Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/K6DHU6FA6ewRipfXm6jTOqaiJ0I.roa
File: K6DHU6FA6ewRipfXm6jTOqaiJ0I.roa (raw, json)
Hash identifier: 6reGEBZPtufRFOX6hMehE/+Xo1GFejx5NiV1bWlrzJQ=
Subject key identifier: 2B:A0:C7:53:A1:40:E9:EC:11:8A:97:D7:9B:A8:D3:3A:A6:A2:27:42
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 018BFB0D1A42983B6A5C3115862979029C5C
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/K6DHU6FA6ewRipfXm6jTOqaiJ0I.roa
Signing time: Thu 23 Nov 2023 07:20:21 +0000
ROA not before: Thu 23 Nov 2023 07:20:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12679
IP address blocks: 109.203.164.0/22 maxlen: 24
109.203.160.0/22 maxlen: 24
37.49.144.0/24 maxlen: 24
37.49.146.0/24 maxlen: 24
37.49.151.0/24 maxlen: 24
37.49.150.0/24 maxlen: 24
37.49.149.0/24 maxlen: 24
37.49.148.0/24 maxlen: 24
94.74.173.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:fb:0d:1a:42:98:3b:6a:5c:31:15:86:29:79:02:9c:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Nov 23 07:20:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2ba0c753a140e9ec118a97d79ba8d33aa6a22742
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:4e:d4:0d:cf:58:c6:2b:04:25:f5:88:55:c0:
e7:c6:b8:50:04:a1:cd:56:7a:fd:5e:32:be:ae:bc:
fd:30:16:2a:e6:41:6f:de:a9:58:3e:79:d6:0b:23:
cb:d8:1b:d2:d5:9d:b3:c4:8b:91:b7:e2:88:6b:bb:
86:50:e3:49:75:ee:06:24:17:08:9c:2a:33:77:ee:
2b:33:40:f0:dc:e4:84:bb:78:3a:73:51:3e:54:9f:
88:da:b5:ba:0c:f9:c1:eb:8c:de:45:43:ef:ed:78:
d4:93:be:b7:4f:16:4c:52:59:ae:d6:f5:13:e2:33:
af:15:4c:4b:a4:3d:ab:61:ea:65:f3:72:8d:9e:3c:
19:52:b4:81:cc:5d:3c:fd:25:0e:4b:c1:7c:75:55:
a7:6c:92:34:f4:94:af:33:0b:43:79:57:56:01:c2:
5e:e2:a2:75:a7:b2:da:03:80:b0:24:5e:f8:56:99:
f2:73:b2:6a:c6:d0:47:33:40:11:fc:f6:9f:a9:35:
ca:29:0d:a1:b6:d8:1b:d2:ea:db:29:7d:68:00:68:
18:2e:b6:9f:54:4c:ca:78:e1:db:68:36:62:ba:c4:
70:40:74:72:9b:c7:d2:1f:4a:8f:c4:16:fb:0e:09:
0d:4a:54:78:7b:a4:c6:b0:30:a7:c3:cd:04:46:ec:
5c:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:A0:C7:53:A1:40:E9:EC:11:8A:97:D7:9B:A8:D3:3A:A6:A2:27:42
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/K6DHU6FA6ewRipfXm6jTOqaiJ0I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.49.144.0/24
37.49.146.0/24
37.49.148.0/22
94.74.173.0/24
109.203.160.0/21
Signature Algorithm: sha256WithRSAEncryption
52:b0:4b:be:94:7a:33:5a:5e:7f:a7:ea:8f:c7:bf:ff:04:d3:
fc:5f:cf:ad:5d:64:cd:47:42:1c:fe:52:02:d2:0d:d5:08:01:
24:07:12:fa:54:9f:29:07:e8:6c:4b:a5:18:d1:b0:87:ea:dc:
a5:da:b5:c9:18:b0:60:08:33:2d:57:36:cc:e8:2d:27:f2:66:
f1:3f:65:1b:80:12:8c:a4:c2:cc:5f:84:60:0c:c0:e9:23:8b:
ba:40:a5:48:65:da:0e:95:67:31:73:72:e6:13:ea:97:7b:56:
f1:e6:83:d8:f8:0d:ee:86:d5:9a:c8:6f:9e:50:48:6b:9d:32:
4d:5d:a4:2f:e5:a0:a9:07:33:19:42:87:42:94:4c:5c:46:5e:
b1:82:b7:10:c7:e4:6f:c6:b5:c1:a1:fe:04:08:37:19:9c:ad:
b3:85:63:9d:39:25:be:8f:f1:a8:18:31:a9:a5:ac:86:b7:53:
c7:4e:29:8a:dd:4b:3e:d4:da:1a:bb:75:be:ca:d9:24:3e:57:
d8:78:2f:56:b1:30:93:11:11:43:00:29:9a:28:9f:2e:d5:2d:
8f:50:24:29:39:44:39:da:11:11:36:15:ca:74:3f:b6:61:3f:
79:bc:74:ec:59:79:27:66:6e:63:58:7b:d9:7f:4b:31:84:b9:
f3:b8:c5:0a
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYv7DRpCmDtqXDEVhil5ApxcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjMxMTIzMDcyMDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmEwYzc1M2ExNDBlOWVjMTE4YTk3ZDc5YmE4ZDMzYWE2YTIyNzQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjE7UDc9YxisEJfWIVcDnxrhQBKHN
Vnr9XjK+rrz9MBYq5kFv3qlYPnnWCyPL2BvS1Z2zxIuRt+KIa7uGUONJde4GJBcI
nCozd+4rM0Dw3OSEu3g6c1E+VJ+I2rW6DPnB64zeRUPv7XjUk763TxZMUlmu1vUT
4jOvFUxLpD2rYepl83KNnjwZUrSBzF08/SUOS8F8dVWnbJI09JSvMwtDeVdWAcJe
4qJ1p7LaA4CwJF74Vpnyc7JqxtBHM0AR/PafqTXKKQ2httgb0urbKX1oAGgYLraf
VEzKeOHbaDZiusRwQHRym8fSH0qPxBb7DgkNSlR4e6TGsDCnw80ERuxcUwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFCugx1OhQOnsEYqX15uo0zqmoidCMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvSzZESFU2RkE2ZXdSaXBmWG02alRPcWFpSjBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAJTGQAwQA
JTGSAwQCJTGUAwQAXkqtAwQDbcugMA0GCSqGSIb3DQEBCwUAA4IBAQBSsEu+lHoz
Wl5/p+qPx7//BNP8X8+tXWTNR0Ic/lIC0g3VCAEkBxL6VJ8pB+hsS6UY0bCH6tyl
2rXJGLBgCDMtVzbM6C0n8mbxP2UbgBKMpMLMX4RgDMDpI4u6QKVIZdoOlWcxc3Lm
E+qXe1bx5oPY+A3uhtWayG+eUEhrnTJNXaQv5aCpBzMZQodClExcRl6xgrcQx+Rv
xrXBof4ECDcZnK2zhWOdOSW+j/GoGDGppayGt1PHTimK3Us+1Noau3W+ytkkPlfY
eC9WsTCTERFDACmaKJ8u1S2PUCQpOUQ52hERNhXKdD+2YT95vHTsWXknZm5jWHvZ
f0sxhLnzuMUK
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:04:39 2025 by rpki-client