Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/c5IlH5Yews0-QHrTxdytzJ0CoMo.roa
File: c5IlH5Yews0-QHrTxdytzJ0CoMo.roa (raw, json)
Hash identifier: NUkLwoPErbOzwSpC+UZ/dklE6EZeH1TYwffI57xN/X8=
Subject key identifier: 73:92:25:1F:96:1E:C2:CD:3E:40:7A:D3:C5:DC:AD:CC:9D:02:A0:CA
Certificate issuer: /CN=67499595a65aab0b53768def08091e31061e9e65
Certificate serial: 01872E2378A71E6C61CFD0AB36F1D6E528F6
Authority key identifier: 67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/c5IlH5Yews0-QHrTxdytzJ0CoMo.roa
Signing time: Wed 29 Mar 2023 16:11:29 +0000
ROA not before: Wed 29 Mar 2023 16:11:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 46.20.96.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:2e:23:78:a7:1e:6c:61:cf:d0:ab:36:f1:d6:e5:28:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67499595a65aab0b53768def08091e31061e9e65
Validity
Not Before: Mar 29 16:11:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7392251f961ec2cd3e407ad3c5dcadcc9d02a0ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:6d:5a:37:2a:e0:18:50:7c:f2:6d:41:4f:7f:
4f:a3:90:89:d3:42:20:58:bd:c7:f9:e7:02:80:72:
2b:c2:69:5d:80:d2:00:f0:29:df:2f:32:4a:f8:2c:
89:e1:48:00:f9:95:71:c3:35:4d:a2:2f:94:33:7a:
2e:04:bd:8f:4a:b1:15:7f:74:43:5b:ac:76:98:dd:
01:fd:17:f8:89:7c:1f:0b:de:25:6a:aa:36:a1:45:
60:9c:e4:7a:81:46:8a:9c:fd:fc:bd:01:33:57:3e:
59:c4:2f:d7:89:9b:0a:64:eb:d4:38:57:49:d5:da:
2d:2f:be:89:b3:7e:ee:da:86:5c:b5:e0:17:82:33:
bc:ad:f6:1f:30:a8:45:01:01:8a:e4:68:c4:76:6a:
8f:38:18:ff:e4:52:38:44:4f:01:9c:81:ca:69:1b:
9d:b1:c1:08:e8:e7:7c:54:f2:fd:ed:a8:ff:9a:8a:
37:c8:b0:a6:f1:7e:c3:ec:6e:43:97:42:d3:ca:ca:
fb:39:68:32:37:1d:7d:fc:ff:58:89:b7:fd:b7:80:
a0:d4:92:0c:23:44:98:07:63:98:56:7b:00:f7:c0:
4b:76:65:73:ca:59:8c:41:3d:3d:cc:0c:7a:2b:86:
52:16:71:b0:98:00:de:68:a9:6b:f9:4c:70:45:1d:
c3:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:92:25:1F:96:1E:C2:CD:3E:40:7A:D3:C5:DC:AD:CC:9D:02:A0:CA
X509v3 Authority Key Identifier:
keyid:67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/c5IlH5Yews0-QHrTxdytzJ0CoMo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/Z0mVlaZaqwtTdo3vCAkeMQYenmU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.20.96.0/24
Signature Algorithm: sha256WithRSAEncryption
39:7c:6e:fa:c7:94:af:a6:2c:72:16:a4:0d:e0:15:65:14:da:
8b:39:32:87:2e:43:91:0f:dc:83:ea:33:b3:77:4a:e9:77:6c:
4f:9a:50:9e:6c:d1:e1:12:ca:81:42:c9:ee:d9:3b:bf:f3:cd:
e1:cb:f2:45:ad:66:90:83:48:38:c1:ef:2a:82:18:da:2c:1c:
ce:61:58:b6:32:f0:aa:4f:43:1e:02:3d:3a:4a:48:00:9d:7d:
2a:4f:cb:1b:8c:75:2d:49:5f:18:7b:6c:31:1d:0a:e7:a4:1c:
c4:6a:50:d1:8c:4f:1c:20:60:15:73:17:67:75:a9:58:ab:6a:
7a:55:9c:01:d8:85:c6:bd:66:10:5f:ee:23:65:de:a5:00:a3:
c5:69:bc:e6:23:e6:27:60:0f:1a:c8:15:9c:e0:56:5c:d4:e2:
13:11:74:fc:51:d0:2a:71:01:bd:f0:0e:01:c8:63:90:45:3d:
e8:3e:48:3c:c4:fd:20:c9:fa:ae:fa:c8:32:fb:09:5b:90:62:
6d:d8:81:3a:b9:c3:0d:ee:27:d0:48:b4:c0:6f:7b:a2:71:6f:
c0:d7:7c:02:19:89:1d:ef:19:92:9d:37:9a:9e:38:fa:04:e1:
f4:2b:0b:cd:93:9f:f9:8d:c5:07:9f:9b:38:f7:93:39:9e:8d:
b3:b0:d1:4f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYcuI3inHmxhz9CrNvHW5Sj2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3NDk5NTk1YTY1YWFiMGI1Mzc2OGRlZjA4MDkxZTMxMDYx
ZTllNjUwHhcNMjMwMzI5MTYxMTI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzkyMjUxZjk2MWVjMmNkM2U0MDdhZDNjNWRjYWRjYzlkMDJhMGNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4G1aNyrgGFB88m1BT39Po5CJ00Ig
WL3H+ecCgHIrwmldgNIA8CnfLzJK+CyJ4UgA+ZVxwzVNoi+UM3ouBL2PSrEVf3RD
W6x2mN0B/Rf4iXwfC94laqo2oUVgnOR6gUaKnP38vQEzVz5ZxC/XiZsKZOvUOFdJ
1dotL76Js37u2oZcteAXgjO8rfYfMKhFAQGK5GjEdmqPOBj/5FI4RE8BnIHKaRud
scEI6Od8VPL97aj/moo3yLCm8X7D7G5Dl0LTysr7OWgyNx19/P9Yibf9t4Cg1JIM
I0SYB2OYVnsA98BLdmVzylmMQT09zAx6K4ZSFnGwmADeaKlr+UxwRR3DOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHOSJR+WHsLNPkB608XcrcydAqDKMB8GA1UdIwQY
MBaAFGdJlZWmWqsLU3aN7wgJHjEGHp5lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTct
MzU1MDgwNDE2NTJkLzEvYzVJbEg1WWV3czAtUUhyVHhkeXR6SjBDb01vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTctMzU1MDgwNDE2NTJk
LzEvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALhRgMA0G
CSqGSIb3DQEBCwUAA4IBAQA5fG76x5SvpixyFqQN4BVlFNqLOTKHLkORD9yD6jOz
d0rpd2xPmlCebNHhEsqBQsnu2Tu/883hy/JFrWaQg0g4we8qghjaLBzOYVi2MvCq
T0MeAj06SkgAnX0qT8sbjHUtSV8Ye2wxHQrnpBzEalDRjE8cIGAVcxdndalYq2p6
VZwB2IXGvWYQX+4jZd6lAKPFabzmI+YnYA8ayBWc4FZc1OITEXT8UdAqcQG98A4B
yGOQRT3oPkg8xP0gyfqu+sgy+wlbkGJt2IE6ucMN7ifQSLTAb3uicW/A13wCGYkd
7xmSnTeanjj6BOH0KwvNk5/5jcUHn5s495M5no2zsNFP
-----END CERTIFICATE-----
Generated at Sat Apr 19 07:18:41 2025 by rpki-client