Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/S_3DIdsCe6hZB25GZWoKgTfVAYM.roa
File: S_3DIdsCe6hZB25GZWoKgTfVAYM.roa (raw, json)
Hash identifier: IGsPpTAyfiWwfblyRjOOiD1fI+Hzh7ixFRh4FdzVoRc=
Subject key identifier: 4B:FD:C3:21:DB:02:7B:A8:59:07:6E:46:65:6A:0A:81:37:D5:01:83
Certificate issuer: /CN=67499595a65aab0b53768def08091e31061e9e65
Certificate serial: 018C87F5E84C5BF8D2DE3E89F34E79D8CFC9
Authority key identifier: 67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/S_3DIdsCe6hZB25GZWoKgTfVAYM.roa
Signing time: Wed 20 Dec 2023 16:01:29 +0000
ROA not before: Wed 20 Dec 2023 16:01:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48449
IP address blocks: 46.20.110.0/24 maxlen: 24
46.20.106.0/24 maxlen: 24
46.20.108.0/24 maxlen: 24
185.160.195.0/24 maxlen: 24
185.160.194.0/24 maxlen: 24
185.169.221.0/24 maxlen: 24
185.169.222.0/24 maxlen: 24
46.20.101.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:87:f5:e8:4c:5b:f8:d2:de:3e:89:f3:4e:79:d8:cf:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67499595a65aab0b53768def08091e31061e9e65
Validity
Not Before: Dec 20 16:01:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4bfdc321db027ba859076e46656a0a8137d50183
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:17:eb:3d:43:2a:6c:9a:81:e5:3b:6e:a9:5c:
6c:8b:9c:f6:e5:45:ff:38:5b:19:72:89:12:b0:77:
ab:d0:86:74:6b:72:17:56:3f:c3:d8:a6:19:17:e4:
37:4e:7e:be:93:e8:1f:35:39:7a:41:ba:8f:d4:1e:
8f:66:9e:26:75:e0:68:1b:fa:c2:3a:b8:e6:40:cf:
49:fc:37:42:a6:ad:ee:1c:5c:be:2a:dd:73:82:88:
ef:c9:cb:5c:ec:05:df:d6:e2:53:21:bd:92:9f:e9:
33:cd:52:91:f7:55:22:df:58:0f:0b:43:c3:4d:3f:
d5:61:88:e9:67:bc:01:48:7c:43:73:93:05:aa:b6:
ce:a7:7f:67:1d:fa:ae:37:ec:0a:f5:af:1f:c9:d4:
53:f8:c5:3f:df:68:42:2f:a9:38:b2:c2:31:6c:2f:
c0:8d:18:5d:eb:98:62:67:29:cd:ea:a3:31:34:24:
11:b5:40:b0:76:10:f2:29:01:0d:a5:59:b7:65:9e:
aa:f5:92:1b:a8:1c:fb:1e:10:b7:ac:2c:81:60:a4:
e2:c5:12:54:52:d2:03:cb:07:72:6c:73:a6:78:14:
a1:12:13:6d:73:37:2e:8b:ed:cf:bf:c5:ff:e5:23:
f1:70:11:6c:3e:56:27:c8:ca:f7:91:77:82:d6:ea:
c7:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:FD:C3:21:DB:02:7B:A8:59:07:6E:46:65:6A:0A:81:37:D5:01:83
X509v3 Authority Key Identifier:
keyid:67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/S_3DIdsCe6hZB25GZWoKgTfVAYM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/Z0mVlaZaqwtTdo3vCAkeMQYenmU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.20.101.0/24
46.20.106.0/24
46.20.108.0/24
46.20.110.0/24
185.160.194.0/23
185.169.221.0-185.169.222.255
Signature Algorithm: sha256WithRSAEncryption
38:39:bd:2a:55:69:59:4d:48:42:d1:e7:19:b2:b7:4e:46:52:
5a:45:28:d8:1e:1f:a9:03:f7:a6:41:47:85:41:6d:a2:63:9c:
8e:1d:53:bb:0f:ae:40:6c:f5:9d:61:91:d1:e6:60:09:83:f6:
bb:68:8e:27:3c:a8:b3:a7:61:bf:8a:ae:e0:a2:6e:8d:59:c6:
6d:0b:49:b0:4f:ac:14:92:a0:ca:fe:6d:6d:7d:0c:5d:ec:e4:
22:f7:ce:29:43:8e:40:06:dd:7c:51:34:4c:7f:17:d8:56:3b:
6b:6c:37:5e:1b:8a:d6:62:17:61:55:e5:80:e7:d9:91:a3:a0:
d9:8b:20:47:17:fb:19:fc:9a:5d:d7:46:bd:0f:0b:6c:68:db:
a1:8a:3d:42:05:19:09:a7:f6:f6:bf:3f:90:6f:28:31:bc:90:
57:40:ca:7e:ec:c1:74:b7:b4:37:27:9a:01:0a:00:cc:65:83:
97:53:b5:2a:82:ae:fa:36:a4:5f:96:27:52:a7:29:e6:3f:8f:
de:4a:ad:5c:59:2d:69:96:ca:58:27:f6:a4:a5:9d:06:81:65:
69:9f:dd:5f:e7:c7:fd:36:8d:6d:d0:8e:92:92:45:c8:38:43:
30:8e:22:fe:11:a3:ae:c5:12:08:48:fe:20:47:3a:3f:c1:56:
f3:0f:23:41
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYyH9ehMW/jS3j6J80552M/JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3NDk5NTk1YTY1YWFiMGI1Mzc2OGRlZjA4MDkxZTMxMDYx
ZTllNjUwHhcNMjMxMjIwMTYwMTI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmZkYzMyMWRiMDI3YmE4NTkwNzZlNDY2NTZhMGE4MTM3ZDUwMTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxhfrPUMqbJqB5TtuqVxsi5z25UX/
OFsZcokSsHer0IZ0a3IXVj/D2KYZF+Q3Tn6+k+gfNTl6QbqP1B6PZp4mdeBoG/rC
OrjmQM9J/DdCpq3uHFy+Kt1zgojvyctc7AXf1uJTIb2Sn+kzzVKR91Ui31gPC0PD
TT/VYYjpZ7wBSHxDc5MFqrbOp39nHfquN+wK9a8fydRT+MU/32hCL6k4ssIxbC/A
jRhd65hiZynN6qMxNCQRtUCwdhDyKQENpVm3ZZ6q9ZIbqBz7HhC3rCyBYKTixRJU
UtIDywdybHOmeBShEhNtczcui+3Pv8X/5SPxcBFsPlYnyMr3kXeC1urHnQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFEv9wyHbAnuoWQduRmVqCoE31QGDMB8GA1UdIwQY
MBaAFGdJlZWmWqsLU3aN7wgJHjEGHp5lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTct
MzU1MDgwNDE2NTJkLzEvU18zRElkc0NlNmhaQjI1R1pXb0tnVGZWQVlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTctMzU1MDgwNDE2NTJk
LzEvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQALhRlAwQA
LhRqAwQALhRsAwQALhRuAwQBuaDCMAwDBAC5qd0DBAC5qd4wDQYJKoZIhvcNAQEL
BQADggEBADg5vSpVaVlNSELR5xmyt05GUlpFKNgeH6kD96ZBR4VBbaJjnI4dU7sP
rkBs9Z1hkdHmYAmD9rtojic8qLOnYb+KruCibo1Zxm0LSbBPrBSSoMr+bW19DF3s
5CL3zilDjkAG3XxRNEx/F9hWO2tsN14bitZiF2FV5YDn2ZGjoNmLIEcX+xn8ml3X
Rr0PC2xo26GKPUIFGQmn9va/P5BvKDG8kFdAyn7swXS3tDcnmgEKAMxlg5dTtSqC
rvo2pF+WJ1KnKeY/j95KrVxZLWmWylgn9qSlnQaBZWmf3V/nx/02jW3QjpKSRcg4
QzCOIv4Ro67FEghI/iBHOj/BVvMPI0E=
-----END CERTIFICATE-----
Generated at Sat Apr 19 07:15:25 2025 by rpki-client