Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/b9bb7f-166d-41af-a1db-866b2b021fc5/1/vYKocEDW_5MdWMBN3IUOa2PTCVI.roa
File: vYKocEDW_5MdWMBN3IUOa2PTCVI.roa (raw, json)
Hash identifier: mS1atJOitC+8wb2JbDZu9yG1p6dMfQa0j3HSmsireKc=
Subject key identifier: BD:82:A8:70:40:D6:FF:93:1D:58:C0:4D:DC:85:0E:6B:63:D3:09:52
Certificate issuer: /CN=aeac1b2129abbac6539f80da6550c49721d0a8c4
Certificate serial: 0185720C579F637297468E8B0EC2066C848D
Authority key identifier: AE:AC:1B:21:29:AB:BA:C6:53:9F:80:DA:65:50:C4:97:21:D0:A8:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rqwbISmrusZTn4DaZVDElyHQqMQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/b9bb7f-166d-41af-a1db-866b2b021fc5/1/vYKocEDW_5MdWMBN3IUOa2PTCVI.roa
Signing time: Mon 02 Jan 2023 10:34:49 +0000
ROA not before: Mon 02 Jan 2023 10:34:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199604
IP address blocks: 46.227.172.0/24 maxlen: 24
2a02:7a00:2::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:0c:57:9f:63:72:97:46:8e:8b:0e:c2:06:6c:84:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aeac1b2129abbac6539f80da6550c49721d0a8c4
Validity
Not Before: Jan 2 10:34:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bd82a87040d6ff931d58c04ddc850e6b63d30952
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:07:63:6b:0e:ce:12:3a:0c:1b:a8:bf:8d:8c:
e4:65:e6:1d:a5:48:0a:4f:02:f8:c4:b1:b5:68:1a:
64:f8:63:b1:47:ca:3f:7c:c3:dd:73:43:3a:c4:ff:
d4:c1:af:b9:f1:58:c9:db:c7:8f:76:c9:48:f6:cc:
d0:c9:4f:dd:0a:ed:4c:89:fe:93:25:07:0a:d8:09:
90:dc:ad:ce:8b:7c:28:28:d3:c0:c1:59:16:63:b4:
7b:45:62:c6:31:e9:d7:2b:34:34:ea:eb:e5:96:cc:
78:e4:88:6b:4c:cf:24:c3:6e:48:4c:f9:8e:2f:ae:
1e:31:16:f1:d6:d2:62:75:82:1a:ca:80:89:1e:49:
99:2f:ad:cb:2d:e0:90:e0:cb:54:97:43:57:48:14:
f1:f7:1d:d6:37:2c:24:7f:76:e8:36:16:ae:d5:fb:
8b:c5:d0:f9:6c:c7:80:cc:41:2d:f4:21:68:02:5d:
da:45:5a:ba:83:48:7f:a0:ee:c7:49:d8:51:81:25:
69:93:ba:c8:fd:d7:38:49:20:d3:17:f3:8b:9f:be:
73:0f:be:58:78:da:3f:6c:36:78:41:d5:d2:ff:b0:
a9:fb:cb:4a:2a:96:ec:2a:82:e7:ff:74:6d:5a:ca:
38:a9:55:6b:5c:b7:48:d5:94:73:aa:f9:80:e9:48:
ee:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:82:A8:70:40:D6:FF:93:1D:58:C0:4D:DC:85:0E:6B:63:D3:09:52
X509v3 Authority Key Identifier:
keyid:AE:AC:1B:21:29:AB:BA:C6:53:9F:80:DA:65:50:C4:97:21:D0:A8:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rqwbISmrusZTn4DaZVDElyHQqMQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/b9bb7f-166d-41af-a1db-866b2b021fc5/1/vYKocEDW_5MdWMBN3IUOa2PTCVI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/b9bb7f-166d-41af-a1db-866b2b021fc5/1/rqwbISmrusZTn4DaZVDElyHQqMQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.227.172.0/24
IPv6:
2a02:7a00:2::/48
Signature Algorithm: sha256WithRSAEncryption
56:4f:bb:fc:85:0c:55:65:b4:6d:cf:66:92:87:8c:e4:16:e3:
1a:43:b4:86:b1:dd:92:a6:46:88:77:36:b5:dc:04:f3:9b:db:
85:b1:81:81:b6:71:a7:32:95:f7:00:27:8d:5e:80:32:a3:ae:
ce:1f:52:97:b1:0d:84:66:1a:90:e1:ae:74:3b:0a:65:e1:69:
4f:4e:ac:26:8a:d0:ee:08:ae:03:aa:b0:37:52:2a:cb:4a:ae:
cc:56:68:49:24:c8:1a:d0:a5:e8:b9:2d:aa:b8:5c:8e:55:17:
69:47:cb:99:78:a8:9f:44:d7:d3:cf:58:89:bb:fe:d0:2a:0e:
b5:30:95:ed:5d:9a:e7:5f:e3:62:13:ca:51:eb:47:e4:00:43:
2d:56:48:f6:1e:a0:d6:9e:69:66:ab:dd:13:19:b3:e5:18:a0:
4e:15:95:ed:ee:61:43:20:35:2f:3a:5b:a2:2c:79:9e:e3:a1:
d5:32:e5:30:f0:0c:0c:ae:16:5d:f0:16:cb:b6:35:2e:9d:e2:
98:6b:fd:3d:8b:6e:49:7d:fc:45:9b:0f:46:c2:d5:6f:f5:3a:
18:66:6a:b5:e1:98:d7:00:e1:0b:09:11:fd:40:22:97:c5:c2:
4d:47:6a:b6:be:12:c8:72:a2:c8:22:33:35:0f:bd:ad:06:5a:
65:aa:db:c5
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVyDFefY3KXRo6LDsIGbISNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlYWMxYjIxMjlhYmJhYzY1MzlmODBkYTY1NTBjNDk3MjFk
MGE4YzQwHhcNMjMwMTAyMTAzNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDgyYTg3MDQwZDZmZjkzMWQ1OGMwNGRkYzg1MGU2YjYzZDMwOTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjQdjaw7OEjoMG6i/jYzkZeYdpUgK
TwL4xLG1aBpk+GOxR8o/fMPdc0M6xP/Uwa+58VjJ28ePdslI9szQyU/dCu1Mif6T
JQcK2AmQ3K3Oi3woKNPAwVkWY7R7RWLGMenXKzQ06uvllsx45IhrTM8kw25ITPmO
L64eMRbx1tJidYIayoCJHkmZL63LLeCQ4MtUl0NXSBTx9x3WNywkf3boNhau1fuL
xdD5bMeAzEEt9CFoAl3aRVq6g0h/oO7HSdhRgSVpk7rI/dc4SSDTF/OLn75zD75Y
eNo/bDZ4QdXS/7Cp+8tKKpbsKoLn/3RtWso4qVVrXLdI1ZRzqvmA6UjunQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFL2CqHBA1v+THVjATdyFDmtj0wlSMB8GA1UdIwQY
MBaAFK6sGyEpq7rGU5+A2mVQxJch0KjEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnF3YklTbXJ1c1pUbjREYVpWREVseUhRcU1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9iOWJiN2YtMTY2ZC00MWFmLWExZGIt
ODY2YjJiMDIxZmM1LzEvdllLb2NFRFdfNU1kV01CTjNJVU9hMlBUQ1ZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9iOWJiN2YtMTY2ZC00MWFmLWExZGItODY2YjJiMDIxZmM1
LzEvcnF3YklTbXJ1c1pUbjREYVpWREVseUhRcU1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQALuOsMA8E
AgACMAkDBwAqAnoAAAIwDQYJKoZIhvcNAQELBQADggEBAFZPu/yFDFVltG3PZpKH
jOQW4xpDtIax3ZKmRoh3NrXcBPOb24WxgYG2cacylfcAJ41egDKjrs4fUpexDYRm
GpDhrnQ7CmXhaU9OrCaK0O4IrgOqsDdSKstKrsxWaEkkyBrQpei5Laq4XI5VF2lH
y5l4qJ9E19PPWIm7/tAqDrUwle1dmudf42ITylHrR+QAQy1WSPYeoNaeaWar3RMZ
s+UYoE4Vle3uYUMgNS86W6IseZ7jodUy5TDwDAyuFl3wFsu2NS6d4phr/T2Lbkl9
/EWbD0bC1W/1OhhmarXhmNcA4QsJEf1AIpfFwk1Hara+EshyosgiMzUPva0GWmWq
28U=
-----END CERTIFICATE-----
Generated at Tue Apr 22 23:24:10 2025 by rpki-client