Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/A8y69rYFMQdCvdt0owMbU_4HQO0.roa
File: A8y69rYFMQdCvdt0owMbU_4HQO0.roa (raw, json)
Hash identifier: YR8ChUtpqx5vmVyg77JBKqQFdC+sEpouy29pXfC2+sA=
Subject key identifier: 03:CC:BA:F6:B6:05:31:07:42:BD:DB:74:A3:03:1B:53:FE:07:40:ED
Certificate issuer: /CN=67499595a65aab0b53768def08091e31061e9e65
Certificate serial: 018C83060A1E88F3AEB2207B1F3C8001FB42
Authority key identifier: 67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/A8y69rYFMQdCvdt0owMbU_4HQO0.roa
Signing time: Tue 19 Dec 2023 17:01:00 +0000
ROA not before: Tue 19 Dec 2023 17:01:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48449
IP address blocks: 46.20.110.0/24 maxlen: 24
46.20.106.0/24 maxlen: 24
46.20.108.0/24 maxlen: 24
185.160.195.0/24 maxlen: 24
185.160.194.0/24 maxlen: 24
185.169.221.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:83:06:0a:1e:88:f3:ae:b2:20:7b:1f:3c:80:01:fb:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67499595a65aab0b53768def08091e31061e9e65
Validity
Not Before: Dec 19 17:01:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=03ccbaf6b605310742bddb74a3031b53fe0740ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:b8:e0:bd:3f:43:ce:01:3d:86:9f:15:2b:96:
b6:c2:fe:04:aa:1f:4f:e8:13:60:71:44:2e:02:81:
ec:b5:70:73:5a:ab:a8:ff:1d:0f:26:63:12:f9:86:
5b:d7:8f:a8:c6:63:90:fc:24:43:eb:7a:ef:aa:cb:
15:5e:f8:91:f9:ed:e6:57:4d:c9:bd:13:1a:59:7c:
dc:ab:89:27:c7:a2:ad:b0:c6:a8:96:db:ea:d2:5c:
c3:cc:b1:95:5c:9d:a4:70:23:f6:fd:2e:a5:8e:9d:
71:be:85:72:5f:5b:6f:8d:b2:01:7c:b5:8d:7d:f6:
bc:3f:41:7a:07:2b:a7:04:66:23:38:cc:2b:78:92:
41:5d:7b:fd:05:89:6c:bb:ae:d8:b3:fc:42:46:91:
a9:af:89:10:ff:80:cf:fb:5e:7f:96:5a:ac:83:50:
04:3f:05:bb:66:6e:04:10:9e:d8:48:77:78:84:bc:
fe:d4:be:5b:72:1b:1c:c5:ba:43:dc:34:63:32:b4:
37:41:91:c2:39:a0:64:aa:24:55:2f:db:20:6b:bc:
47:cb:74:8e:6c:fa:25:89:23:57:01:b7:fd:18:8a:
5d:9f:63:63:ed:60:ec:c7:ab:4c:0e:5c:3e:1a:07:
db:fc:92:4b:d6:38:4f:fd:29:22:5e:b7:b3:08:f1:
f6:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:CC:BA:F6:B6:05:31:07:42:BD:DB:74:A3:03:1B:53:FE:07:40:ED
X509v3 Authority Key Identifier:
keyid:67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/A8y69rYFMQdCvdt0owMbU_4HQO0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/Z0mVlaZaqwtTdo3vCAkeMQYenmU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.20.106.0/24
46.20.108.0/24
46.20.110.0/24
185.160.194.0/23
185.169.221.0/24
Signature Algorithm: sha256WithRSAEncryption
82:d5:c3:f2:c7:a9:14:ac:97:23:b1:dd:d1:45:8b:ac:e6:f0:
ce:f7:91:8c:f5:9d:c0:81:85:ee:7a:22:bc:64:ab:10:fb:99:
46:fb:73:f8:4e:35:c3:8b:8c:57:5f:f8:ca:69:d2:9b:cc:de:
d7:7a:45:e5:9e:c7:ba:c0:4d:cc:9e:30:d7:f2:91:6c:f9:3b:
52:3d:8e:de:de:a5:2e:6b:2a:17:d9:fa:fa:f5:fc:bb:e4:a0:
09:35:91:7c:6d:7b:7a:2b:d4:10:43:4e:80:d8:ef:d3:e3:25:
53:39:2f:a1:81:65:fa:2b:df:88:7f:00:c8:98:5f:3a:45:bd:
13:90:fd:6f:bb:11:03:c7:c3:59:9e:02:3d:a6:50:0f:55:b0:
00:ee:6e:dc:bd:ad:ad:c9:39:0b:b3:61:79:e6:c7:10:6b:3e:
b5:40:bb:6e:b6:35:64:d6:7b:de:a7:8a:c5:b4:13:b1:23:f7:
35:2a:e6:38:0e:8c:99:26:81:b8:6f:78:68:3a:2a:aa:be:39:
a6:fa:74:d4:31:86:1a:4e:f9:98:26:af:51:5d:15:40:5f:b3:
81:b9:f6:62:1e:be:27:a8:8c:83:a6:25:34:c3:4e:d6:6e:77:
5e:15:68:8d:82:b8:02:ba:b6:b9:d7:26:b7:f7:8e:23:3c:23:
e0:21:f5:ce
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYyDBgoeiPOusiB7HzyAAftCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3NDk5NTk1YTY1YWFiMGI1Mzc2OGRlZjA4MDkxZTMxMDYx
ZTllNjUwHhcNMjMxMjE5MTcwMTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2NjYmFmNmI2MDUzMTA3NDJiZGRiNzRhMzAzMWI1M2ZlMDc0MGVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmbjgvT9DzgE9hp8VK5a2wv4Eqh9P
6BNgcUQuAoHstXBzWquo/x0PJmMS+YZb14+oxmOQ/CRD63rvqssVXviR+e3mV03J
vRMaWXzcq4knx6KtsMaoltvq0lzDzLGVXJ2kcCP2/S6ljp1xvoVyX1tvjbIBfLWN
ffa8P0F6ByunBGYjOMwreJJBXXv9BYlsu67Ys/xCRpGpr4kQ/4DP+15/llqsg1AE
PwW7Zm4EEJ7YSHd4hLz+1L5bchscxbpD3DRjMrQ3QZHCOaBkqiRVL9sga7xHy3SO
bPoliSNXAbf9GIpdn2Nj7WDsx6tMDlw+Ggfb/JJL1jhP/SkiXrezCPH2hwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFAPMuva2BTEHQr3bdKMDG1P+B0DtMB8GA1UdIwQY
MBaAFGdJlZWmWqsLU3aN7wgJHjEGHp5lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTct
MzU1MDgwNDE2NTJkLzEvQTh5NjlyWUZNUWRDdmR0MG93TWJVXzRIUU8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTctMzU1MDgwNDE2NTJk
LzEvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALhRqAwQA
LhRsAwQALhRuAwQBuaDCAwQAuandMA0GCSqGSIb3DQEBCwUAA4IBAQCC1cPyx6kU
rJcjsd3RRYus5vDO95GM9Z3AgYXueiK8ZKsQ+5lG+3P4TjXDi4xXX/jKadKbzN7X
ekXlnse6wE3MnjDX8pFs+TtSPY7e3qUuayoX2fr69fy75KAJNZF8bXt6K9QQQ06A
2O/T4yVTOS+hgWX6K9+IfwDImF86Rb0TkP1vuxEDx8NZngI9plAPVbAA7m7cva2t
yTkLs2F55scQaz61QLtutjVk1nvep4rFtBOxI/c1KuY4DoyZJoG4b3hoOiqqvjmm
+nTUMYYaTvmYJq9RXRVAX7OBufZiHr4nqIyDpiU0w07WbndeFWiNgrgCura51ya3
944jPCPgIfXO
-----END CERTIFICATE-----
Generated at Sat Apr 19 07:13:55 2025 by rpki-client