Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/ffef96-bac5-4126-b2b7-0135d9128e86/1/lmfWZKoYkRAAHasDtAPW75sLESk.roa
File: lmfWZKoYkRAAHasDtAPW75sLESk.roa (raw, json)
Hash identifier: eKVm4bw3UJgeJOcu9vDfGkD1pWOkJFGeQjuRX3lCcwo=
Subject key identifier: 96:67:D6:64:AA:18:91:10:00:1D:AB:03:B4:03:D6:EF:9B:0B:11:29
Certificate issuer: /CN=a503b1dd410070ad62e4a2fc66a13b4eb61368f4
Certificate serial: 018C4A2188004D40415D7A6E9DF3B0F42590
Authority key identifier: A5:03:B1:DD:41:00:70:AD:62:E4:A2:FC:66:A1:3B:4E:B6:13:68:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pQOx3UEAcK1i5KL8ZqE7TrYTaPQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/ffef96-bac5-4126-b2b7-0135d9128e86/1/lmfWZKoYkRAAHasDtAPW75sLESk.roa
Signing time: Fri 08 Dec 2023 15:52:40 +0000
ROA not before: Fri 08 Dec 2023 15:52:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207209
IP address blocks: 46.149.64.0/23 maxlen: 23
2001:678:9f4::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:4a:21:88:00:4d:40:41:5d:7a:6e:9d:f3:b0:f4:25:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a503b1dd410070ad62e4a2fc66a13b4eb61368f4
Validity
Not Before: Dec 8 15:52:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9667d664aa189110001dab03b403d6ef9b0b1129
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:b9:21:55:35:ad:ac:67:d0:a2:73:df:80:ae:
f0:b2:81:ed:cb:16:af:ae:20:91:67:63:b0:89:ad:
98:31:31:e2:21:de:d6:3d:48:11:47:6b:54:d5:58:
ef:59:53:ad:c9:e4:2b:76:70:ab:40:d2:33:41:4d:
3a:89:76:19:a8:46:5d:de:93:b2:90:2b:f4:46:81:
25:96:fe:c7:b9:01:7a:c6:91:7d:14:cf:72:ac:80:
47:fa:76:98:cd:90:47:77:aa:d1:3b:a9:62:36:80:
16:ae:fd:ef:9a:88:08:0d:1d:72:45:eb:37:cc:c9:
fd:ba:d3:d0:60:cc:45:62:81:40:dc:6e:34:ae:0e:
8c:e6:95:a1:17:3d:57:a7:da:9d:65:78:15:91:5b:
00:2a:a5:7e:3a:e9:34:80:68:ea:a2:73:47:88:58:
86:09:c2:70:9d:2e:72:2a:c3:ce:ae:3a:0d:0e:c3:
76:21:bc:3c:16:b2:29:9f:79:4c:e1:65:a4:1a:63:
3f:eb:2d:f8:69:bd:a0:14:44:1f:bb:83:f3:e1:27:
33:cf:e5:d0:4a:92:8d:8d:db:bd:6e:c9:36:7e:6a:
4e:01:e5:88:a8:59:e8:e5:64:28:67:5d:45:3a:f5:
f8:79:ba:71:41:79:db:f8:10:67:b1:f3:a6:e2:43:
bc:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:67:D6:64:AA:18:91:10:00:1D:AB:03:B4:03:D6:EF:9B:0B:11:29
X509v3 Authority Key Identifier:
keyid:A5:03:B1:DD:41:00:70:AD:62:E4:A2:FC:66:A1:3B:4E:B6:13:68:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pQOx3UEAcK1i5KL8ZqE7TrYTaPQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/ffef96-bac5-4126-b2b7-0135d9128e86/1/lmfWZKoYkRAAHasDtAPW75sLESk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/ffef96-bac5-4126-b2b7-0135d9128e86/1/pQOx3UEAcK1i5KL8ZqE7TrYTaPQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.149.64.0/23
IPv6:
2001:678:9f4::/48
Signature Algorithm: sha256WithRSAEncryption
4b:db:c6:c3:8f:e5:a7:aa:22:ef:e2:2c:ef:47:5f:1e:b4:f4:
3d:19:3c:9e:61:d3:86:19:70:97:e0:cc:6d:28:5f:21:d8:de:
87:a9:c9:a4:64:7e:9c:8e:ff:35:3a:b4:2f:fe:83:2b:ac:84:
a8:00:48:c8:6e:52:2b:5e:33:db:2c:bb:7a:e1:97:bc:c3:3f:
2f:03:e2:14:41:7c:45:c7:00:48:79:de:66:34:ca:b8:e1:90:
c3:72:95:15:7e:3e:74:66:af:69:f3:26:27:0f:07:57:1b:88:
c4:92:b7:07:0f:31:7a:07:a2:2c:f2:8e:e2:1f:cf:92:d4:a5:
a7:7f:60:95:34:bc:da:ee:c7:cf:65:e5:df:d6:30:b1:c1:78:
79:0c:fe:b9:a8:3b:75:9c:70:00:10:f9:ee:f6:01:13:bf:02:
6a:d9:e5:3e:c1:95:e0:0a:48:4e:02:e7:6f:e4:52:5f:1a:fc:
e4:5f:ad:db:01:f3:6e:4c:03:ac:10:68:fb:70:04:db:c3:11:
71:4c:78:6e:2b:f4:e8:6a:1d:6b:0f:ab:93:53:bf:31:30:b7:
72:ed:b8:d8:b3:3b:1a:d2:d4:00:46:78:98:01:09:f6:04:a5:
77:ea:2c:d7:90:dc:f4:3c:a4:c5:ca:23:32:2b:2c:1d:8b:02:
99:41:85:ce
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYxKIYgATUBBXXpunfOw9CWQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1MDNiMWRkNDEwMDcwYWQ2MmU0YTJmYzY2YTEzYjRlYjYx
MzY4ZjQwHhcNMjMxMjA4MTU1MjQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjY3ZDY2NGFhMTg5MTEwMDAxZGFiMDNiNDAzZDZlZjliMGIxMTI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm7khVTWtrGfQonPfgK7wsoHtyxav
riCRZ2Owia2YMTHiId7WPUgRR2tU1VjvWVOtyeQrdnCrQNIzQU06iXYZqEZd3pOy
kCv0RoEllv7HuQF6xpF9FM9yrIBH+naYzZBHd6rRO6liNoAWrv3vmogIDR1yRes3
zMn9utPQYMxFYoFA3G40rg6M5pWhFz1Xp9qdZXgVkVsAKqV+Ouk0gGjqonNHiFiG
CcJwnS5yKsPOrjoNDsN2Ibw8FrIpn3lM4WWkGmM/6y34ab2gFEQfu4Pz4Sczz+XQ
SpKNjdu9bsk2fmpOAeWIqFno5WQoZ11FOvX4ebpxQXnb+BBnsfOm4kO8dQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJZn1mSqGJEQAB2rA7QD1u+bCxEpMB8GA1UdIwQY
MBaAFKUDsd1BAHCtYuSi/GahO062E2j0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFFPeDNVRUFjSzFpNUtMOFpxRTdUcllUYVBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9mZmVmOTYtYmFjNS00MTI2LWIyYjct
MDEzNWQ5MTI4ZTg2LzEvbG1mV1pLb1lrUkFBSGFzRHRBUFc3NXNMRVNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9mZmVmOTYtYmFjNS00MTI2LWIyYjctMDEzNWQ5MTI4ZTg2
LzEvcFFPeDNVRUFjSzFpNUtMOFpxRTdUcllUYVBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBLpVAMA8E
AgACMAkDBwAgAQZ4CfQwDQYJKoZIhvcNAQELBQADggEBAEvbxsOP5aeqIu/iLO9H
Xx609D0ZPJ5h04YZcJfgzG0oXyHY3oepyaRkfpyO/zU6tC/+gyushKgASMhuUite
M9ssu3rhl7zDPy8D4hRBfEXHAEh53mY0yrjhkMNylRV+PnRmr2nzJicPB1cbiMSS
twcPMXoHoizyjuIfz5LUpad/YJU0vNrux89l5d/WMLHBeHkM/rmoO3WccAAQ+e72
ARO/AmrZ5T7BleAKSE4C52/kUl8a/ORfrdsB825MA6wQaPtwBNvDEXFMeG4r9Ohq
HWsPq5NTvzEwt3LtuNizOxrS1ABGeJgBCfYEpXfqLNeQ3PQ8pMXKIzIrLB2LAplB
hc4=
-----END CERTIFICATE-----
Generated at Thu Apr 17 01:01:28 2025 by rpki-client