Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/YaJVWE2TPnaR10L9wSSe_u588Pw.roa
File: YaJVWE2TPnaR10L9wSSe_u588Pw.roa (raw, json)
Hash identifier: yYFoIRW/h2s/23XIhbTGstu7X3klbmRnBIqQeQ6aP6I=
Subject key identifier: 61:A2:55:58:4D:93:3E:76:91:D7:42:FD:C1:24:9E:FE:EE:7C:F0:FC
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 018BBA098558C9D980463908AE972CCD3386
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/YaJVWE2TPnaR10L9wSSe_u588Pw.roa
Signing time: Fri 10 Nov 2023 16:21:07 +0000
ROA not before: Fri 10 Nov 2023 16:21:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9009
IP address blocks: 176.46.144.0/23 maxlen: 23
176.46.144.0/24 maxlen: 24
176.46.145.0/24 maxlen: 24
176.46.147.0/24 maxlen: 24
176.46.152.0/24 maxlen: 24
109.203.162.0/24 maxlen: 24
109.203.163.0/24 maxlen: 24
109.203.164.0/24 maxlen: 24
109.203.165.0/24 maxlen: 24
109.203.166.0/24 maxlen: 24
109.203.167.0/24 maxlen: 24
31.170.55.0/24 maxlen: 24
94.74.191.0/24 maxlen: 24
94.74.187.0/24 maxlen: 24
37.49.144.0/24 maxlen: 24
37.49.146.0/24 maxlen: 24
37.49.148.0/24 maxlen: 24
37.49.149.0/24 maxlen: 24
37.49.150.0/24 maxlen: 24
37.49.151.0/24 maxlen: 24
94.74.137.0/24 maxlen: 24
94.74.147.0/24 maxlen: 24
94.74.158.0/24 maxlen: 24
94.74.159.0/24 maxlen: 24
94.74.164.0/24 maxlen: 24
94.74.168.0/24 maxlen: 24
94.74.169.0/24 maxlen: 24
94.74.171.0/24 maxlen: 24
94.74.173.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ba:09:85:58:c9:d9:80:46:39:08:ae:97:2c:cd:33:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Nov 10 16:21:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=61a255584d933e7691d742fdc1249efeee7cf0fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:32:1e:35:19:b0:bb:6b:89:fe:01:d9:cb:42:
50:3b:aa:58:53:d1:4f:5f:0c:4a:cb:be:a6:ca:85:
a1:db:a5:9d:40:c1:2a:c8:da:9f:b5:8b:0d:ef:ed:
a8:c1:60:3e:0f:83:69:15:51:8a:74:f1:91:fe:fc:
8d:99:9f:d2:33:f2:27:dd:9e:98:47:d0:18:41:95:
db:be:76:f7:cf:51:86:d8:9d:10:e0:97:b2:f9:34:
28:fb:2a:6a:f9:97:e2:82:7f:b8:81:9b:40:f8:97:
b6:0c:eb:95:e5:fe:a5:1b:35:55:25:93:ec:1a:54:
21:3c:61:41:a5:31:4b:2a:a6:93:d9:a2:7b:44:39:
b6:81:d5:98:bd:22:0a:47:ad:44:35:75:54:3a:f0:
ad:c4:f6:5a:97:b2:63:dd:a5:e0:3d:46:fd:77:3c:
93:38:17:28:ee:5a:01:7a:67:45:f1:b1:4e:d8:08:
00:2f:e6:6f:bf:65:d0:5b:ce:40:a2:00:32:4e:a3:
3a:c4:60:ae:52:9f:82:13:d5:ec:14:2c:26:f5:13:
34:25:0b:9a:a9:5c:7c:ed:b1:5c:0a:34:97:6b:7b:
75:90:61:43:63:8d:ec:dd:d0:f5:8a:ed:80:b7:f6:
90:83:92:3f:45:a1:f2:fd:97:56:04:d8:ae:86:54:
e5:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:A2:55:58:4D:93:3E:76:91:D7:42:FD:C1:24:9E:FE:EE:7C:F0:FC
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/YaJVWE2TPnaR10L9wSSe_u588Pw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.170.55.0/24
37.49.144.0/24
37.49.146.0/24
37.49.148.0/22
94.74.137.0/24
94.74.147.0/24
94.74.158.0/23
94.74.164.0/24
94.74.168.0/23
94.74.171.0/24
94.74.173.0/24
94.74.187.0/24
94.74.191.0/24
109.203.162.0-109.203.167.255
176.46.144.0/23
176.46.147.0/24
176.46.152.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:61:e7:a4:47:5a:b2:96:7e:b0:b9:85:cd:29:e6:60:40:2e:
5b:17:f8:c0:92:49:a3:17:c4:55:34:bc:14:d0:81:6c:a1:29:
b3:ca:24:fb:c5:e9:02:9b:11:52:7d:a7:cd:aa:b4:ab:fd:db:
11:88:95:16:5b:06:47:8b:a2:78:0b:76:a6:08:98:53:ec:f8:
42:e0:a3:d9:f4:f4:b8:d6:4e:76:82:c9:f5:ef:47:fa:be:da:
33:64:fc:1f:34:27:a4:da:c2:54:d1:20:88:0d:ee:1c:c6:7f:
6d:35:b0:7e:3f:ac:85:da:2f:3f:e1:88:3c:b9:2d:f8:e2:2b:
98:9a:fc:86:9a:56:1d:34:51:53:53:62:f3:3b:35:75:ca:e5:
2a:45:10:d8:bf:2d:3d:63:e9:cf:f8:1e:51:22:15:ab:77:8c:
74:c4:16:d4:d5:ae:ad:36:d9:15:cb:5e:bd:89:cd:3f:31:e5:
8f:0c:92:a7:05:3c:86:7e:c0:c1:2b:da:5b:ad:f8:e9:cf:1e:
d8:d0:90:97:66:93:53:20:dc:34:34:45:49:51:65:60:16:f5:
b1:10:8a:91:78:4c:24:5a:cb:eb:2b:d2:af:58:95:af:86:19:
29:15:67:8a:72:c8:64:f4:c5:b7:65:da:8e:2f:68:10:f1:ea:
dd:c1:5a:90
-----BEGIN CERTIFICATE-----
MIIFZjCCBE6gAwIBAgISAYu6CYVYydmARjkIrpcszTOGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjMxMTEwMTYyMTA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWEyNTU1ODRkOTMzZTc2OTFkNzQyZmRjMTI0OWVmZWVlN2NmMGZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnzIeNRmwu2uJ/gHZy0JQO6pYU9FP
XwxKy76myoWh26WdQMEqyNqftYsN7+2owWA+D4NpFVGKdPGR/vyNmZ/SM/In3Z6Y
R9AYQZXbvnb3z1GG2J0Q4Jey+TQo+ypq+Zfign+4gZtA+Je2DOuV5f6lGzVVJZPs
GlQhPGFBpTFLKqaT2aJ7RDm2gdWYvSIKR61ENXVUOvCtxPZal7Jj3aXgPUb9dzyT
OBco7loBemdF8bFO2AgAL+Zvv2XQW85AogAyTqM6xGCuUp+CE9XsFCwm9RM0JQua
qVx87bFcCjSXa3t1kGFDY43s3dD1iu2At/aQg5I/RaHy/ZdWBNiuhlTlPwIDAQAB
o4ICcjCCAm4wHQYDVR0OBBYEFGGiVVhNkz52kddC/cEknv7ufPD8MB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvWWFKVldFMlRQbmFSMTBMOXdTU2VfdTU4OFB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGHBggrBgEFBQcBBwEB/wR4MHYwdAQCAAEwbgMEAB+qNwME
ACUxkAMEACUxkgMEAiUxlAMEAF5KiQMEAF5KkwMEAV5KngMEAF5KpAMEAV5KqAME
AF5KqwMEAF5KrQMEAF5KuwMEAF5KvzAMAwQBbcuiAwQDbcugAwQBsC6QAwQAsC6T
AwQAsC6YMA0GCSqGSIb3DQEBCwUAA4IBAQALYeekR1qyln6wuYXNKeZgQC5bF/jA
kkmjF8RVNLwU0IFsoSmzyiT7xekCmxFSfafNqrSr/dsRiJUWWwZHi6J4C3amCJhT
7PhC4KPZ9PS41k52gsn170f6vtozZPwfNCek2sJU0SCIDe4cxn9tNbB+P6yF2i8/
4Yg8uS344iuYmvyGmlYdNFFTU2LzOzV1yuUqRRDYvy09Y+nP+B5RIhWrd4x0xBbU
1a6tNtkVy169ic0/MeWPDJKnBTyGfsDBK9pbrfjpzx7Y0JCXZpNTINw0NEVJUWVg
FvWxEIqReEwkWsvrK9KvWJWvhhkpFWeKcshk9MW3ZdqOL2gQ8erdwVqQ
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:57:50 2025 by rpki-client