Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/Pz9GpeFPjSTKTrM3PWXjysBFexc.roa
File: Pz9GpeFPjSTKTrM3PWXjysBFexc.roa (raw, json)
Hash identifier: eDTgKt4xXYBIPQCSwgswBPBXM1OgCk+JJOolL09qaUo=
Subject key identifier: 3F:3F:46:A5:E1:4F:8D:24:CA:4E:B3:37:3D:65:E3:CA:C0:45:7B:17
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 018B1D778C63DD26A3E55ECE526F648BB738
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/Pz9GpeFPjSTKTrM3PWXjysBFexc.roa
Signing time: Wed 11 Oct 2023 06:40:55 +0000
ROA not before: Wed 11 Oct 2023 06:40:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12679
IP address blocks: 176.46.140.0/24 maxlen: 24
176.46.143.0/24 maxlen: 24
176.46.132.0/24 maxlen: 24
176.46.131.0/24 maxlen: 24
176.46.128.0/24 maxlen: 24
94.74.191.0/24 maxlen: 24
94.74.187.0/24 maxlen: 24
109.203.164.0/22 maxlen: 24
109.203.160.0/22 maxlen: 24
37.49.144.0/24 maxlen: 24
37.49.146.0/24 maxlen: 24
37.49.151.0/24 maxlen: 24
37.49.150.0/24 maxlen: 24
37.49.149.0/24 maxlen: 24
37.49.148.0/24 maxlen: 24
94.74.137.0/24 maxlen: 24
94.74.173.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:1d:77:8c:63:dd:26:a3:e5:5e:ce:52:6f:64:8b:b7:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Oct 11 06:40:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3f3f46a5e14f8d24ca4eb3373d65e3cac0457b17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:bc:f2:55:ea:ac:c8:70:49:b7:81:f2:c7:ae:
ce:6a:45:be:11:b5:1d:d3:fd:8b:d2:9b:68:12:4c:
b7:37:35:0f:d1:16:80:48:aa:af:bc:ef:77:1c:a8:
cc:1f:bd:72:a0:65:f5:9d:21:da:0b:10:d1:0b:52:
5a:ea:18:04:45:af:67:27:0d:21:1d:e3:37:02:be:
eb:cc:10:c7:9c:d4:8f:0f:d5:dd:96:1b:72:0a:2a:
cf:12:d5:a2:d3:82:2a:46:c5:91:4d:78:c5:f1:3a:
ae:fb:6b:b9:f6:97:8f:31:b0:14:81:68:29:9d:fe:
cc:53:29:ea:43:3b:ed:a0:ff:fc:5e:9a:b5:05:ba:
81:57:c5:6a:9a:f8:29:5a:81:6d:51:a7:c6:c9:77:
f9:64:83:f1:f3:d4:39:80:55:0d:86:9d:51:39:8c:
78:e2:b7:5b:94:ec:13:b9:18:30:86:a1:71:d0:8e:
14:e2:5b:ce:56:50:d7:cf:ba:a6:15:28:86:d6:7b:
0a:34:56:aa:fb:84:45:34:95:7a:b1:63:ae:00:70:
5b:d0:72:85:05:0b:61:60:0c:d1:49:be:a7:1f:9c:
bc:57:0f:d3:a1:2d:e9:38:c9:72:70:8d:7e:f8:c3:
96:55:f4:d3:6c:8b:57:26:35:f9:3e:e6:80:c3:a6:
fc:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:3F:46:A5:E1:4F:8D:24:CA:4E:B3:37:3D:65:E3:CA:C0:45:7B:17
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/Pz9GpeFPjSTKTrM3PWXjysBFexc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.49.144.0/24
37.49.146.0/24
37.49.148.0/22
94.74.137.0/24
94.74.173.0/24
94.74.187.0/24
94.74.191.0/24
109.203.160.0/21
176.46.128.0/24
176.46.131.0-176.46.132.255
176.46.140.0/24
176.46.143.0/24
Signature Algorithm: sha256WithRSAEncryption
49:d1:e1:16:ba:af:b1:0d:88:03:46:15:02:da:b6:25:31:db:
a6:b0:a8:75:bf:85:8d:9d:a2:66:7c:8b:d2:79:c9:2a:a1:06:
0a:91:4c:98:4d:c1:0c:25:c6:7e:f4:96:95:0c:0b:b2:9d:b2:
89:b5:e0:b8:e2:c4:45:56:b1:a6:42:12:48:cd:49:f2:b4:b2:
1e:65:52:cf:9f:37:13:58:b1:c9:89:de:7c:fc:29:b2:84:bc:
0b:fe:b2:95:3e:dc:6f:d0:62:62:29:0d:7c:6e:00:92:b8:c7:
fb:da:23:a4:74:93:91:18:72:c6:69:ad:42:98:5b:55:66:5c:
d1:42:5a:4b:e9:13:ed:34:17:27:59:73:0b:3f:78:46:e8:49:
cb:43:c5:ce:d4:ba:39:9c:8a:f8:43:0a:0c:cf:96:6b:f5:c8:
0a:e5:e2:27:38:96:92:fb:31:b6:38:4b:33:99:3c:47:03:5d:
62:70:3d:fe:50:a7:5b:30:cc:1d:22:d9:bd:39:fd:e1:ba:89:
43:f1:57:04:e4:51:16:6e:54:8c:5b:8f:4c:8f:9d:17:7d:90:
39:44:9d:04:1f:0b:ff:c5:21:1d:7e:de:d0:c7:04:ca:12:42:
87:57:86:52:af:e1:7d:10:a7:cc:81:13:b0:c5:8a:4a:16:ec:
f5:c6:c3:a0
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAYsdd4xj3Saj5V7OUm9ki7c4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjMxMDExMDY0MDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjNmNDZhNWUxNGY4ZDI0Y2E0ZWIzMzczZDY1ZTNjYWMwNDU3YjE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4LzyVeqsyHBJt4Hyx67OakW+EbUd
0/2L0ptoEky3NzUP0RaASKqvvO93HKjMH71yoGX1nSHaCxDRC1Ja6hgERa9nJw0h
HeM3Ar7rzBDHnNSPD9XdlhtyCirPEtWi04IqRsWRTXjF8Tqu+2u59pePMbAUgWgp
nf7MUynqQzvtoP/8Xpq1BbqBV8VqmvgpWoFtUafGyXf5ZIPx89Q5gFUNhp1ROYx4
4rdblOwTuRgwhqFx0I4U4lvOVlDXz7qmFSiG1nsKNFaq+4RFNJV6sWOuAHBb0HKF
BQthYAzRSb6nH5y8Vw/ToS3pOMlycI1++MOWVfTTbItXJjX5PuaAw6b8swIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFD8/RqXhT40kyk6zNz1l48rARXsXMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvUHo5R3BlRlBqU1RLVHJNM1BXWGp5c0JGZXhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDBWBAIAATBQAwQAJTGQAwQA
JTGSAwQCJTGUAwQAXkqJAwQAXkqtAwQAXkq7AwQAXkq/AwQDbcugAwQAsC6AMAwD
BACwLoMDBACwLoQDBACwLowDBACwLo8wDQYJKoZIhvcNAQELBQADggEBAEnR4Ra6
r7ENiANGFQLatiUx26awqHW/hY2domZ8i9J5ySqhBgqRTJhNwQwlxn70lpUMC7Kd
som14LjixEVWsaZCEkjNSfK0sh5lUs+fNxNYscmJ3nz8KbKEvAv+spU+3G/QYmIp
DXxuAJK4x/vaI6R0k5EYcsZprUKYW1VmXNFCWkvpE+00FydZcws/eEboSctDxc7U
ujmcivhDCgzPlmv1yArl4ic4lpL7MbY4SzOZPEcDXWJwPf5Qp1swzB0i2b05/eG6
iUPxVwTkURZuVIxbj0yPnRd9kDlEnQQfC//FIR1+3tDHBMoSQodXhlKv4X0Qp8yB
E7DFikoW7PXGw6A=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:01:53 2025 by rpki-client