Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/1-dZr_LxwSAXI7gA84As7uRbOz44.roa
File: 1-dZr_LxwSAXI7gA84As7uRbOz44.roa (raw, json)
Hash identifier: BC4U4HiVdjjv8LJhQqSjY6XI98UUoJ0FduKcm/14lko=
Subject key identifier: F9:D6:6B:FC:BC:70:48:05:C8:EE:00:3C:E0:0B:3B:B9:16:CE:CF:8E
Certificate issuer: /CN=67499595a65aab0b53768def08091e31061e9e65
Certificate serial: 018B4175960B645A7FCC91EAE5FB60600574
Authority key identifier: 67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/1-dZr_LxwSAXI7gA84As7uRbOz44.roa
Signing time: Wed 18 Oct 2023 06:25:06 +0000
ROA not before: Wed 18 Oct 2023 06:25:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48449
IP address blocks: 46.20.110.0/24 maxlen: 24
46.20.108.0/24 maxlen: 24
185.160.195.0/24 maxlen: 24
185.160.194.0/24 maxlen: 24
185.169.221.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:41:75:96:0b:64:5a:7f:cc:91:ea:e5:fb:60:60:05:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67499595a65aab0b53768def08091e31061e9e65
Validity
Not Before: Oct 18 06:25:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f9d66bfcbc704805c8ee003ce00b3bb916cecf8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:4c:e7:3f:13:6d:00:6d:4e:f0:45:d6:c5:b1:
07:89:e4:22:1e:b5:39:4f:e2:7c:57:5e:a2:19:9d:
92:97:08:b5:49:99:42:3c:63:05:f8:a7:99:32:e9:
1b:dd:55:e0:fd:d3:b8:ea:34:41:f8:ba:65:81:df:
56:94:a2:b3:09:c9:4a:63:1e:34:2f:dc:05:e3:df:
8d:99:cb:75:9a:eb:2a:31:f9:56:15:f7:10:15:d8:
93:e7:aa:2f:56:62:a7:b6:fa:4a:cf:35:c8:e2:27:
26:83:c9:a5:e4:1f:72:b7:56:10:f7:30:48:af:f0:
40:1d:66:4d:95:96:9f:11:78:81:ee:92:d5:50:b0:
76:10:d6:0c:52:8f:68:06:31:f8:1e:e3:58:cf:2c:
77:e7:46:eb:31:72:09:cc:3c:2a:47:71:f7:bb:50:
64:d6:a9:45:33:0f:5f:a8:85:89:02:5d:3a:df:c7:
93:2c:9e:1e:29:0c:e9:f1:83:c0:fa:43:37:2c:cf:
53:ae:05:75:50:71:b0:c1:e5:0f:a4:f6:4a:62:98:
49:91:7c:88:50:06:6b:4b:35:8f:5a:97:74:c5:fc:
76:7c:c7:4b:e2:38:7c:b9:ac:f6:7b:4e:a3:83:d0:
eb:a4:8b:88:ca:41:77:71:23:df:e0:8a:ee:a6:a9:
ef:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:D6:6B:FC:BC:70:48:05:C8:EE:00:3C:E0:0B:3B:B9:16:CE:CF:8E
X509v3 Authority Key Identifier:
keyid:67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/1-dZr_LxwSAXI7gA84As7uRbOz44.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/Z0mVlaZaqwtTdo3vCAkeMQYenmU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.20.108.0/24
46.20.110.0/24
185.160.194.0/23
185.169.221.0/24
Signature Algorithm: sha256WithRSAEncryption
37:2e:26:f2:ec:69:b4:70:26:87:8e:f2:de:d7:7c:3c:3e:63:
45:31:29:af:58:d9:08:b7:e9:99:e1:f6:66:3c:27:b7:60:a0:
c3:a4:7e:57:1f:d9:3e:a6:70:56:87:22:84:a6:83:45:ae:2c:
f1:4c:8b:59:93:54:36:13:2e:10:f6:83:d9:37:32:9e:29:a3:
e7:e0:7f:a0:98:2e:c7:8a:2c:f0:e5:df:77:d3:90:e2:56:2a:
38:42:8f:8b:8b:d0:6f:64:e3:e1:fd:44:ae:c9:d5:8c:4f:16:
d5:11:53:7d:dc:58:71:82:d2:e7:e6:b7:b7:10:74:13:42:b5:
5f:60:6b:81:9f:90:76:eb:ba:fa:bc:3d:05:62:b1:c1:c1:60:
c1:4f:38:d7:68:74:aa:07:cb:fc:74:7f:c0:d4:08:fd:c5:2c:
df:de:73:3c:9e:36:a4:cf:99:e3:f2:00:ef:32:bb:88:98:6c:
af:90:30:a8:7d:3e:36:24:f9:21:fd:15:13:67:eb:bf:a9:4f:
93:82:6c:f1:75:24:30:85:74:1b:a4:8d:ba:7b:87:af:83:be:
2c:db:a9:52:f3:9c:0e:6f:bc:20:f9:0d:ec:c7:ce:c7:20:d0:
f6:d4:16:bd:8e:af:b6:db:1b:19:6b:57:69:7c:fd:23:4f:e0:
81:dc:3b:b3
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAYtBdZYLZFp/zJHq5ftgYAV0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3NDk5NTk1YTY1YWFiMGI1Mzc2OGRlZjA4MDkxZTMxMDYx
ZTllNjUwHhcNMjMxMDE4MDYyNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWQ2NmJmY2JjNzA0ODA1YzhlZTAwM2NlMDBiM2JiOTE2Y2VjZjhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqEznPxNtAG1O8EXWxbEHieQiHrU5
T+J8V16iGZ2Slwi1SZlCPGMF+KeZMukb3VXg/dO46jRB+Lplgd9WlKKzCclKYx40
L9wF49+Nmct1musqMflWFfcQFdiT56ovVmKntvpKzzXI4icmg8ml5B9yt1YQ9zBI
r/BAHWZNlZafEXiB7pLVULB2ENYMUo9oBjH4HuNYzyx350brMXIJzDwqR3H3u1Bk
1qlFMw9fqIWJAl0638eTLJ4eKQzp8YPA+kM3LM9TrgV1UHGwweUPpPZKYphJkXyI
UAZrSzWPWpd0xfx2fMdL4jh8uaz2e06jg9DrpIuIykF3cSPf4Irupqnv6wIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFPnWa/y8cEgFyO4APOALO7kWzs+OMB8GA1UdIwQY
MBaAFGdJlZWmWqsLU3aN7wgJHjEGHp5lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTct
MzU1MDgwNDE2NTJkLzEvMS1kWnJfTHh3U0FYSTdnQTg0QXM3dVJiT3o0NC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNWYvYjc0NGI4LWYzOWQtNDk1Yi1iMjE3LTM1NTA4MDQxNjUy
ZC8xL1owbVZsYVphcXd0VGRvM3ZDQWtlTVFZZW5tVS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAxBggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAC4UbAME
AC4UbgMEAbmgwgMEALmp3TANBgkqhkiG9w0BAQsFAAOCAQEANy4m8uxptHAmh47y
3td8PD5jRTEpr1jZCLfpmeH2Zjwnt2Cgw6R+Vx/ZPqZwVocihKaDRa4s8UyLWZNU
NhMuEPaD2Tcynimj5+B/oJgux4os8OXfd9OQ4lYqOEKPi4vQb2Tj4f1ErsnVjE8W
1RFTfdxYcYLS5+a3txB0E0K1X2BrgZ+Qduu6+rw9BWKxwcFgwU8412h0qgfL/HR/
wNQI/cUs395zPJ42pM+Z4/IA7zK7iJhsr5AwqH0+NiT5If0VE2frv6lPk4Js8XUk
MIV0G6SNunuHr4O+LNupUvOcDm+8IPkN7MfOxyDQ9tQWvY6vttsbGWtXaXz9I0/g
gdw7sw==
-----END CERTIFICATE-----
Generated at Sat Apr 19 07:17:49 2025 by rpki-client