Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/Pc94rzKQBa2kBDObX5RqflsSS1k.roa
File: Pc94rzKQBa2kBDObX5RqflsSS1k.roa (raw, json)
Hash identifier: wXfqiiIdIbwZsrtRNnu2H7mhBNEoFUwRlf/KjZyYqMo=
Subject key identifier: 3D:CF:78:AF:32:90:05:AD:A4:04:33:9B:5F:94:6A:7E:5B:12:4B:59
Certificate issuer: /CN=67499595a65aab0b53768def08091e31061e9e65
Certificate serial: 018C815D5370C5C2DAD5B42CB6844D6B6C83
Authority key identifier: 67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/Pc94rzKQBa2kBDObX5RqflsSS1k.roa
Signing time: Tue 19 Dec 2023 09:17:06 +0000
ROA not before: Tue 19 Dec 2023 09:17:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5650
IP address blocks: 46.20.96.0/24 maxlen: 24
46.20.98.0/24 maxlen: 24
46.20.102.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:81:5d:53:70:c5:c2:da:d5:b4:2c:b6:84:4d:6b:6c:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67499595a65aab0b53768def08091e31061e9e65
Validity
Not Before: Dec 19 09:17:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3dcf78af329005ada404339b5f946a7e5b124b59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:94:49:ba:97:ce:ac:03:c3:60:fe:eb:ee:7b:
2f:34:18:70:8b:7c:e9:20:00:4d:c3:eb:03:48:1d:
9f:b7:a5:5a:4c:37:41:60:34:59:25:94:2c:de:67:
d1:88:7e:08:94:06:a3:45:ba:39:e3:c7:1a:88:08:
bc:a8:5e:76:dd:e4:6e:c7:e2:bb:57:1d:2d:5d:ec:
73:fd:e8:eb:21:de:10:f0:9b:50:ef:ea:01:72:89:
3c:b5:6d:db:57:fe:cb:b6:c0:6f:fb:0e:2a:1c:39:
d1:7c:c0:0a:3f:4f:b0:fd:a2:15:63:14:92:e7:58:
a6:a5:98:be:31:60:0d:05:9b:bb:36:ac:9a:fc:cf:
eb:d9:90:9f:ab:5d:62:69:90:63:2e:a2:71:d2:00:
6d:15:1a:43:22:62:44:3e:8c:3e:92:55:03:be:1b:
65:27:71:e7:d3:c3:16:b9:19:8d:34:f5:63:6a:ab:
5b:e9:b4:12:60:9b:13:10:79:f0:8b:f4:e9:cf:ff:
e3:8f:74:6b:0f:d6:44:aa:cc:36:6d:66:79:af:1d:
72:42:d6:bf:b7:b6:dd:af:9f:22:6c:20:2f:63:5e:
5d:7a:05:51:e1:49:2b:d8:d6:d6:17:f8:b8:30:80:
5f:1e:a9:a5:b2:3c:dd:73:27:be:73:71:91:07:94:
73:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:CF:78:AF:32:90:05:AD:A4:04:33:9B:5F:94:6A:7E:5B:12:4B:59
X509v3 Authority Key Identifier:
keyid:67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/Pc94rzKQBa2kBDObX5RqflsSS1k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/Z0mVlaZaqwtTdo3vCAkeMQYenmU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.20.96.0/24
46.20.98.0/24
46.20.102.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:e6:dc:f3:29:99:97:75:9a:83:5a:a3:d5:b5:11:37:cd:2b:
66:b5:c1:c9:ba:e2:26:38:0f:29:ab:00:2c:c9:5b:5a:5f:1e:
d5:ee:54:d9:94:67:3f:e2:a8:62:e6:3a:e4:85:1d:24:78:8c:
23:0d:bb:e0:7a:2c:de:6d:69:76:51:c5:7f:d7:3a:c8:89:f3:
0d:41:dd:4a:ef:27:e0:b9:67:64:58:6c:36:cc:0a:be:90:5d:
e9:b8:6e:2a:8b:0a:15:50:8e:32:04:ad:71:51:8f:45:33:67:
a3:4b:61:a1:3c:54:0e:46:0a:dd:07:27:42:c4:28:98:72:f4:
c3:f8:bc:07:52:1a:45:99:fb:41:e1:30:cf:9d:46:92:a0:2e:
b9:74:2e:42:e4:28:26:8e:16:15:e9:87:0a:cd:ae:30:cc:2a:
58:8b:fb:4a:45:ef:34:e4:20:e1:c4:68:91:d8:bf:c2:8b:7e:
e7:6e:f1:b0:10:53:d1:d0:6b:3b:08:4c:b1:67:49:36:00:97:
24:48:68:64:63:6a:e7:41:f5:53:e3:af:df:1c:29:ff:91:b7:
a8:9f:40:3b:d9:6c:72:cc:a9:45:62:0f:0b:c6:60:eb:aa:2b:
02:a7:e5:fb:9f:08:b0:72:c4:26:2d:3d:53:7e:ea:28:0e:4c:
75:d2:13:11
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYyBXVNwxcLa1bQstoRNa2yDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3NDk5NTk1YTY1YWFiMGI1Mzc2OGRlZjA4MDkxZTMxMDYx
ZTllNjUwHhcNMjMxMjE5MDkxNzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGNmNzhhZjMyOTAwNWFkYTQwNDMzOWI1Zjk0NmE3ZTViMTI0YjU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkJRJupfOrAPDYP7r7nsvNBhwi3zp
IABNw+sDSB2ft6VaTDdBYDRZJZQs3mfRiH4IlAajRbo548caiAi8qF523eRux+K7
Vx0tXexz/ejrId4Q8JtQ7+oBcok8tW3bV/7LtsBv+w4qHDnRfMAKP0+w/aIVYxSS
51impZi+MWANBZu7Nqya/M/r2ZCfq11iaZBjLqJx0gBtFRpDImJEPow+klUDvhtl
J3Hn08MWuRmNNPVjaqtb6bQSYJsTEHnwi/Tpz//jj3RrD9ZEqsw2bWZ5rx1yQta/
t7bdr58ibCAvY15degVR4Ukr2NbWF/i4MIBfHqmlsjzdcye+c3GRB5RzjQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFD3PeK8ykAWtpAQzm1+Uan5bEktZMB8GA1UdIwQY
MBaAFGdJlZWmWqsLU3aN7wgJHjEGHp5lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTct
MzU1MDgwNDE2NTJkLzEvUGM5NHJ6S1FCYTJrQkRPYlg1UnFmbHNTUzFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTctMzU1MDgwNDE2NTJk
LzEvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALhRgAwQA
LhRiAwQALhRmMA0GCSqGSIb3DQEBCwUAA4IBAQB95tzzKZmXdZqDWqPVtRE3zStm
tcHJuuImOA8pqwAsyVtaXx7V7lTZlGc/4qhi5jrkhR0keIwjDbvgeizebWl2UcV/
1zrIifMNQd1K7yfguWdkWGw2zAq+kF3puG4qiwoVUI4yBK1xUY9FM2ejS2GhPFQO
RgrdBydCxCiYcvTD+LwHUhpFmftB4TDPnUaSoC65dC5C5CgmjhYV6YcKza4wzCpY
i/tKRe805CDhxGiR2L/Ci37nbvGwEFPR0Gs7CEyxZ0k2AJckSGhkY2rnQfVT46/f
HCn/kbeon0A72WxyzKlFYg8LxmDrqisCp+X7nwiwcsQmLT1TfuooDkx10hMR
-----END CERTIFICATE-----
Generated at Sat Apr 19 07:16:17 2025 by rpki-client