Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/bwQoacMRaBV6f-e8GUapyyeIDsc.roa
File: bwQoacMRaBV6f-e8GUapyyeIDsc.roa (raw, json)
Hash identifier: nxBK9//csqsp0HDAW7U/FZbAmvYoKMRpju8zTorl5Zw=
Subject key identifier: 6F:04:28:69:C3:11:68:15:7A:7F:E7:BC:19:46:A9:CB:27:88:0E:C7
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 018BCCE5DA9B2997A14F9CD0B452438C0A21
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/bwQoacMRaBV6f-e8GUapyyeIDsc.roa
Signing time: Tue 14 Nov 2023 08:14:57 +0000
ROA not before: Tue 14 Nov 2023 08:14:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203963
IP address blocks: 176.46.144.0/24 maxlen: 24
176.46.149.0/24 maxlen: 24
176.46.152.0/24 maxlen: 24
94.74.140.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:cc:e5:da:9b:29:97:a1:4f:9c:d0:b4:52:43:8c:0a:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Nov 14 08:14:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6f042869c31168157a7fe7bc1946a9cb27880ec7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:5c:11:98:eb:3d:f5:36:b8:eb:bb:ba:46:ae:
b3:8c:53:df:a3:76:da:e2:82:5e:13:d0:16:25:f6:
54:27:1a:18:92:b4:f5:b4:b0:d1:97:28:69:7b:d7:
d5:12:bd:86:c8:9a:1b:de:02:60:3e:4a:1b:bd:8e:
81:b9:cd:89:03:a6:eb:5a:72:20:bb:b9:62:a2:a4:
b0:f9:25:00:71:03:58:f4:22:13:29:f0:ea:05:4a:
f5:95:20:aa:90:30:34:f3:e1:d9:3a:9f:ca:76:7f:
bd:94:4a:c2:39:53:14:5b:f5:79:ed:0f:1f:38:43:
ca:13:dc:a4:71:78:f7:fa:dc:66:d9:5f:cc:57:fe:
e3:50:dd:3f:25:e0:e2:71:66:3d:60:4f:23:dc:fd:
49:1f:42:5e:b2:58:c8:d5:d5:94:b5:9d:5d:a0:1b:
ac:25:01:fa:37:2f:65:13:a4:fa:c3:5c:24:af:c0:
6b:a1:14:61:79:99:47:9f:e9:a9:26:20:61:9d:ed:
e0:8a:43:cb:06:1e:65:ca:92:43:42:b6:39:3f:f8:
a1:f7:f1:e5:3f:f5:9a:e5:0a:03:3d:6b:72:4b:9d:
a0:00:42:78:9b:6d:09:bd:8c:dd:eb:00:8a:2f:7f:
f0:fd:12:06:14:cb:a7:9b:6e:00:e6:c4:73:fa:da:
c6:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:04:28:69:C3:11:68:15:7A:7F:E7:BC:19:46:A9:CB:27:88:0E:C7
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/bwQoacMRaBV6f-e8GUapyyeIDsc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.74.140.0/24
176.46.144.0/24
176.46.149.0/24
176.46.152.0/24
Signature Algorithm: sha256WithRSAEncryption
41:09:ef:89:db:79:59:77:41:64:38:98:4b:7e:4c:a7:19:95:
a1:d8:26:2e:70:e1:4b:1a:8f:89:26:0d:ab:d4:0e:cb:d7:9d:
c5:5d:5f:3b:88:d3:f8:6c:d2:c0:d2:57:1b:07:15:6e:e6:fb:
3c:44:be:e7:04:0c:c1:1f:c7:09:7a:2d:a3:f8:64:50:c7:39:
fb:32:4b:29:7b:ac:4a:ca:f3:3a:16:26:b4:cb:59:c2:42:e9:
3a:d9:1f:38:5e:60:f8:2a:1c:e2:9d:1b:39:fc:5c:67:cd:cf:
5e:27:e5:fe:84:0f:0e:0c:75:78:3e:35:6b:ee:a8:97:39:97:
75:b1:2d:75:8e:4b:bc:c2:59:74:f2:d6:f6:92:7d:74:71:50:
a2:f8:6b:e8:5d:2a:75:01:e2:aa:e7:12:69:4a:4d:32:df:1a:
cb:53:b1:cc:bd:be:60:a8:b0:96:0d:f5:e9:ba:46:58:22:74:
8c:70:be:91:b3:1e:84:33:20:29:00:83:9f:70:3c:f5:d4:be:
f4:62:c1:16:7b:8d:3b:0f:e4:a8:23:ab:ec:c8:f2:79:62:f9:
ed:54:d3:34:be:33:84:08:5a:0a:82:0f:fa:e9:e9:52:9f:44:
ab:d3:7e:04:2b:4b:36:07:a7:bf:bf:bc:64:07:71:86:c6:bb:
7d:39:69:12
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYvM5dqbKZehT5zQtFJDjAohMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjMxMTE0MDgxNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjA0Mjg2OWMzMTE2ODE1N2E3ZmU3YmMxOTQ2YTljYjI3ODgwZWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq1wRmOs99Ta467u6Rq6zjFPfo3ba
4oJeE9AWJfZUJxoYkrT1tLDRlyhpe9fVEr2GyJob3gJgPkobvY6Buc2JA6brWnIg
u7lioqSw+SUAcQNY9CITKfDqBUr1lSCqkDA08+HZOp/Kdn+9lErCOVMUW/V57Q8f
OEPKE9ykcXj3+txm2V/MV/7jUN0/JeDicWY9YE8j3P1JH0JesljI1dWUtZ1doBus
JQH6Ny9lE6T6w1wkr8BroRRheZlHn+mpJiBhne3gikPLBh5lypJDQrY5P/ih9/Hl
P/Wa5QoDPWtyS52gAEJ4m20JvYzd6wCKL3/w/RIGFMunm24A5sRz+trGWQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFG8EKGnDEWgVen/nvBlGqcsniA7HMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvYndRb2FjTVJhQlY2Zi1lOEdVYXB5eWVJRHNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAXkqMAwQA
sC6QAwQAsC6VAwQAsC6YMA0GCSqGSIb3DQEBCwUAA4IBAQBBCe+J23lZd0FkOJhL
fkynGZWh2CYucOFLGo+JJg2r1A7L153FXV87iNP4bNLA0lcbBxVu5vs8RL7nBAzB
H8cJei2j+GRQxzn7Mkspe6xKyvM6Fia0y1nCQuk62R84XmD4KhzinRs5/Fxnzc9e
J+X+hA8ODHV4PjVr7qiXOZd1sS11jku8wll08tb2kn10cVCi+GvoXSp1AeKq5xJp
Sk0y3xrLU7HMvb5gqLCWDfXpukZYInSMcL6Rsx6EMyApAIOfcDz11L70YsEWe407
D+SoI6vsyPJ5YvntVNM0vjOECFoKgg/66elSn0Sr034EK0s2B6e/v7xkB3GGxrt9
OWkS
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:08:14 2025 by rpki-client