Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/ec3284-3576-4ee4-93b8-1847cb88e83a/1/xwL3uVH-6COvGSRdN49ZHiAcviA.roa
File: xwL3uVH-6COvGSRdN49ZHiAcviA.roa (raw, json)
Hash identifier: A306cCpv7/w+ySwAJ3pAF2OMY3ppLFlQi6RAtdH9NOI=
Subject key identifier: C7:02:F7:B9:51:FE:E8:23:AF:19:24:5D:37:8F:59:1E:20:1C:BE:20
Certificate issuer: /CN=c2afc14dce450b05ec86c7c53070cd6bb6dbc7ee
Certificate serial: 0187DB5A07AF0AC1E02A725124EE73762512
Authority key identifier: C2:AF:C1:4D:CE:45:0B:05:EC:86:C7:C5:30:70:CD:6B:B6:DB:C7:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wq_BTc5FCwXshsfFMHDNa7bbx-4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/ec3284-3576-4ee4-93b8-1847cb88e83a/1/xwL3uVH-6COvGSRdN49ZHiAcviA.roa
Signing time: Tue 02 May 2023 07:25:23 +0000
ROA not before: Tue 02 May 2023 07:25:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204818
IP address blocks: 217.16.0.0/20 maxlen: 20
46.182.4.0/24 maxlen: 24
46.182.4.0/22 maxlen: 22
2a05:36c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:db:5a:07:af:0a:c1:e0:2a:72:51:24:ee:73:76:25:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2afc14dce450b05ec86c7c53070cd6bb6dbc7ee
Validity
Not Before: May 2 07:25:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c702f7b951fee823af19245d378f591e201cbe20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:66:6a:82:35:2e:60:f1:69:5b:4e:1b:18:f9:
20:27:0b:8b:91:7c:ab:2b:10:d1:be:51:eb:38:1b:
53:a7:5e:da:bf:1f:75:ca:7d:6f:82:e1:3e:8b:67:
d1:77:6c:4c:d7:c1:f3:71:75:e9:05:23:64:72:a5:
b1:47:0f:11:c8:e1:40:ca:b5:c3:d2:8c:82:9e:b9:
79:1a:31:93:97:7a:0c:63:4a:46:41:c5:2e:2d:20:
27:0b:c1:b1:92:fc:68:80:4e:47:98:2c:64:8d:fc:
7a:9f:89:7d:61:1a:6d:04:d5:ad:eb:ae:7c:93:38:
3e:2d:f9:61:7c:9f:c7:f4:04:86:a0:0b:e3:3e:89:
b4:b3:4c:b9:0f:17:92:cb:7c:c2:de:0d:76:a8:10:
8c:cf:d3:0f:71:20:dc:ce:99:ab:34:20:4d:ae:83:
18:87:a2:fb:12:f8:ab:3e:fe:ba:7e:8d:2a:5e:de:
83:19:54:e8:62:a3:d6:9c:1b:62:05:1d:31:0e:a8:
a7:e0:34:a9:6e:04:e9:6c:cc:26:99:09:28:7f:b2:
98:a0:d6:5c:85:bb:08:11:28:c7:6e:c3:b3:b1:66:
fd:d9:93:33:78:8d:e8:4b:b3:de:66:f7:57:17:94:
92:82:e7:7a:d0:6a:44:bc:4f:66:b7:b1:a9:ce:bc:
db:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:02:F7:B9:51:FE:E8:23:AF:19:24:5D:37:8F:59:1E:20:1C:BE:20
X509v3 Authority Key Identifier:
keyid:C2:AF:C1:4D:CE:45:0B:05:EC:86:C7:C5:30:70:CD:6B:B6:DB:C7:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wq_BTc5FCwXshsfFMHDNa7bbx-4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/ec3284-3576-4ee4-93b8-1847cb88e83a/1/xwL3uVH-6COvGSRdN49ZHiAcviA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/ec3284-3576-4ee4-93b8-1847cb88e83a/1/wq_BTc5FCwXshsfFMHDNa7bbx-4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.182.4.0/22
217.16.0.0/20
IPv6:
2a05:36c0::/29
Signature Algorithm: sha256WithRSAEncryption
3e:03:55:bc:31:cc:ea:c5:d2:33:ec:67:75:26:d9:e0:fe:86:
a9:35:6d:0d:48:c8:2d:1b:c1:a5:2e:01:cc:47:88:0b:94:16:
f5:0f:93:21:90:8a:08:5d:1a:5f:a6:1f:30:06:6a:98:13:16:
62:d8:8e:9f:dd:f7:48:cc:4b:96:4e:05:44:8e:b8:2c:49:82:
70:96:5c:c3:78:1d:1d:bb:a4:75:a1:fa:36:a5:2f:26:e5:da:
3f:2e:1f:49:72:d4:b8:ce:ea:cf:bd:b4:75:13:67:33:e3:a6:
9c:72:d5:08:99:00:4f:b3:27:5e:56:59:80:c1:ce:22:a7:5e:
82:93:9e:3f:8d:14:21:ef:66:50:cb:b3:c7:9d:05:0d:67:d9:
c2:36:86:cf:18:de:d4:a1:89:3b:ee:23:a3:dd:ec:26:de:0c:
3f:ef:10:41:01:8b:a1:73:c8:1a:34:72:cd:b9:de:ba:aa:2b:
da:79:e8:22:d0:6d:6e:3d:d1:1c:c7:c3:e6:d6:e5:c4:58:2d:
c8:ad:fa:64:f4:09:fc:4f:db:dd:1f:83:44:e1:ec:d4:32:7c:
ce:89:89:fd:15:99:be:3d:be:4c:c5:b3:4b:50:3b:4b:1e:46:
54:05:82:54:8f:9d:8f:20:c0:34:34:cc:e7:d1:3e:47:3e:8d:
5f:65:ca:12
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYfbWgevCsHgKnJRJO5zdiUSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyYWZjMTRkY2U0NTBiMDVlYzg2YzdjNTMwNzBjZDZiYjZk
YmM3ZWUwHhcNMjMwNTAyMDcyNTIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzAyZjdiOTUxZmVlODIzYWYxOTI0NWQzNzhmNTkxZTIwMWNiZTIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkWZqgjUuYPFpW04bGPkgJwuLkXyr
KxDRvlHrOBtTp17avx91yn1vguE+i2fRd2xM18HzcXXpBSNkcqWxRw8RyOFAyrXD
0oyCnrl5GjGTl3oMY0pGQcUuLSAnC8GxkvxogE5HmCxkjfx6n4l9YRptBNWt6658
kzg+LflhfJ/H9ASGoAvjPom0s0y5DxeSy3zC3g12qBCMz9MPcSDczpmrNCBNroMY
h6L7EvirPv66fo0qXt6DGVToYqPWnBtiBR0xDqin4DSpbgTpbMwmmQkof7KYoNZc
hbsIESjHbsOzsWb92ZMzeI3oS7PeZvdXF5SSgud60GpEvE9mt7Gpzrzb5QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFMcC97lR/ugjrxkkXTePWR4gHL4gMB8GA1UdIwQY
MBaAFMKvwU3ORQsF7IbHxTBwzWu228fuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3FfQlRjNUZDd1hzaHNmRk1IRE5hN2JieC00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9lYzMyODQtMzU3Ni00ZWU0LTkzYjgt
MTg0N2NiODhlODNhLzEveHdMM3VWSC02Q092R1NSZE40OVpIaUFjdmlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9lYzMyODQtMzU3Ni00ZWU0LTkzYjgtMTg0N2NiODhlODNh
LzEvd3FfQlRjNUZDd1hzaHNmRk1IRE5hN2JieC00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLrYEAwQE
2RAAMA0EAgACMAcDBQMqBTbAMA0GCSqGSIb3DQEBCwUAA4IBAQA+A1W8MczqxdIz
7Gd1Jtng/oapNW0NSMgtG8GlLgHMR4gLlBb1D5MhkIoIXRpfph8wBmqYExZi2I6f
3fdIzEuWTgVEjrgsSYJwllzDeB0du6R1ofo2pS8m5do/Lh9JctS4zurPvbR1E2cz
46acctUImQBPsydeVlmAwc4ip16Ck54/jRQh72ZQy7PHnQUNZ9nCNobPGN7UoYk7
7iOj3ewm3gw/7xBBAYuhc8gaNHLNud66qivaeegi0G1uPdEcx8Pm1uXEWC3Irfpk
9An8T9vdH4NE4ezUMnzOiYn9FZm+Pb5MxbNLUDtLHkZUBYJUj52PIMA0NMzn0T5H
Po1fZcoS
-----END CERTIFICATE-----
Generated at Sat Apr 19 04:40:40 2025 by rpki-client