Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/dGIYcEo73AAcaMvipsULw8EBN2k.roa
File: dGIYcEo73AAcaMvipsULw8EBN2k.roa (raw, json)
Hash identifier: sBmoDf73PQJRWao/WHlC5skV+CARKQyRQVZwk7c8SrA=
Subject key identifier: 74:62:18:70:4A:3B:DC:00:1C:68:CB:E2:A6:C5:0B:C3:C1:01:37:69
Certificate issuer: /CN=67499595a65aab0b53768def08091e31061e9e65
Certificate serial: 01896D02CA1A8307BC7E809E3AD293E99124
Authority key identifier: 67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/dGIYcEo73AAcaMvipsULw8EBN2k.roa
Signing time: Wed 19 Jul 2023 07:17:26 +0000
ROA not before: Wed 19 Jul 2023 07:17:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1239
IP address blocks: 46.20.98.0/24 maxlen: 24
46.20.96.0/24 maxlen: 24
46.20.102.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:6d:02:ca:1a:83:07:bc:7e:80:9e:3a:d2:93:e9:91:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67499595a65aab0b53768def08091e31061e9e65
Validity
Not Before: Jul 19 07:17:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=746218704a3bdc001c68cbe2a6c50bc3c1013769
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:26:a1:23:50:46:71:b3:12:7c:fc:36:4b:81:
e3:7e:be:c8:f5:fe:73:7c:f2:3f:a1:9c:31:32:b0:
f1:6b:f3:47:93:df:85:41:16:07:70:4a:d5:80:25:
42:80:de:ec:a2:cd:e5:89:15:29:bd:86:73:35:e7:
92:5c:99:e5:36:78:2a:31:bd:20:31:4e:a0:05:d9:
37:fb:fe:e9:7b:0f:74:c2:b1:49:ff:83:a4:f1:a3:
e7:3b:60:d3:12:b9:38:89:cb:ca:a3:0b:2d:3a:a9:
93:13:1a:1c:0d:d1:96:f0:49:e2:c4:6d:85:00:01:
0f:5f:c1:0c:94:5f:83:f9:34:e8:80:d5:86:71:3a:
d3:58:6a:f2:d1:0d:d3:37:67:f3:eb:49:fb:2e:9f:
57:cb:44:54:f3:16:f8:8f:84:81:6c:d9:8e:ba:c9:
61:00:b5:0f:75:b9:b0:8f:17:df:9c:cd:4b:ae:5e:
ed:06:e4:84:67:46:12:25:6f:13:16:86:21:b3:90:
ed:c4:03:06:5c:fe:dd:65:ba:86:49:8e:b1:eb:8d:
99:a0:82:e4:8b:b4:a6:81:07:cc:43:e7:1c:56:f5:
d5:0c:8a:9d:74:d3:69:fd:4c:42:2f:11:d7:66:8d:
9f:bd:49:26:ce:d0:97:a5:6c:dd:b5:0d:5b:38:52:
b8:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:62:18:70:4A:3B:DC:00:1C:68:CB:E2:A6:C5:0B:C3:C1:01:37:69
X509v3 Authority Key Identifier:
keyid:67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/dGIYcEo73AAcaMvipsULw8EBN2k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/Z0mVlaZaqwtTdo3vCAkeMQYenmU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.20.96.0/24
46.20.98.0/24
46.20.102.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:e8:39:ec:f1:28:b1:48:32:ad:f6:3c:1d:9c:7c:9a:7e:75:
66:1e:87:14:85:1d:d4:61:7b:82:5f:c7:43:66:d2:5b:85:49:
d9:df:71:e3:63:c8:3f:24:ae:26:d1:5b:99:72:c5:b2:99:18:
e8:18:17:0c:76:77:83:f3:be:9f:d1:69:a4:a1:4f:c5:38:d8:
1c:3d:f9:ef:06:ba:e1:e9:74:ce:0c:6b:38:7c:51:b9:f0:68:
e7:74:b1:87:92:ca:17:84:0b:3d:9c:7f:74:19:90:1b:31:ae:
6d:75:4e:9d:48:59:69:bb:d2:35:fa:e0:c5:93:79:8d:cc:c3:
10:7e:93:7a:1b:f8:72:5b:1f:1f:8a:43:27:cc:78:d0:08:4a:
08:11:d5:26:5c:05:4c:72:38:bf:a8:47:ba:7b:50:2a:e9:24:
d3:e7:44:39:2d:f2:9e:ef:bf:16:9a:6f:51:f4:ab:b5:af:dd:
b9:05:de:3b:2f:2c:1a:eb:98:54:37:17:7e:af:09:c8:18:56:
42:89:3e:38:cc:2d:90:da:97:ee:3e:2d:29:16:de:b6:45:1f:
62:2f:12:d5:fd:f8:e8:37:b5:46:99:92:c2:61:a3:6a:21:8a:
43:f8:72:fd:b0:ba:8c:ee:8d:1c:6d:c4:c3:bc:22:bb:bc:c4:
d6:72:15:5a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYltAsoagwe8foCeOtKT6ZEkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3NDk5NTk1YTY1YWFiMGI1Mzc2OGRlZjA4MDkxZTMxMDYx
ZTllNjUwHhcNMjMwNzE5MDcxNzI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDYyMTg3MDRhM2JkYzAwMWM2OGNiZTJhNmM1MGJjM2MxMDEzNzY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnyahI1BGcbMSfPw2S4Hjfr7I9f5z
fPI/oZwxMrDxa/NHk9+FQRYHcErVgCVCgN7sos3liRUpvYZzNeeSXJnlNngqMb0g
MU6gBdk3+/7pew90wrFJ/4Ok8aPnO2DTErk4icvKowstOqmTExocDdGW8EnixG2F
AAEPX8EMlF+D+TTogNWGcTrTWGry0Q3TN2fz60n7Lp9Xy0RU8xb4j4SBbNmOuslh
ALUPdbmwjxffnM1Lrl7tBuSEZ0YSJW8TFoYhs5DtxAMGXP7dZbqGSY6x642ZoILk
i7SmgQfMQ+ccVvXVDIqddNNp/UxCLxHXZo2fvUkmztCXpWzdtQ1bOFK4rwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHRiGHBKO9wAHGjL4qbFC8PBATdpMB8GA1UdIwQY
MBaAFGdJlZWmWqsLU3aN7wgJHjEGHp5lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTct
MzU1MDgwNDE2NTJkLzEvZEdJWWNFbzczQUFjYU12aXBzVUx3OEVCTjJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTctMzU1MDgwNDE2NTJk
LzEvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALhRgAwQA
LhRiAwQALhRmMA0GCSqGSIb3DQEBCwUAA4IBAQCe6Dns8SixSDKt9jwdnHyafnVm
HocUhR3UYXuCX8dDZtJbhUnZ33HjY8g/JK4m0VuZcsWymRjoGBcMdneD876f0Wmk
oU/FONgcPfnvBrrh6XTODGs4fFG58GjndLGHksoXhAs9nH90GZAbMa5tdU6dSFlp
u9I1+uDFk3mNzMMQfpN6G/hyWx8fikMnzHjQCEoIEdUmXAVMcji/qEe6e1Aq6STT
50Q5LfKe778Wmm9R9Ku1r925Bd47Lywa65hUNxd+rwnIGFZCiT44zC2Q2pfuPi0p
Ft62RR9iLxLV/fjoN7VGmZLCYaNqIYpD+HL9sLqM7o0cbcTDvCK7vMTWchVa
-----END CERTIFICATE-----
Generated at Sat Apr 19 07:10:34 2025 by rpki-client