Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/a4d09f-29df-44ea-a7b1-0a0aaeaee4f1/1/1QWsTOF1DDu4qVvIFTGNNy31UsA.roa
File: 1QWsTOF1DDu4qVvIFTGNNy31UsA.roa (raw, json)
Hash identifier: NWK0qzVbg7xOc1v3l5lkfi8ixDmQTs1q0+E8i/Wv9Jc=
Subject key identifier: D5:05:AC:4C:E1:75:0C:3B:B8:A9:5B:C8:15:31:8D:37:2D:F5:52:C0
Certificate issuer: /CN=2e0a9333f93cca544fdabe2ea7a6738a54af759e
Certificate serial: 018BB5E26EA4D5650D20DC9831A9F4983415
Authority key identifier: 2E:0A:93:33:F9:3C:CA:54:4F:DA:BE:2E:A7:A6:73:8A:54:AF:75:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LgqTM_k8ylRP2r4up6ZzilSvdZ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/a4d09f-29df-44ea-a7b1-0a0aaeaee4f1/1/1QWsTOF1DDu4qVvIFTGNNy31UsA.roa
Signing time: Thu 09 Nov 2023 20:59:57 +0000
ROA not before: Thu 09 Nov 2023 20:59:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42910
IP address blocks: 46.235.13.0/24 maxlen: 24
46.235.12.0/24 maxlen: 24
185.23.75.0/24 maxlen: 24
185.23.74.0/24 maxlen: 24
185.23.72.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:b5:e2:6e:a4:d5:65:0d:20:dc:98:31:a9:f4:98:34:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e0a9333f93cca544fdabe2ea7a6738a54af759e
Validity
Not Before: Nov 9 20:59:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d505ac4ce1750c3bb8a95bc815318d372df552c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:eb:3e:4c:7d:8d:80:17:f4:85:ac:6d:fd:6a:
e2:15:b7:2f:16:a8:41:5a:d0:dc:49:1e:be:01:c2:
a3:e4:cb:70:df:cb:6c:4e:10:39:f1:14:f3:50:bf:
15:3b:66:ea:54:71:6a:79:fb:f2:ed:eb:bc:38:1e:
97:40:a1:69:38:49:19:84:fd:e2:61:99:1b:64:99:
82:62:8e:4e:4f:b9:15:a5:55:f0:d8:fd:3a:c6:59:
46:d3:77:cf:fa:54:68:60:63:e5:63:56:dd:e6:60:
fa:76:20:37:e8:9d:5e:7c:a3:71:0c:39:da:3a:87:
d6:84:53:00:30:af:d9:c5:a6:68:81:67:d1:d9:ee:
f6:3d:e3:8e:4c:5c:40:9c:61:67:d3:3f:67:4d:ea:
5f:38:30:a9:73:06:11:2c:eb:67:46:a3:52:a4:43:
16:d9:4f:ac:01:08:00:0f:a0:ff:de:ad:f7:01:df:
be:3d:a4:c9:ea:3f:4e:bc:55:fd:c4:fc:3c:96:a2:
7c:78:f2:66:5a:f4:2d:63:3b:83:d5:90:80:1a:39:
88:ed:94:6b:9b:a4:d9:86:8c:0d:73:5e:bf:de:c5:
11:1a:3d:29:42:1a:83:80:65:7a:00:f1:7e:53:6c:
dd:79:fa:c5:a9:de:ca:0d:bd:58:75:6a:4e:f7:7e:
b6:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:05:AC:4C:E1:75:0C:3B:B8:A9:5B:C8:15:31:8D:37:2D:F5:52:C0
X509v3 Authority Key Identifier:
keyid:2E:0A:93:33:F9:3C:CA:54:4F:DA:BE:2E:A7:A6:73:8A:54:AF:75:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LgqTM_k8ylRP2r4up6ZzilSvdZ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/a4d09f-29df-44ea-a7b1-0a0aaeaee4f1/1/1QWsTOF1DDu4qVvIFTGNNy31UsA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/a4d09f-29df-44ea-a7b1-0a0aaeaee4f1/1/LgqTM_k8ylRP2r4up6ZzilSvdZ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.235.12.0/23
185.23.72.0/24
185.23.74.0/23
Signature Algorithm: sha256WithRSAEncryption
64:b4:f3:b1:a8:a9:1c:33:75:f1:f7:55:b2:59:dc:2f:67:77:
c1:4c:99:0d:d6:1c:88:b6:9c:0d:b7:8e:14:28:5f:49:39:b3:
35:6b:c7:b8:a8:5c:c9:ea:17:13:58:26:f8:22:df:ff:c5:15:
ad:52:b1:cb:ad:e9:60:a2:3a:ee:66:26:7f:0c:0e:ce:75:9c:
56:28:87:59:76:23:a1:63:f5:d7:f8:65:3a:73:64:d0:90:7c:
27:ef:5c:c0:68:bd:d0:40:45:ea:b6:42:5b:15:3d:54:e2:31:
ac:3d:32:37:80:54:e4:04:89:f0:f9:3a:19:3b:fb:5a:6b:e1:
61:f0:14:54:93:19:0b:90:36:f7:ea:83:5d:80:76:9b:2c:73:
6e:e4:24:c4:f0:d0:ef:db:af:4d:56:49:43:61:a4:25:37:f5:
22:f4:70:0f:76:c1:47:3e:f1:49:02:55:a3:f8:9a:02:19:e3:
d5:9c:3b:d5:03:10:82:83:a6:77:4a:4c:b8:82:91:c2:6a:9f:
ef:1f:26:b1:8b:9a:9a:88:aa:9b:29:6a:4a:b2:f1:3b:3a:56:
1f:b7:18:94:5c:7b:f2:4c:9f:42:0e:a3:84:ac:12:2a:83:df:
c8:4c:2b:eb:e9:65:c4:79:74:b2:e5:06:41:c4:00:52:4a:40:
18:0d:3d:6a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYu14m6k1WUNINyYMan0mDQVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlMGE5MzMzZjkzY2NhNTQ0ZmRhYmUyZWE3YTY3MzhhNTRh
Zjc1OWUwHhcNMjMxMTA5MjA1OTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTA1YWM0Y2UxNzUwYzNiYjhhOTViYzgxNTMxOGQzNzJkZjU1MmMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApOs+TH2NgBf0haxt/WriFbcvFqhB
WtDcSR6+AcKj5Mtw38tsThA58RTzUL8VO2bqVHFqefvy7eu8OB6XQKFpOEkZhP3i
YZkbZJmCYo5OT7kVpVXw2P06xllG03fP+lRoYGPlY1bd5mD6diA36J1efKNxDDna
OofWhFMAMK/ZxaZogWfR2e72PeOOTFxAnGFn0z9nTepfODCpcwYRLOtnRqNSpEMW
2U+sAQgAD6D/3q33Ad++PaTJ6j9OvFX9xPw8lqJ8ePJmWvQtYzuD1ZCAGjmI7ZRr
m6TZhowNc16/3sURGj0pQhqDgGV6APF+U2zdefrFqd7KDb1YdWpO9362KQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNUFrEzhdQw7uKlbyBUxjTct9VLAMB8GA1UdIwQY
MBaAFC4KkzP5PMpUT9q+Lqemc4pUr3WeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGdxVE1fazh5bFJQMnI0dXA2WnppbFN2ZFo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9hNGQwOWYtMjlkZi00NGVhLWE3YjEt
MGEwYWFlYWVlNGYxLzEvMVFXc1RPRjFERHU0cVZ2SUZUR05OeTMxVXNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9hNGQwOWYtMjlkZi00NGVhLWE3YjEtMGEwYWFlYWVlNGYx
LzEvTGdxVE1fazh5bFJQMnI0dXA2WnppbFN2ZFo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBLusMAwQA
uRdIAwQBuRdKMA0GCSqGSIb3DQEBCwUAA4IBAQBktPOxqKkcM3Xx91WyWdwvZ3fB
TJkN1hyItpwNt44UKF9JObM1a8e4qFzJ6hcTWCb4It//xRWtUrHLrelgojruZiZ/
DA7OdZxWKIdZdiOhY/XX+GU6c2TQkHwn71zAaL3QQEXqtkJbFT1U4jGsPTI3gFTk
BInw+ToZO/taa+Fh8BRUkxkLkDb36oNdgHabLHNu5CTE8NDv269NVklDYaQlN/Ui
9HAPdsFHPvFJAlWj+JoCGePVnDvVAxCCg6Z3Sky4gpHCap/vHyaxi5qaiKqbKWpK
svE7OlYftxiUXHvyTJ9CDqOErBIqg9/ITCvr6WXEeXSy5QZBxABSSkAYDT1q
-----END CERTIFICATE-----
Generated at Sat Apr 19 07:11:15 2025 by rpki-client