Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/qh0ZvsSBB4qK79xofNNd6O_ZfZs.roa
File: qh0ZvsSBB4qK79xofNNd6O_ZfZs.roa (raw, json)
Hash identifier: Q8GmxKRBcksjkydzneRMull+HMQu8jjQmRAkRo5sYtw=
Subject key identifier: AA:1D:19:BE:C4:81:07:8A:8A:EF:DC:68:7C:D3:5D:E8:EF:D9:7D:9B
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 018BBA09847DE302CB7407784F6327A5BE8C
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/qh0ZvsSBB4qK79xofNNd6O_ZfZs.roa
Signing time: Fri 10 Nov 2023 16:21:07 +0000
ROA not before: Fri 10 Nov 2023 16:21:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 176.46.138.0/24 maxlen: 24
176.46.139.0/24 maxlen: 24
176.46.136.0/24 maxlen: 24
176.46.135.0/24 maxlen: 24
176.46.133.0/24 maxlen: 24
176.46.134.0/24 maxlen: 24
176.46.143.0/24 maxlen: 24
176.46.142.0/24 maxlen: 24
176.46.140.0/24 maxlen: 24
176.46.141.0/24 maxlen: 24
176.46.150.0/24 maxlen: 24
176.46.151.0/24 maxlen: 24
176.46.149.0/24 maxlen: 24
176.46.148.0/24 maxlen: 24
176.46.146.0/24 maxlen: 24
176.46.159.0/24 maxlen: 24
176.46.157.0/24 maxlen: 24
176.46.158.0/24 maxlen: 24
176.46.156.0/24 maxlen: 24
176.46.154.0/24 maxlen: 24
176.46.155.0/24 maxlen: 24
176.46.153.0/24 maxlen: 24
185.34.160.0/22 maxlen: 24
176.46.132.0/24 maxlen: 24
176.46.129.0/24 maxlen: 24
176.46.130.0/24 maxlen: 24
109.203.160.0/24 maxlen: 24
109.203.168.0/21 maxlen: 24
109.203.176.0/21 maxlen: 24
109.203.184.0/21 maxlen: 24
37.49.145.0/24 maxlen: 24
37.49.147.0/24 maxlen: 24
94.74.152.0/22 maxlen: 24
94.74.156.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ba:09:84:7d:e3:02:cb:74:07:78:4f:63:27:a5:be:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Nov 10 16:21:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aa1d19bec481078a8aefdc687cd35de8efd97d9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:b1:ea:c0:df:f7:5d:f9:f9:4a:ce:89:17:70:
04:15:9e:97:62:6f:07:32:c7:5a:e2:02:0f:02:bf:
8c:a5:a1:75:93:31:54:98:41:d4:9b:f4:d3:29:b4:
32:03:a4:f2:05:e8:2d:4c:dc:2e:3e:1a:65:f6:fd:
49:37:be:72:2e:79:d3:9f:b6:39:68:40:2e:74:6a:
f5:da:16:b2:e4:ef:39:b5:49:be:25:94:e9:79:f3:
16:4d:02:6e:0c:43:0f:8a:f0:14:2b:50:2f:23:6b:
15:ca:99:45:36:e3:10:6b:0c:21:f4:2d:58:a1:0e:
67:5e:5d:a3:9e:43:a1:98:3d:6e:0c:18:89:fc:8e:
1b:ed:d0:a8:04:07:5a:f6:58:48:e8:a4:bc:18:ef:
01:b8:52:a5:92:1e:ce:aa:08:2f:fd:8d:8b:b3:5c:
64:ee:02:29:ec:1e:df:74:01:f7:06:1e:fc:46:8d:
8e:9f:46:3a:75:4f:1a:b2:2c:4e:e1:95:96:ac:21:
ba:b6:06:79:d7:93:24:fe:ee:6a:7d:a5:05:61:2a:
c9:e3:b2:b2:46:16:30:b2:f4:da:8c:55:94:31:b1:
89:67:61:e8:4a:c0:00:a4:ec:c7:be:62:fc:42:3a:
89:a7:87:19:23:d0:a9:e1:71:70:57:ae:9e:50:81:
c6:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:1D:19:BE:C4:81:07:8A:8A:EF:DC:68:7C:D3:5D:E8:EF:D9:7D:9B
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/qh0ZvsSBB4qK79xofNNd6O_ZfZs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.49.145.0/24
37.49.147.0/24
94.74.152.0-94.74.156.255
109.203.160.0/24
109.203.168.0-109.203.191.255
176.46.129.0-176.46.130.255
176.46.132.0-176.46.136.255
176.46.138.0-176.46.143.255
176.46.146.0/24
176.46.148.0/22
176.46.153.0-176.46.159.255
185.34.160.0/22
Signature Algorithm: sha256WithRSAEncryption
7e:59:71:c6:f5:24:b8:a1:13:82:1c:0c:0e:dd:af:f1:e6:d5:
2d:cb:cb:af:a3:00:45:b8:31:75:28:cc:28:7a:aa:8a:6d:c1:
82:b0:58:ff:ec:15:c1:ec:1a:2f:6a:64:2c:31:37:ea:2a:57:
9c:45:5d:ad:3f:a9:e7:e0:2b:b2:bf:76:09:1d:cf:91:35:0a:
5c:e7:3c:c2:08:ba:83:e3:35:39:28:c8:d5:47:5e:56:cd:fd:
a7:90:62:41:76:8d:15:f4:bc:04:95:74:bc:03:6d:47:c9:56:
37:49:3e:dc:13:11:ee:75:3a:72:a5:a5:5c:22:c7:a4:63:69:
64:92:44:37:48:2a:db:a1:f7:ab:52:bd:a2:5a:b1:ed:37:1e:
6f:78:fb:2b:1b:d7:80:ae:3e:28:8c:7f:17:53:42:f3:d9:fd:
54:f5:75:76:24:e0:6f:b6:62:b8:a5:d0:ad:2c:42:9f:3e:d4:
23:b1:16:c6:23:bb:40:39:84:30:03:eb:1c:ee:77:25:f7:15:
3d:33:ee:9b:b7:79:b4:31:18:50:bc:4d:65:17:d2:35:4c:7c:
58:95:5c:18:0f:34:06:53:95:7f:4c:54:bc:17:09:80:ed:a0:
9d:99:73:40:87:d3:a4:b6:9a:28:73:08:24:86:a4:b3:8f:db:
23:5d:b0:74
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgISAYu6CYR94wLLdAd4T2Mnpb6MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjMxMTEwMTYyMTA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTFkMTliZWM0ODEwNzhhOGFlZmRjNjg3Y2QzNWRlOGVmZDk3ZDliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw7HqwN/3Xfn5Ss6JF3AEFZ6XYm8H
Msda4gIPAr+MpaF1kzFUmEHUm/TTKbQyA6TyBegtTNwuPhpl9v1JN75yLnnTn7Y5
aEAudGr12hay5O85tUm+JZTpefMWTQJuDEMPivAUK1AvI2sVyplFNuMQawwh9C1Y
oQ5nXl2jnkOhmD1uDBiJ/I4b7dCoBAda9lhI6KS8GO8BuFKlkh7Oqggv/Y2Ls1xk
7gIp7B7fdAH3Bh78Ro2On0Y6dU8asixO4ZWWrCG6tgZ515Mk/u5qfaUFYSrJ47Ky
RhYwsvTajFWUMbGJZ2HoSsAApOzHvmL8QjqJp4cZI9Cp4XFwV66eUIHGiwIDAQAB
o4ICfjCCAnowHQYDVR0OBBYEFKodGb7EgQeKiu/caHzTXejv2X2bMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvcWgwWnZzU0JCNHFLNzl4b2ZOTmQ2T19aZlpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGTBggrBgEFBQcBBwEB/wSBgzCBgDB+BAIAATB4AwQAJTGR
AwQAJTGTMAwDBANeSpgDBABeSpwDBABty6AwDAMEA23LqAMEBm3LgDAMAwQAsC6B
AwQAsC6CMAwDBAKwLoQDBACwLogwDAMEAbAuigMEBLAugAMEALAukgMEArAulDAM
AwQAsC6ZAwQFsC6AAwQCuSKgMA0GCSqGSIb3DQEBCwUAA4IBAQB+WXHG9SS4oROC
HAwO3a/x5tUty8uvowBFuDF1KMwoeqqKbcGCsFj/7BXB7BovamQsMTfqKlecRV2t
P6nn4Cuyv3YJHc+RNQpc5zzCCLqD4zU5KMjVR15Wzf2nkGJBdo0V9LwElXS8A21H
yVY3ST7cExHudTpypaVcIsekY2lkkkQ3SCrboferUr2iWrHtNx5vePsrG9eArj4o
jH8XU0Lz2f1U9XV2JOBvtmK4pdCtLEKfPtQjsRbGI7tAOYQwA+sc7ncl9xU9M+6b
t3m0MRhQvE1lF9I1THxYlVwYDzQGU5V/TFS8FwmA7aCdmXNAh9OktpoocwgkhqSz
j9sjXbB0
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:00:18 2025 by rpki-client