Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/ilaN29wFhhZG-JOcFv6QtqgLKTc.roa
File: ilaN29wFhhZG-JOcFv6QtqgLKTc.roa (raw, json)
Hash identifier: XiCGhg0ngZsBk8lLyFQW2EeBubXaINZiPLC4XqNT1LA=
Subject key identifier: 8A:56:8D:DB:DC:05:86:16:46:F8:93:9C:16:FE:90:B6:A8:0B:29:37
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 018C0166294040A84A928AF7AB7036BD0F2A
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/ilaN29wFhhZG-JOcFv6QtqgLKTc.roa
Signing time: Fri 24 Nov 2023 12:55:21 +0000
ROA not before: Fri 24 Nov 2023 12:55:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9009
IP address blocks: 176.46.145.0/24 maxlen: 24
176.46.147.0/24 maxlen: 24
31.170.55.0/24 maxlen: 24
109.203.164.0/24 maxlen: 24
109.203.166.0/24 maxlen: 24
37.49.144.0/24 maxlen: 24
37.49.146.0/24 maxlen: 24
37.49.148.0/24 maxlen: 24
37.49.149.0/24 maxlen: 24
37.49.150.0/24 maxlen: 24
37.49.151.0/24 maxlen: 24
94.74.158.0/24 maxlen: 24
94.74.159.0/24 maxlen: 24
94.74.168.0/24 maxlen: 24
94.74.169.0/24 maxlen: 24
94.74.173.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:01:66:29:40:40:a8:4a:92:8a:f7:ab:70:36:bd:0f:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Nov 24 12:55:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8a568ddbdc05861646f8939c16fe90b6a80b2937
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:97:c8:b6:69:c7:6b:85:b7:2e:23:3c:3b:1b:
a3:e1:14:17:40:97:39:95:51:c5:81:48:aa:9d:62:
2a:f2:80:5d:72:ff:16:a1:93:c9:16:f0:dd:e9:01:
75:e0:da:93:44:78:aa:1a:c6:2b:f0:55:f6:b3:c4:
a8:da:ee:a4:d2:a5:bd:c4:1b:11:df:7a:77:0e:45:
f2:4d:53:0c:b1:3f:70:db:21:01:35:56:40:cb:7f:
99:17:c9:1f:b2:80:a7:0c:fa:7d:77:90:20:44:05:
45:35:29:ac:97:3d:36:4a:72:3b:4d:ea:a2:d1:e3:
81:ea:9a:d1:14:84:4d:14:ea:ad:67:6c:ee:0b:e3:
f2:5a:c4:a0:58:d9:e5:67:d2:08:91:f5:6f:7b:80:
d9:13:89:ff:50:af:b7:0e:f4:1c:6f:ee:eb:4d:dc:
e8:10:ad:ad:ee:12:5d:14:50:4f:49:be:2b:05:7f:
c0:06:b7:9b:41:f3:2f:1d:b5:19:ac:cc:8a:41:5a:
08:ad:57:0c:1d:dd:10:61:73:1e:9e:10:e7:39:4c:
d2:a0:4b:50:c2:f3:f2:a9:35:11:c3:99:79:59:dc:
38:31:a4:f0:37:b3:71:ed:34:a7:db:2d:f5:09:b7:
58:80:af:c4:07:83:32:30:07:6b:3b:bd:c7:a6:95:
cd:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:56:8D:DB:DC:05:86:16:46:F8:93:9C:16:FE:90:B6:A8:0B:29:37
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/ilaN29wFhhZG-JOcFv6QtqgLKTc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.170.55.0/24
37.49.144.0/24
37.49.146.0/24
37.49.148.0/22
94.74.158.0/23
94.74.168.0/23
94.74.173.0/24
109.203.164.0/24
109.203.166.0/24
176.46.145.0/24
176.46.147.0/24
Signature Algorithm: sha256WithRSAEncryption
42:35:ea:b0:6b:c2:cd:20:4e:66:37:9a:0b:61:2f:91:1f:76:
4c:69:b6:d4:77:b2:2d:25:66:b3:9d:66:77:75:6e:4a:9e:5a:
84:d4:a5:a0:ab:12:6e:3f:55:f7:e4:df:ed:09:0b:7e:e2:ac:
7a:b0:25:ec:ee:63:37:a4:7b:5d:73:ed:26:4e:36:90:0a:60:
c9:fb:3d:41:32:ee:ea:dc:87:f6:5d:ef:64:0e:24:ad:69:f6:
c0:26:95:eb:b8:1f:7f:8b:0c:f2:9f:2f:ea:71:73:9f:5d:37:
b5:8c:d0:0b:3c:68:15:49:68:65:82:9f:d8:96:78:38:bb:61:
47:01:5a:eb:ce:3f:4a:28:de:0e:7b:b7:23:fa:d6:b6:2d:a0:
3e:d4:20:d5:3a:9d:85:ff:8c:a2:19:44:be:34:9a:35:9e:21:
89:27:4c:b7:e9:2f:18:8e:e2:57:e4:8a:99:4c:97:bc:d9:29:
e8:49:c4:7b:ac:37:94:ee:5b:f3:71:e5:30:36:d4:c9:ab:11:
f7:de:74:13:ff:31:6c:10:15:ce:38:96:8b:be:70:2c:fb:e2:
f3:9e:a7:6c:1a:53:f0:a5:24:3d:b6:db:45:5e:ff:68:0b:78:
3c:63:7f:a0:b0:a7:44:32:6b:2b:d9:90:8c:b9:b1:4f:da:1f:
07:7f:01:55
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYwBZilAQKhKkor3q3A2vQ8qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjMxMTI0MTI1NTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTU2OGRkYmRjMDU4NjE2NDZmODkzOWMxNmZlOTBiNmE4MGIyOTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0pfItmnHa4W3LiM8Oxuj4RQXQJc5
lVHFgUiqnWIq8oBdcv8WoZPJFvDd6QF14NqTRHiqGsYr8FX2s8So2u6k0qW9xBsR
33p3DkXyTVMMsT9w2yEBNVZAy3+ZF8kfsoCnDPp9d5AgRAVFNSmslz02SnI7Teqi
0eOB6prRFIRNFOqtZ2zuC+PyWsSgWNnlZ9IIkfVve4DZE4n/UK+3DvQcb+7rTdzo
EK2t7hJdFFBPSb4rBX/ABrebQfMvHbUZrMyKQVoIrVcMHd0QYXMenhDnOUzSoEtQ
wvPyqTURw5l5Wdw4MaTwN7Nx7TSn2y31CbdYgK/EB4MyMAdrO73HppXN5QIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFIpWjdvcBYYWRviTnBb+kLaoCyk3MB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvaWxhTjI5d0ZoaFpHLUpPY0Z2NlF0cWdMS1RjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQAH6o3AwQA
JTGQAwQAJTGSAwQCJTGUAwQBXkqeAwQBXkqoAwQAXkqtAwQAbcukAwQAbcumAwQA
sC6RAwQAsC6TMA0GCSqGSIb3DQEBCwUAA4IBAQBCNeqwa8LNIE5mN5oLYS+RH3ZM
abbUd7ItJWaznWZ3dW5KnlqE1KWgqxJuP1X35N/tCQt+4qx6sCXs7mM3pHtdc+0m
TjaQCmDJ+z1BMu7q3If2Xe9kDiStafbAJpXruB9/iwzyny/qcXOfXTe1jNALPGgV
SWhlgp/Ylng4u2FHAVrrzj9KKN4Oe7cj+ta2LaA+1CDVOp2F/4yiGUS+NJo1niGJ
J0y36S8YjuJX5IqZTJe82SnoScR7rDeU7lvzceUwNtTJqxH33nQT/zFsEBXOOJaL
vnAs++LznqdsGlPwpSQ9tttFXv9oC3g8Y3+gsKdEMmsr2ZCMubFP2h8HfwFV
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:56:34 2025 by rpki-client