Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/_Y8e6VMAhnvjXG6ixJ31wZOlIFI.roa
File: _Y8e6VMAhnvjXG6ixJ31wZOlIFI.roa (raw, json)
Hash identifier: Nt6CrEHkau9UCVoFAK/At0BRBYvWY67C8m2EycPM7+s=
Subject key identifier: FD:8F:1E:E9:53:00:86:7B:E3:5C:6E:A2:C4:9D:F5:C1:93:A5:20:52
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 018752523FCCA5F39D64F245E4E051E99781
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/_Y8e6VMAhnvjXG6ixJ31wZOlIFI.roa
Signing time: Wed 05 Apr 2023 16:48:54 +0000
ROA not before: Wed 05 Apr 2023 16:48:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12679
IP address blocks: 176.46.133.0/24 maxlen: 24
176.46.135.0/24 maxlen: 24
176.46.134.0/24 maxlen: 24
176.46.136.0/24 maxlen: 24
176.46.132.0/24 maxlen: 24
176.46.130.0/24 maxlen: 24
176.46.129.0/24 maxlen: 24
176.46.131.0/24 maxlen: 24
176.46.128.0/24 maxlen: 24
109.203.164.0/22 maxlen: 24
109.203.163.0/24 maxlen: 24
109.203.160.0/22 maxlen: 24
31.170.55.0/24 maxlen: 24
94.74.191.0/24 maxlen: 24
94.74.187.0/24 maxlen: 24
37.49.144.0/22 maxlen: 24
37.49.146.0/24 maxlen: 24
37.49.148.0/22 maxlen: 24
94.74.137.0/24 maxlen: 24
94.74.140.0/24 maxlen: 24
94.74.147.0/24 maxlen: 24
94.74.156.0/24 maxlen: 24
94.74.159.0/24 maxlen: 24
94.74.158.0/24 maxlen: 24
94.74.164.0/24 maxlen: 24
94.74.169.0/24 maxlen: 24
94.74.171.0/24 maxlen: 24
94.74.168.0/24 maxlen: 24
94.74.173.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:52:52:3f:cc:a5:f3:9d:64:f2:45:e4:e0:51:e9:97:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Apr 5 16:48:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fd8f1ee95300867be35c6ea2c49df5c193a52052
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:2e:df:10:2f:1a:11:44:0c:c7:da:14:13:e7:
25:d6:52:05:05:cd:df:3b:d4:9f:25:7c:0b:a5:c6:
c2:84:5e:a9:99:70:03:fd:c5:55:3e:30:e7:ae:21:
cb:95:e8:ce:ec:c5:51:62:a4:63:a5:0b:50:56:6f:
90:67:07:ec:a4:7f:9f:19:f3:0c:07:ee:7c:8c:be:
c6:1b:2f:83:c4:9a:24:9d:df:36:48:d6:3f:8d:3a:
84:cf:f2:ec:71:7e:8a:1f:7b:75:9b:98:e4:31:4d:
df:23:c4:a9:85:b2:dd:b9:01:aa:76:1b:fe:1a:32:
83:1c:f9:99:1a:f9:e4:cc:f5:5f:08:c0:3e:53:f1:
dc:a6:e1:fa:57:03:1b:38:cc:87:be:be:e7:01:b6:
92:13:d6:e0:24:7d:de:ef:7a:fe:18:32:a9:48:62:
46:6d:50:56:49:3c:05:2b:89:ea:3d:c0:22:8e:7f:
8b:c9:c0:ac:3e:58:8f:88:12:70:96:ad:9c:13:de:
c3:c7:18:8d:83:03:34:4a:3f:47:f9:aa:7f:b0:52:
e2:4a:55:3b:90:c2:31:58:cf:58:cb:25:48:29:d4:
0c:77:1b:e3:50:b2:f1:96:dc:97:4f:f0:bb:22:b8:
e5:8b:ed:2e:9e:c1:ee:9b:12:b7:e8:6d:b1:23:22:
b1:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:8F:1E:E9:53:00:86:7B:E3:5C:6E:A2:C4:9D:F5:C1:93:A5:20:52
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/_Y8e6VMAhnvjXG6ixJ31wZOlIFI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.170.55.0/24
37.49.144.0/21
94.74.137.0/24
94.74.140.0/24
94.74.147.0/24
94.74.156.0/24
94.74.158.0/23
94.74.164.0/24
94.74.168.0/23
94.74.171.0/24
94.74.173.0/24
94.74.187.0/24
94.74.191.0/24
109.203.160.0/21
176.46.128.0-176.46.136.255
Signature Algorithm: sha256WithRSAEncryption
73:43:cb:19:37:f1:21:e6:a1:ae:6c:47:27:ee:ee:8c:cc:8c:
bd:6d:99:fc:f3:60:ac:6f:7e:23:0c:50:02:81:4b:8b:2b:ea:
f3:7e:1a:07:7d:b0:a1:e7:aa:fa:2b:9b:28:8c:52:d3:7d:96:
36:1d:26:70:55:cc:88:fb:cc:59:de:03:ba:b3:e5:6b:40:e7:
cf:ac:63:67:54:05:77:55:c8:a6:19:a0:bd:ec:09:7c:4d:5f:
5f:1b:ec:aa:4b:78:ec:26:83:b3:5f:cb:d1:f8:4f:8a:b6:83:
60:61:40:90:a3:4b:f2:53:89:a8:51:a1:d2:62:c0:b0:ed:15:
96:48:31:f2:f2:1a:aa:18:6c:e7:a6:fc:e3:c1:5c:a1:c7:fc:
d0:80:21:e3:85:95:12:24:44:75:ce:c5:4a:74:a8:6d:3b:fb:
7a:dc:3a:15:2d:22:8a:dd:b1:b9:10:64:ef:45:4d:00:ea:cc:
42:7c:b6:cc:32:5d:82:27:00:82:2d:14:bc:39:59:8f:7e:69:
3e:67:33:7e:34:3a:1a:2e:a5:ed:d1:d0:ff:63:32:e1:e4:c6:
d5:c0:78:be:83:02:1c:d4:a9:9b:c0:b0:a7:e4:da:52:5e:76:
07:50:8e:8c:a3:78:5b:d3:74:76:08:7d:30:96:62:b3:a9:47:
cf:d4:00:77
-----BEGIN CERTIFICATE-----
MIIFWTCCBEGgAwIBAgISAYdSUj/MpfOdZPJF5OBR6ZeBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjMwNDA1MTY0ODU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDhmMWVlOTUzMDA4NjdiZTM1YzZlYTJjNDlkZjVjMTkzYTUyMDUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgS7fEC8aEUQMx9oUE+cl1lIFBc3f
O9SfJXwLpcbChF6pmXAD/cVVPjDnriHLlejO7MVRYqRjpQtQVm+QZwfspH+fGfMM
B+58jL7GGy+DxJoknd82SNY/jTqEz/LscX6KH3t1m5jkMU3fI8SphbLduQGqdhv+
GjKDHPmZGvnkzPVfCMA+U/HcpuH6VwMbOMyHvr7nAbaSE9bgJH3e73r+GDKpSGJG
bVBWSTwFK4nqPcAijn+LycCsPliPiBJwlq2cE97DxxiNgwM0Sj9H+ap/sFLiSlU7
kMIxWM9YyyVIKdQMdxvjULLxltyXT/C7Irjli+0unsHumxK36G2xIyKxRwIDAQAB
o4ICZTCCAmEwHQYDVR0OBBYEFP2PHulTAIZ741xuosSd9cGTpSBSMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvX1k4ZTZWTUFobnZqWEc2aXhKMzF3Wk9sSUZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHsGCCsGAQUFBwEHAQH/BGwwajBoBAIAATBiAwQAH6o3AwQD
JTGQAwQAXkqJAwQAXkqMAwQAXkqTAwQAXkqcAwQBXkqeAwQAXkqkAwQBXkqoAwQA
XkqrAwQAXkqtAwQAXkq7AwQAXkq/AwQDbcugMAwDBAewLoADBACwLogwDQYJKoZI
hvcNAQELBQADggEBAHNDyxk38SHmoa5sRyfu7ozMjL1tmfzzYKxvfiMMUAKBS4sr
6vN+Ggd9sKHnqvormyiMUtN9ljYdJnBVzIj7zFneA7qz5WtA58+sY2dUBXdVyKYZ
oL3sCXxNX18b7KpLeOwmg7Nfy9H4T4q2g2BhQJCjS/JTiahRodJiwLDtFZZIMfLy
GqoYbOem/OPBXKHH/NCAIeOFlRIkRHXOxUp0qG07+3rcOhUtIordsbkQZO9FTQDq
zEJ8tswyXYInAIItFLw5WY9+aT5nM340Ohoupe3R0P9jMuHkxtXAeL6DAhzUqZvA
sKfk2lJedgdQjoyjeFvTdHYIfTCWYrOpR8/UAHc=
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:58:37 2025 by rpki-client