Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/9Chj7VJbNRfJ5cOwgiNE2wLHZWY.roa
File: 9Chj7VJbNRfJ5cOwgiNE2wLHZWY.roa (raw, json)
Hash identifier: xf5/ROOkC/sz6StlUA4lp2vNT4UCig9PDGgP/JUt6qQ=
Subject key identifier: F4:28:63:ED:52:5B:35:17:C9:E5:C3:B0:82:23:44:DB:02:C7:65:66
Certificate issuer: /CN=67499595a65aab0b53768def08091e31061e9e65
Certificate serial: 018A9E0FCDA91A07FFB54977C5A2F2AFD154
Authority key identifier: 67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/9Chj7VJbNRfJ5cOwgiNE2wLHZWY.roa
Signing time: Sat 16 Sep 2023 12:55:50 +0000
ROA not before: Sat 16 Sep 2023 12:55:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48449
IP address blocks: 46.20.110.0/24 maxlen: 24
185.160.194.0/24 maxlen: 24
185.169.221.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:9e:0f:cd:a9:1a:07:ff:b5:49:77:c5:a2:f2:af:d1:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67499595a65aab0b53768def08091e31061e9e65
Validity
Not Before: Sep 16 12:55:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f42863ed525b3517c9e5c3b0822344db02c76566
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:08:9c:0a:21:3f:c7:07:d6:8c:59:cf:8b:46:
3d:21:9a:d9:8a:29:a4:05:04:a4:e6:a6:85:c1:b3:
ca:3d:e2:da:f7:9f:66:9b:94:05:a9:ed:43:86:8b:
b7:1a:f6:e2:b3:bb:95:16:13:61:6c:28:4b:f6:96:
04:da:63:1d:41:3c:7a:36:f2:65:c6:e8:6c:8c:46:
60:d5:ec:5d:b3:df:c8:83:6f:3f:f1:60:8c:f1:1b:
ae:10:1d:96:ce:27:6d:35:6a:3a:cf:d8:97:b9:39:
28:b0:b9:ca:bc:41:d2:cb:6a:69:8e:cb:28:38:bb:
df:23:fd:9b:4a:b1:ca:f5:12:fb:02:61:50:63:55:
1c:9e:ad:33:3f:7b:77:1e:97:40:33:c5:c1:f6:a8:
28:7b:92:b7:c4:08:22:58:c5:f6:ee:29:f6:5c:58:
62:2d:75:ff:ab:71:f9:41:a0:a5:56:17:33:20:18:
b0:bb:d1:f6:c9:a8:1a:d7:cf:e9:0d:0b:bd:a6:16:
f3:89:d9:0f:41:ff:f1:5d:f2:ae:e4:fa:d1:0a:72:
ec:f4:e2:3e:3b:f3:73:21:3e:2d:82:3c:3a:a7:90:
54:ed:1b:30:6b:de:9a:fa:d9:95:6c:37:a1:b0:dd:
cf:65:4d:3b:82:1b:bf:5c:8a:92:0e:4c:3c:96:8f:
c4:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:28:63:ED:52:5B:35:17:C9:E5:C3:B0:82:23:44:DB:02:C7:65:66
X509v3 Authority Key Identifier:
keyid:67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/9Chj7VJbNRfJ5cOwgiNE2wLHZWY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/Z0mVlaZaqwtTdo3vCAkeMQYenmU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.20.110.0/24
185.160.194.0/24
185.169.221.0/24
Signature Algorithm: sha256WithRSAEncryption
00:ac:8f:ea:ac:9b:89:7c:5b:97:e4:d2:64:5f:ca:66:9b:99:
26:4a:6d:93:8c:99:ef:44:f6:07:18:29:48:b5:e1:38:d1:ec:
2f:19:50:fc:da:eb:a5:60:f4:d1:dd:2b:6b:63:21:e7:cd:ba:
08:1e:3b:30:63:68:4b:fa:19:68:5f:68:7e:95:4d:41:8c:96:
db:b0:28:ed:77:c6:2c:ba:d2:0e:ff:db:6e:21:49:3e:d9:04:
c9:b7:ef:b7:20:be:ed:c8:18:db:79:d3:ab:d0:7f:04:2c:57:
a0:81:0b:34:2e:b2:78:29:18:f3:81:b3:c9:af:1c:57:a9:c0:
f1:30:a0:f6:93:f9:38:7d:5d:50:dd:aa:04:5a:81:17:5b:03:
b5:15:36:eb:1a:2b:1f:c6:f5:19:6b:27:62:1b:97:4d:a4:0c:
8f:2d:29:3c:82:60:70:a2:2e:5d:fe:df:82:79:27:4b:45:b1:
5e:77:f2:a6:3c:2e:d0:ea:53:a5:2d:28:72:01:17:b4:a8:54:
b3:62:57:ff:b0:d8:4d:ec:c8:42:84:dd:62:25:51:f4:53:16:
4e:be:34:ce:93:ea:c8:7a:54:a1:bd:91:01:56:a5:27:96:1f:
cd:5d:18:28:57:0d:66:f3:10:ea:ef:0f:79:6b:ba:df:32:94:
fe:4a:fc:62
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYqeD82pGgf/tUl3xaLyr9FUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3NDk5NTk1YTY1YWFiMGI1Mzc2OGRlZjA4MDkxZTMxMDYx
ZTllNjUwHhcNMjMwOTE2MTI1NTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDI4NjNlZDUyNWIzNTE3YzllNWMzYjA4MjIzNDRkYjAyYzc2NTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgQicCiE/xwfWjFnPi0Y9IZrZiimk
BQSk5qaFwbPKPeLa959mm5QFqe1Dhou3Gvbis7uVFhNhbChL9pYE2mMdQTx6NvJl
xuhsjEZg1exds9/Ig28/8WCM8RuuEB2WzidtNWo6z9iXuTkosLnKvEHSy2ppjsso
OLvfI/2bSrHK9RL7AmFQY1Ucnq0zP3t3HpdAM8XB9qgoe5K3xAgiWMX27in2XFhi
LXX/q3H5QaClVhczIBiwu9H2yaga18/pDQu9phbzidkPQf/xXfKu5PrRCnLs9OI+
O/NzIT4tgjw6p5BU7Rswa96a+tmVbDehsN3PZU07ghu/XIqSDkw8lo/EcwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPQoY+1SWzUXyeXDsIIjRNsCx2VmMB8GA1UdIwQY
MBaAFGdJlZWmWqsLU3aN7wgJHjEGHp5lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTct
MzU1MDgwNDE2NTJkLzEvOUNoajdWSmJOUmZKNWNPd2dpTkUyd0xIWldZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTctMzU1MDgwNDE2NTJk
LzEvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALhRuAwQA
uaDCAwQAuandMA0GCSqGSIb3DQEBCwUAA4IBAQAArI/qrJuJfFuX5NJkX8pmm5km
Sm2TjJnvRPYHGClIteE40ewvGVD82uulYPTR3StrYyHnzboIHjswY2hL+hloX2h+
lU1BjJbbsCjtd8YsutIO/9tuIUk+2QTJt++3IL7tyBjbedOr0H8ELFeggQs0LrJ4
KRjzgbPJrxxXqcDxMKD2k/k4fV1Q3aoEWoEXWwO1FTbrGisfxvUZaydiG5dNpAyP
LSk8gmBwoi5d/t+CeSdLRbFed/KmPC7Q6lOlLShyARe0qFSzYlf/sNhN7MhChN1i
JVH0UxZOvjTOk+rIelShvZEBVqUnlh/NXRgoVw1m8xDq7w95a7rfMpT+Svxi
-----END CERTIFICATE-----
Generated at Sat Apr 19 07:23:34 2025 by rpki-client