Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/Kdu5yirZ_b4MUgqzV4SuJC3cSMM.roa
File: Kdu5yirZ_b4MUgqzV4SuJC3cSMM.roa (raw, json)
Hash identifier: 17ofsHACYFFxEmvylb8QONrwL6+HXAdSjcy+7/FE3h4=
Subject key identifier: 29:DB:B9:CA:2A:D9:FD:BE:0C:52:0A:B3:57:84:AE:24:2D:DC:48:C3
Certificate issuer: /CN=67499595a65aab0b53768def08091e31061e9e65
Certificate serial: 018ABE4D15596077F1CDF62AB9D8014F6C7A
Authority key identifier: 67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/Kdu5yirZ_b4MUgqzV4SuJC3cSMM.roa
Signing time: Fri 22 Sep 2023 19:10:37 +0000
ROA not before: Fri 22 Sep 2023 19:10:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48449
IP address blocks: 46.20.110.0/24 maxlen: 24
46.20.108.0/24 maxlen: 24
185.160.194.0/24 maxlen: 24
185.169.221.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:be:4d:15:59:60:77:f1:cd:f6:2a:b9:d8:01:4f:6c:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67499595a65aab0b53768def08091e31061e9e65
Validity
Not Before: Sep 22 19:10:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=29dbb9ca2ad9fdbe0c520ab35784ae242ddc48c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:6f:8a:68:06:64:09:82:09:ea:7d:21:d9:8d:
04:24:5f:0f:3b:3d:f3:5b:78:99:c9:4e:3f:b6:62:
a9:0b:dc:03:cb:97:dc:25:37:f2:2f:c6:d4:ae:ac:
06:ad:a4:52:cc:94:e8:24:a2:a1:0c:7a:12:e0:61:
25:ab:fe:fb:a4:b7:9b:60:21:d6:93:3f:86:e5:78:
b1:43:b0:50:64:27:0f:0b:18:2c:00:0a:2e:45:43:
d0:fb:a2:ff:5c:33:8b:2a:0f:b2:2e:94:92:9a:6d:
cc:0f:40:93:6e:8f:a5:3b:87:4f:a3:53:08:cc:79:
50:26:20:01:4b:58:84:b4:99:8e:91:21:5a:5f:7e:
d9:d7:4f:aa:5d:2d:20:4f:48:f2:2e:e1:da:28:43:
21:be:77:a3:74:08:08:6c:0a:7d:23:53:2c:b9:7e:
bb:93:4d:a3:bf:e4:51:ee:5c:01:20:e9:c1:85:1c:
60:74:64:ce:e7:e7:95:b1:04:83:57:19:32:6f:22:
7a:d5:00:9a:3f:2c:c0:54:5a:9c:74:80:4b:2f:4b:
ef:2c:93:36:11:27:b8:89:d3:eb:3e:f2:a1:f9:2d:
e6:2f:71:64:b8:44:ff:b2:5d:21:a9:8f:c3:41:dc:
67:04:21:0e:1c:05:2d:c1:70:75:b8:f1:77:fb:b5:
18:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:DB:B9:CA:2A:D9:FD:BE:0C:52:0A:B3:57:84:AE:24:2D:DC:48:C3
X509v3 Authority Key Identifier:
keyid:67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/Kdu5yirZ_b4MUgqzV4SuJC3cSMM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/Z0mVlaZaqwtTdo3vCAkeMQYenmU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.20.108.0/24
46.20.110.0/24
185.160.194.0/24
185.169.221.0/24
Signature Algorithm: sha256WithRSAEncryption
92:82:2a:4f:45:5a:de:47:f9:9a:75:42:db:73:37:79:99:59:
93:6d:63:82:83:6d:c3:91:af:f4:1a:c8:c5:f5:62:29:db:9f:
97:66:88:f6:6f:6a:be:83:38:c2:55:26:b5:73:25:54:d6:04:
70:93:b4:62:f1:53:58:cf:7b:28:f4:79:de:29:96:67:f6:71:
d1:aa:a7:7b:fd:09:28:56:6a:2c:ed:ad:f2:ff:76:65:ba:5f:
01:60:ae:c7:a7:0b:10:f2:56:c1:ff:53:44:a7:14:85:0a:2a:
56:0a:d2:05:04:a0:fb:7a:45:37:80:ff:3f:4e:84:eb:78:a1:
a8:07:f6:fa:11:74:90:0e:25:14:ad:2f:6b:f7:ea:44:4e:ee:
d4:b8:7f:cc:c4:7b:99:eb:74:f9:aa:48:02:9a:52:32:76:86:
27:9e:f6:73:af:f8:cf:d8:b3:77:85:a4:20:4c:fc:69:d9:fb:
47:06:40:93:dc:89:57:39:63:84:a7:d6:bc:77:54:f7:de:1c:
92:43:e3:7a:89:0a:a9:62:27:d3:d9:bc:00:40:c8:79:1d:de:
09:a9:c2:dd:3e:a8:56:29:8e:fb:07:9f:07:1b:62:af:13:76:
47:29:7d:6f:a6:0e:8b:22:fe:a6:e2:bc:93:95:74:b8:64:bd:
ce:58:b7:20
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYq+TRVZYHfxzfYqudgBT2x6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3NDk5NTk1YTY1YWFiMGI1Mzc2OGRlZjA4MDkxZTMxMDYx
ZTllNjUwHhcNMjMwOTIyMTkxMDM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWRiYjljYTJhZDlmZGJlMGM1MjBhYjM1Nzg0YWUyNDJkZGM0OGMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnG+KaAZkCYIJ6n0h2Y0EJF8POz3z
W3iZyU4/tmKpC9wDy5fcJTfyL8bUrqwGraRSzJToJKKhDHoS4GElq/77pLebYCHW
kz+G5XixQ7BQZCcPCxgsAAouRUPQ+6L/XDOLKg+yLpSSmm3MD0CTbo+lO4dPo1MI
zHlQJiABS1iEtJmOkSFaX37Z10+qXS0gT0jyLuHaKEMhvnejdAgIbAp9I1MsuX67
k02jv+RR7lwBIOnBhRxgdGTO5+eVsQSDVxkybyJ61QCaPyzAVFqcdIBLL0vvLJM2
ESe4idPrPvKh+S3mL3FkuET/sl0hqY/DQdxnBCEOHAUtwXB1uPF3+7UY6wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFCnbucoq2f2+DFIKs1eEriQt3EjDMB8GA1UdIwQY
MBaAFGdJlZWmWqsLU3aN7wgJHjEGHp5lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTct
MzU1MDgwNDE2NTJkLzEvS2R1NXlpclpfYjRNVWdxelY0U3VKQzNjU01NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTctMzU1MDgwNDE2NTJk
LzEvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALhRsAwQA
LhRuAwQAuaDCAwQAuandMA0GCSqGSIb3DQEBCwUAA4IBAQCSgipPRVreR/madULb
czd5mVmTbWOCg23Dka/0GsjF9WIp25+XZoj2b2q+gzjCVSa1cyVU1gRwk7Ri8VNY
z3so9HneKZZn9nHRqqd7/QkoVmos7a3y/3Zlul8BYK7HpwsQ8lbB/1NEpxSFCipW
CtIFBKD7ekU3gP8/ToTreKGoB/b6EXSQDiUUrS9r9+pETu7UuH/MxHuZ63T5qkgC
mlIydoYnnvZzr/jP2LN3haQgTPxp2ftHBkCT3IlXOWOEp9a8d1T33hySQ+N6iQqp
YifT2bwAQMh5Hd4JqcLdPqhWKY77B58HG2KvE3ZHKX1vpg6LIv6m4ryTlXS4ZL3O
WLcg
-----END CERTIFICATE-----
Generated at Sun Apr 20 14:31:46 2025 by rpki-client