Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/4mgHf_P3sx0M8UGLe4rNYBCgmn8.roa
File: 4mgHf_P3sx0M8UGLe4rNYBCgmn8.roa (raw, json)
Hash identifier: Reyw+z3iCJWzw1u/XfKUgu4g00JEtffYJX+Lh8M9ycI=
Subject key identifier: E2:68:07:7F:F3:F7:B3:1D:0C:F1:41:8B:7B:8A:CD:60:10:A0:9A:7F
Certificate issuer: /CN=67499595a65aab0b53768def08091e31061e9e65
Certificate serial: 018C6A62262CD7640AD4FC49B56FFAF3C34A
Authority key identifier: 67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/4mgHf_P3sx0M8UGLe4rNYBCgmn8.roa
Signing time: Thu 14 Dec 2023 22:11:06 +0000
ROA not before: Thu 14 Dec 2023 22:11:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48449
IP address blocks: 46.20.110.0/24 maxlen: 24
46.20.106.0/24 maxlen: 24
46.20.108.0/24 maxlen: 24
185.160.195.0/24 maxlen: 24
185.160.194.0/24 maxlen: 24
185.169.221.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:6a:62:26:2c:d7:64:0a:d4:fc:49:b5:6f:fa:f3:c3:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67499595a65aab0b53768def08091e31061e9e65
Validity
Not Before: Dec 14 22:11:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e268077ff3f7b31d0cf1418b7b8acd6010a09a7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:01:d5:00:eb:4a:ff:9a:75:39:e3:2f:56:93:
78:8d:2a:67:df:fc:58:3c:c4:29:54:3a:1e:9c:7f:
f3:89:53:7d:83:b9:a5:4d:be:a2:52:e6:99:02:6a:
27:a3:36:82:72:73:d4:58:bd:74:ce:d4:51:91:4b:
cd:cc:f2:2e:20:6f:d1:3f:92:80:11:b6:50:22:e2:
8f:a2:29:5c:a3:e9:bc:75:f2:3f:1f:11:5a:49:7c:
46:13:ba:8b:42:17:34:fb:b6:62:f0:13:cd:e6:a7:
69:7d:5a:46:e6:85:5b:7f:a2:8e:81:cb:ff:1b:6e:
4a:48:84:64:39:89:fc:8c:dd:a2:62:2d:19:37:f4:
e5:c5:d1:9b:1c:88:17:b8:30:3c:1a:8c:f8:aa:01:
10:27:5f:e7:3d:06:7c:e6:d4:8e:3f:7d:e7:00:8e:
fa:cc:1c:ee:2b:d2:56:56:9b:62:b7:06:0e:c8:80:
a7:33:14:ec:24:05:0a:75:3e:65:78:10:ee:61:6d:
9c:47:2b:51:01:cf:62:1d:ce:e8:70:a6:44:2c:2e:
6e:5e:08:60:38:e1:d1:5b:47:03:31:1c:7c:c0:ce:
21:c6:ca:24:22:00:67:9a:6e:8e:df:52:36:17:74:
1a:cb:ec:96:fa:5c:a1:52:f4:16:0c:b8:cb:9d:07:
9e:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:68:07:7F:F3:F7:B3:1D:0C:F1:41:8B:7B:8A:CD:60:10:A0:9A:7F
X509v3 Authority Key Identifier:
keyid:67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/4mgHf_P3sx0M8UGLe4rNYBCgmn8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/Z0mVlaZaqwtTdo3vCAkeMQYenmU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.20.106.0/24
46.20.108.0/24
46.20.110.0/24
185.160.194.0/23
185.169.221.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:6f:33:86:33:8e:1e:6d:d2:c9:39:d1:87:74:fd:2e:1c:7a:
2d:4e:db:f7:7d:71:5a:0b:f3:a3:50:81:ef:c3:46:40:76:ac:
c5:f0:00:1c:ea:d5:bf:ef:1f:c3:b8:29:1d:0b:6b:bf:98:8c:
65:a6:91:a0:3b:be:e8:f4:b5:b3:0e:9f:39:e7:56:0c:50:e4:
14:f4:cf:2b:4f:f0:02:aa:51:80:c0:ec:c5:66:50:d3:0b:3e:
99:4e:5f:4b:9e:bd:2d:23:16:ef:22:8d:2f:98:44:b2:3d:3f:
38:24:03:ae:1f:a9:ab:08:65:b8:8e:b4:8b:7e:03:cf:2f:27:
0f:38:75:71:c8:b1:8e:3b:55:4a:b8:1b:a6:81:21:27:ea:82:
76:e2:ca:1c:21:18:f2:bc:04:54:a3:da:99:c5:0e:9b:74:2f:
8a:60:5b:88:a2:cf:2e:50:7e:f5:94:cb:3a:be:78:b2:ae:37:
ab:6f:cf:f4:4d:e9:01:ad:ab:f6:a0:df:a2:ed:50:63:7a:72:
47:14:f8:d2:59:75:4a:75:82:19:0a:91:fd:f1:7c:a1:d0:6c:
b2:70:59:6f:91:d9:46:1e:93:32:64:9e:d7:66:cf:55:64:96:
b6:00:30:1f:7d:d1:22:d7:b1:8f:2d:cd:37:eb:60:7b:af:bd:
ae:a4:9b:5c
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYxqYiYs12QK1PxJtW/688NKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3NDk5NTk1YTY1YWFiMGI1Mzc2OGRlZjA4MDkxZTMxMDYx
ZTllNjUwHhcNMjMxMjE0MjIxMTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjY4MDc3ZmYzZjdiMzFkMGNmMTQxOGI3YjhhY2Q2MDEwYTA5YTdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkwHVAOtK/5p1OeMvVpN4jSpn3/xY
PMQpVDoenH/ziVN9g7mlTb6iUuaZAmonozaCcnPUWL10ztRRkUvNzPIuIG/RP5KA
EbZQIuKPoilco+m8dfI/HxFaSXxGE7qLQhc0+7Zi8BPN5qdpfVpG5oVbf6KOgcv/
G25KSIRkOYn8jN2iYi0ZN/TlxdGbHIgXuDA8Goz4qgEQJ1/nPQZ85tSOP33nAI76
zBzuK9JWVptitwYOyICnMxTsJAUKdT5leBDuYW2cRytRAc9iHc7ocKZELC5uXghg
OOHRW0cDMRx8wM4hxsokIgBnmm6O31I2F3Qay+yW+lyhUvQWDLjLnQeePwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFOJoB3/z97MdDPFBi3uKzWAQoJp/MB8GA1UdIwQY
MBaAFGdJlZWmWqsLU3aN7wgJHjEGHp5lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTct
MzU1MDgwNDE2NTJkLzEvNG1nSGZfUDNzeDBNOFVHTGU0ck5ZQkNnbW44LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTctMzU1MDgwNDE2NTJk
LzEvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALhRqAwQA
LhRsAwQALhRuAwQBuaDCAwQAuandMA0GCSqGSIb3DQEBCwUAA4IBAQAKbzOGM44e
bdLJOdGHdP0uHHotTtv3fXFaC/OjUIHvw0ZAdqzF8AAc6tW/7x/DuCkdC2u/mIxl
ppGgO77o9LWzDp8551YMUOQU9M8rT/ACqlGAwOzFZlDTCz6ZTl9Lnr0tIxbvIo0v
mESyPT84JAOuH6mrCGW4jrSLfgPPLycPOHVxyLGOO1VKuBumgSEn6oJ24socIRjy
vARUo9qZxQ6bdC+KYFuIos8uUH71lMs6vniyrjerb8/0TekBrav2oN+i7VBjenJH
FPjSWXVKdYIZCpH98Xyh0GyycFlvkdlGHpMyZJ7XZs9VZJa2ADAffdEi17GPLc03
62B7r72upJtc
-----END CERTIFICATE-----
Generated at Sat Apr 19 07:23:05 2025 by rpki-client