Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/090638-8a99-4063-93a0-6e9938972708/1/Tw1vNQcxmm_6SHJN6qsO0VYTwgM.roa
File: Tw1vNQcxmm_6SHJN6qsO0VYTwgM.roa (raw, json)
Hash identifier: pYf9Pn6D+9hYGJ4KWZ2xyevcPKiGNbaPPP9HX7TxOCQ=
Subject key identifier: 4F:0D:6F:35:07:31:9A:6F:FA:48:72:4D:EA:AB:0E:D1:56:13:C2:03
Certificate issuer: /CN=48f47a31172fb549c696132880c6824fb0777b55
Certificate serial: 01856E144A465551B025FFBE79E6AD17157D
Authority key identifier: 48:F4:7A:31:17:2F:B5:49:C6:96:13:28:80:C6:82:4F:B0:77:7B:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SPR6MRcvtUnGlhMogMaCT7B3e1U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/090638-8a99-4063-93a0-6e9938972708/1/Tw1vNQcxmm_6SHJN6qsO0VYTwgM.roa
Signing time: Sun 01 Jan 2023 16:05:01 +0000
ROA not before: Sun 01 Jan 2023 16:05:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209983
IP address blocks: 46.31.48.0/21 maxlen: 24
2a02:23ea::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:14:4a:46:55:51:b0:25:ff:be:79:e6:ad:17:15:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=48f47a31172fb549c696132880c6824fb0777b55
Validity
Not Before: Jan 1 16:05:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4f0d6f3507319a6ffa48724deaab0ed15613c203
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:64:b1:34:1d:ff:6f:3c:3f:3c:7a:1e:e3:17:
89:11:31:97:b8:80:c8:3e:d5:fa:54:df:88:03:6d:
db:47:4d:a7:01:b0:6d:be:a8:82:01:da:b8:9b:7d:
79:d2:bf:04:29:02:7d:43:b1:ef:1c:1b:f4:3d:5e:
d3:cc:32:aa:91:7d:2b:af:75:91:e8:19:e5:17:6c:
10:6b:8a:d8:2f:10:9c:10:a6:69:25:ae:ec:46:f8:
ec:03:e5:4a:97:1e:77:c2:90:17:7e:5e:a2:dd:a0:
ac:ce:1e:fc:4d:06:c3:da:e3:45:d6:8e:55:8e:2f:
e4:30:8c:b4:35:f7:64:ee:40:cd:f6:d4:f6:dd:dc:
0c:9c:03:02:fe:0d:29:08:7c:f3:6a:e2:b9:69:1f:
d4:1c:70:a7:15:49:9e:5f:89:25:65:b5:b8:6b:34:
20:06:05:a4:9c:fe:34:5f:15:b1:a6:cc:39:fe:74:
93:f3:45:38:4d:2d:11:ac:3f:8f:0f:b3:79:10:a4:
67:d0:e6:d1:3d:b1:1f:f3:c4:3e:21:b2:70:2a:95:
73:75:d1:8b:09:6f:c6:65:cf:7b:bf:e6:ba:ca:ae:
22:30:f6:36:9e:65:7d:6b:80:36:de:69:34:b4:57:
ff:17:0a:34:f3:d0:32:31:05:19:ba:95:14:68:c7:
e1:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:0D:6F:35:07:31:9A:6F:FA:48:72:4D:EA:AB:0E:D1:56:13:C2:03
X509v3 Authority Key Identifier:
keyid:48:F4:7A:31:17:2F:B5:49:C6:96:13:28:80:C6:82:4F:B0:77:7B:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SPR6MRcvtUnGlhMogMaCT7B3e1U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/090638-8a99-4063-93a0-6e9938972708/1/Tw1vNQcxmm_6SHJN6qsO0VYTwgM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/090638-8a99-4063-93a0-6e9938972708/1/SPR6MRcvtUnGlhMogMaCT7B3e1U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.31.48.0/21
IPv6:
2a02:23ea::/32
Signature Algorithm: sha256WithRSAEncryption
06:e8:f6:d2:e1:82:10:09:28:4f:06:47:be:9b:33:37:7c:12:
37:da:99:bb:d0:41:94:73:b1:75:30:68:51:27:52:bd:64:7a:
87:42:e7:fe:51:b5:0a:a5:53:a7:5b:59:36:77:ec:ca:31:1b:
df:19:00:66:e0:19:d2:ca:0f:99:a4:19:17:73:f5:22:61:5d:
dc:8a:8f:1f:0d:a1:b8:ef:bd:6f:8b:f9:37:7a:63:38:83:7b:
28:eb:97:1d:95:e0:70:bf:54:34:0a:a1:13:18:2e:a8:5f:69:
be:ba:a0:ca:6e:92:3d:3f:21:74:dc:de:75:f5:f4:94:17:f5:
27:d5:61:b4:69:de:8e:03:21:61:17:f3:bb:f5:1d:ef:00:aa:
9e:64:f6:de:ed:4e:32:70:53:22:5b:38:f3:3d:8f:ec:b0:64:
73:b8:ae:40:aa:22:59:3c:5f:fd:94:bf:81:1c:96:fe:14:ac:
72:da:d8:74:bd:4b:ef:54:d7:7c:6a:31:73:a9:47:65:62:30:
64:a6:71:7f:10:88:d6:c2:ae:e6:e8:4f:86:08:84:d0:d7:63:
51:8a:ff:f5:31:cc:f6:64:c9:17:4d:f9:52:4e:db:6c:4f:a6:
0c:64:24:f3:71:49:95:0e:16:5d:c0:af:6d:36:40:62:22:86:
11:d0:52:8a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVuFEpGVVGwJf++eeatFxV9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4ZjQ3YTMxMTcyZmI1NDljNjk2MTMyODgwYzY4MjRmYjA3
NzdiNTUwHhcNMjMwMTAxMTYwNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjBkNmYzNTA3MzE5YTZmZmE0ODcyNGRlYWFiMGVkMTU2MTNjMjAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqmSxNB3/bzw/PHoe4xeJETGXuIDI
PtX6VN+IA23bR02nAbBtvqiCAdq4m3150r8EKQJ9Q7HvHBv0PV7TzDKqkX0rr3WR
6BnlF2wQa4rYLxCcEKZpJa7sRvjsA+VKlx53wpAXfl6i3aCszh78TQbD2uNF1o5V
ji/kMIy0Nfdk7kDN9tT23dwMnAMC/g0pCHzzauK5aR/UHHCnFUmeX4klZbW4azQg
BgWknP40XxWxpsw5/nST80U4TS0RrD+PD7N5EKRn0ObRPbEf88Q+IbJwKpVzddGL
CW/GZc97v+a6yq4iMPY2nmV9a4A23mk0tFf/Fwo089AyMQUZupUUaMfhbQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFE8NbzUHMZpv+khyTeqrDtFWE8IDMB8GA1UdIwQY
MBaAFEj0ejEXL7VJxpYTKIDGgk+wd3tVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1BSNk1SY3Z0VW5HbGhNb2dNYUNUN0IzZTFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS8wOTA2MzgtOGE5OS00MDYzLTkzYTAt
NmU5OTM4OTcyNzA4LzEvVHcxdk5RY3htbV82U0hKTjZxc08wVllUd2dNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS8wOTA2MzgtOGE5OS00MDYzLTkzYTAtNmU5OTM4OTcyNzA4
LzEvU1BSNk1SY3Z0VW5HbGhNb2dNYUNUN0IzZTFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDLh8wMA0E
AgACMAcDBQAqAiPqMA0GCSqGSIb3DQEBCwUAA4IBAQAG6PbS4YIQCShPBke+mzM3
fBI32pm70EGUc7F1MGhRJ1K9ZHqHQuf+UbUKpVOnW1k2d+zKMRvfGQBm4BnSyg+Z
pBkXc/UiYV3cio8fDaG4771vi/k3emM4g3so65cdleBwv1Q0CqETGC6oX2m+uqDK
bpI9PyF03N519fSUF/Un1WG0ad6OAyFhF/O79R3vAKqeZPbe7U4ycFMiWzjzPY/s
sGRzuK5AqiJZPF/9lL+BHJb+FKxy2th0vUvvVNd8ajFzqUdlYjBkpnF/EIjWwq7m
6E+GCITQ12NRiv/1Mcz2ZMkXTflSTttsT6YMZCTzcUmVDhZdwK9tNkBiIoYR0FKK
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:45:46 2025 by rpki-client