Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/bd56d7-3899-40e5-9612-3f28b6adbda9/1/0vA8pKx2Hk8f_059NH45gVwIz1E.roa
File: 0vA8pKx2Hk8f_059NH45gVwIz1E.roa (raw, json)
Hash identifier: xhhNHFfnBYsy3qaSFbQGdQJDpqCp3rK6Z+uxjceBLOM=
Subject key identifier: D2:F0:3C:A4:AC:76:1E:4F:1F:FF:4E:7D:34:7E:39:81:5C:08:CF:51
Certificate issuer: /CN=6566addf9ca0de49a6eef49858384f54f47a56f0
Certificate serial: 069CF48E
Authority key identifier: 65:66:AD:DF:9C:A0:DE:49:A6:EE:F4:98:58:38:4F:54:F4:7A:56:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZWat35yg3kmm7vSYWDhPVPR6VvA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/bd56d7-3899-40e5-9612-3f28b6adbda9/1/0vA8pKx2Hk8f_059NH45gVwIz1E.roa
Signing time: Sat 01 Jan 2022 07:58:53 +0000
ROA not before: Sat 01 Jan 2022 07:58:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51682
IP address blocks: 46.16.251.0/24 maxlen: 24
46.16.252.0/22 maxlen: 22
46.16.248.0/24 maxlen: 24
46.16.252.0/24 maxlen: 24
46.16.248.0/22 maxlen: 22
46.16.249.0/24 maxlen: 24
46.16.253.0/24 maxlen: 24
46.16.250.0/24 maxlen: 24
46.16.254.0/24 maxlen: 24
46.16.255.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 110949518 (0x69cf48e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6566addf9ca0de49a6eef49858384f54f47a56f0
Validity
Not Before: Jan 1 07:58:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d2f03ca4ac761e4f1fff4e7d347e39815c08cf51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:89:ba:08:e4:f5:81:98:5a:62:fc:8f:04:bb:
f6:77:bd:e4:ee:84:a1:ca:35:93:48:0d:70:7b:77:
62:eb:5b:01:39:5c:4b:da:63:0a:58:23:35:07:66:
7b:db:6a:86:fc:d9:fd:5d:c1:27:34:ab:c4:d6:67:
52:a8:71:ad:94:ad:c7:a0:92:63:a6:a2:0a:da:1f:
18:ed:fc:b4:f3:ff:e8:84:e6:39:49:6e:65:7d:7e:
f5:06:3d:8c:b7:2c:d4:6b:33:e8:f2:dd:4d:6b:de:
3a:c3:f3:fb:43:fe:94:0f:99:f9:af:4c:99:73:54:
dd:48:c6:64:51:46:e2:33:c6:a6:98:ab:62:77:1a:
03:3a:5e:1a:fb:eb:11:24:fb:1d:2d:1a:5f:79:db:
3d:a3:75:73:19:9a:f0:4d:58:a6:ec:fd:aa:3f:35:
65:5b:1e:42:a2:c4:70:5f:ca:5d:6c:dd:24:3f:60:
79:ac:a5:30:90:4e:30:70:51:be:cf:5b:b3:29:c4:
1b:d8:64:d2:63:5a:70:1e:36:ab:1b:be:15:1f:b7:
0b:19:71:0a:42:41:16:d0:bd:be:c9:25:a8:a3:b6:
28:12:51:5a:bd:75:b7:ca:d9:db:49:81:5f:f5:0a:
4e:07:85:ad:8e:15:25:f1:d2:e6:52:96:93:4c:e2:
57:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:F0:3C:A4:AC:76:1E:4F:1F:FF:4E:7D:34:7E:39:81:5C:08:CF:51
X509v3 Authority Key Identifier:
keyid:65:66:AD:DF:9C:A0:DE:49:A6:EE:F4:98:58:38:4F:54:F4:7A:56:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZWat35yg3kmm7vSYWDhPVPR6VvA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/bd56d7-3899-40e5-9612-3f28b6adbda9/1/0vA8pKx2Hk8f_059NH45gVwIz1E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/bd56d7-3899-40e5-9612-3f28b6adbda9/1/ZWat35yg3kmm7vSYWDhPVPR6VvA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.16.248.0/21
Signature Algorithm: sha256WithRSAEncryption
3e:ce:d3:a6:b2:3f:82:ec:dd:99:b2:80:d7:f2:bd:68:56:c8:
cc:c8:f2:b9:f7:73:e3:b7:51:1f:82:a6:c6:b7:10:46:92:a8:
d0:71:47:78:9b:61:3e:58:5e:2f:3d:b6:5d:ac:4e:4a:1a:22:
cf:53:29:05:82:d4:c8:77:ad:e0:4c:f5:07:34:e6:02:9b:ef:
a8:f6:1b:46:fc:7c:18:9a:37:48:4b:7c:3b:16:81:e2:5b:c8:
2c:c7:73:3f:38:ba:4f:98:e9:6e:18:ca:d3:e0:8d:aa:b1:1b:
61:08:d0:b8:3b:b0:fb:2f:df:0a:a3:10:ca:a0:a0:19:57:96:
c2:93:4e:ba:a9:37:14:d3:74:f5:19:18:18:a2:da:86:da:29:
dc:57:ec:b4:f9:4e:a6:44:69:c6:6c:31:5b:57:03:14:f6:27:
4d:4d:53:63:45:8e:e5:6c:96:3b:74:9e:61:c8:04:7b:44:d2:
60:a9:8e:72:23:53:d9:03:05:5b:81:f5:02:c1:d1:67:2b:48:
45:89:4a:a0:d7:e8:21:4e:6c:d7:73:fe:46:69:8e:fc:3b:89:
35:06:56:9a:43:d0:e4:a5:de:58:c5:82:2e:79:0c:8c:27:03:
a8:65:f2:c8:1b:8a:45:d3:94:02:e1:f1:fb:80:41:cc:06:6a:
6d:25:99:d5
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBpz0jjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
NTY2YWRkZjljYTBkZTQ5YTZlZWY0OTg1ODM4NGY1NGY0N2E1NmYwMB4XDTIyMDEw
MTA3NTg1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDJmMDNjYTRhYzc2
MWU0ZjFmZmY0ZTdkMzQ3ZTM5ODE1YzA4Y2Y1MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM2Jugjk9YGYWmL8jwS79ne95O6Eoco1k0gNcHt3YutbATlc
S9pjClgjNQdme9tqhvzZ/V3BJzSrxNZnUqhxrZStx6CSY6aiCtofGO38tPP/6ITm
OUluZX1+9QY9jLcs1Gsz6PLdTWveOsPz+0P+lA+Z+a9MmXNU3UjGZFFG4jPGppir
YncaAzpeGvvrEST7HS0aX3nbPaN1cxma8E1Ypuz9qj81ZVseQqLEcF/KXWzdJD9g
eaylMJBOMHBRvs9bsynEG9hk0mNacB42qxu+FR+3CxlxCkJBFtC9vsklqKO2KBJR
Wr11t8rZ20mBX/UKTgeFrY4VJfHS5lKWk0ziV/sCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTS8DykrHYeTx//Tn00fjmBXAjPUTAfBgNVHSMEGDAWgBRlZq3fnKDeSabu
9JhYOE9U9HpW8DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1pXYXQzNXlnM2ttbTd2U1lXRGhQVlBSNlZ2QS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGYvYmQ1NmQ3LTM4OTktNDBlNS05NjEyLTNmMjhiNmFkYmRhOS8x
LzB2QThwS3gySGs4Zl8wNTlOSDQ1Z1Z3SXoxRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGYv
YmQ1NmQ3LTM4OTktNDBlNS05NjEyLTNmMjhiNmFkYmRhOS8xL1pXYXQzNXlnM2tt
bTd2U1lXRGhQVlBSNlZ2QS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAy4Q+DANBgkqhkiG9w0BAQsFAAOC
AQEAPs7TprI/guzdmbKA1/K9aFbIzMjyufdz47dRH4KmxrcQRpKo0HFHeJthPlhe
Lz22XaxOShoiz1MpBYLUyHet4Ez1BzTmApvvqPYbRvx8GJo3SEt8OxaB4lvILMdz
Pzi6T5jpbhjK0+CNqrEbYQjQuDuw+y/fCqMQyqCgGVeWwpNOuqk3FNN09RkYGKLa
htop3FfstPlOpkRpxmwxW1cDFPYnTU1TY0WO5WyWO3SeYcgEe0TSYKmOciNT2QMF
W4H1AsHRZytIRYlKoNfoIU5s13P+RmmO/DuJNQZWmkPQ5KXeWMWCLnkMjCcDqGXy
yBuKRdOUAuHx+4BBzAZqbSWZ1Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:05 2024 by rpki-client on console-fra.rpki-client.org