Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/c0d467-f62a-419c-be85-e38030b69d5a/1/1-blq835bHPMKRW_QQtO5RI9zrTU.roa
File: 1-blq835bHPMKRW_QQtO5RI9zrTU.roa (raw, json)
Hash identifier: VY1YG3Okb1Bfk4R5dFCs4wdcnO/wjwaIE4VKUGl2UNM=
Subject key identifier: F9:B9:6A:F3:7E:5B:1C:F3:0A:45:6F:D0:42:D3:B9:44:8F:73:AD:35
Certificate issuer: /CN=3bd9a177bb5dfb6eabe4cad79def8f8b005df656
Certificate serial: 025E02EF
Authority key identifier: 3B:D9:A1:77:BB:5D:FB:6E:AB:E4:CA:D7:9D:EF:8F:8B:00:5D:F6:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O9mhd7td-26r5MrXne-PiwBd9lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/c0d467-f62a-419c-be85-e38030b69d5a/1/1-blq835bHPMKRW_QQtO5RI9zrTU.roa
Signing time: Sat 01 Jan 2022 05:06:27 +0000
ROA not before: Sat 01 Jan 2022 05:06:27 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50758
IP address blocks: 46.31.160.0/21 maxlen: 24
213.190.12.0/24 maxlen: 24
213.190.13.0/24 maxlen: 24
2a0a:2a40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 39715567 (0x25e02ef)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3bd9a177bb5dfb6eabe4cad79def8f8b005df656
Validity
Not Before: Jan 1 05:06:27 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f9b96af37e5b1cf30a456fd042d3b9448f73ad35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:a5:58:56:13:f3:41:cb:e2:51:07:60:e1:f5:
10:62:5b:1b:87:2e:f9:ed:dd:ae:89:ca:8c:eb:fe:
31:10:09:2e:39:65:22:d5:db:e2:8d:65:26:14:89:
4f:b4:b1:c8:7e:5e:f4:92:65:ba:a7:63:75:4f:55:
80:65:17:42:51:77:7d:3c:22:e5:21:78:c1:ef:94:
a7:27:d7:4b:75:16:60:da:0a:6e:20:6c:2a:d7:97:
3d:17:f8:43:9a:71:9a:e3:11:22:ed:2f:5c:5a:40:
de:c4:d5:49:42:e0:6b:1b:b6:5e:1b:4e:cd:f0:e1:
10:e3:59:eb:77:35:38:db:7f:9d:69:40:9b:c0:49:
1c:2c:3d:e8:fa:ce:81:86:7f:8b:68:88:47:02:af:
fc:de:99:4e:26:aa:91:0b:dd:06:ee:a2:03:e8:ad:
e8:c7:cc:ee:bd:ba:ee:91:6b:44:30:6c:de:8b:25:
a2:9f:35:87:34:65:a4:bf:15:79:f3:60:91:3c:7a:
c3:27:a5:72:7c:db:53:ca:68:83:b3:b8:45:f1:74:
e8:92:5a:f7:3b:24:47:a0:ab:b8:65:01:76:ce:07:
00:79:f0:ed:3a:f9:04:05:dc:b6:54:85:ab:90:07:
2b:e9:04:37:fb:33:70:bc:62:88:ca:0d:0d:f9:26:
0e:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:B9:6A:F3:7E:5B:1C:F3:0A:45:6F:D0:42:D3:B9:44:8F:73:AD:35
X509v3 Authority Key Identifier:
keyid:3B:D9:A1:77:BB:5D:FB:6E:AB:E4:CA:D7:9D:EF:8F:8B:00:5D:F6:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O9mhd7td-26r5MrXne-PiwBd9lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/c0d467-f62a-419c-be85-e38030b69d5a/1/1-blq835bHPMKRW_QQtO5RI9zrTU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/c0d467-f62a-419c-be85-e38030b69d5a/1/O9mhd7td-26r5MrXne-PiwBd9lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.31.160.0/21
213.190.12.0/23
IPv6:
2a0a:2a40::/29
Signature Algorithm: sha256WithRSAEncryption
45:5e:bf:e2:a1:9d:90:3a:3d:88:9c:1a:36:45:09:a9:f0:f5:
a3:8e:40:12:f3:69:1c:3e:39:51:33:79:fa:79:20:b6:14:d8:
b5:41:85:7f:26:c1:f2:52:ef:95:7c:5f:de:13:49:87:81:3e:
2b:39:98:28:90:97:18:fc:c4:02:46:63:0a:df:f0:27:75:60:
28:c3:5c:91:09:c8:2b:be:f6:80:50:50:5f:e1:e3:ff:6d:84:
72:1f:3e:24:eb:68:09:da:cc:19:fe:0a:a6:c6:01:44:f2:96:
b3:dd:7b:65:d5:2c:06:34:f4:b2:61:60:33:20:7e:da:ad:3e:
f3:3e:16:1f:84:b9:1c:e8:2c:d5:9b:48:24:5b:30:b5:fb:91:
6a:80:b8:21:b9:52:38:74:3f:0d:c2:df:d8:4a:f8:7e:c2:08:
2b:c6:96:4e:18:85:42:84:6b:b8:11:d2:50:e7:27:88:1e:d9:
54:4a:b5:c8:58:c9:18:24:7f:9c:3d:da:82:77:f0:29:79:73:
1d:d4:f4:6b:60:c1:11:69:b8:15:52:13:17:b7:0f:3b:3c:b0:
55:bb:26:7b:a3:47:43:5b:e0:c5:9b:fb:87:de:1f:36:9e:e8:
55:e2:b4:16:18:a8:dd:b5:06:f8:41:fd:1e:e9:45:0e:91:16:
b4:5a:51:ec
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgIEAl4C7zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YmQ5YTE3N2JiNWRmYjZlYWJlNGNhZDc5ZGVmOGY4YjAwNWRmNjU2MB4XDTIyMDEw
MTA1MDYyN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjliOTZhZjM3ZTVi
MWNmMzBhNDU2ZmQwNDJkM2I5NDQ4ZjczYWQzNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANalWFYT80HL4lEHYOH1EGJbG4cu+e3dronKjOv+MRAJLjll
ItXb4o1lJhSJT7SxyH5e9JJluqdjdU9VgGUXQlF3fTwi5SF4we+UpyfXS3UWYNoK
biBsKteXPRf4Q5pxmuMRIu0vXFpA3sTVSULgaxu2XhtOzfDhEONZ63c1ONt/nWlA
m8BJHCw96PrOgYZ/i2iIRwKv/N6ZTiaqkQvdBu6iA+it6MfM7r267pFrRDBs3osl
op81hzRlpL8VefNgkTx6wyelcnzbU8pog7O4RfF06JJa9zskR6CruGUBds4HAHnw
7Tr5BAXctlSFq5AHK+kEN/szcLxiiMoNDfkmDg8CAwEAAaOCAh8wggIbMB0GA1Ud
DgQWBBT5uWrzflsc8wpFb9BC07lEj3OtNTAfBgNVHSMEGDAWgBQ72aF3u137bqvk
yted74+LAF32VjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L085bWhkN3RkLTI2cjVNclhuZS1QaXdCZDlsWS5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjYvYzBkNDY3LWY2MmEtNDE5Yy1iZTg1LWUzODAzMGI2OWQ1YS8x
LzEtYmxxODM1YkhQTUtSV19RUXRPNVJJOXpyVFUucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzI2
L2MwZDQ2Ny1mNjJhLTQxOWMtYmU4NS1lMzgwMzBiNjlkNWEvMS9POW1oZDd0ZC0y
NnI1TXJYbmUtUGl3QmQ5bFkuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
NAYIKwYBBQUHAQcBAf8EJTAjMBIEAgABMAwDBAMuH6ADBAHVvgwwDQQCAAIwBwMF
AyoKKkAwDQYJKoZIhvcNAQELBQADggEBAEVev+KhnZA6PYicGjZFCanw9aOOQBLz
aRw+OVEzefp5ILYU2LVBhX8mwfJS75V8X94TSYeBPis5mCiQlxj8xAJGYwrf8Cd1
YCjDXJEJyCu+9oBQUF/h4/9thHIfPiTraAnazBn+CqbGAUTylrPde2XVLAY09LJh
YDMgftqtPvM+Fh+EuRzoLNWbSCRbMLX7kWqAuCG5Ujh0Pw3C39hK+H7CCCvGlk4Y
hUKEa7gR0lDnJ4ge2VRKtchYyRgkf5w92oJ38Cl5cx3U9GtgwRFpuBVSExe3Dzs8
sFW7JnujR0Nb4MWb+4feHzae6FXitBYYqN21BvhB/R7pRQ6RFrRaUew=
-----END CERTIFICATE-----
Generated at Fri Apr 18 13:41:40 2025 by rpki-client