Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/7jGhO08vsJxnGBmH1lHwZ9Ip5WM.roa
File: 7jGhO08vsJxnGBmH1lHwZ9Ip5WM.roa (raw, json)
Hash identifier: mutkIebZVyAZqJCd3V5qa9fafnOkOudRIo38YFIqc04=
Subject key identifier: EE:31:A1:3B:4F:2F:B0:9C:67:18:19:87:D6:51:F0:67:D2:29:E5:63
Certificate issuer: /CN=67499595a65aab0b53768def08091e31061e9e65
Certificate serial: 018C6D04B3821861D10C0A6AF8976C4F730C
Authority key identifier: 67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/7jGhO08vsJxnGBmH1lHwZ9Ip5WM.roa
Signing time: Fri 15 Dec 2023 10:27:53 +0000
ROA not before: Fri 15 Dec 2023 10:27:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48449
IP address blocks: 46.20.110.0/24 maxlen: 24
46.20.106.0/24 maxlen: 24
46.20.108.0/24 maxlen: 24
185.160.195.0/24 maxlen: 24
185.160.194.0/24 maxlen: 24
185.100.168.0/24 maxlen: 24
185.169.221.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:6d:04:b3:82:18:61:d1:0c:0a:6a:f8:97:6c:4f:73:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67499595a65aab0b53768def08091e31061e9e65
Validity
Not Before: Dec 15 10:27:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ee31a13b4f2fb09c67181987d651f067d229e563
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:56:18:2f:e6:bf:1f:ed:73:30:e1:8b:3f:98:
3a:95:0d:d3:3d:dd:3e:e6:f3:0c:48:7c:45:78:5a:
56:99:5e:f7:31:a0:c9:ce:b1:0c:94:c8:90:88:c3:
81:28:4a:f4:85:76:e3:2a:f7:fd:ad:46:35:59:f2:
6d:d4:a1:64:c1:f3:49:72:af:f0:8e:db:03:e4:5d:
22:6c:07:b8:11:ec:c9:bc:f6:8c:47:36:78:d0:33:
e4:f9:22:31:99:1a:a8:ac:3f:c1:7a:47:fd:95:54:
9a:74:c7:ca:91:2f:b4:6f:83:95:59:57:b7:6f:3d:
30:52:7f:73:8e:5f:d0:0b:dd:cf:5f:00:06:df:c6:
31:1a:6f:bd:e6:d5:11:05:d3:3c:51:a7:27:65:fb:
84:dd:08:98:f3:a8:4b:09:e5:2c:73:f0:58:09:b9:
27:20:2e:14:5c:b0:2e:e7:28:8f:62:0b:d9:7f:e4:
1e:ab:db:af:07:31:90:ed:b5:2d:48:c5:49:ba:a1:
cb:96:04:79:3b:dc:c0:35:c2:7f:75:77:27:a0:05:
d6:94:14:c8:e8:85:1d:d0:e2:56:4e:4c:64:7b:93:
5c:2a:db:21:5d:ed:dd:8e:5d:a0:c1:91:db:2a:0f:
36:6a:41:6a:4e:c7:e1:a1:67:33:d4:a9:a7:c6:ee:
55:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:31:A1:3B:4F:2F:B0:9C:67:18:19:87:D6:51:F0:67:D2:29:E5:63
X509v3 Authority Key Identifier:
keyid:67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/7jGhO08vsJxnGBmH1lHwZ9Ip5WM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/Z0mVlaZaqwtTdo3vCAkeMQYenmU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.20.106.0/24
46.20.108.0/24
46.20.110.0/24
185.100.168.0/24
185.160.194.0/23
185.169.221.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:08:36:48:39:a3:1f:fb:90:fd:7a:23:33:aa:77:c5:cf:84:
4f:ca:9e:10:52:12:68:44:a2:1d:f2:ee:39:94:90:85:ff:dd:
8f:54:51:b3:e1:1a:fd:ad:2c:76:23:89:42:0d:75:c5:ab:29:
90:6d:97:06:e2:a5:5f:92:49:2f:f2:3a:6f:10:4d:ca:2b:b7:
1f:61:34:4b:b7:2f:04:c5:be:82:79:e3:52:e1:32:56:05:d9:
b0:ff:04:a0:41:3e:5d:df:8b:df:74:6a:25:07:f0:e6:9f:fd:
65:56:a4:58:ad:6d:3e:44:91:eb:d8:f6:53:05:b8:ba:47:e2:
d0:17:ff:67:e8:5f:02:84:b4:9d:b3:55:db:b7:3a:af:9d:f3:
ba:26:5d:19:4b:f2:94:8b:7c:eb:54:a8:78:b2:d2:ac:37:e5:
23:f6:32:42:3c:cd:ba:d4:12:a2:d4:c9:c8:74:c0:f4:93:59:
24:ae:40:3a:3a:96:17:f6:28:ff:f3:05:df:94:24:29:87:62:
31:a7:61:45:29:97:a1:28:f8:e8:4b:af:18:53:12:43:fb:a2:
6d:0a:51:a4:c8:4a:93:46:a3:5e:0a:4f:b9:9a:94:3b:fd:b0:
ea:cc:5d:0b:a0:06:80:50:7a:1d:50:4d:95:4c:cf:32:ad:54:
8d:ac:7b:77
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYxtBLOCGGHRDApq+JdsT3MMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3NDk5NTk1YTY1YWFiMGI1Mzc2OGRlZjA4MDkxZTMxMDYx
ZTllNjUwHhcNMjMxMjE1MTAyNzUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTMxYTEzYjRmMmZiMDljNjcxODE5ODdkNjUxZjA2N2QyMjllNTYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnlYYL+a/H+1zMOGLP5g6lQ3TPd0+
5vMMSHxFeFpWmV73MaDJzrEMlMiQiMOBKEr0hXbjKvf9rUY1WfJt1KFkwfNJcq/w
jtsD5F0ibAe4EezJvPaMRzZ40DPk+SIxmRqorD/Bekf9lVSadMfKkS+0b4OVWVe3
bz0wUn9zjl/QC93PXwAG38YxGm+95tURBdM8UacnZfuE3QiY86hLCeUsc/BYCbkn
IC4UXLAu5yiPYgvZf+Qeq9uvBzGQ7bUtSMVJuqHLlgR5O9zANcJ/dXcnoAXWlBTI
6IUd0OJWTkxke5NcKtshXe3djl2gwZHbKg82akFqTsfhoWcz1Kmnxu5VOQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFO4xoTtPL7CcZxgZh9ZR8GfSKeVjMB8GA1UdIwQY
MBaAFGdJlZWmWqsLU3aN7wgJHjEGHp5lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTct
MzU1MDgwNDE2NTJkLzEvN2pHaE8wOHZzSnhuR0JtSDFsSHdaOUlwNVdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTctMzU1MDgwNDE2NTJk
LzEvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALhRqAwQA
LhRsAwQALhRuAwQAuWSoAwQBuaDCAwQAuandMA0GCSqGSIb3DQEBCwUAA4IBAQBu
CDZIOaMf+5D9eiMzqnfFz4RPyp4QUhJoRKId8u45lJCF/92PVFGz4Rr9rSx2I4lC
DXXFqymQbZcG4qVfkkkv8jpvEE3KK7cfYTRLty8Exb6CeeNS4TJWBdmw/wSgQT5d
34vfdGolB/Dmn/1lVqRYrW0+RJHr2PZTBbi6R+LQF/9n6F8ChLSds1XbtzqvnfO6
Jl0ZS/KUi3zrVKh4stKsN+Uj9jJCPM261BKi1MnIdMD0k1kkrkA6OpYX9ij/8wXf
lCQph2Ixp2FFKZehKPjoS68YUxJD+6JtClGkyEqTRqNeCk+5mpQ7/bDqzF0LoAaA
UHodUE2VTM8yrVSNrHt3
-----END CERTIFICATE-----
Generated at Tue Apr 22 05:08:40 2025 by rpki-client