Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/P8_KMUhR1g6RGMtDm4cFhbYJl44.roa
File: P8_KMUhR1g6RGMtDm4cFhbYJl44.roa (raw, json)
Hash identifier: /9QK0Dvj3b8yLM49ar/H88Xed2bzqN8xLtMmB9kD0nc=
Subject key identifier: 3F:CF:CA:31:48:51:D6:0E:91:18:CB:43:9B:87:05:85:B6:09:97:8E
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 018C6704A43781B5F008B8206665CAC5535D
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/P8_KMUhR1g6RGMtDm4cFhbYJl44.roa
Signing time: Thu 14 Dec 2023 06:30:06 +0000
ROA not before: Thu 14 Dec 2023 06:30:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 176.46.138.0/24 maxlen: 24
176.46.139.0/24 maxlen: 24
176.46.136.0/24 maxlen: 24
176.46.135.0/24 maxlen: 24
176.46.133.0/24 maxlen: 24
176.46.134.0/24 maxlen: 24
176.46.142.0/24 maxlen: 24
176.46.140.0/24 maxlen: 24
176.46.141.0/24 maxlen: 24
176.46.150.0/24 maxlen: 24
176.46.151.0/24 maxlen: 24
176.46.148.0/24 maxlen: 24
176.46.157.0/24 maxlen: 24
176.46.158.0/24 maxlen: 24
176.46.156.0/24 maxlen: 24
176.46.154.0/24 maxlen: 24
176.46.155.0/24 maxlen: 24
176.46.153.0/24 maxlen: 24
185.34.160.0/22 maxlen: 24
176.46.132.0/24 maxlen: 24
176.46.129.0/24 maxlen: 24
176.46.130.0/24 maxlen: 24
109.203.160.0/24 maxlen: 24
109.203.168.0/21 maxlen: 24
109.203.176.0/21 maxlen: 24
109.203.184.0/21 maxlen: 24
37.49.145.0/24 maxlen: 24
37.49.147.0/24 maxlen: 24
94.74.152.0/22 maxlen: 24
94.74.156.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:67:04:a4:37:81:b5:f0:08:b8:20:66:65:ca:c5:53:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Dec 14 06:30:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3fcfca314851d60e9118cb439b870585b609978e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:14:f5:f2:0f:32:a3:d4:13:f6:0d:1d:18:6c:
f1:91:35:ea:d1:c0:84:2a:93:08:16:b2:be:74:35:
93:4e:d7:f3:c2:d3:cd:75:ef:5a:f2:a8:dd:d6:8d:
05:2e:cd:73:8e:31:e6:62:37:a3:f3:c9:98:e2:b0:
e7:b7:9b:ad:b7:3c:93:01:0e:e5:91:18:b6:b2:c2:
a3:f1:9d:86:67:03:1f:ef:05:48:78:f7:d1:fe:9a:
9f:ac:e4:47:4c:f5:75:aa:bb:3f:b6:30:67:07:ad:
c0:f9:4d:12:f4:69:29:18:c7:98:e5:29:de:52:de:
65:5e:0a:c2:9d:ca:dc:16:76:6c:ac:60:ef:c9:c8:
00:ea:64:85:54:b5:fe:a6:75:92:64:ac:10:9c:ed:
0e:b4:65:70:82:59:1c:95:30:0d:24:75:9c:fa:c1:
b6:f8:7d:ec:46:1f:c8:eb:d6:89:db:16:43:03:82:
58:b6:f1:18:a0:7c:f2:75:e5:3f:9b:2a:fd:7e:10:
7c:ca:20:40:f2:34:ae:9d:95:b2:ed:94:4e:88:58:
f2:e3:eb:b5:8b:af:ba:69:f2:19:c0:ec:d2:b6:e1:
10:b9:6b:c8:82:37:17:ed:c2:15:e9:8e:e2:d5:4e:
0f:e8:d5:0d:b1:3c:33:20:58:11:6e:0c:fc:a5:c9:
32:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:CF:CA:31:48:51:D6:0E:91:18:CB:43:9B:87:05:85:B6:09:97:8E
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/P8_KMUhR1g6RGMtDm4cFhbYJl44.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.49.145.0/24
37.49.147.0/24
94.74.152.0-94.74.156.255
109.203.160.0/24
109.203.168.0-109.203.191.255
176.46.129.0-176.46.130.255
176.46.132.0-176.46.136.255
176.46.138.0-176.46.142.255
176.46.148.0/24
176.46.150.0/23
176.46.153.0-176.46.158.255
185.34.160.0/22
Signature Algorithm: sha256WithRSAEncryption
a3:64:04:0c:dd:3c:d4:18:46:a7:42:89:da:31:d2:62:e6:3b:
3e:b1:ab:af:9c:81:2e:28:31:84:eb:61:68:52:7f:da:5f:82:
a5:a0:ef:3e:c8:1f:ff:69:29:63:87:6a:9c:26:3f:55:0d:b2:
c8:e7:63:1e:e0:d0:5f:95:6a:6a:c3:8f:8a:f7:8e:e0:18:e5:
71:26:06:2f:59:c1:74:13:5d:05:00:2e:76:7e:15:3d:14:e5:
4d:52:73:54:d6:0b:7b:36:98:2a:50:be:d2:9c:de:d3:23:8f:
d1:69:ea:60:dc:f4:b7:c8:d6:42:ff:ed:e1:2d:dc:7c:59:d8:
0e:a6:fd:ea:2a:d7:a9:8e:83:dd:b3:4f:93:29:e5:68:e8:b7:
41:e1:f4:dd:74:4d:8b:e4:ed:fc:ef:90:d6:77:0a:5b:fc:02:
10:d9:17:11:17:53:d0:5c:fb:c1:db:4e:5f:44:22:a8:35:43:
f7:60:ec:01:ac:96:08:f6:4d:d8:5f:1f:99:76:a6:e4:57:6d:
3b:23:cd:3f:bd:e4:c7:73:8f:34:e1:e1:35:3e:76:19:20:2f:
70:0c:26:54:ec:8d:b1:7f:09:6d:fd:8e:97:58:de:36:47:51:
21:bb:5b:c5:62:26:f9:bb:e0:91:69:20:4f:e9:bb:38:0d:1a:
ce:e1:d6:18
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgISAYxnBKQ3gbXwCLggZmXKxVNdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjMxMjE0MDYzMDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZmNmY2EzMTQ4NTFkNjBlOTExOGNiNDM5Yjg3MDU4NWI2MDk5NzhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhRT18g8yo9QT9g0dGGzxkTXq0cCE
KpMIFrK+dDWTTtfzwtPNde9a8qjd1o0FLs1zjjHmYjej88mY4rDnt5uttzyTAQ7l
kRi2ssKj8Z2GZwMf7wVIePfR/pqfrORHTPV1qrs/tjBnB63A+U0S9GkpGMeY5Sne
Ut5lXgrCncrcFnZsrGDvycgA6mSFVLX+pnWSZKwQnO0OtGVwglkclTANJHWc+sG2
+H3sRh/I69aJ2xZDA4JYtvEYoHzydeU/myr9fhB8yiBA8jSunZWy7ZROiFjy4+u1
i6+6afIZwOzStuEQuWvIgjcX7cIV6Y7i1U4P6NUNsTwzIFgRbgz8pckymQIDAQAB
o4ICfjCCAnowHQYDVR0OBBYEFD/PyjFIUdYOkRjLQ5uHBYW2CZeOMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvUDhfS01VaFIxZzZSR010RG00Y0ZoYllKbDQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGTBggrBgEFBQcBBwEB/wSBgzCBgDB+BAIAATB4AwQAJTGR
AwQAJTGTMAwDBANeSpgDBABeSpwDBABty6AwDAMEA23LqAMEBm3LgDAMAwQAsC6B
AwQAsC6CMAwDBAKwLoQDBACwLogwDAMEAbAuigMEALAujgMEALAulAMEAbAuljAM
AwQAsC6ZAwQAsC6eAwQCuSKgMA0GCSqGSIb3DQEBCwUAA4IBAQCjZAQM3TzUGEan
QonaMdJi5js+sauvnIEuKDGE62FoUn/aX4KloO8+yB//aSljh2qcJj9VDbLI52Me
4NBflWpqw4+K947gGOVxJgYvWcF0E10FAC52fhU9FOVNUnNU1gt7NpgqUL7SnN7T
I4/Raepg3PS3yNZC/+3hLdx8WdgOpv3qKtepjoPds0+TKeVo6LdB4fTddE2L5O38
75DWdwpb/AIQ2RcRF1PQXPvB205fRCKoNUP3YOwBrJYI9k3YXx+ZdqbkV207I80/
veTHc4804eE1PnYZIC9wDCZU7I2xfwlt/Y6XWN42R1Ehu1vFYib5u+CRaSBP6bs4
DRrO4dYY
-----END CERTIFICATE-----
Generated at Sat May 3 19:56:38 2025 by rpki-client