Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/I4Hfge-cNzRq_ROqcJ1oNL7zi-I.roa
File: I4Hfge-cNzRq_ROqcJ1oNL7zi-I.roa (raw, json)
Hash identifier: v6i0KSuKt/sn7QljUNNJ/xJgeTZDBDzaM/KcVKBU0xQ=
Subject key identifier: 23:81:DF:81:EF:9C:37:34:6A:FD:13:AA:70:9D:68:34:BE:F3:8B:E2
Certificate issuer: /CN=67499595a65aab0b53768def08091e31061e9e65
Certificate serial: 018C4BCA558A6509E94914BB1F50AE03C492
Authority key identifier: 67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/I4Hfge-cNzRq_ROqcJ1oNL7zi-I.roa
Signing time: Fri 08 Dec 2023 23:36:40 +0000
ROA not before: Fri 08 Dec 2023 23:36:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34458
IP address blocks: 46.20.106.0/24 maxlen: 24
185.100.170.0/24 maxlen: 24
185.100.171.0/24 maxlen: 24
185.100.168.0/24 maxlen: 24
46.20.104.0/24 maxlen: 24
185.169.222.0/24 maxlen: 24
185.169.223.0/24 maxlen: 24
46.20.101.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:4b:ca:55:8a:65:09:e9:49:14:bb:1f:50:ae:03:c4:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67499595a65aab0b53768def08091e31061e9e65
Validity
Not Before: Dec 8 23:36:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2381df81ef9c37346afd13aa709d6834bef38be2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:dc:22:37:86:9d:0e:7e:ce:87:35:10:49:c6:
c4:81:bd:e3:63:49:86:ae:cf:ba:cf:ba:b0:fe:a0:
98:45:eb:11:b5:b1:f7:6e:49:8a:a0:52:ba:a5:45:
9a:76:5b:44:ba:fa:9b:96:85:2b:bb:28:4c:0c:7b:
2d:b6:e7:96:70:c8:a6:80:3a:d1:e3:41:90:26:6c:
e9:ad:ea:96:8c:ab:f8:b7:25:1f:5b:6e:39:81:bb:
3b:3f:8b:73:39:4e:34:81:b9:2c:c9:f4:4c:78:e2:
b2:00:c1:c2:7f:b5:74:25:24:63:b9:05:d2:10:42:
e8:78:93:f4:c4:7c:56:aa:27:4d:c5:3f:b5:3f:8a:
7e:92:2c:fd:5f:0e:47:7b:85:a7:9a:e9:b3:7a:39:
e4:f3:39:29:4a:f2:1e:19:d3:9f:4a:f6:0c:13:8c:
58:5d:81:12:03:c2:58:89:29:de:79:bc:02:59:d1:
ed:bb:ad:39:d9:ef:af:cf:02:75:e8:a7:e5:18:b2:
cc:5e:47:dd:9f:aa:cd:85:42:f3:80:2b:2d:5b:ac:
e9:9d:ce:4a:98:ea:d6:2e:d1:22:d6:77:32:d6:a0:
5a:ec:6f:17:82:e3:00:cf:57:6a:a3:37:38:7d:dc:
a7:60:cf:f0:fd:0c:85:61:25:ce:d6:2b:64:a6:90:
4d:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:81:DF:81:EF:9C:37:34:6A:FD:13:AA:70:9D:68:34:BE:F3:8B:E2
X509v3 Authority Key Identifier:
keyid:67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/I4Hfge-cNzRq_ROqcJ1oNL7zi-I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/Z0mVlaZaqwtTdo3vCAkeMQYenmU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.20.101.0/24
46.20.104.0/24
46.20.106.0/24
185.100.168.0/24
185.100.170.0/23
185.169.222.0/23
Signature Algorithm: sha256WithRSAEncryption
53:c0:70:ad:bb:e5:ed:c5:e3:3b:5f:cf:51:60:28:c3:85:eb:
24:d7:1e:76:a6:eb:08:30:04:e6:e4:eb:fe:ee:8c:ce:a7:3e:
69:0f:62:77:10:70:35:36:aa:fd:b2:a7:01:e2:4e:7d:06:72:
f3:d0:78:bf:56:ea:8f:c4:45:4e:0d:c7:68:64:ed:a0:d5:5d:
d5:f0:a2:04:63:09:07:87:0a:ee:b4:89:09:ca:09:69:93:21:
e2:20:78:0a:32:b3:fd:d6:a3:c2:c0:af:db:81:74:69:ee:c2:
8b:ff:dd:7c:6d:dd:35:cf:bc:46:d7:b5:a1:85:20:44:c0:34:
a7:b3:0c:5a:99:af:b2:92:10:b3:69:18:fc:8e:a8:1c:8d:9e:
ec:7a:3b:ee:89:29:d0:a6:f8:52:64:55:8e:4c:23:30:51:ae:
b6:cb:0b:fe:82:fa:d5:3a:ce:80:83:d0:07:12:b6:b6:41:6a:
7e:60:8a:64:b2:32:55:47:da:e5:a2:f1:e7:98:45:64:75:ba:
14:1f:db:fd:1c:9e:68:4d:91:a1:d2:93:4c:d4:af:c1:1e:2a:
57:68:0b:49:a3:79:2c:3a:35:1c:7a:56:be:e4:46:cd:1a:d4:
a5:3d:a3:8b:bc:6c:1b:a0:4f:7c:eb:8e:62:7c:74:b2:6b:09:
20:c9:aa:f7
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYxLylWKZQnpSRS7H1CuA8SSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3NDk5NTk1YTY1YWFiMGI1Mzc2OGRlZjA4MDkxZTMxMDYx
ZTllNjUwHhcNMjMxMjA4MjMzNjQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzgxZGY4MWVmOWMzNzM0NmFmZDEzYWE3MDlkNjgzNGJlZjM4YmUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhNwiN4adDn7OhzUQScbEgb3jY0mG
rs+6z7qw/qCYResRtbH3bkmKoFK6pUWadltEuvqbloUruyhMDHsttueWcMimgDrR
40GQJmzpreqWjKv4tyUfW245gbs7P4tzOU40gbksyfRMeOKyAMHCf7V0JSRjuQXS
EELoeJP0xHxWqidNxT+1P4p+kiz9Xw5He4Wnmumzejnk8zkpSvIeGdOfSvYME4xY
XYESA8JYiSneebwCWdHtu6052e+vzwJ16KflGLLMXkfdn6rNhULzgCstW6zpnc5K
mOrWLtEi1ncy1qBa7G8XguMAz1dqozc4fdynYM/w/QyFYSXO1itkppBNBQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFCOB34HvnDc0av0TqnCdaDS+84viMB8GA1UdIwQY
MBaAFGdJlZWmWqsLU3aN7wgJHjEGHp5lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTct
MzU1MDgwNDE2NTJkLzEvSTRIZmdlLWNOelJxX1JPcWNKMW9OTDd6aS1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTctMzU1MDgwNDE2NTJk
LzEvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALhRlAwQA
LhRoAwQALhRqAwQAuWSoAwQBuWSqAwQBuaneMA0GCSqGSIb3DQEBCwUAA4IBAQBT
wHCtu+XtxeM7X89RYCjDhesk1x52pusIMATm5Ov+7ozOpz5pD2J3EHA1Nqr9sqcB
4k59BnLz0Hi/VuqPxEVODcdoZO2g1V3V8KIEYwkHhwrutIkJyglpkyHiIHgKMrP9
1qPCwK/bgXRp7sKL/918bd01z7xG17WhhSBEwDSnswxama+ykhCzaRj8jqgcjZ7s
ejvuiSnQpvhSZFWOTCMwUa62ywv+gvrVOs6Ag9AHEra2QWp+YIpksjJVR9rlovHn
mEVkdboUH9v9HJ5oTZGh0pNM1K/BHipXaAtJo3ksOjUcela+5EbNGtSlPaOLvGwb
oE98645ifHSyawkgyar3
-----END CERTIFICATE-----
Generated at Sat Apr 19 07:14:46 2025 by rpki-client