Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/SP2uRQwKypuyHT_vuV8WNe2dqso.roa
File: SP2uRQwKypuyHT_vuV8WNe2dqso.roa (raw, json)
Hash identifier: uVtPBaklPy/g5a6RUF+qm1D7eg1buqc9yISvR8+gS/Y=
Subject key identifier: 48:FD:AE:45:0C:0A:CA:9B:B2:1D:3F:EF:B9:5F:16:35:ED:9D:AA:CA
Certificate issuer: /CN=67499595a65aab0b53768def08091e31061e9e65
Certificate serial: 01896FCDD0F6DAD5CD2360716D6D5287A291
Authority key identifier: 67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/SP2uRQwKypuyHT_vuV8WNe2dqso.roa
Signing time: Wed 19 Jul 2023 20:18:26 +0000
ROA not before: Wed 19 Jul 2023 20:18:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 174
IP address blocks: 46.20.98.0/24 maxlen: 24
46.20.96.0/24 maxlen: 24
46.20.102.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:6f:cd:d0:f6:da:d5:cd:23:60:71:6d:6d:52:87:a2:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67499595a65aab0b53768def08091e31061e9e65
Validity
Not Before: Jul 19 20:18:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=48fdae450c0aca9bb21d3fefb95f1635ed9daaca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:12:f3:bb:7d:09:04:6e:32:e7:09:5a:3d:ca:
38:cc:12:0c:1e:25:90:54:b1:70:fa:66:33:a9:33:
d0:6e:22:25:de:81:76:bb:b5:9b:b5:dd:02:92:f4:
d5:45:d5:63:65:46:61:b6:c2:33:24:74:b7:00:54:
94:a3:e7:c3:b2:37:a5:75:a6:7d:27:c8:8a:cd:8b:
da:fe:c3:65:c1:8e:fb:46:92:91:d2:be:7e:68:02:
e0:41:04:71:5e:4c:5a:7c:90:2c:6b:31:0f:89:7e:
6d:df:63:34:df:97:86:a4:00:60:07:21:d2:56:7d:
35:1a:22:e1:e6:40:2a:c7:e5:07:60:e4:e5:34:7a:
c1:8e:16:d4:1d:68:59:a2:57:e9:eb:e6:ba:ea:f3:
5b:6e:9f:16:66:f8:ba:f2:2e:74:44:61:9f:c6:32:
40:98:eb:aa:34:74:27:bc:96:e8:87:cc:5d:b6:3b:
fc:3b:cf:00:eb:c3:1f:77:d4:1f:2d:83:03:e2:1e:
72:9a:07:66:7c:78:59:fa:ee:b5:54:4d:51:a5:bc:
a2:56:2e:af:49:bf:8a:7f:ac:af:6d:92:a6:88:63:
81:51:4e:3b:2d:d0:c3:26:be:c3:2d:00:55:e9:f9:
3f:5e:e8:80:2d:c1:5d:de:e9:42:16:36:37:5c:24:
1a:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:FD:AE:45:0C:0A:CA:9B:B2:1D:3F:EF:B9:5F:16:35:ED:9D:AA:CA
X509v3 Authority Key Identifier:
keyid:67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/SP2uRQwKypuyHT_vuV8WNe2dqso.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/Z0mVlaZaqwtTdo3vCAkeMQYenmU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.20.96.0/24
46.20.98.0/24
46.20.102.0/24
Signature Algorithm: sha256WithRSAEncryption
07:ac:92:7f:dd:3a:e0:4b:a9:90:e1:a0:6f:51:a5:3e:79:d4:
b2:57:6b:08:64:27:e4:3c:de:6d:ec:93:78:99:0c:dc:49:34:
0e:d9:c5:d9:58:ca:ff:3e:c3:b9:1d:53:48:0c:37:00:d2:56:
5b:91:0b:ff:da:24:29:1d:81:98:54:62:c3:9b:b6:9f:94:63:
77:15:a9:a4:e3:4e:47:76:d9:2b:b2:3f:48:c5:8a:46:40:8a:
ec:e1:c4:6a:d8:84:54:90:7d:f0:18:54:d6:a2:eb:25:91:4f:
8c:e3:ce:a0:62:4b:7e:07:42:9a:80:ab:0c:3c:bd:aa:5a:08:
4c:05:40:0d:53:c4:15:41:22:d8:f9:76:05:7a:e8:53:1e:d0:
eb:a0:06:6c:c0:56:f1:b2:b5:7a:2c:90:08:41:46:20:91:96:
39:71:b6:b2:ab:a7:37:7a:44:43:66:68:88:ed:c3:b5:19:97:
23:a1:a4:0c:57:e2:29:84:0f:00:59:b5:25:7f:29:a2:e7:02:
4f:6c:7b:d1:29:51:43:50:e2:fb:15:65:92:b8:01:f0:ab:f7:
f2:05:ec:36:83:0c:b2:9b:e5:17:1f:59:04:5e:c8:0d:44:51:
27:6f:1f:6f:b9:5c:b4:aa:cb:40:6b:85:f6:62:bd:f7:33:2a:
f6:81:37:55
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYlvzdD22tXNI2BxbW1Sh6KRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3NDk5NTk1YTY1YWFiMGI1Mzc2OGRlZjA4MDkxZTMxMDYx
ZTllNjUwHhcNMjMwNzE5MjAxODI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OGZkYWU0NTBjMGFjYTliYjIxZDNmZWZiOTVmMTYzNWVkOWRhYWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkBLzu30JBG4y5wlaPco4zBIMHiWQ
VLFw+mYzqTPQbiIl3oF2u7Wbtd0CkvTVRdVjZUZhtsIzJHS3AFSUo+fDsjeldaZ9
J8iKzYva/sNlwY77RpKR0r5+aALgQQRxXkxafJAsazEPiX5t32M035eGpABgByHS
Vn01GiLh5kAqx+UHYOTlNHrBjhbUHWhZolfp6+a66vNbbp8WZvi68i50RGGfxjJA
mOuqNHQnvJboh8xdtjv8O88A68Mfd9QfLYMD4h5ymgdmfHhZ+u61VE1RpbyiVi6v
Sb+Kf6yvbZKmiGOBUU47LdDDJr7DLQBV6fk/XuiALcFd3ulCFjY3XCQa9wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEj9rkUMCsqbsh0/77lfFjXtnarKMB8GA1UdIwQY
MBaAFGdJlZWmWqsLU3aN7wgJHjEGHp5lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTct
MzU1MDgwNDE2NTJkLzEvU1AydVJRd0t5cHV5SFRfdnVWOFdOZTJkcXNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTctMzU1MDgwNDE2NTJk
LzEvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALhRgAwQA
LhRiAwQALhRmMA0GCSqGSIb3DQEBCwUAA4IBAQAHrJJ/3TrgS6mQ4aBvUaU+edSy
V2sIZCfkPN5t7JN4mQzcSTQO2cXZWMr/PsO5HVNIDDcA0lZbkQv/2iQpHYGYVGLD
m7aflGN3Famk405Hdtkrsj9IxYpGQIrs4cRq2IRUkH3wGFTWouslkU+M486gYkt+
B0KagKsMPL2qWghMBUANU8QVQSLY+XYFeuhTHtDroAZswFbxsrV6LJAIQUYgkZY5
cbayq6c3ekRDZmiI7cO1GZcjoaQMV+IphA8AWbUlfymi5wJPbHvRKVFDUOL7FWWS
uAHwq/fyBew2gwyym+UXH1kEXsgNRFEnbx9vuVy0qstAa4X2Yr33Myr2gTdV
-----END CERTIFICATE-----
Generated at Sat Apr 19 07:16:12 2025 by rpki-client