Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8b5f1e-4190-48b6-bdc5-7d05f9888e98/1/1yKUlaPQi-gvX6j-8oPkwCBqWhM.roa
File: 1yKUlaPQi-gvX6j-8oPkwCBqWhM.roa (raw, json)
Hash identifier: 5+65A5v1WUvhlrh5zt0zqWU4aK7K8sRq30aRzrjJalU=
Subject key identifier: D7:22:94:95:A3:D0:8B:E8:2F:5F:A8:FE:F2:83:E4:C0:20:6A:5A:13
Certificate issuer: /CN=6613d9c856444a7096e3a8508cae307fdebc0cd4
Certificate serial: 064EBC6B
Authority key identifier: 66:13:D9:C8:56:44:4A:70:96:E3:A8:50:8C:AE:30:7F:DE:BC:0C:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZhPZyFZESnCW46hQjK4wf968DNQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8b5f1e-4190-48b6-bdc5-7d05f9888e98/1/1yKUlaPQi-gvX6j-8oPkwCBqWhM.roa
Signing time: Sat 01 Jan 2022 10:01:20 +0000
ROA not before: Sat 01 Jan 2022 10:01:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60501
IP address blocks: 46.149.102.0/24 maxlen: 24
2a10:2400::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 105823339 (0x64ebc6b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6613d9c856444a7096e3a8508cae307fdebc0cd4
Validity
Not Before: Jan 1 10:01:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d7229495a3d08be82f5fa8fef283e4c0206a5a13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:da:f3:1c:06:5b:79:e5:31:02:ac:a8:80:cf:
0c:1f:50:87:9f:ae:9d:9b:be:88:6f:dc:d8:bf:8c:
6d:92:47:b6:13:bf:da:a7:e3:9e:f5:cb:5b:8b:16:
b5:8a:9f:ac:1e:76:32:c4:56:0a:fa:99:55:77:5c:
36:35:db:ef:88:59:ba:cf:6e:82:e1:1d:a7:8d:0f:
85:73:dc:e4:3f:0d:25:68:aa:d1:30:b6:ee:15:78:
a5:d7:8e:92:ba:20:94:94:9a:97:53:cb:84:09:a5:
01:67:c5:8d:b2:d5:36:57:a4:c7:b5:7a:cd:92:33:
2d:19:d2:bd:a3:e3:ce:26:6b:71:80:f2:29:ac:98:
7e:b7:ee:27:f2:61:39:98:96:64:f3:de:15:63:7e:
88:36:f3:8d:a0:fa:8d:51:38:6b:0b:b5:bb:60:9f:
ad:68:7d:1f:45:64:eb:f1:52:56:2e:5e:d8:75:42:
5e:55:1e:71:a2:e7:22:b2:f3:af:08:ff:b0:e6:74:
f6:45:72:73:4a:33:b7:dc:e6:f1:85:f7:4a:1d:80:
e2:2c:73:e0:0f:12:f1:2d:e9:20:ca:b7:11:a7:6b:
2f:b2:40:91:01:64:bf:8b:79:14:db:2a:70:f6:12:
41:49:93:e6:4a:dc:b7:2e:09:09:ab:bd:8d:60:9c:
b7:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:22:94:95:A3:D0:8B:E8:2F:5F:A8:FE:F2:83:E4:C0:20:6A:5A:13
X509v3 Authority Key Identifier:
keyid:66:13:D9:C8:56:44:4A:70:96:E3:A8:50:8C:AE:30:7F:DE:BC:0C:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZhPZyFZESnCW46hQjK4wf968DNQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8b5f1e-4190-48b6-bdc5-7d05f9888e98/1/1yKUlaPQi-gvX6j-8oPkwCBqWhM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8b5f1e-4190-48b6-bdc5-7d05f9888e98/1/ZhPZyFZESnCW46hQjK4wf968DNQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.149.102.0/24
IPv6:
2a10:2400::/29
Signature Algorithm: sha256WithRSAEncryption
99:c8:ea:38:e8:a6:7b:8c:06:9a:c4:c4:1e:47:dd:75:1b:88:
36:60:61:d7:29:c8:95:f1:76:11:e6:e8:b6:af:88:4b:54:f8:
f4:7b:c9:44:82:aa:24:1b:13:4c:64:be:89:6a:06:c4:83:8f:
1b:45:71:15:b2:d0:43:a8:7b:de:ea:5d:4e:7f:0d:bd:94:7b:
75:10:2f:40:25:64:51:31:f9:32:eb:b5:2b:95:7a:d8:1f:d9:
8b:27:f4:7d:4e:44:1a:18:17:67:bd:71:03:18:84:22:d6:3b:
5e:56:18:8a:ea:06:e4:b3:0c:4c:28:6f:db:71:fd:cd:ab:05:
de:8a:e9:20:ba:95:e8:07:f5:74:b4:37:e7:ee:e1:37:40:5a:
b7:68:7d:b8:7a:75:08:37:65:9a:4e:f1:3c:32:bc:24:4b:e3:
9c:91:02:f5:03:53:63:f5:61:ef:44:58:80:2b:e1:f2:aa:45:
44:5f:58:35:c4:24:ce:b1:fe:67:33:37:a4:86:fa:e0:b2:d2:
17:bf:5d:48:cd:9f:7c:b0:dc:aa:b2:c3:15:f4:9a:68:7b:85:
6a:19:bb:72:1d:9d:68:70:d8:67:4d:36:b0:f5:87:58:c2:9f:
2b:96:7d:98:c0:ac:98:5e:0e:fd:29:26:a3:9d:56:e5:0e:7f:
d3:e7:9c:ee
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEBk68azANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
NjEzZDljODU2NDQ0YTcwOTZlM2E4NTA4Y2FlMzA3ZmRlYmMwY2Q0MB4XDTIyMDEw
MTEwMDEyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDcyMjk0OTVhM2Qw
OGJlODJmNWZhOGZlZjI4M2U0YzAyMDZhNWExMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANza8xwGW3nlMQKsqIDPDB9Qh5+unZu+iG/c2L+MbZJHthO/
2qfjnvXLW4sWtYqfrB52MsRWCvqZVXdcNjXb74hZus9uguEdp40PhXPc5D8NJWiq
0TC27hV4pdeOkroglJSal1PLhAmlAWfFjbLVNlekx7V6zZIzLRnSvaPjziZrcYDy
KayYfrfuJ/JhOZiWZPPeFWN+iDbzjaD6jVE4awu1u2CfrWh9H0Vk6/FSVi5e2HVC
XlUecaLnIrLzrwj/sOZ09kVyc0ozt9zm8YX3Sh2A4ixz4A8S8S3pIMq3EadrL7JA
kQFkv4t5FNsqcPYSQUmT5krcty4JCau9jWCcty8CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBTXIpSVo9CL6C9fqP7yg+TAIGpaEzAfBgNVHSMEGDAWgBRmE9nIVkRKcJbj
qFCMrjB/3rwM1DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1poUFp5RlpFU25DVzQ2aFFqSzR3Zjk2OEROUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmMvOGI1ZjFlLTQxOTAtNDhiNi1iZGM1LTdkMDVmOTg4OGU5OC8x
LzF5S1VsYVBRaS1ndlg2ai04b1Brd0NCcVdoTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmMv
OGI1ZjFlLTQxOTAtNDhiNi1iZGM1LTdkMDVmOTg4OGU5OC8xL1poUFp5RlpFU25D
VzQ2aFFqSzR3Zjk2OEROUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAC6VZjANBAIAAjAHAwUDKhAkADAN
BgkqhkiG9w0BAQsFAAOCAQEAmcjqOOime4wGmsTEHkfddRuINmBh1ynIlfF2Eebo
tq+IS1T49HvJRIKqJBsTTGS+iWoGxIOPG0VxFbLQQ6h73updTn8NvZR7dRAvQCVk
UTH5Muu1K5V62B/Ziyf0fU5EGhgXZ71xAxiEItY7XlYYiuoG5LMMTChv23H9zasF
3orpILqV6Af1dLQ35+7hN0Bat2h9uHp1CDdlmk7xPDK8JEvjnJEC9QNTY/Vh70RY
gCvh8qpFRF9YNcQkzrH+ZzM3pIb64LLSF79dSM2ffLDcqrLDFfSaaHuFahm7ch2d
aHDYZ002sPWHWMKfK5Z9mMCsmF4O/Skmo51W5Q5/0+ec7g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:43 2024 by rpki-client on console-fra.rpki-client.org