Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/a1c6c0-e754-479e-851d-0d0da0d10432/1/Ld1ShyfhsxVb42zK-z32uawK1Dw.roa
File: Ld1ShyfhsxVb42zK-z32uawK1Dw.roa (raw, json)
Hash identifier: El0aqPmZuEz995xfKfBTloG4Ub+4XrZpdZpxdzAwObw=
Subject key identifier: 2D:DD:52:87:27:E1:B3:15:5B:E3:6C:CA:FB:3D:F6:B9:AC:0A:D4:3C
Certificate issuer: /CN=c1bf8f3e609072889e74dd0fb4e27f9bac47b3b0
Certificate serial: 018570DE551B1D7C1EF8887E2194271498F1
Authority key identifier: C1:BF:8F:3E:60:90:72:88:9E:74:DD:0F:B4:E2:7F:9B:AC:47:B3:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wb-PPmCQcoiedN0PtOJ_m6xHs7A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/a1c6c0-e754-479e-851d-0d0da0d10432/1/Ld1ShyfhsxVb42zK-z32uawK1Dw.roa
Signing time: Mon 02 Jan 2023 05:04:57 +0000
ROA not before: Mon 02 Jan 2023 05:04:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31593
IP address blocks: 46.33.32.0/21 maxlen: 21
46.33.40.0/22 maxlen: 22
46.33.56.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:de:55:1b:1d:7c:1e:f8:88:7e:21:94:27:14:98:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1bf8f3e609072889e74dd0fb4e27f9bac47b3b0
Validity
Not Before: Jan 2 05:04:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2ddd528727e1b3155be36ccafb3df6b9ac0ad43c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:12:cd:5b:a8:56:c3:59:06:24:70:b9:0d:7c:
42:7e:b1:dd:18:97:16:e2:cc:35:ae:1f:18:b9:f4:
be:75:56:6b:64:a0:19:f2:0a:5b:18:70:01:d1:19:
0a:04:43:bd:93:08:ca:c1:c3:05:1f:38:89:b6:88:
ed:e4:2c:30:43:11:f4:3e:fc:8b:c8:88:01:5b:a7:
f7:77:9f:55:cb:43:76:0a:c2:cc:18:90:f5:c7:6a:
c1:b5:7d:a6:c5:d3:b8:3a:d6:99:80:e5:6e:d9:b2:
23:8e:4b:4e:d1:3b:ee:71:18:68:45:73:73:c8:25:
bc:d2:90:a8:7a:0f:6d:9d:85:62:ec:a5:d2:f4:34:
3f:0e:8d:3b:ad:cd:e9:85:23:7d:42:34:a4:6f:44:
92:b9:b8:9f:e8:e5:a2:03:10:84:d6:33:31:bd:1a:
3f:3d:8e:00:a5:72:34:d3:5e:61:fc:65:fb:1c:7e:
30:b3:1b:05:6b:5c:a5:bf:64:b0:19:28:04:25:b0:
82:f3:86:a3:5c:09:4b:34:a9:f6:6f:72:3b:90:0f:
6d:01:bc:de:e2:84:06:23:ca:27:a3:bc:fa:d0:6c:
7a:ed:a6:b5:84:81:20:5c:00:53:1f:89:99:65:58:
fc:05:e9:7f:54:db:03:8d:50:e1:3c:09:ac:04:51:
a0:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:DD:52:87:27:E1:B3:15:5B:E3:6C:CA:FB:3D:F6:B9:AC:0A:D4:3C
X509v3 Authority Key Identifier:
keyid:C1:BF:8F:3E:60:90:72:88:9E:74:DD:0F:B4:E2:7F:9B:AC:47:B3:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wb-PPmCQcoiedN0PtOJ_m6xHs7A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/a1c6c0-e754-479e-851d-0d0da0d10432/1/Ld1ShyfhsxVb42zK-z32uawK1Dw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/a1c6c0-e754-479e-851d-0d0da0d10432/1/wb-PPmCQcoiedN0PtOJ_m6xHs7A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.33.32.0-46.33.43.255
46.33.56.0/22
Signature Algorithm: sha256WithRSAEncryption
02:88:1a:7f:5a:9c:79:51:62:5a:cf:36:2d:cb:b0:45:cf:05:
4c:ae:78:6b:19:48:c8:84:19:0f:e7:7d:79:f8:b8:bb:e1:92:
30:73:c2:79:24:e0:09:38:e5:c6:bf:2e:eb:88:77:a8:17:9d:
b5:f7:f4:f7:f8:cf:d3:f1:98:3b:7b:d2:ba:c9:b7:2a:9f:b3:
89:30:7a:06:6a:3f:3b:86:f6:48:ec:c3:38:5b:e6:74:e2:0e:
da:70:0c:90:39:fc:93:bb:18:c4:5e:a1:24:97:aa:57:ad:3e:
ec:d9:f6:bb:0c:d9:69:f6:43:04:d2:2b:c8:4f:81:31:e2:e1:
a8:4c:a4:e3:ec:e3:fa:5d:d4:9e:12:7e:7b:8f:2c:d9:fc:24:
0c:77:74:56:e5:8f:b2:b0:c2:bd:e2:55:94:c4:e5:13:2f:ae:
4f:72:2e:2e:e3:94:b8:22:4c:8c:0f:4d:26:ca:1d:51:12:f0:
db:8d:87:62:a3:e4:c7:1e:70:cd:e1:f6:82:c8:c7:14:c3:84:
54:3e:b0:96:78:3d:10:49:93:61:8b:7e:80:b5:ab:d2:a7:23:
c0:29:55:f6:27:24:76:40:b5:f7:b0:0d:ef:a5:32:ab:63:39:
f0:60:28:ff:b7:25:d2:92:46:0c:a6:91:54:44:e0:9a:5f:be:
7d:16:ff:32
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVw3lUbHXwe+Ih+IZQnFJjxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxYmY4ZjNlNjA5MDcyODg5ZTc0ZGQwZmI0ZTI3ZjliYWM0
N2IzYjAwHhcNMjMwMTAyMDUwNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGRkNTI4NzI3ZTFiMzE1NWJlMzZjY2FmYjNkZjZiOWFjMGFkNDNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjRLNW6hWw1kGJHC5DXxCfrHdGJcW
4sw1rh8YufS+dVZrZKAZ8gpbGHAB0RkKBEO9kwjKwcMFHziJtojt5CwwQxH0PvyL
yIgBW6f3d59Vy0N2CsLMGJD1x2rBtX2mxdO4OtaZgOVu2bIjjktO0TvucRhoRXNz
yCW80pCoeg9tnYVi7KXS9DQ/Do07rc3phSN9QjSkb0SSubif6OWiAxCE1jMxvRo/
PY4ApXI0015h/GX7HH4wsxsFa1ylv2SwGSgEJbCC84ajXAlLNKn2b3I7kA9tAbze
4oQGI8ono7z60Gx67aa1hIEgXABTH4mZZVj8Bel/VNsDjVDhPAmsBFGgoQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFC3dUocn4bMVW+Nsyvs99rmsCtQ8MB8GA1UdIwQY
MBaAFMG/jz5gkHKInnTdD7Tif5usR7OwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2ItUFBtQ1Fjb2llZE4wUHRPSl9tNnhIczdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9hMWM2YzAtZTc1NC00NzllLTg1MWQt
MGQwZGEwZDEwNDMyLzEvTGQxU2h5ZmhzeFZiNDJ6Sy16MzJ1YXdLMUR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9hMWM2YzAtZTc1NC00NzllLTg1MWQtMGQwZGEwZDEwNDMy
LzEvd2ItUFBtQ1Fjb2llZE4wUHRPSl9tNnhIczdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAUuISAD
BAIuISgDBAIuITgwDQYJKoZIhvcNAQELBQADggEBAAKIGn9anHlRYlrPNi3LsEXP
BUyueGsZSMiEGQ/nfXn4uLvhkjBzwnkk4Ak45ca/LuuId6gXnbX39Pf4z9PxmDt7
0rrJtyqfs4kwegZqPzuG9kjswzhb5nTiDtpwDJA5/JO7GMReoSSXqletPuzZ9rsM
2Wn2QwTSK8hPgTHi4ahMpOPs4/pd1J4SfnuPLNn8JAx3dFblj7Kwwr3iVZTE5RMv
rk9yLi7jlLgiTIwPTSbKHVES8NuNh2Kj5McecM3h9oLIxxTDhFQ+sJZ4PRBJk2GL
foC1q9KnI8ApVfYnJHZAtfewDe+lMqtjOfBgKP+3JdKSRgymkVRE4Jpfvn0W/zI=
-----END CERTIFICATE-----
Generated at Sun Apr 20 20:25:05 2025 by rpki-client