Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/b24127-81dd-4fa1-83f0-7b410b781def/1/by_CA2xz_saPLDeuovTPZNa9iNY.roa
File: by_CA2xz_saPLDeuovTPZNa9iNY.roa (raw, json)
Hash identifier: jOPXzuSWLTsY1VlSwJmvXXUvBEUQTLpdrMIu2AJvins=
Subject key identifier: 6F:2F:C2:03:6C:73:FE:C6:8F:2C:37:AE:A2:F4:CF:64:D6:BD:88:D6
Certificate issuer: /CN=c56d2154ed53b629d872b2a38d9cd041bdb4b128
Certificate serial: 01867871ECFD863859BBFA80939EFF59A9A6
Authority key identifier: C5:6D:21:54:ED:53:B6:29:D8:72:B2:A3:8D:9C:D0:41:BD:B4:B1:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xW0hVO1TtinYcrKjjZzQQb20sSg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/b24127-81dd-4fa1-83f0-7b410b781def/1/by_CA2xz_saPLDeuovTPZNa9iNY.roa
Signing time: Wed 22 Feb 2023 09:26:17 +0000
ROA not before: Wed 22 Feb 2023 09:26:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49798
IP address blocks: 46.228.222.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:78:71:ec:fd:86:38:59:bb:fa:80:93:9e:ff:59:a9:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c56d2154ed53b629d872b2a38d9cd041bdb4b128
Validity
Not Before: Feb 22 09:26:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6f2fc2036c73fec68f2c37aea2f4cf64d6bd88d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:4f:64:e1:6b:76:d9:bb:0b:84:94:36:cc:ea:
7a:27:9b:2e:af:08:a4:f6:14:ff:45:f6:6e:64:51:
fd:f3:a4:08:b0:97:8b:fe:a7:40:7d:ed:a2:46:42:
bc:18:db:9f:72:41:0f:35:74:77:0e:fb:c7:22:e2:
e6:f6:28:f9:c8:6a:69:0a:a2:ce:0e:0d:fa:e3:54:
46:b1:dc:61:12:3b:9d:68:0c:7e:12:40:66:ab:cd:
11:fb:1b:75:de:ca:e7:81:e0:a7:e5:43:32:2a:db:
5b:05:f9:27:cb:49:05:e0:22:5c:fe:e2:82:f7:1a:
ab:c2:cf:86:55:6e:44:a5:8b:9f:3c:75:9d:e2:e8:
bb:4d:39:24:ed:c0:c1:c4:6f:4e:1c:d2:df:cc:f3:
c2:38:7f:18:10:2e:f4:94:28:16:f3:a4:20:98:2b:
e9:0e:49:5b:c6:b0:5f:3b:ff:6d:ac:14:94:58:cd:
e4:c2:0b:d0:3b:c3:0d:e7:7b:b7:99:10:7c:92:52:
b1:4a:64:5e:93:12:90:9b:e7:d3:a0:95:ae:00:b0:
88:99:7e:8f:c2:0f:94:89:fe:4e:ea:67:d4:fb:51:
60:79:fb:61:cf:32:85:08:28:ec:b2:4a:30:a5:b5:
7b:0d:91:7d:e9:43:4c:40:50:bb:8c:2d:8b:e1:46:
5c:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:2F:C2:03:6C:73:FE:C6:8F:2C:37:AE:A2:F4:CF:64:D6:BD:88:D6
X509v3 Authority Key Identifier:
keyid:C5:6D:21:54:ED:53:B6:29:D8:72:B2:A3:8D:9C:D0:41:BD:B4:B1:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xW0hVO1TtinYcrKjjZzQQb20sSg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/b24127-81dd-4fa1-83f0-7b410b781def/1/by_CA2xz_saPLDeuovTPZNa9iNY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/b24127-81dd-4fa1-83f0-7b410b781def/1/xW0hVO1TtinYcrKjjZzQQb20sSg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.228.222.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:a3:c0:c5:76:e5:81:dc:e1:4b:5c:ce:eb:9b:9f:94:be:06:
9a:c8:7d:cd:9f:6d:02:46:82:ae:ca:e0:40:05:2e:2d:29:3d:
37:69:ca:99:bf:fc:4b:41:64:b0:92:58:0d:58:7b:19:5b:73:
ef:9b:df:8e:9f:26:2a:55:7e:eb:b5:2c:7e:9d:9f:59:00:72:
58:b4:a3:c2:a1:92:be:4e:7c:fc:2d:2f:64:19:45:96:f6:a5:
f3:26:4b:89:ba:46:a6:9b:79:aa:c3:8c:8d:3e:23:94:49:78:
f7:09:d2:02:21:72:2b:e0:79:70:6e:92:ce:e6:ec:5a:92:6b:
bc:41:82:32:db:88:1f:b8:67:00:2d:6b:8c:ad:40:f9:5e:68:
87:68:1c:1e:e0:6c:15:88:78:4c:03:cf:9b:cd:05:8f:42:57:
a7:2c:6d:d2:87:5f:2f:fc:a3:55:97:33:51:58:d2:fd:ce:69:
49:2f:de:14:bd:e9:6e:a0:63:8f:19:97:0d:a5:71:84:2d:cd:
4d:15:ae:84:fd:99:9d:81:28:1f:d0:27:4b:0f:f0:92:0c:87:
34:e2:8f:51:fa:ac:db:a7:a0:7f:c0:03:51:98:0c:b8:4f:8a:
d1:e9:1f:80:7a:f1:fc:18:47:f1:d4:f3:3e:cf:9f:57:9f:0c:
76:01:b2:6a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYZ4cez9hjhZu/qAk57/WammMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1NmQyMTU0ZWQ1M2I2MjlkODcyYjJhMzhkOWNkMDQxYmRi
NGIxMjgwHhcNMjMwMjIyMDkyNjE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjJmYzIwMzZjNzNmZWM2OGYyYzM3YWVhMmY0Y2Y2NGQ2YmQ4OGQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhE9k4Wt22bsLhJQ2zOp6J5surwik
9hT/RfZuZFH986QIsJeL/qdAfe2iRkK8GNufckEPNXR3DvvHIuLm9ij5yGppCqLO
Dg3641RGsdxhEjudaAx+EkBmq80R+xt13srngeCn5UMyKttbBfkny0kF4CJc/uKC
9xqrws+GVW5EpYufPHWd4ui7TTkk7cDBxG9OHNLfzPPCOH8YEC70lCgW86QgmCvp
DklbxrBfO/9trBSUWM3kwgvQO8MN53u3mRB8klKxSmRekxKQm+fToJWuALCImX6P
wg+Uif5O6mfU+1FgefthzzKFCCjsskowpbV7DZF96UNMQFC7jC2L4UZc4QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG8vwgNsc/7Gjyw3rqL0z2TWvYjWMB8GA1UdIwQY
MBaAFMVtIVTtU7Yp2HKyo42c0EG9tLEoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFcwaFZPMVR0aW5ZY3JLampaelFRYjIwc1NnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9iMjQxMjctODFkZC00ZmExLTgzZjAt
N2I0MTBiNzgxZGVmLzEvYnlfQ0EyeHpfc2FQTERldW92VFBaTmE5aU5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9iMjQxMjctODFkZC00ZmExLTgzZjAtN2I0MTBiNzgxZGVm
LzEveFcwaFZPMVR0aW5ZY3JLampaelFRYjIwc1NnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALuTeMA0G
CSqGSIb3DQEBCwUAA4IBAQAeo8DFduWB3OFLXM7rm5+UvgaayH3Nn20CRoKuyuBA
BS4tKT03acqZv/xLQWSwklgNWHsZW3Pvm9+OnyYqVX7rtSx+nZ9ZAHJYtKPCoZK+
Tnz8LS9kGUWW9qXzJkuJukamm3mqw4yNPiOUSXj3CdICIXIr4HlwbpLO5uxakmu8
QYIy24gfuGcALWuMrUD5XmiHaBwe4GwViHhMA8+bzQWPQlenLG3Sh18v/KNVlzNR
WNL9zmlJL94UveluoGOPGZcNpXGELc1NFa6E/ZmdgSgf0CdLD/CSDIc04o9R+qzb
p6B/wANRmAy4T4rR6R+AevH8GEfx1PM+z59Xnwx2AbJq
-----END CERTIFICATE-----
Generated at Mon Apr 21 06:14:23 2025 by rpki-client