Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/4RPDKX0p_qHcGLKzWPcuktNf92c.roa
File: 4RPDKX0p_qHcGLKzWPcuktNf92c.roa (raw, json)
Hash identifier: kwvE4nFehzBAMH50hnmGdW1IzBchE+C5soDzdlrpI2s=
Subject key identifier: E1:13:C3:29:7D:29:FE:A1:DC:18:B2:B3:58:F7:2E:92:D3:5F:F7:67
Certificate issuer: /CN=e754c347d68d15493de71bb962f0a567e134d603
Certificate serial: 01856F94DD09C8173C93D7A30197B3018657
Authority key identifier: E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/4RPDKX0p_qHcGLKzWPcuktNf92c.roa
Signing time: Sun 01 Jan 2023 23:05:04 +0000
ROA not before: Sun 01 Jan 2023 23:05:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 64080
IP address blocks: 155.254.32.0/19 maxlen: 24
45.43.64.0/19 maxlen: 24
107.181.128.0/19 maxlen: 24
198.105.96.0/19 maxlen: 24
89.33.6.0/23 maxlen: 24
2a05:9f40:1f::/48 maxlen: 48
2a05:9f44:2a05::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:94:dd:09:c8:17:3c:93:d7:a3:01:97:b3:01:86:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e754c347d68d15493de71bb962f0a567e134d603
Validity
Not Before: Jan 1 23:05:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e113c3297d29fea1dc18b2b358f72e92d35ff767
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:84:b7:88:77:15:06:a1:79:b8:82:32:8d:68:
b7:b6:1f:d7:6a:58:b5:1a:36:69:b0:0b:82:13:1d:
fd:06:44:99:6b:e3:37:a0:09:67:f1:d1:8a:9c:04:
aa:bb:b8:14:02:28:d2:d2:ee:f6:60:82:7e:43:3a:
b1:f0:f8:f2:92:13:85:71:a7:14:a4:71:a2:c5:87:
22:60:9a:9f:d2:36:50:32:af:d0:f9:03:30:8e:54:
29:9f:c5:69:b3:b7:1b:f2:63:15:b3:5c:7e:dc:42:
8f:f4:57:88:33:98:25:d9:ad:05:d9:70:ec:7a:41:
67:c3:cb:ab:fc:77:48:7c:67:3c:bd:73:de:be:8c:
7c:7a:a9:46:69:b5:3d:cc:fb:2e:30:e7:ef:15:d2:
3c:d3:e5:80:17:d7:80:6e:75:b5:99:26:b2:56:9a:
1b:17:51:88:2a:97:81:31:af:c0:4d:07:ac:3e:bc:
66:b3:a0:ad:73:9a:ce:75:13:69:ff:f3:08:f7:1f:
38:98:4d:88:66:9c:f5:ed:d6:12:c4:cd:6a:b3:b0:
fe:29:2f:7e:84:69:0d:a3:b3:f8:b5:7a:53:ed:8b:
80:0d:d3:de:e5:13:a0:2e:50:ef:a5:50:89:34:d4:
fd:c0:9d:43:2b:8a:94:53:fc:00:6a:53:b9:ce:19:
24:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:13:C3:29:7D:29:FE:A1:DC:18:B2:B3:58:F7:2E:92:D3:5F:F7:67
X509v3 Authority Key Identifier:
keyid:E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/4RPDKX0p_qHcGLKzWPcuktNf92c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/51TDR9aNFUk95xu5YvClZ-E01gM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.43.64.0/19
89.33.6.0/23
107.181.128.0/19
155.254.32.0/19
198.105.96.0/19
IPv6:
2a05:9f40:1f::/48
2a05:9f44:2a05::/48
Signature Algorithm: sha256WithRSAEncryption
08:9d:e9:06:9e:11:70:80:3d:18:db:d2:da:19:1f:91:05:49:
2f:08:d2:5d:5d:65:b7:02:af:11:9a:9d:bb:78:2b:86:7f:c4:
af:44:e6:a6:53:b6:30:08:38:28:5c:5f:b6:0c:29:e1:66:23:
2b:36:5a:08:31:0f:1e:4e:ff:d8:8a:7c:22:fd:e0:8c:7c:13:
c0:6d:27:50:f9:f4:ad:85:27:95:fa:5c:dc:6b:83:d1:4f:2c:
ed:0b:f2:67:01:6b:d0:6c:81:63:49:a0:af:0c:1d:d8:10:38:
69:1c:c1:f7:a9:02:75:cf:0f:5a:bf:88:17:98:07:86:b6:a0:
c1:0e:f3:d4:ba:2b:2c:54:03:e7:0a:92:6e:b3:90:c6:e1:da:
e4:5c:10:f1:a7:c2:af:40:37:56:4a:9a:bb:75:34:2d:5f:4b:
0a:4f:4d:fe:d9:70:8a:d1:a4:c4:f7:2a:f2:74:11:50:d4:8f:
38:a8:fc:ec:50:8f:76:da:3a:14:2b:d5:be:4f:31:bf:7b:fd:
a7:3a:58:89:c9:cd:9b:a4:40:63:57:b4:b9:06:21:97:f2:27:
9f:fb:51:2d:1b:12:67:48:a5:29:7c:0b:84:f0:93:6a:ee:2c:
8c:6f:d4:90:45:bd:82:5c:89:2f:13:07:6c:e1:28:16:d6:a0:
e5:b4:df:da
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYVvlN0JyBc8k9ejAZezAYZXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NTRjMzQ3ZDY4ZDE1NDkzZGU3MWJiOTYyZjBhNTY3ZTEz
NGQ2MDMwHhcNMjMwMTAxMjMwNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTEzYzMyOTdkMjlmZWExZGMxOGIyYjM1OGY3MmU5MmQzNWZmNzY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhIS3iHcVBqF5uIIyjWi3th/Xali1
GjZpsAuCEx39BkSZa+M3oAln8dGKnASqu7gUAijS0u72YIJ+Qzqx8PjykhOFcacU
pHGixYciYJqf0jZQMq/Q+QMwjlQpn8Vps7cb8mMVs1x+3EKP9FeIM5gl2a0F2XDs
ekFnw8ur/HdIfGc8vXPevox8eqlGabU9zPsuMOfvFdI80+WAF9eAbnW1mSayVpob
F1GIKpeBMa/ATQesPrxms6Ctc5rOdRNp//MI9x84mE2IZpz17dYSxM1qs7D+KS9+
hGkNo7P4tXpT7YuADdPe5ROgLlDvpVCJNNT9wJ1DK4qUU/wAalO5zhkkuQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFOETwyl9Kf6h3Biys1j3LpLTX/dnMB8GA1UdIwQY
MBaAFOdUw0fWjRVJPecbuWLwpWfhNNYDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2It
MzdiNjJkMjIzOTI0LzEvNFJQREtYMHBfcUhjR0xLeldQY3VrdE5mOTJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2ItMzdiNjJkMjIzOTI0
LzEvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDAkBAIAATAeAwQFLStAAwQB
WSEGAwQFa7WAAwQFm/4gAwQFxmlgMBgEAgACMBIDBwAqBZ9AAB8DBwAqBZ9EKgUw
DQYJKoZIhvcNAQELBQADggEBAAid6QaeEXCAPRjb0toZH5EFSS8I0l1dZbcCrxGa
nbt4K4Z/xK9E5qZTtjAIOChcX7YMKeFmIys2WggxDx5O/9iKfCL94Ix8E8BtJ1D5
9K2FJ5X6XNxrg9FPLO0L8mcBa9BsgWNJoK8MHdgQOGkcwfepAnXPD1q/iBeYB4a2
oMEO89S6KyxUA+cKkm6zkMbh2uRcEPGnwq9AN1ZKmrt1NC1fSwpPTf7ZcIrRpMT3
KvJ0EVDUjzio/OxQj3baOhQr1b5PMb97/ac6WInJzZukQGNXtLkGIZfyJ5/7US0b
EmdIpSl8C4Twk2ruLIxv1JBFvYJciS8TB2zhKBbWoOW039o=
-----END CERTIFICATE-----
Generated at Mon Apr 7 06:05:00 2025 by rpki-client