Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/35ff32-a687-4f50-969a-98648901688f/1/J2l3mjdQhF3fxkOh-SdgCYlprg0.roa
File: J2l3mjdQhF3fxkOh-SdgCYlprg0.roa (raw, json)
Hash identifier: Tc2zqik8Izt8qjbxH9IkVKBSdUxU+L9Vuysh8uSH0M8=
Subject key identifier: 27:69:77:9A:37:50:84:5D:DF:C6:43:A1:F9:27:60:09:89:69:AE:0D
Certificate issuer: /CN=b56a8c91ad31745ff727da0482ede1b2fab462e7
Certificate serial: 018A644E408BD14697E484248F6C7905F208
Authority key identifier: B5:6A:8C:91:AD:31:74:5F:F7:27:DA:04:82:ED:E1:B2:FA:B4:62:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tWqMka0xdF_3J9oEgu3hsvq0Yuc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/35ff32-a687-4f50-969a-98648901688f/1/J2l3mjdQhF3fxkOh-SdgCYlprg0.roa
Signing time: Tue 05 Sep 2023 07:46:04 +0000
ROA not before: Tue 05 Sep 2023 07:46:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51625
IP address blocks: 185.204.233.0/24 maxlen: 24
46.31.112.0/24 maxlen: 24
185.204.232.0/24 maxlen: 24
46.31.116.0/24 maxlen: 24
185.204.235.0/24 maxlen: 24
46.31.114.0/24 maxlen: 24
46.31.115.0/24 maxlen: 24
185.204.234.0/24 maxlen: 24
46.31.113.0/24 maxlen: 24
46.31.117.0/24 maxlen: 24
46.31.118.0/24 maxlen: 24
46.31.119.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:64:4e:40:8b:d1:46:97:e4:84:24:8f:6c:79:05:f2:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b56a8c91ad31745ff727da0482ede1b2fab462e7
Validity
Not Before: Sep 5 07:46:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2769779a3750845ddfc643a1f92760098969ae0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:78:f4:3b:98:5b:07:c0:a9:af:70:4d:c3:23:
2c:bb:1e:ae:d4:68:09:ac:b7:e1:84:9c:34:0a:90:
a0:f3:84:5a:27:cb:12:9c:7a:af:bd:bc:97:28:66:
c7:c9:39:35:f9:bd:76:1d:c1:fc:e8:ba:13:d3:73:
de:ac:eb:f9:d1:a4:09:54:c2:7a:d5:6e:c5:91:6e:
f3:bf:40:7f:c7:04:23:d4:78:cc:8c:2e:f6:ba:04:
4d:64:cf:b0:bc:53:9d:c8:2b:d5:4e:c1:c9:6e:01:
d8:39:f9:d0:28:fb:43:ff:ca:8d:27:a7:57:3a:ac:
79:cf:f4:70:85:0e:d5:b0:37:78:2c:45:27:7e:35:
fb:7e:99:06:b4:79:38:d7:75:07:71:35:2d:7e:29:
6a:6a:42:45:75:3a:8d:c4:95:6f:1d:78:dc:a9:5f:
9c:6d:91:2b:dc:24:2b:23:ca:c2:4b:9e:88:a1:8a:
45:64:4a:cd:5d:66:29:94:d8:bc:cf:ef:73:12:ce:
9e:f4:04:b9:7c:b0:ff:04:e7:60:57:cb:71:a3:8c:
59:fb:2d:d7:6a:a2:dc:f0:c6:50:78:d6:ee:11:1d:
2c:dd:fb:9e:4b:02:ed:08:6e:a4:86:84:55:98:c9:
e0:b9:51:f9:0c:84:3c:51:f3:51:fe:71:22:94:0c:
a5:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:69:77:9A:37:50:84:5D:DF:C6:43:A1:F9:27:60:09:89:69:AE:0D
X509v3 Authority Key Identifier:
keyid:B5:6A:8C:91:AD:31:74:5F:F7:27:DA:04:82:ED:E1:B2:FA:B4:62:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tWqMka0xdF_3J9oEgu3hsvq0Yuc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/35ff32-a687-4f50-969a-98648901688f/1/J2l3mjdQhF3fxkOh-SdgCYlprg0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/35ff32-a687-4f50-969a-98648901688f/1/tWqMka0xdF_3J9oEgu3hsvq0Yuc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.31.112.0/21
185.204.232.0/22
Signature Algorithm: sha256WithRSAEncryption
2b:32:31:ad:6f:fe:2a:62:e8:83:da:2d:a3:ff:31:e8:3f:1f:
09:46:93:49:db:79:f1:73:d9:14:cc:84:5d:ff:77:3b:10:a1:
2e:0c:a1:a2:1f:6e:9e:b3:ba:9f:59:40:1a:1f:bc:81:3a:e8:
d3:33:d7:a7:94:d2:58:44:b8:cd:7c:44:fe:78:9a:f4:87:55:
9b:f1:bd:57:c6:df:53:cc:36:4c:ba:b0:de:92:61:6b:c6:59:
37:0f:15:a6:bb:9e:fa:7f:d1:a9:f9:41:d2:d6:a2:ab:61:33:
cd:7d:f3:26:e9:d7:ed:f2:f3:df:d9:bb:f6:02:41:72:8b:9b:
bc:31:dc:59:8c:d5:3c:db:77:2d:9a:f7:a5:f1:90:4f:43:96:
07:26:e0:86:79:90:7c:42:75:95:b0:63:33:e4:aa:4c:e0:21:
ab:97:70:04:ef:05:f6:ba:f0:af:12:e4:e4:76:72:66:25:10:
ad:ba:c3:87:bc:a8:af:84:5f:95:c2:23:09:ea:e4:b0:3e:43:
db:cb:96:6c:ed:5c:a9:fc:39:07:c6:3b:4e:12:50:e3:8e:c9:
7d:6b:f0:50:db:b0:97:b3:da:c3:01:41:a1:03:14:c6:5c:62:
18:c9:30:27:cc:33:72:d5:fb:92:40:48:c3:5a:37:dd:63:42:
ce:fa:cc:4c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYpkTkCL0UaX5IQkj2x5BfIIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NmE4YzkxYWQzMTc0NWZmNzI3ZGEwNDgyZWRlMWIyZmFi
NDYyZTcwHhcNMjMwOTA1MDc0NjA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzY5Nzc5YTM3NTA4NDVkZGZjNjQzYTFmOTI3NjAwOTg5NjlhZTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi3j0O5hbB8Cpr3BNwyMsux6u1GgJ
rLfhhJw0CpCg84RaJ8sSnHqvvbyXKGbHyTk1+b12HcH86LoT03PerOv50aQJVMJ6
1W7FkW7zv0B/xwQj1HjMjC72ugRNZM+wvFOdyCvVTsHJbgHYOfnQKPtD/8qNJ6dX
Oqx5z/RwhQ7VsDd4LEUnfjX7fpkGtHk413UHcTUtfilqakJFdTqNxJVvHXjcqV+c
bZEr3CQrI8rCS56IoYpFZErNXWYplNi8z+9zEs6e9AS5fLD/BOdgV8txo4xZ+y3X
aqLc8MZQeNbuER0s3fueSwLtCG6khoRVmMnguVH5DIQ8UfNR/nEilAylnwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCdpd5o3UIRd38ZDofknYAmJaa4NMB8GA1UdIwQY
MBaAFLVqjJGtMXRf9yfaBILt4bL6tGLnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFdxTWthMHhkRl8zSjlvRWd1M2hzdnEwWXVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8zNWZmMzItYTY4Ny00ZjUwLTk2OWEt
OTg2NDg5MDE2ODhmLzEvSjJsM21qZFFoRjNmeGtPaC1TZGdDWWxwcmcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8zNWZmMzItYTY4Ny00ZjUwLTk2OWEtOTg2NDg5MDE2ODhm
LzEvdFdxTWthMHhkRl8zSjlvRWd1M2hzdnEwWXVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDLh9wAwQC
uczoMA0GCSqGSIb3DQEBCwUAA4IBAQArMjGtb/4qYuiD2i2j/zHoPx8JRpNJ23nx
c9kUzIRd/3c7EKEuDKGiH26es7qfWUAaH7yBOujTM9enlNJYRLjNfET+eJr0h1Wb
8b1Xxt9TzDZMurDekmFrxlk3DxWmu576f9Gp+UHS1qKrYTPNffMm6dft8vPf2bv2
AkFyi5u8MdxZjNU823ctmvel8ZBPQ5YHJuCGeZB8QnWVsGMz5KpM4CGrl3AE7wX2
uvCvEuTkdnJmJRCtusOHvKivhF+VwiMJ6uSwPkPby5Zs7Vyp/DkHxjtOElDjjsl9
a/BQ27CXs9rDAUGhAxTGXGIYyTAnzDNy1fuSQEjDWjfdY0LO+sxM
-----END CERTIFICATE-----
Generated at Mon Apr 7 19:26:25 2025 by rpki-client