Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/y0Ew7m2lZPIvBkUNh3tNoekDgUQ.roa
File: y0Ew7m2lZPIvBkUNh3tNoekDgUQ.roa (raw, json)
Hash identifier: 17QDxdD+dKaU5/pIWEHN6lWNg4AVBIXmzk8pQdGMRf0=
Subject key identifier: CB:41:30:EE:6D:A5:64:F2:2F:06:45:0D:87:7B:4D:A1:E9:03:81:44
Certificate issuer: /CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Certificate serial: 018C6D4325AF2716924DCC15E724351A6B33
Authority key identifier: D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/y0Ew7m2lZPIvBkUNh3tNoekDgUQ.roa
Signing time: Fri 15 Dec 2023 11:36:06 +0000
ROA not before: Fri 15 Dec 2023 11:36:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61157
IP address blocks: 46.23.208.0/21 maxlen: 24
212.1.32.0/19 maxlen: 19
188.64.192.0/21 maxlen: 21
62.75.174.0/24 maxlen: 24
185.209.64.0/22 maxlen: 22
185.55.68.0/22 maxlen: 24
195.244.96.0/19 maxlen: 19
2a02:ad0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:6d:43:25:af:27:16:92:4d:cc:15:e7:24:35:1a:6b:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Validity
Not Before: Dec 15 11:36:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cb4130ee6da564f22f06450d877b4da1e9038144
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:d7:63:fe:eb:be:07:ff:e5:b6:1b:a2:ab:42:
d9:19:a5:7f:8a:74:d8:7a:e3:ad:24:fb:12:cc:56:
0f:c3:74:90:de:11:1f:c0:6f:00:75:b8:68:78:d6:
5c:81:6b:1d:7d:eb:b7:0c:37:0c:05:6a:55:8b:9d:
8c:80:46:b7:0a:6f:f7:4d:85:ed:09:f4:32:54:06:
7d:e7:06:99:22:84:a8:5a:eb:45:c3:0c:11:3c:70:
ca:70:1d:94:c9:e2:47:90:13:fc:c8:5b:e6:2e:cf:
35:ac:20:d7:1b:8c:4b:ff:aa:ce:6d:85:63:b4:2c:
9d:6c:f7:11:66:6f:01:2a:e9:dd:bd:58:fc:dc:7a:
f6:fb:d8:ce:d4:d6:cf:59:d6:70:f6:25:82:10:f2:
ab:c7:94:60:f8:03:4e:9d:7c:29:e3:d0:c2:8b:75:
89:e2:e0:0a:d7:79:15:1a:5b:b6:1c:27:bb:36:fe:
e9:8a:c5:90:bd:7e:76:f4:ef:f7:6b:c6:42:69:07:
99:ec:d5:93:c4:3f:70:92:92:b9:a6:0f:25:7c:21:
c8:8e:69:c6:77:27:25:82:92:b0:bb:92:0c:33:bb:
23:0a:f9:ea:e3:7f:07:89:52:1f:1d:3a:02:30:03:
1f:ec:f7:25:c9:a4:35:a9:5b:02:a7:9d:24:41:ec:
6b:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:41:30:EE:6D:A5:64:F2:2F:06:45:0D:87:7B:4D:A1:E9:03:81:44
X509v3 Authority Key Identifier:
keyid:D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/y0Ew7m2lZPIvBkUNh3tNoekDgUQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/10cBdWTHEby9V2gKDf0A8qXQmds.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.23.208.0/21
62.75.174.0/24
185.55.68.0/22
185.209.64.0/22
188.64.192.0/21
195.244.96.0/19
212.1.32.0/19
IPv6:
2a02:ad0::/29
Signature Algorithm: sha256WithRSAEncryption
a6:04:6d:03:54:97:de:e8:82:81:bb:cc:53:f1:54:28:5b:1a:
be:ca:d4:f9:cc:28:ad:17:22:e8:fb:83:25:84:41:90:f2:22:
ea:f7:0a:66:f4:2b:76:7f:bd:97:47:3e:ce:55:e5:ad:39:f8:
61:a1:c6:e8:36:98:77:e5:f6:c9:36:aa:da:75:4a:f6:12:ec:
27:50:7d:50:a8:66:65:69:93:9e:82:63:ab:1a:5d:51:6b:b5:
f2:58:c7:ee:fd:08:62:d3:be:dd:00:e7:6b:87:37:23:46:58:
dc:95:f5:7b:2d:78:07:6c:2a:aa:9d:76:01:8c:cd:3d:22:af:
57:4b:5c:50:f5:9e:e9:07:52:b4:d6:49:f5:43:4e:26:23:ab:
a8:52:68:71:a0:7a:d5:4a:b2:f6:97:40:34:08:25:44:41:e4:
42:85:63:2d:70:81:06:6b:47:59:37:77:e6:17:f3:60:d5:2a:
b2:96:04:0d:f4:a4:48:9e:f0:f3:d4:c1:1a:83:96:39:a4:bd:
83:7d:a3:b2:db:4e:3e:65:68:a7:78:27:c7:36:50:c2:2d:a7:
71:e2:f8:98:fc:b9:68:fd:99:33:32:2e:b9:10:11:20:9c:91:
a4:7d:87:e7:eb:a9:b6:42:ad:a9:7e:16:66:f6:93:f9:a6:2a:
89:26:d1:88
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYxtQyWvJxaSTcwV5yQ1GmszMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NDcwMTc1NjRjNzExYmNiZDU3NjgwYTBkZmQwMGYyYTVk
MDk5ZGIwHhcNMjMxMjE1MTEzNjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjQxMzBlZTZkYTU2NGYyMmYwNjQ1MGQ4NzdiNGRhMWU5MDM4MTQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmddj/uu+B//lthuiq0LZGaV/inTY
euOtJPsSzFYPw3SQ3hEfwG8AdbhoeNZcgWsdfeu3DDcMBWpVi52MgEa3Cm/3TYXt
CfQyVAZ95waZIoSoWutFwwwRPHDKcB2UyeJHkBP8yFvmLs81rCDXG4xL/6rObYVj
tCydbPcRZm8BKundvVj83Hr2+9jO1NbPWdZw9iWCEPKrx5Rg+ANOnXwp49DCi3WJ
4uAK13kVGlu2HCe7Nv7pisWQvX529O/3a8ZCaQeZ7NWTxD9wkpK5pg8lfCHIjmnG
dyclgpKwu5IMM7sjCvnq438HiVIfHToCMAMf7PclyaQ1qVsCp50kQexrkQIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFMtBMO5tpWTyLwZFDYd7TaHpA4FEMB8GA1UdIwQY
MBaAFNdHAXVkxxG8vVdoCg39APKl0JnbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTBjQmRXVEhFYnk5VjJnS0RmMEE4cVhRbWRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9iYTIzNjItMGNjNS00OWJkLWE1MjIt
NGYwZThjZTExYTdkLzEveTBFdzdtMmxaUEl2QmtVTmgzdE5vZWtEZ1VRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9iYTIzNjItMGNjNS00OWJkLWE1MjItNGYwZThjZTExYTdk
LzEvMTBjQmRXVEhFYnk5VjJnS0RmMEE4cVhRbWRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQDLhfQAwQA
PkuuAwQCuTdEAwQCudFAAwQDvEDAAwQFw/RgAwQF1AEgMA0EAgACMAcDBQMqAgrQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCmBG0DVJfe6IKBu8xT8VQoWxq+ytT5zCitFyLo
+4MlhEGQ8iLq9wpm9Ct2f72XRz7OVeWtOfhhocboNph35fbJNqradUr2EuwnUH1Q
qGZlaZOegmOrGl1Ra7XyWMfu/Qhi077dAOdrhzcjRljclfV7LXgHbCqqnXYBjM09
Iq9XS1xQ9Z7pB1K01kn1Q04mI6uoUmhxoHrVSrL2l0A0CCVEQeRChWMtcIEGa0dZ
N3fmF/Ng1SqylgQN9KRInvDz1MEag5Y5pL2DfaOy204+ZWineCfHNlDCLadx4viY
/Llo/ZkzMi65EBEgnJGkfYfn66m2Qq2pfhZm9pP5piqJJtGI
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:05:24 2025 by rpki-client