Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/_WTvjvUQN67_LrxFU9Lim5lulTA.roa
File: _WTvjvUQN67_LrxFU9Lim5lulTA.roa (raw, json)
Hash identifier: 4i88+qMV/1vNu8pgIoIxFNZYaK0IXBJ7dloApO+pMt4=
Subject key identifier: FD:64:EF:8E:F5:10:37:AE:FF:2E:BC:45:53:D2:E2:9B:99:6E:95:30
Certificate issuer: /CN=67499595a65aab0b53768def08091e31061e9e65
Certificate serial: 0188AF8F9E1B7A7BD447D9CA3C7FF729A01B
Authority key identifier: 67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/_WTvjvUQN67_LrxFU9Lim5lulTA.roa
Signing time: Mon 12 Jun 2023 12:23:24 +0000
ROA not before: Mon 12 Jun 2023 12:23:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.160.195.0/24 maxlen: 24
46.20.96.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:af:8f:9e:1b:7a:7b:d4:47:d9:ca:3c:7f:f7:29:a0:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67499595a65aab0b53768def08091e31061e9e65
Validity
Not Before: Jun 12 12:23:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fd64ef8ef51037aeff2ebc4553d2e29b996e9530
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:10:14:42:9c:fa:19:e7:2a:8f:48:9a:b7:3c:
72:97:9c:d6:c6:b2:65:40:5c:98:0d:25:1f:61:cf:
54:51:22:83:97:6d:71:b3:80:b6:ff:72:0b:c3:19:
91:25:f5:fd:74:1b:15:b5:2d:ff:1e:1c:e8:d1:99:
02:99:c2:d0:04:e9:8c:ce:81:2e:08:fa:a2:ce:e7:
61:74:99:13:94:df:6d:8b:ab:d9:cd:fa:7c:17:57:
36:fd:b0:42:86:32:3f:b5:d2:2a:58:b0:48:ea:70:
f6:a1:ce:b6:66:50:e9:cd:23:86:1a:5e:ff:fe:14:
72:22:3f:3f:ab:69:7b:bb:35:07:e4:da:c0:b8:fb:
83:68:cb:50:58:ad:2f:d7:e2:09:d4:68:b1:99:92:
0b:a6:01:5e:b2:ab:25:58:67:88:95:a9:70:0e:30:
55:f6:a9:a6:8f:2b:2e:83:48:20:86:db:78:b7:d5:
0c:f9:b5:d3:54:12:8a:9d:eb:a2:d2:b1:c4:59:38:
e6:0f:af:17:0c:f4:ab:65:b2:a0:8a:af:e5:cf:4e:
9b:39:aa:6d:ad:77:39:c8:c0:27:61:06:62:3f:fe:
6b:d4:9c:15:01:13:9f:51:2d:56:54:7a:a6:38:b2:
22:d0:9e:d0:df:08:4c:1e:21:90:cd:4f:e1:fa:f9:
eb:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:64:EF:8E:F5:10:37:AE:FF:2E:BC:45:53:D2:E2:9B:99:6E:95:30
X509v3 Authority Key Identifier:
keyid:67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/_WTvjvUQN67_LrxFU9Lim5lulTA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/Z0mVlaZaqwtTdo3vCAkeMQYenmU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.20.96.0/24
185.160.195.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:c0:32:b4:f7:94:4a:b7:b9:fb:01:2d:b9:fd:46:aa:2c:66:
7d:f1:8b:c3:7e:12:bf:7d:68:e6:a0:d2:07:39:bc:d7:c8:36:
d7:f0:80:bd:92:f7:f4:50:09:0d:53:55:a4:66:78:3c:24:3e:
0d:68:d6:fb:a1:df:07:c5:5e:db:64:d7:97:b7:08:93:9a:07:
a6:f8:16:ef:72:63:49:a1:9f:10:7c:02:18:f2:d7:23:f6:a9:
3a:4c:51:1c:8e:ae:d2:dc:58:32:97:7a:f1:d3:1b:ef:39:53:
97:dd:84:fd:36:48:cd:05:99:92:58:c3:4e:e8:d6:94:70:21:
1e:8d:56:49:b5:61:ee:f4:b2:c7:e2:14:a3:97:cb:d9:a2:3f:
26:68:3a:b1:91:92:c4:93:77:00:25:ac:ca:3e:3c:75:d0:b2:
3f:10:d1:2c:85:ed:c6:62:14:44:23:12:6b:00:ab:2a:ff:25:
67:cd:96:03:45:2b:33:5d:fb:18:52:1f:f5:36:f1:7b:b1:35:
3a:21:2b:c4:4f:cf:1e:83:a9:0a:f5:93:d7:92:80:3b:14:0e:
d3:87:77:d2:39:8c:5e:ca:e9:c2:67:b8:24:d2:6e:23:73:6b:
ab:55:49:3d:e9:7f:86:19:47:8d:db:24:4b:ac:bd:ad:42:13:
56:2b:f2:30
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYivj54benvUR9nKPH/3KaAbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3NDk5NTk1YTY1YWFiMGI1Mzc2OGRlZjA4MDkxZTMxMDYx
ZTllNjUwHhcNMjMwNjEyMTIyMzI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDY0ZWY4ZWY1MTAzN2FlZmYyZWJjNDU1M2QyZTI5Yjk5NmU5NTMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAshAUQpz6Gecqj0iatzxyl5zWxrJl
QFyYDSUfYc9UUSKDl21xs4C2/3ILwxmRJfX9dBsVtS3/Hhzo0ZkCmcLQBOmMzoEu
CPqizudhdJkTlN9ti6vZzfp8F1c2/bBChjI/tdIqWLBI6nD2oc62ZlDpzSOGGl7/
/hRyIj8/q2l7uzUH5NrAuPuDaMtQWK0v1+IJ1GixmZILpgFesqslWGeIlalwDjBV
9qmmjysug0gghtt4t9UM+bXTVBKKneui0rHEWTjmD68XDPSrZbKgiq/lz06bOapt
rXc5yMAnYQZiP/5r1JwVAROfUS1WVHqmOLIi0J7Q3whMHiGQzU/h+vnrGwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFP1k7471EDeu/y68RVPS4puZbpUwMB8GA1UdIwQY
MBaAFGdJlZWmWqsLU3aN7wgJHjEGHp5lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTct
MzU1MDgwNDE2NTJkLzEvX1dUdmp2VVFONjdfTHJ4RlU5TGltNWx1bFRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTctMzU1MDgwNDE2NTJk
LzEvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALhRgAwQA
uaDDMA0GCSqGSIb3DQEBCwUAA4IBAQCawDK095RKt7n7AS25/UaqLGZ98YvDfhK/
fWjmoNIHObzXyDbX8IC9kvf0UAkNU1WkZng8JD4NaNb7od8HxV7bZNeXtwiTmgem
+BbvcmNJoZ8QfAIY8tcj9qk6TFEcjq7S3Fgyl3rx0xvvOVOX3YT9NkjNBZmSWMNO
6NaUcCEejVZJtWHu9LLH4hSjl8vZoj8maDqxkZLEk3cAJazKPjx10LI/ENEshe3G
YhREIxJrAKsq/yVnzZYDRSszXfsYUh/1NvF7sTU6ISvET88eg6kK9ZPXkoA7FA7T
h3fSOYxeyunCZ7gk0m4jc2urVUk96X+GGUeN2yRLrL2tQhNWK/Iw
-----END CERTIFICATE-----
Generated at Sat Apr 19 07:18:43 2025 by rpki-client