Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/2652cd-7ecf-49e8-a4f8-c7869128582c/1/zqEHP_W_ekc29-J88GDh3hd4MWc.roa
File: zqEHP_W_ekc29-J88GDh3hd4MWc.roa (raw, json)
Hash identifier: cjNDuEOtC8Yx/Cqe3G7zVzigaH59sog7qc1hXiGD2U8=
Subject key identifier: CE:A1:07:3F:F5:BF:7A:47:36:F7:E2:7C:F0:60:E1:DE:17:78:31:67
Certificate issuer: /CN=d8284f18cd44604bdd6d08f4d878dc61456c40fd
Certificate serial: 018C58A60C576DF43AC8ABF9232EC921F0C6
Authority key identifier: D8:28:4F:18:CD:44:60:4B:DD:6D:08:F4:D8:78:DC:61:45:6C:40:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2ChPGM1EYEvdbQj02HjcYUVsQP0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/2652cd-7ecf-49e8-a4f8-c7869128582c/1/zqEHP_W_ekc29-J88GDh3hd4MWc.roa
Signing time: Mon 11 Dec 2023 11:32:06 +0000
ROA not before: Mon 11 Dec 2023 11:32:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211309
IP address blocks: 46.252.7.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:58:a6:0c:57:6d:f4:3a:c8:ab:f9:23:2e:c9:21:f0:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8284f18cd44604bdd6d08f4d878dc61456c40fd
Validity
Not Before: Dec 11 11:32:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cea1073ff5bf7a4736f7e27cf060e1de17783167
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:14:62:af:05:b1:48:d6:65:93:95:18:b8:b8:
8d:0f:e2:5a:5f:3b:b8:db:31:e6:89:97:9d:f1:fa:
b9:13:1a:f3:ba:74:56:06:1e:01:f3:54:c9:1a:e1:
b7:78:97:87:f0:20:1a:70:2c:96:71:35:3d:2d:d2:
36:1b:4e:58:5a:80:09:57:e4:7a:47:61:ac:6d:7b:
a9:6e:0b:14:b6:db:cd:38:54:df:48:29:2e:b1:6e:
b0:f8:6f:00:3b:cb:49:5b:19:39:06:44:1e:40:1c:
f7:58:68:99:3e:f4:64:11:f4:3c:b1:34:e9:e8:76:
85:22:b9:bd:9f:fc:c9:9e:d3:8c:85:2e:80:7c:d0:
70:ac:09:48:2f:48:0a:c7:43:20:ad:e5:24:38:28:
cb:ee:a4:38:fc:71:ee:05:3e:44:8a:46:b1:b4:7b:
75:cb:e4:e1:1e:62:bc:af:29:4f:03:bd:4d:64:77:
6e:f5:e6:7c:73:d4:fa:0c:6f:a8:d3:f1:3e:cf:70:
20:2a:d9:93:9a:17:f1:fe:2a:0e:4c:60:83:78:55:
d3:7c:c1:e3:8c:ca:54:ab:d3:e7:16:3f:74:58:51:
af:fe:40:21:ce:f1:27:26:35:b1:46:88:33:66:71:
42:a7:eb:97:68:c5:9c:a5:3d:83:17:90:d1:2c:cb:
ef:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:A1:07:3F:F5:BF:7A:47:36:F7:E2:7C:F0:60:E1:DE:17:78:31:67
X509v3 Authority Key Identifier:
keyid:D8:28:4F:18:CD:44:60:4B:DD:6D:08:F4:D8:78:DC:61:45:6C:40:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2ChPGM1EYEvdbQj02HjcYUVsQP0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/2652cd-7ecf-49e8-a4f8-c7869128582c/1/zqEHP_W_ekc29-J88GDh3hd4MWc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/2652cd-7ecf-49e8-a4f8-c7869128582c/1/2ChPGM1EYEvdbQj02HjcYUVsQP0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.252.7.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:36:16:03:a3:d5:7b:9b:b7:ff:91:44:31:79:59:8d:91:e7:
1a:fa:61:5e:a4:a6:e3:87:e9:21:4b:6d:3b:ed:bd:c0:06:cc:
1e:fb:3b:6e:56:f5:1c:3c:38:fc:60:f4:36:ff:76:d2:d8:46:
86:96:e9:8d:00:a4:9f:08:b6:9c:a5:51:f0:0d:b7:7c:08:e6:
23:8b:af:91:37:a2:2f:5e:b9:9c:d3:46:24:d5:c6:0a:1d:f4:
47:38:8c:da:a9:11:d5:7a:b1:e7:18:9d:76:15:82:bd:74:90:
37:34:3e:90:10:71:70:ef:8b:25:71:4d:f4:88:0d:d3:12:b1:
e1:29:4d:28:dd:d0:f2:08:97:6a:b8:0b:a8:88:d4:ab:66:62:
e9:ea:08:db:86:8f:41:3e:04:ad:58:89:3d:92:6d:06:7b:3b:
a2:cd:50:31:85:89:88:77:69:93:cd:2b:2d:e8:1e:95:3c:1c:
e6:22:ba:b2:e8:5d:2e:24:93:91:0f:fe:78:39:09:27:cf:ca:
69:3a:1e:a4:49:70:61:db:ad:59:38:17:2b:e0:c1:78:69:d0:
96:a6:aa:a7:92:60:08:a1:3b:8a:55:15:50:07:55:32:96:7a:
82:14:c8:0f:21:c4:7c:a1:17:c9:c4:e9:a6:48:35:7e:9f:0d:
e9:de:56:41
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYxYpgxXbfQ6yKv5Iy7JIfDGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4Mjg0ZjE4Y2Q0NDYwNGJkZDZkMDhmNGQ4NzhkYzYxNDU2
YzQwZmQwHhcNMjMxMjExMTEzMjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZWExMDczZmY1YmY3YTQ3MzZmN2UyN2NmMDYwZTFkZTE3NzgzMTY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuhRirwWxSNZlk5UYuLiND+JaXzu4
2zHmiZed8fq5ExrzunRWBh4B81TJGuG3eJeH8CAacCyWcTU9LdI2G05YWoAJV+R6
R2GsbXupbgsUttvNOFTfSCkusW6w+G8AO8tJWxk5BkQeQBz3WGiZPvRkEfQ8sTTp
6HaFIrm9n/zJntOMhS6AfNBwrAlIL0gKx0MgreUkOCjL7qQ4/HHuBT5EikaxtHt1
y+ThHmK8rylPA71NZHdu9eZ8c9T6DG+o0/E+z3AgKtmTmhfx/ioOTGCDeFXTfMHj
jMpUq9PnFj90WFGv/kAhzvEnJjWxRogzZnFCp+uXaMWcpT2DF5DRLMvvgwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM6hBz/1v3pHNvfifPBg4d4XeDFnMB8GA1UdIwQY
MBaAFNgoTxjNRGBL3W0I9Nh43GFFbED9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkNoUEdNMUVZRXZkYlFqMDJIamNZVVZzUVAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi8yNjUyY2QtN2VjZi00OWU4LWE0Zjgt
Yzc4NjkxMjg1ODJjLzEvenFFSFBfV19la2MyOS1KODhHRGgzaGQ0TVdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi8yNjUyY2QtN2VjZi00OWU4LWE0ZjgtYzc4NjkxMjg1ODJj
LzEvMkNoUEdNMUVZRXZkYlFqMDJIamNZVVZzUVAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALvwHMA0G
CSqGSIb3DQEBCwUAA4IBAQBPNhYDo9V7m7f/kUQxeVmNkeca+mFepKbjh+khS207
7b3ABswe+ztuVvUcPDj8YPQ2/3bS2EaGlumNAKSfCLacpVHwDbd8COYji6+RN6Iv
Xrmc00Yk1cYKHfRHOIzaqRHVerHnGJ12FYK9dJA3ND6QEHFw74slcU30iA3TErHh
KU0o3dDyCJdquAuoiNSrZmLp6gjbho9BPgStWIk9km0GezuizVAxhYmId2mTzSst
6B6VPBzmIrqy6F0uJJORD/54OQknz8ppOh6kSXBh261ZOBcr4MF4adCWpqqnkmAI
oTuKVRVQB1UylnqCFMgPIcR8oRfJxOmmSDV+nw3p3lZB
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:26:05 2025 by rpki-client