Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/flP67fCLH8RjxI1K_M-8l4pfKqk.roa
File: flP67fCLH8RjxI1K_M-8l4pfKqk.roa (raw, json)
Hash identifier: WtaHs2lpQ19VpbmD2XRQT1o7Bl8UW89HPoFFTlAL7dc=
Subject key identifier: 7E:53:FA:ED:F0:8B:1F:C4:63:C4:8D:4A:FC:CF:BC:97:8A:5F:2A:A9
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 01868819260803771F825F289696F64AA001
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/flP67fCLH8RjxI1K_M-8l4pfKqk.roa
Signing time: Sat 25 Feb 2023 10:23:14 +0000
ROA not before: Sat 25 Feb 2023 10:23:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12679
IP address blocks: 176.46.137.0/24 maxlen: 24
176.46.136.0/24 maxlen: 24
31.170.55.0/24 maxlen: 24
176.46.132.0/24 maxlen: 24
176.46.130.0/24 maxlen: 24
176.46.129.0/24 maxlen: 24
176.46.131.0/24 maxlen: 24
176.46.128.0/24 maxlen: 24
94.74.191.0/24 maxlen: 24
109.203.164.0/22 maxlen: 24
109.203.160.0/22 maxlen: 24
37.49.144.0/22 maxlen: 24
37.49.148.0/22 maxlen: 24
94.74.147.0/24 maxlen: 24
94.74.156.0/24 maxlen: 24
94.74.158.0/24 maxlen: 24
94.74.171.0/24 maxlen: 24
94.74.168.0/24 maxlen: 24
94.74.173.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:88:19:26:08:03:77:1f:82:5f:28:96:96:f6:4a:a0:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Feb 25 10:23:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7e53faedf08b1fc463c48d4afccfbc978a5f2aa9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:6a:44:41:d6:1e:06:9b:b2:67:2b:9f:6f:0e:
8d:42:3f:21:05:cd:c9:6f:a4:c5:4c:35:2b:6b:e7:
58:e2:21:b7:53:40:d5:96:df:a0:3e:9d:bf:44:f7:
2f:27:97:b6:5e:71:0b:e1:77:69:69:45:22:1a:d1:
c6:39:60:07:df:08:a6:47:ed:21:1c:ac:90:67:49:
95:3b:e8:f6:00:36:12:74:93:18:c5:41:99:00:65:
c7:78:28:7c:6a:99:44:3d:3b:dc:61:62:88:33:4d:
4b:5b:f1:8f:0f:f5:b4:79:aa:1a:06:6a:be:97:79:
40:74:87:db:d1:9f:45:45:71:5c:16:60:cb:c6:c4:
3d:8f:a1:ec:d4:61:cf:a6:f9:66:54:78:55:12:5e:
72:9a:43:06:4e:55:9e:29:df:3e:67:5b:8c:e8:59:
6b:fa:49:e7:06:c2:6b:ba:af:cf:29:e0:6d:eb:45:
29:6e:87:97:98:50:ae:bf:af:a9:ad:d3:11:1d:e8:
48:50:32:77:e0:17:de:e4:32:59:dc:80:50:52:af:
7d:e2:cb:38:e9:23:56:19:3f:2f:60:35:d6:76:38:
97:be:fd:94:91:c6:73:19:c7:aa:9e:50:4f:d9:9f:
29:52:82:13:9c:7e:f5:a7:ce:aa:46:2a:86:50:75:
cd:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:53:FA:ED:F0:8B:1F:C4:63:C4:8D:4A:FC:CF:BC:97:8A:5F:2A:A9
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/flP67fCLH8RjxI1K_M-8l4pfKqk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.170.55.0/24
37.49.144.0/21
94.74.147.0/24
94.74.156.0/24
94.74.158.0/24
94.74.168.0/24
94.74.171.0/24
94.74.173.0/24
94.74.191.0/24
109.203.160.0/21
176.46.128.0-176.46.132.255
176.46.136.0/23
Signature Algorithm: sha256WithRSAEncryption
a0:38:ac:d4:0b:62:63:fb:c4:7a:f9:c0:40:a3:6f:98:81:ee:
cf:04:23:0c:cb:88:b0:f1:2c:40:f9:5b:a0:3b:fb:89:5e:ef:
61:01:d8:a0:86:3f:e9:f4:c7:63:46:8b:bf:28:fa:41:0a:34:
ff:7b:c8:8e:71:6e:8a:39:72:ea:4e:05:88:9a:53:08:0d:14:
c6:e2:ec:34:e8:6b:71:ab:3b:f0:1f:f4:8e:07:e0:4f:c3:8e:
22:19:3d:59:fe:ac:ae:02:68:29:10:25:97:1f:c3:67:2b:b9:
50:e5:8f:26:9c:66:92:0a:f5:b7:95:97:e6:d7:82:61:5d:cc:
e4:6d:71:62:b6:bc:5d:b3:19:34:d6:5b:1e:d3:00:e3:17:bf:
56:a2:4d:9f:a7:b2:62:b3:83:94:12:73:bf:ea:00:3a:2a:51:
3c:c1:fc:96:36:99:e0:2a:26:2d:f8:24:64:55:ce:72:f3:5c:
11:bd:03:c2:fd:5e:66:5b:c1:64:1a:34:69:3f:1d:1a:90:50:
0f:aa:9d:01:bd:37:e2:95:62:60:a4:e8:dc:dd:b7:2f:e3:89:
77:19:14:e3:ea:d1:6b:17:4f:01:81:6b:e9:45:e2:3b:a5:c9:
e8:54:cd:90:67:64:e7:8d:c6:29:17:5e:5f:bb:4e:2b:ab:0b:
c2:be:80:f5
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAYaIGSYIA3cfgl8olpb2SqABMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjMwMjI1MTAyMzE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTUzZmFlZGYwOGIxZmM0NjNjNDhkNGFmY2NmYmM5NzhhNWYyYWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1mpEQdYeBpuyZyufbw6NQj8hBc3J
b6TFTDUra+dY4iG3U0DVlt+gPp2/RPcvJ5e2XnEL4XdpaUUiGtHGOWAH3wimR+0h
HKyQZ0mVO+j2ADYSdJMYxUGZAGXHeCh8aplEPTvcYWKIM01LW/GPD/W0eaoaBmq+
l3lAdIfb0Z9FRXFcFmDLxsQ9j6Hs1GHPpvlmVHhVEl5ymkMGTlWeKd8+Z1uM6Flr
+knnBsJruq/PKeBt60UpboeXmFCuv6+prdMRHehIUDJ34Bfe5DJZ3IBQUq994ss4
6SNWGT8vYDXWdjiXvv2UkcZzGceqnlBP2Z8pUoITnH71p86qRiqGUHXNZwIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFH5T+u3wix/EY8SNSvzPvJeKXyqpMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvZmxQNjdmQ0xIOFJqeEkxS19NLThsNHBmS3FrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDBWBAIAATBQAwQAH6o3AwQD
JTGQAwQAXkqTAwQAXkqcAwQAXkqeAwQAXkqoAwQAXkqrAwQAXkqtAwQAXkq/AwQD
bcugMAwDBAewLoADBACwLoQDBAGwLogwDQYJKoZIhvcNAQELBQADggEBAKA4rNQL
YmP7xHr5wECjb5iB7s8EIwzLiLDxLED5W6A7+4le72EB2KCGP+n0x2NGi78o+kEK
NP97yI5xboo5cupOBYiaUwgNFMbi7DToa3GrO/Af9I4H4E/DjiIZPVn+rK4CaCkQ
JZcfw2cruVDljyacZpIK9beVl+bXgmFdzORtcWK2vF2zGTTWWx7TAOMXv1aiTZ+n
smKzg5QSc7/qADoqUTzB/JY2meAqJi34JGRVznLzXBG9A8L9XmZbwWQaNGk/HRqQ
UA+qnQG9N+KVYmCk6Nzdty/jiXcZFOPq0WsXTwGBa+lF4julyehUzZBnZOeNxikX
Xl+7TiurC8K+gPU=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:01:06 2025 by rpki-client