Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/Jy8HdvP48_yHYq5jxNmKIWQN5IM.roa
File: Jy8HdvP48_yHYq5jxNmKIWQN5IM.roa (raw, json)
Hash identifier: u2Wx7WWQGoCym1sq0GZD6CGk31EdGOXkG89Lkj/QxiA=
Subject key identifier: 27:2F:07:76:F3:F8:F3:FC:87:62:AE:63:C4:D9:8A:21:64:0D:E4:83
Certificate issuer: /CN=67499595a65aab0b53768def08091e31061e9e65
Certificate serial: 018CB4DAF881446966870734ABFD6A2DE0AC
Authority key identifier: 67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/Jy8HdvP48_yHYq5jxNmKIWQN5IM.roa
Signing time: Fri 29 Dec 2023 09:14:58 +0000
ROA not before: Fri 29 Dec 2023 09:14:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48449
IP address blocks: 46.20.110.0/24 maxlen: 24
46.20.108.0/24 maxlen: 24
185.160.195.0/24 maxlen: 24
185.160.194.0/24 maxlen: 24
185.100.171.0/24 maxlen: 24
185.169.221.0/24 maxlen: 24
46.20.104.0/24 maxlen: 24
185.169.222.0/24 maxlen: 24
185.169.223.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:b4:da:f8:81:44:69:66:87:07:34:ab:fd:6a:2d:e0:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67499595a65aab0b53768def08091e31061e9e65
Validity
Not Before: Dec 29 09:14:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=272f0776f3f8f3fc8762ae63c4d98a21640de483
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:63:62:2f:48:d7:8a:37:30:65:0a:12:a6:d2:
ae:ff:a6:bd:3c:4f:8c:04:7d:c2:0c:32:c0:81:ca:
87:d3:b9:9e:f4:6d:73:35:b3:f7:ec:35:42:c7:d4:
d7:9a:27:3e:fc:af:1a:8b:be:f6:7d:ff:b6:6b:ad:
6d:a6:b6:45:f2:dc:06:9f:4e:59:55:12:75:f9:66:
4b:a2:a7:00:6f:c5:69:3f:51:c5:1a:8d:26:7f:f8:
71:b6:dc:4e:53:bc:b3:0e:b8:a5:94:72:07:80:10:
db:70:86:36:e1:62:7a:06:5d:81:14:b1:e6:2f:69:
12:fb:36:3e:7d:dc:97:08:22:44:94:e9:e2:92:33:
45:21:11:dc:bb:95:b4:47:f4:7a:8d:b2:de:6c:1f:
55:f2:0c:21:79:03:7d:50:65:97:dd:fd:04:02:22:
98:cb:c7:ec:7c:4c:34:7d:e0:08:35:72:13:9b:be:
30:28:62:74:e4:c0:5f:f1:0a:06:c5:ea:f1:be:28:
ee:f2:32:a6:14:da:b7:cc:5d:1a:56:7e:b0:6b:a2:
55:ae:f4:84:36:d1:48:19:fd:d0:0e:0d:2b:7e:fb:
70:96:6e:eb:7a:af:a3:17:57:32:ec:a4:70:31:82:
d1:e9:b1:37:f9:6e:60:6c:49:a4:10:85:f4:df:36:
b6:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:2F:07:76:F3:F8:F3:FC:87:62:AE:63:C4:D9:8A:21:64:0D:E4:83
X509v3 Authority Key Identifier:
keyid:67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/Jy8HdvP48_yHYq5jxNmKIWQN5IM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/Z0mVlaZaqwtTdo3vCAkeMQYenmU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.20.104.0/24
46.20.108.0/24
46.20.110.0/24
185.100.171.0/24
185.160.194.0/23
185.169.221.0-185.169.223.255
Signature Algorithm: sha256WithRSAEncryption
74:88:1e:14:54:15:52:81:18:c5:79:10:0d:de:10:1b:61:c7:
34:df:ec:fc:a8:04:26:15:45:14:3b:b0:8a:8c:96:d1:f1:b7:
43:bd:49:a6:e0:2c:3e:2c:e7:5e:3c:80:83:54:ff:85:d1:42:
2d:1c:5e:b9:b2:cb:55:b7:f4:39:ff:f5:f2:dc:a3:e5:63:99:
a9:05:21:14:e6:40:c7:b7:fd:34:7a:81:ca:6c:2c:96:ed:b0:
dc:43:3a:db:f8:5d:18:63:10:80:99:95:f9:b9:a7:28:58:61:
85:b4:49:62:67:1d:07:a9:35:07:b6:da:ba:c1:45:ee:a4:46:
ac:40:a0:fc:b0:89:67:8d:e8:4a:b9:a5:2b:4d:bf:38:55:f1:
dd:52:44:78:a0:57:fe:11:c5:28:f9:40:89:4d:a1:f3:8e:4a:
48:2c:a2:6b:1e:de:20:88:9f:d7:0c:4c:b5:ab:cb:5c:eb:55:
26:fa:3e:7e:59:7a:f8:b7:17:9b:98:1f:68:19:5d:22:bc:be:
94:40:68:27:2e:09:1a:ad:8a:24:22:6d:0d:9d:02:aa:37:bf:
63:01:1c:40:a7:73:f5:47:e0:01:69:35:65:3a:24:42:12:f2:
c4:19:1b:7c:d2:0d:6e:c8:6c:7b:3a:66:2b:78:0e:74:b4:f0:
de:1d:b2:de
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYy02viBRGlmhwc0q/1qLeCsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3NDk5NTk1YTY1YWFiMGI1Mzc2OGRlZjA4MDkxZTMxMDYx
ZTllNjUwHhcNMjMxMjI5MDkxNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzJmMDc3NmYzZjhmM2ZjODc2MmFlNjNjNGQ5OGEyMTY0MGRlNDgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi2NiL0jXijcwZQoSptKu/6a9PE+M
BH3CDDLAgcqH07me9G1zNbP37DVCx9TXmic+/K8ai772ff+2a61tprZF8twGn05Z
VRJ1+WZLoqcAb8VpP1HFGo0mf/hxttxOU7yzDrillHIHgBDbcIY24WJ6Bl2BFLHm
L2kS+zY+fdyXCCJElOnikjNFIRHcu5W0R/R6jbLebB9V8gwheQN9UGWX3f0EAiKY
y8fsfEw0feAINXITm74wKGJ05MBf8QoGxerxviju8jKmFNq3zF0aVn6wa6JVrvSE
NtFIGf3QDg0rfvtwlm7req+jF1cy7KRwMYLR6bE3+W5gbEmkEIX03za2IwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFCcvB3bz+PP8h2KuY8TZiiFkDeSDMB8GA1UdIwQY
MBaAFGdJlZWmWqsLU3aN7wgJHjEGHp5lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTct
MzU1MDgwNDE2NTJkLzEvSnk4SGR2UDQ4X3lIWXE1anhObUtJV1FONUlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTctMzU1MDgwNDE2NTJk
LzEvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQALhRoAwQA
LhRsAwQALhRuAwQAuWSrAwQBuaDCMAwDBAC5qd0DBAW5qcAwDQYJKoZIhvcNAQEL
BQADggEBAHSIHhRUFVKBGMV5EA3eEBthxzTf7PyoBCYVRRQ7sIqMltHxt0O9Sabg
LD4s5148gINU/4XRQi0cXrmyy1W39Dn/9fLco+VjmakFIRTmQMe3/TR6gcpsLJbt
sNxDOtv4XRhjEICZlfm5pyhYYYW0SWJnHQepNQe22rrBRe6kRqxAoPywiWeN6Eq5
pStNvzhV8d1SRHigV/4RxSj5QIlNofOOSkgsomse3iCIn9cMTLWry1zrVSb6Pn5Z
evi3F5uYH2gZXSK8vpRAaCcuCRqtiiQibQ2dAqo3v2MBHECnc/VH4AFpNWU6JEIS
8sQZG3zSDW7IbHs6Zit4DnS08N4dst4=
-----END CERTIFICATE-----
Generated at Tue Apr 22 13:45:52 2025 by rpki-client