Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/cCAVBovbPtQjhcv7_Z3JSIS0HnQ.roa
File: cCAVBovbPtQjhcv7_Z3JSIS0HnQ.roa (raw, json)
Hash identifier: elFxEycYbZSb3tnAqxHWB6JKImrTZQHGj398PHdH9/s=
Subject key identifier: 70:20:15:06:8B:DB:3E:D4:23:85:CB:FB:FD:9D:C9:48:84:B4:1E:74
Certificate issuer: /CN=67499595a65aab0b53768def08091e31061e9e65
Certificate serial: 0189E07E91520F736222DEBDBF48B84738CB
Authority key identifier: 67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/cCAVBovbPtQjhcv7_Z3JSIS0HnQ.roa
Signing time: Thu 10 Aug 2023 17:28:58 +0000
ROA not before: Thu 10 Aug 2023 17:28:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34458
IP address blocks: 46.20.108.0/24 maxlen: 24
46.20.106.0/24 maxlen: 24
46.20.111.0/24 maxlen: 24
46.20.110.0/24 maxlen: 24
46.20.97.0/24 maxlen: 24
46.20.104.0/24 maxlen: 24
46.20.105.0/24 maxlen: 24
46.20.101.0/24 maxlen: 24
185.160.194.0/24 maxlen: 24
185.100.170.0/24 maxlen: 24
185.100.171.0/24 maxlen: 24
185.100.168.0/24 maxlen: 24
185.100.169.0/24 maxlen: 24
185.169.222.0/24 maxlen: 24
185.169.221.0/24 maxlen: 24
185.169.223.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:e0:7e:91:52:0f:73:62:22:de:bd:bf:48:b8:47:38:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67499595a65aab0b53768def08091e31061e9e65
Validity
Not Before: Aug 10 17:28:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=702015068bdb3ed42385cbfbfd9dc94884b41e74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:d5:b4:d1:8e:9c:e2:9f:b0:95:37:0c:eb:e7:
18:6e:88:ce:cf:88:e4:e4:c0:2d:83:95:5f:52:f9:
33:0a:0d:19:9b:26:09:41:ad:5a:4d:a5:19:29:5d:
06:73:6c:49:27:69:71:f0:13:fa:28:a2:92:99:81:
91:7d:44:cb:26:55:63:ec:c3:74:c4:e4:47:51:de:
3a:48:b9:a3:d8:32:62:d9:2d:41:b6:04:48:e7:cd:
d2:cf:f4:dd:d0:80:2b:f5:ca:db:1b:08:c9:9f:bd:
15:6d:ec:7b:54:d3:dd:41:6a:e6:b5:37:b7:4a:71:
36:ae:92:1d:10:86:b6:a3:e1:77:7f:3b:e6:ad:03:
28:60:d5:56:61:2d:85:6e:2a:f3:2f:a8:8c:84:62:
07:af:cf:e4:41:e4:67:67:d2:ce:3f:fe:48:6b:93:
0e:96:a6:d4:a9:ad:24:b7:35:e9:13:b7:14:d4:56:
04:ce:4f:c9:89:65:47:4f:30:5e:c9:64:cc:37:78:
63:64:3e:d8:e7:cf:96:ee:4a:ae:31:14:5b:b0:bc:
ad:aa:0f:eb:ae:9e:a0:d1:d8:8d:26:4f:07:65:1d:
83:f2:8b:5f:81:41:7d:7f:4a:1c:3f:ea:b5:85:1d:
55:00:54:1c:0c:c6:d2:49:a3:fe:cd:e3:aa:f8:54:
02:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:20:15:06:8B:DB:3E:D4:23:85:CB:FB:FD:9D:C9:48:84:B4:1E:74
X509v3 Authority Key Identifier:
keyid:67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/cCAVBovbPtQjhcv7_Z3JSIS0HnQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/Z0mVlaZaqwtTdo3vCAkeMQYenmU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.20.97.0/24
46.20.101.0/24
46.20.104.0-46.20.106.255
46.20.108.0/24
46.20.110.0/23
185.100.168.0/22
185.160.194.0/24
185.169.221.0-185.169.223.255
Signature Algorithm: sha256WithRSAEncryption
5b:61:f1:08:8c:e8:ac:08:f3:fd:be:33:ed:26:1e:19:6c:cd:
4d:20:9e:26:1a:da:45:07:a1:40:d8:c9:f6:29:a7:09:b4:5e:
55:cc:ff:74:c7:21:95:2e:e8:bc:f9:fe:9c:f9:89:83:e7:3b:
2f:d8:56:8e:90:d1:34:32:48:4d:e2:42:6d:60:99:07:7c:9f:
f2:25:ba:57:65:fb:bd:06:09:37:24:ce:d0:66:06:c8:35:e6:
29:e1:a0:2d:0c:94:88:31:82:26:e3:c4:46:4c:51:e1:82:a2:
d0:a2:d4:bb:93:90:41:29:dc:91:29:3d:87:78:c8:7e:90:1f:
e5:56:37:57:95:a9:9e:ae:1d:99:29:20:13:d2:70:ad:91:6c:
94:75:c1:00:f4:aa:b5:54:68:fb:2c:4b:a2:e2:3d:ab:e2:93:
31:2c:7f:ca:62:9f:a1:de:2b:f2:78:72:a4:0b:ef:2b:43:a9:
a9:3b:d1:2c:67:90:4d:ed:f4:85:59:63:88:59:97:dc:39:83:
91:37:79:f2:f2:b0:94:22:2a:d8:ce:1a:b3:ea:1e:f9:9d:25:
dc:6f:ee:b1:dc:c2:22:26:26:a2:fc:da:25:42:23:b9:74:19:
12:5f:1f:57:42:31:50:8b:c3:a8:8f:36:00:f3:b2:b2:9f:04:
0a:e5:6e:25
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAYngfpFSD3NiIt69v0i4RzjLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3NDk5NTk1YTY1YWFiMGI1Mzc2OGRlZjA4MDkxZTMxMDYx
ZTllNjUwHhcNMjMwODEwMTcyODU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDIwMTUwNjhiZGIzZWQ0MjM4NWNiZmJmZDlkYzk0ODg0YjQxZTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3tW00Y6c4p+wlTcM6+cYbojOz4jk
5MAtg5VfUvkzCg0ZmyYJQa1aTaUZKV0Gc2xJJ2lx8BP6KKKSmYGRfUTLJlVj7MN0
xORHUd46SLmj2DJi2S1BtgRI583Sz/Td0IAr9crbGwjJn70Vbex7VNPdQWrmtTe3
SnE2rpIdEIa2o+F3fzvmrQMoYNVWYS2FbirzL6iMhGIHr8/kQeRnZ9LOP/5Ia5MO
lqbUqa0ktzXpE7cU1FYEzk/JiWVHTzBeyWTMN3hjZD7Y58+W7kquMRRbsLytqg/r
rp6g0diNJk8HZR2D8otfgUF9f0ocP+q1hR1VAFQcDMbSSaP+zeOq+FQCSQIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFHAgFQaL2z7UI4XL+/2dyUiEtB50MB8GA1UdIwQY
MBaAFGdJlZWmWqsLU3aN7wgJHjEGHp5lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTct
MzU1MDgwNDE2NTJkLzEvY0NBVkJvdmJQdFFqaGN2N19aM0pTSVMwSG5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTctMzU1MDgwNDE2NTJk
LzEvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDBGBAIAATBAAwQALhRhAwQA
LhRlMAwDBAMuFGgDBAAuFGoDBAAuFGwDBAEuFG4DBAK5ZKgDBAC5oMIwDAMEALmp
3QMEBbmpwDANBgkqhkiG9w0BAQsFAAOCAQEAW2HxCIzorAjz/b4z7SYeGWzNTSCe
JhraRQehQNjJ9imnCbReVcz/dMchlS7ovPn+nPmJg+c7L9hWjpDRNDJITeJCbWCZ
B3yf8iW6V2X7vQYJNyTO0GYGyDXmKeGgLQyUiDGCJuPERkxR4YKi0KLUu5OQQSnc
kSk9h3jIfpAf5VY3V5Wpnq4dmSkgE9JwrZFslHXBAPSqtVRo+yxLouI9q+KTMSx/
ymKfod4r8nhypAvvK0OpqTvRLGeQTe30hVljiFmX3DmDkTd58vKwlCIq2M4as+oe
+Z0l3G/usdzCIiYmovzaJUIjuXQZEl8fV0IxUIvDqI82APOysp8ECuVuJQ==
-----END CERTIFICATE-----
Generated at Sat Apr 19 07:11:14 2025 by rpki-client