Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/z6FMTBaz5bIFKcX4f1fu8m1Cgl0.roa
File: z6FMTBaz5bIFKcX4f1fu8m1Cgl0.roa (raw, json)
Hash identifier: Ubp4ZH3MoHW21XpCjEIBYKAtklazQVDHB8+Q3FXIgbA=
Subject key identifier: CF:A1:4C:4C:16:B3:E5:B2:05:29:C5:F8:7F:57:EE:F2:6D:42:82:5D
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 018B4EA5454EA8D2BC2DD0E29E760A12A1AE
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/z6FMTBaz5bIFKcX4f1fu8m1Cgl0.roa
Signing time: Fri 20 Oct 2023 19:52:15 +0000
ROA not before: Fri 20 Oct 2023 19:52:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9009
IP address blocks: 176.46.137.0/24 maxlen: 24
176.46.144.0/23 maxlen: 23
176.46.140.0/24 maxlen: 24
176.46.143.0/24 maxlen: 24
176.46.144.0/24 maxlen: 24
176.46.145.0/24 maxlen: 24
176.46.146.0/24 maxlen: 24
176.46.147.0/24 maxlen: 24
176.46.149.0/24 maxlen: 24
176.46.151.0/24 maxlen: 24
176.46.152.0/24 maxlen: 24
176.46.159.0/24 maxlen: 24
176.46.128.0/24 maxlen: 24
176.46.131.0/24 maxlen: 24
176.46.132.0/24 maxlen: 24
109.203.162.0/24 maxlen: 24
109.203.163.0/24 maxlen: 24
109.203.164.0/24 maxlen: 24
109.203.165.0/24 maxlen: 24
109.203.166.0/24 maxlen: 24
109.203.167.0/24 maxlen: 24
31.170.55.0/24 maxlen: 24
94.74.191.0/24 maxlen: 24
94.74.187.0/24 maxlen: 24
37.49.144.0/24 maxlen: 24
37.49.146.0/24 maxlen: 24
37.49.148.0/24 maxlen: 24
37.49.149.0/24 maxlen: 24
37.49.150.0/24 maxlen: 24
37.49.151.0/24 maxlen: 24
94.74.137.0/24 maxlen: 24
94.74.147.0/24 maxlen: 24
94.74.158.0/24 maxlen: 24
94.74.159.0/24 maxlen: 24
94.74.164.0/24 maxlen: 24
94.74.168.0/24 maxlen: 24
94.74.169.0/24 maxlen: 24
94.74.171.0/24 maxlen: 24
94.74.173.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:4e:a5:45:4e:a8:d2:bc:2d:d0:e2:9e:76:0a:12:a1:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Oct 20 19:52:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cfa14c4c16b3e5b20529c5f87f57eef26d42825d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:55:6b:68:67:34:c3:70:ce:cb:a5:e6:b9:92:
a2:6b:f6:bf:2d:18:1c:cb:23:ea:f8:6d:98:6e:b9:
9a:6d:6e:70:54:e7:be:eb:85:26:dc:59:0c:eb:a0:
d1:57:ea:d9:12:58:2f:c8:12:81:83:bb:dc:df:70:
28:09:af:d4:4d:b4:45:f3:29:a8:f7:48:f9:0d:87:
27:3b:1e:af:b6:c6:05:20:c0:1b:06:1f:12:f0:0d:
ac:f5:d3:15:7e:69:79:fb:53:c8:54:6d:b9:56:9f:
b4:aa:a9:54:92:96:50:e9:fc:de:a2:11:02:d2:c7:
07:c5:2e:75:a1:6e:42:1c:cf:1a:38:da:6b:9a:a6:
37:f8:2b:64:b2:3e:a9:8c:dc:09:b7:ef:ba:a0:31:
f6:d5:66:83:18:35:7c:8a:85:57:3c:23:45:fb:67:
dc:23:95:06:dc:de:3e:17:5e:6b:70:f0:6e:79:dc:
fa:aa:22:b3:db:11:5f:6a:bb:bd:b1:0b:e8:b8:4b:
ff:11:3c:43:bd:e2:f0:26:a4:40:ce:96:9f:ce:98:
60:71:fa:2e:66:35:c5:74:e7:b0:e2:a4:99:b6:3c:
fb:5d:46:0c:11:b5:1a:04:51:25:ed:f7:d3:6d:37:
e5:cd:9a:fc:c9:63:18:10:b2:d0:60:d3:e8:e6:57:
6d:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:A1:4C:4C:16:B3:E5:B2:05:29:C5:F8:7F:57:EE:F2:6D:42:82:5D
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/z6FMTBaz5bIFKcX4f1fu8m1Cgl0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.170.55.0/24
37.49.144.0/24
37.49.146.0/24
37.49.148.0/22
94.74.137.0/24
94.74.147.0/24
94.74.158.0/23
94.74.164.0/24
94.74.168.0/23
94.74.171.0/24
94.74.173.0/24
94.74.187.0/24
94.74.191.0/24
109.203.162.0-109.203.167.255
176.46.128.0/24
176.46.131.0-176.46.132.255
176.46.137.0/24
176.46.140.0/24
176.46.143.0-176.46.147.255
176.46.149.0/24
176.46.151.0-176.46.152.255
176.46.159.0/24
Signature Algorithm: sha256WithRSAEncryption
26:b9:db:78:32:49:0f:b0:33:1a:35:11:27:24:84:c7:da:4d:
24:69:f6:d6:76:e0:7e:f5:44:e8:27:c4:35:76:7e:3a:ae:91:
2a:38:34:be:bb:a6:d3:88:73:6c:8a:60:f7:c0:38:dd:85:f0:
a6:cc:17:4e:b2:c7:b4:6c:17:ae:63:b7:ef:0b:66:83:5e:d8:
34:59:7a:d6:68:c2:92:eb:84:95:aa:a9:e7:5e:1a:e9:7f:6a:
85:51:84:a1:a3:4e:35:bf:96:78:34:b0:e8:a2:f9:e0:dd:f1:
c7:f4:1c:6a:d8:89:2f:89:0a:32:39:01:02:b4:1c:be:6a:55:
9a:79:47:40:11:77:2c:ff:07:7d:f5:57:b3:76:94:93:5b:f9:
4a:61:dc:0b:78:ea:11:cc:04:96:95:40:ef:2b:03:2c:9b:08:
09:cf:03:80:ac:61:bb:5a:e5:ae:43:06:fa:b0:1d:13:e0:a1:
ea:fc:7c:41:30:34:d2:2a:5d:58:38:a5:06:33:13:04:2e:32:
4a:0a:09:21:3f:77:21:85:e8:ae:1d:28:91:c8:88:90:b6:59:
7a:3c:99:f5:20:9b:48:0b:5f:2a:dc:b9:23:ea:34:6d:41:02:
32:5d:2f:22:31:fd:3b:a1:33:e6:d4:7a:89:71:e2:e8:43:1c:
50:ef:a3:fa
-----BEGIN CERTIFICATE-----
MIIFoDCCBIigAwIBAgISAYtOpUVOqNK8LdDinnYKEqGuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjMxMDIwMTk1MjE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZmExNGM0YzE2YjNlNWIyMDUyOWM1Zjg3ZjU3ZWVmMjZkNDI4MjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk1VraGc0w3DOy6XmuZKia/a/LRgc
yyPq+G2YbrmabW5wVOe+64Um3FkM66DRV+rZElgvyBKBg7vc33AoCa/UTbRF8ymo
90j5DYcnOx6vtsYFIMAbBh8S8A2s9dMVfml5+1PIVG25Vp+0qqlUkpZQ6fzeohEC
0scHxS51oW5CHM8aONprmqY3+Ctksj6pjNwJt++6oDH21WaDGDV8ioVXPCNF+2fc
I5UG3N4+F15rcPBuedz6qiKz2xFfaru9sQvouEv/ETxDveLwJqRAzpafzphgcfou
ZjXFdOew4qSZtjz7XUYMEbUaBFEl7ffTbTflzZr8yWMYELLQYNPo5ldtnQIDAQAB
o4ICrDCCAqgwHQYDVR0OBBYEFM+hTEwWs+WyBSnF+H9X7vJtQoJdMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvejZGTVRCYXo1YklGS2NYNGYxZnU4bTFDZ2wwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHBBggrBgEFBQcBBwEB/wSBsTCBrjCBqwQCAAEwgaQDBAAf
qjcDBAAlMZADBAAlMZIDBAIlMZQDBABeSokDBABeSpMDBAFeSp4DBABeSqQDBAFe
SqgDBABeSqsDBABeSq0DBABeSrsDBABeSr8wDAMEAW3LogMEA23LoAMEALAugDAM
AwQAsC6DAwQAsC6EAwQAsC6JAwQAsC6MMAwDBACwLo8DBAKwLpADBACwLpUwDAME
ALAulwMEALAumAMEALAunzANBgkqhkiG9w0BAQsFAAOCAQEAJrnbeDJJD7AzGjUR
JySEx9pNJGn21nbgfvVE6CfENXZ+Oq6RKjg0vrum04hzbIpg98A43YXwpswXTrLH
tGwXrmO37wtmg17YNFl61mjCkuuElaqp514a6X9qhVGEoaNONb+WeDSw6KL54N3x
x/QcatiJL4kKMjkBArQcvmpVmnlHQBF3LP8HffVXs3aUk1v5SmHcC3jqEcwElpVA
7ysDLJsICc8DgKxhu1rlrkMG+rAdE+Ch6vx8QTA00ipdWDilBjMTBC4ySgoJIT93
IYXorh0okciIkLZZejyZ9SCbSAtfKty5I+o0bUECMl0vIjH9O6Ez5tR6iXHi6EMc
UO+j+g==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:05:16 2025 by rpki-client