Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/3aabe0-9e5f-498d-b550-030acd3ae336/1/zHu26ZE1bfW9ixufgeD62rYHyuU.roa
File: zHu26ZE1bfW9ixufgeD62rYHyuU.roa (raw, json)
Hash identifier: glOR15o2CRIVYJUqmk436mRzS9/bgpg6/bRRjCbPRas=
Subject key identifier: CC:7B:B6:E9:91:35:6D:F5:BD:8B:1B:9F:81:E0:FA:DA:B6:07:CA:E5
Certificate issuer: /CN=eed5b3af0064981e96bb5e27d8f04d86e6306cfa
Certificate serial: 01856C2ED835989A4934EE26A882E9C08E34
Authority key identifier: EE:D5:B3:AF:00:64:98:1E:96:BB:5E:27:D8:F0:4D:86:E6:30:6C:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7tWzrwBkmB6Wu14n2PBNhuYwbPo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/3aabe0-9e5f-498d-b550-030acd3ae336/1/zHu26ZE1bfW9ixufgeD62rYHyuU.roa
Signing time: Sun 01 Jan 2023 07:14:47 +0000
ROA not before: Sun 01 Jan 2023 07:14:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12561
IP address blocks: 46.31.8.0/22 maxlen: 22
46.31.8.0/21 maxlen: 21
46.31.12.0/22 maxlen: 22
2a02:4980::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:2e:d8:35:98:9a:49:34:ee:26:a8:82:e9:c0:8e:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eed5b3af0064981e96bb5e27d8f04d86e6306cfa
Validity
Not Before: Jan 1 07:14:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cc7bb6e991356df5bd8b1b9f81e0fadab607cae5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:1e:50:84:10:95:c6:c2:8a:d7:bd:d5:ff:c1:
ea:ea:95:e3:57:ca:1b:22:0d:f2:af:96:59:ea:a3:
ca:3d:96:e3:72:4f:13:d0:bc:e9:85:16:50:d5:8e:
75:76:9e:04:1d:35:c2:23:72:b2:bf:c8:ac:9b:b4:
e0:03:28:89:b2:29:b5:55:0c:fa:f9:9a:a8:69:89:
7b:31:64:1f:a4:9a:70:4e:95:18:b4:14:d8:54:9e:
68:56:64:89:1b:ed:81:9e:ad:84:fb:42:6d:13:c6:
34:dd:9d:af:7a:b4:c0:51:e9:f4:24:31:b7:99:7a:
f9:48:4f:62:5e:2d:1a:7c:74:4f:da:cf:f2:db:54:
b1:f2:ba:fd:50:27:8e:6c:70:53:6f:b1:66:ed:e6:
c9:ed:5a:f5:b1:38:0a:a8:e1:be:72:e9:52:cb:d4:
ff:3e:63:75:90:5f:58:21:ec:99:a1:a7:a8:dc:27:
f1:0f:0a:e4:ae:f6:47:24:c6:a9:a3:52:ec:4d:19:
61:fd:cb:19:3b:00:08:f0:93:d0:92:2b:53:50:a8:
5e:96:7a:56:58:f3:15:36:99:70:c0:2e:da:fa:f7:
a2:df:c4:d2:01:f5:ed:72:61:a3:3a:f4:87:a2:5c:
b0:a9:fc:fb:2f:19:1a:79:8e:c5:77:30:89:09:70:
77:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:7B:B6:E9:91:35:6D:F5:BD:8B:1B:9F:81:E0:FA:DA:B6:07:CA:E5
X509v3 Authority Key Identifier:
keyid:EE:D5:B3:AF:00:64:98:1E:96:BB:5E:27:D8:F0:4D:86:E6:30:6C:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7tWzrwBkmB6Wu14n2PBNhuYwbPo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/3aabe0-9e5f-498d-b550-030acd3ae336/1/zHu26ZE1bfW9ixufgeD62rYHyuU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/3aabe0-9e5f-498d-b550-030acd3ae336/1/7tWzrwBkmB6Wu14n2PBNhuYwbPo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.31.8.0/21
IPv6:
2a02:4980::/32
Signature Algorithm: sha256WithRSAEncryption
d9:d8:2c:69:f1:84:15:6c:dc:99:e7:5c:1e:ff:fe:06:4c:ca:
1f:6a:5e:de:a8:2e:91:97:0c:1b:91:78:b4:2c:59:77:51:85:
c4:fd:22:d0:9f:da:5c:e4:06:ce:be:96:6d:ac:e1:aa:59:67:
b3:16:f6:25:7f:80:15:30:f1:61:94:e7:8e:f5:39:e1:a3:da:
5a:23:12:e3:4b:03:a8:b7:16:c3:10:53:01:61:5b:e8:13:bf:
67:b5:3f:ff:76:86:3a:d0:ee:e3:41:9d:d5:9b:58:31:9a:fc:
65:11:c8:41:eb:35:1e:67:d5:5a:a4:e4:82:b1:79:dd:1b:24:
5d:18:b2:6d:98:5d:0d:e1:4b:a4:3f:69:8b:01:34:f9:57:fa:
82:01:88:46:14:11:c8:57:f1:ce:cf:9e:89:aa:51:fa:4c:a6:
be:9e:8f:a5:79:22:1d:a5:96:91:a2:d3:0a:02:8c:06:3d:50:
b9:20:1d:6b:85:06:a8:98:d6:85:32:b1:99:e4:59:db:c8:7c:
f5:4e:46:82:8f:54:69:3e:21:c1:04:0e:ef:91:75:96:2f:04:
dc:b3:09:5b:c6:f9:3d:f5:8d:01:92:6c:56:f2:e8:d5:f1:19:
42:b7:c3:be:8a:7f:64:91:83:29:ef:41:a6:92:07:8a:12:0c:
95:20:40:02
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVsLtg1mJpJNO4mqILpwI40MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlZDViM2FmMDA2NDk4MWU5NmJiNWUyN2Q4ZjA0ZDg2ZTYz
MDZjZmEwHhcNMjMwMTAxMDcxNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzdiYjZlOTkxMzU2ZGY1YmQ4YjFiOWY4MWUwZmFkYWI2MDdjYWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApR5QhBCVxsKK173V/8Hq6pXjV8ob
Ig3yr5ZZ6qPKPZbjck8T0LzphRZQ1Y51dp4EHTXCI3Kyv8ism7TgAyiJsim1VQz6
+ZqoaYl7MWQfpJpwTpUYtBTYVJ5oVmSJG+2Bnq2E+0JtE8Y03Z2verTAUen0JDG3
mXr5SE9iXi0afHRP2s/y21Sx8rr9UCeObHBTb7Fm7ebJ7Vr1sTgKqOG+culSy9T/
PmN1kF9YIeyZoaeo3CfxDwrkrvZHJMapo1LsTRlh/csZOwAI8JPQkitTUKhelnpW
WPMVNplwwC7a+vei38TSAfXtcmGjOvSHolywqfz7LxkaeY7FdzCJCXB3CwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMx7tumRNW31vYsbn4Hg+tq2B8rlMB8GA1UdIwQY
MBaAFO7Vs68AZJgelrteJ9jwTYbmMGz6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3RXenJ3QmttQjZXdTE0bjJQQk5odVl3YlBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS8zYWFiZTAtOWU1Zi00OThkLWI1NTAt
MDMwYWNkM2FlMzM2LzEvekh1MjZaRTFiZlc5aXh1ZmdlRDYycllIeXVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS8zYWFiZTAtOWU1Zi00OThkLWI1NTAtMDMwYWNkM2FlMzM2
LzEvN3RXenJ3QmttQjZXdTE0bjJQQk5odVl3YlBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDLh8IMA0E
AgACMAcDBQAqAkmAMA0GCSqGSIb3DQEBCwUAA4IBAQDZ2Cxp8YQVbNyZ51we//4G
TMofal7eqC6RlwwbkXi0LFl3UYXE/SLQn9pc5AbOvpZtrOGqWWezFvYlf4AVMPFh
lOeO9Tnho9paIxLjSwOotxbDEFMBYVvoE79ntT//doY60O7jQZ3Vm1gxmvxlEchB
6zUeZ9VapOSCsXndGyRdGLJtmF0N4UukP2mLATT5V/qCAYhGFBHIV/HOz56JqlH6
TKa+no+leSIdpZaRotMKAowGPVC5IB1rhQaomNaFMrGZ5FnbyHz1TkaCj1RpPiHB
BA7vkXWWLwTcswlbxvk99Y0BkmxW8ujV8RlCt8O+in9kkYMp70GmkgeKEgyVIEAC
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:26:16 2025 by rpki-client