Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/bITtP7oUuH8d7JJ7sq5iZS9vScQ.roa
File: bITtP7oUuH8d7JJ7sq5iZS9vScQ.roa (raw, json)
Hash identifier: wnlGLVwwZjxVys4UkZz58FAXTw3QT7xgTC4/DN8vydA=
Subject key identifier: 6C:84:ED:3F:BA:14:B8:7F:1D:EC:92:7B:B2:AE:62:65:2F:6F:49:C4
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 0184ED362F53A00868A9B606178BFAA8E192
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/bITtP7oUuH8d7JJ7sq5iZS9vScQ.roa
Signing time: Wed 07 Dec 2022 15:31:02 +0000
ROA not before: Wed 07 Dec 2022 15:31:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44208
IP address blocks: 176.46.138.0/23 maxlen: 24
94.74.190.0/24 maxlen: 24
176.46.144.0/20 maxlen: 24
176.46.140.0/22 maxlen: 24
109.203.160.0/19 maxlen: 24
94.74.128.0/18 maxlen: 24
94.74.136.0/24 maxlen: 24
31.170.48.0/20 maxlen: 24
94.74.165.0/24 maxlen: 24
185.34.160.0/22 maxlen: 24
94.74.166.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:ed:36:2f:53:a0:08:68:a9:b6:06:17:8b:fa:a8:e1:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Dec 7 15:31:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6c84ed3fba14b87f1dec927bb2ae62652f6f49c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:4f:1e:25:db:d4:7f:b7:80:0a:6a:f4:df:d3:
a9:78:47:52:62:1d:da:78:53:b0:41:61:b2:57:0f:
b8:e4:5d:40:40:7d:75:06:79:79:4f:b0:8d:75:c9:
e4:45:25:f6:c4:1f:a7:b1:f8:25:61:68:8d:df:51:
54:06:a5:5b:6d:bf:d4:ad:9b:1d:c1:06:f0:4c:d3:
e6:f0:46:b0:97:3d:85:54:d3:a2:e6:36:89:80:3e:
e4:a6:f4:a0:87:4c:07:b1:2c:2c:8f:ad:05:eb:79:
1a:da:b5:3d:a3:c2:71:9c:5a:3f:90:f6:4e:23:88:
f2:14:db:c5:37:ee:b0:32:93:d9:65:87:fb:a2:1e:
0f:50:61:04:c4:0e:58:88:92:f9:5f:1b:da:45:70:
6e:e1:23:8e:a6:cb:e0:95:7b:ea:71:44:83:5f:cb:
11:29:9b:8f:83:19:c2:38:6b:38:06:2b:d3:31:5d:
d1:b0:87:21:18:ba:c4:25:32:8c:87:e2:1f:d6:e5:
28:39:f7:33:8f:f1:9d:de:b2:34:6f:4c:96:ce:b2:
1f:81:84:43:62:94:cb:ea:ae:d0:b8:06:ee:c8:de:
a7:80:97:58:c3:e7:70:74:42:3c:02:5b:5f:63:41:
89:12:37:ed:de:46:5f:62:36:00:18:70:78:fd:a3:
6d:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:84:ED:3F:BA:14:B8:7F:1D:EC:92:7B:B2:AE:62:65:2F:6F:49:C4
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/bITtP7oUuH8d7JJ7sq5iZS9vScQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.170.48.0/20
94.74.128.0/18
109.203.160.0/19
176.46.138.0-176.46.159.255
185.34.160.0/22
Signature Algorithm: sha256WithRSAEncryption
06:2b:20:9d:d8:3d:5f:5b:76:9a:df:cd:30:b7:3b:47:95:1e:
36:78:79:d8:4f:c7:19:b4:d5:bd:f2:14:1e:9d:58:c4:77:36:
8f:2e:50:f0:4d:e4:79:d4:7d:90:b6:c8:a0:19:9c:a3:a1:cd:
3c:85:e6:00:62:92:e2:fc:71:b7:b3:68:49:c9:2c:a8:61:77:
a0:d3:a7:6d:45:fd:f7:6f:81:c5:61:ec:27:d9:5b:97:25:cb:
11:c2:bd:09:65:98:4d:0c:0d:93:90:57:29:31:9a:e8:c8:20:
ca:e7:26:b0:7c:a3:04:44:fd:c4:91:e7:dd:16:ba:ea:27:83:
cf:90:91:00:7d:e1:93:cf:5e:41:13:2e:19:61:46:b0:c9:d4:
3a:c6:93:df:97:de:3a:aa:69:e1:8a:2e:90:90:da:f0:e3:e7:
82:76:36:09:47:22:8f:ef:30:23:31:ba:91:73:c0:db:7a:25:
03:d6:6f:d8:be:2d:b4:e6:f9:95:ab:72:7e:74:d4:a0:5b:13:
b4:64:7d:54:a7:16:df:cc:5c:22:f3:a7:cc:a8:83:72:6c:9d:
1d:33:e2:d5:f1:cb:d7:de:91:02:e4:de:ca:d0:0f:bb:6a:46:
18:c7:25:3e:7d:df:56:10:9d:55:15:43:9e:b0:b9:0d:84:c1:
c9:e7:e0:1d
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYTtNi9ToAhoqbYGF4v6qOGSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjIxMjA3MTUzMTAyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Yzg0ZWQzZmJhMTRiODdmMWRlYzkyN2JiMmFlNjI2NTJmNmY0OWM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA208eJdvUf7eACmr039OpeEdSYh3a
eFOwQWGyVw+45F1AQH11Bnl5T7CNdcnkRSX2xB+nsfglYWiN31FUBqVbbb/UrZsd
wQbwTNPm8Eawlz2FVNOi5jaJgD7kpvSgh0wHsSwsj60F63ka2rU9o8JxnFo/kPZO
I4jyFNvFN+6wMpPZZYf7oh4PUGEExA5YiJL5XxvaRXBu4SOOpsvglXvqcUSDX8sR
KZuPgxnCOGs4BivTMV3RsIchGLrEJTKMh+If1uUoOfczj/Gd3rI0b0yWzrIfgYRD
YpTL6q7QuAbuyN6ngJdYw+dwdEI8AltfY0GJEjft3kZfYjYAGHB4/aNtvwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFGyE7T+6FLh/HeySe7KuYmUvb0nEMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvYklUdFA3b1V1SDhkN0pKN3NxNWlaUzl2U2NRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQEH6owAwQG
XkqAAwQFbcugMAwDBAGwLooDBAWwLoADBAK5IqAwDQYJKoZIhvcNAQELBQADggEB
AAYrIJ3YPV9bdprfzTC3O0eVHjZ4edhPxxm01b3yFB6dWMR3No8uUPBN5HnUfZC2
yKAZnKOhzTyF5gBikuL8cbezaEnJLKhhd6DTp21F/fdvgcVh7CfZW5clyxHCvQll
mE0MDZOQVykxmujIIMrnJrB8owRE/cSR590Wuuong8+QkQB94ZPPXkETLhlhRrDJ
1DrGk9+X3jqqaeGKLpCQ2vDj54J2NglHIo/vMCMxupFzwNt6JQPWb9i+LbTm+ZWr
cn501KBbE7RkfVSnFt/MXCLzp8yog3JsnR0z4tXxy9fekQLk3srQD7tqRhjHJT59
31YQnVUVQ56wuQ2Ewcnn4B0=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:06:57 2025 by rpki-client