:78:c2:23:d1:06:34:26:80:ff:12:
1c:e4:fe:00:09:83:4e:ba:54:40:c5:0e:5c:eb:34:
36:d6:a4:d6:f8:6c:1a:71:b2:32:1c:b2:f4:11:68:
6d:57:9b:14:94:78:1f:27:93:db:60:9f:9a:4d:d5:
46:a3:a7:82:4a:a6:c7:9f:98:d2:56:e9:af:43:e9:
ef:93:97:b6:25:78:2d:3e:44:74:b2:a3:e8:53:ee:
b1:ec:df:f0:c5:8c:ee:ff:0c:99:17:98:d2:12:1d:
b6:11:3f:9b:6a:e9:94:0e:0d:21:11:f4:11:5e:00:
4e:ff:8c:77:d9:90:36:88:b5:d4:fd:c7:27:46:1d:
db:20:9e:70:c8:35:4f:19:75:84:9a:7d:ff:22:ad:
85:58:83:39:dc:70:9d:41:97:ea:9e:5e:22:65:cb:
2d:54:2e:33:ef:71:4e:43:06:7b:45:0d:6f:f8:8c:
26:3b:fa:1f:74:75:58:4b:52:e6:78:a5:90:d8:40:
2f:4d:dd:ed:fa:b5:c9:50:5b:b2:65:ab:2e:e7:47:
d9:12:44:69:eb:f8:e0:a4:bb:50:f8:ab:06:af:68:
58:be:6b:28:72:a8:74:a9:74:c8:0d:97:98:9e:9d:
7d:05:18:20:52:e3:6d:7f:32:dc:5a:1d:df:1d:77:
b2:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:B9:F8:7E:CF:00:F8:A9:D8:23:3C:F4:7B:16:FB:14:EE:5D:C0:92
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/H7n4fs8A-KnYIzz0exb7FO5dwJI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.49.144.0/24
37.49.146.0/24
37.49.148.0/22
94.74.137.0/24
94.74.173.0/24
94.74.187.0/24
94.74.191.0/24
109.203.160.0/21
176.46.132.0/24
176.46.140.0/24
176.46.143.0/24
Signature Algorithm: sha256WithRSAEncryption
45:94:48:43:92:68:c7:22:68:b3:62:4f:9e:83:1e:83:be:e7:
36:d6:63:6b:43:07:a7:da:c8:7a:04:2c:4f:2b:85:b1:90:3f:
8d:94:18:2e:d6:d0:ff:7a:1f:8f:7f:85:f1:38:33:5f:46:35:
34:d1:aa:dc:fd:7a:d0:b6:1e:6a:43:52:2d:10:58:f4:4b:3a:
0b:91:45:b5:b5:82:7c:f2:a8:ba:a8:f3:65:94:db:23:ba:c7:
63:1d:81:e2:16:86:c9:69:71:2b:ed:ac:79:1f:42:1a:a8:d6:
be:e2:b0:ce:a5:cc:6c:3a:ec:d2:2a:5d:74:5b:c5:50:84:ed:
d8:51:31:0a:bc:70:9e:1d:a4:be:8f:01:bb:16:cb:4d:2f:47:
0c:dd:6e:35:e5:92:1c:04:8c:ea:09:37:79:1f:da:97:6e:eb:
01:ed:df:15:ad:b1:b2:2a:d4:af:b2:8f:6e:48:6a:61:66:20:
3a:e1:b7:7c:20:a5:12:85:c0:8a:9e:4d:38:c5:41:e1:81:1c:
40:81:ff:f6:fc:11:ea:32:1c:d8:12:7a:5a:ca:dc:44:72:1c:
27:6e:92:3e:69:ad:e2:de:85:48:6b:b6:e1:0f:ba:7d:c2:a4:
a5:ec:ae:5d:55:ac:ca:a2:ed:68:1c:ab:c9:df:3d:76:ab:31:
06:75:e6:ba
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYuWTMooPlqNPLHH86lzkj6dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjMxMTAzMTc0ODE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZmI5Zjg3ZWNmMDBmOGE5ZDgyMzNjZjQ3YjE2ZmIxNGVlNWRjMDkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi2d8HXjCI9EGNCaA/xIc5P4ACYNO
ulRAxQ5c6zQ21qTW+GwacbIyHLL0EWhtV5sUlHgfJ5PbYJ+aTdVGo6eCSqbHn5jS
VumvQ+nvk5e2JXgtPkR0sqPoU+6x7N/wxYzu/wyZF5jSEh22ET+baumUDg0hEfQR
XgBO/4x32ZA2iLXU/ccnRh3bIJ5wyDVPGXWEmn3/Iq2FWIM53HCdQZfqnl4iZcst
VC4z73FOQwZ7RQ1v+IwmO/ofdHVYS1LmeKWQ2EAvTd3t+rXJUFuyZasu50fZEkRp
6/jgpLtQ+KsGr2hYvmsocqh0qXTIDZeYnp19BRggUuNtfzLcWh3fHXeyrQIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFB+5+H7PAPip2CM89HsW+xTuXcCSMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvSDduNGZzOEEtS25ZSXp6MGV4YjdGTzVkd0pJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQAJTGQAwQA
JTGSAwQCJTGUAwQAXkqJAwQAXkqtAwQAXkq7AwQAXkq/AwQDbcugAwQAsC6EAwQA
sC6MAwQAsC6PMA0GCSqGSIb3DQEBCwUAA4IBAQBFlEhDkmjHImizYk+egx6Dvuc2
1mNrQwen2sh6BCxPK4WxkD+NlBgu1tD/eh+Pf4XxODNfRjU00arc/XrQth5qQ1It
EFj0SzoLkUW1tYJ88qi6qPNllNsjusdjHYHiFobJaXEr7ax5H0IaqNa+4rDOpcxs
OuzSKl10W8VQhO3YUTEKvHCeHaS+jwG7FstNL0cM3W415ZIcBIzqCTd5H9qXbusB
7d8VrbGyKtSvso9uSGphZiA64bd8IKUShcCKnk04xUHhgRxAgf/2/BHqMhzYEnpa
ytxEchwnbpI+aa3i3oVIa7bhD7p9wqSl7K5dVazKou1oHKvJ3z12qzEGdea6
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:11:03 2025 by rpki-client