Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/lfh7SBHbrwFiU-bfH3W_nAZrpoE.roa
File: lfh7SBHbrwFiU-bfH3W_nAZrpoE.roa (raw, json)
Hash identifier: /TIMd3sMjNqX6bIiHSrrCRhCcFJIq5lR5IrWQ7d5TsY=
Subject key identifier: 95:F8:7B:48:11:DB:AF:01:62:53:E6:DF:1F:75:BF:9C:06:6B:A6:81
Certificate issuer: /CN=67499595a65aab0b53768def08091e31061e9e65
Certificate serial: 018C5EE92337B3744904A742DA5A0213C0B9
Authority key identifier: 67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/lfh7SBHbrwFiU-bfH3W_nAZrpoE.roa
Signing time: Tue 12 Dec 2023 16:43:06 +0000
ROA not before: Tue 12 Dec 2023 16:43:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48449
IP address blocks: 46.20.110.0/24 maxlen: 24
46.20.108.0/24 maxlen: 24
185.160.195.0/24 maxlen: 24
185.160.194.0/24 maxlen: 24
185.100.169.0/24 maxlen: 24
185.100.170.0/24 maxlen: 24
185.169.221.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:5e:e9:23:37:b3:74:49:04:a7:42:da:5a:02:13:c0:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67499595a65aab0b53768def08091e31061e9e65
Validity
Not Before: Dec 12 16:43:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=95f87b4811dbaf016253e6df1f75bf9c066ba681
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:2d:e2:d2:49:18:ac:f8:ed:b9:06:48:02:ae:
2e:84:dc:86:8b:83:8a:4a:c9:2c:73:99:f9:f1:a2:
eb:84:72:bd:f5:01:1b:65:cc:87:33:a3:a7:22:85:
ed:bd:56:f0:9a:87:7c:01:df:c2:ef:d5:fd:d8:28:
fd:8f:16:dd:79:36:e7:4a:d2:75:ea:d9:0a:2b:64:
4e:ac:91:6f:1c:fa:05:af:fc:fa:44:88:0a:77:f3:
d6:da:75:06:ff:c0:e1:3d:52:f0:f1:de:9c:70:b0:
d6:a6:7a:bd:e7:7b:72:4d:88:41:52:e6:ce:ce:a5:
42:43:b7:3f:52:2b:88:b5:52:a4:bf:a7:27:14:71:
82:9f:5a:e2:3e:81:c8:4f:23:15:9e:11:fe:47:9e:
bc:8c:b5:7e:28:0d:60:d1:76:71:e0:d6:6e:a8:be:
a2:7e:1e:71:b0:05:62:b9:a2:83:81:ab:27:39:5b:
83:ab:9a:c0:30:90:44:0c:3b:1f:a2:3a:6e:9d:a5:
d1:04:99:d2:42:de:c3:7d:cf:46:18:66:7a:1f:80:
31:0c:fd:ee:ba:82:7f:b1:58:d2:e7:b5:2d:58:2a:
dd:02:c0:82:7c:8a:de:99:a5:12:da:e9:b3:c3:f0:
8c:36:54:20:e5:fa:47:42:dd:f8:60:35:90:c2:10:
98:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:F8:7B:48:11:DB:AF:01:62:53:E6:DF:1F:75:BF:9C:06:6B:A6:81
X509v3 Authority Key Identifier:
keyid:67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/lfh7SBHbrwFiU-bfH3W_nAZrpoE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/Z0mVlaZaqwtTdo3vCAkeMQYenmU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.20.108.0/24
46.20.110.0/24
185.100.169.0-185.100.170.255
185.160.194.0/23
185.169.221.0/24
Signature Algorithm: sha256WithRSAEncryption
54:18:4c:8e:96:06:81:bc:1c:77:bd:31:6f:84:c1:1f:57:1b:
01:7a:e6:e1:8f:3e:d1:86:af:99:1b:c7:e9:e4:b6:3a:16:ee:
05:7e:43:ce:ff:30:34:dc:f6:57:27:10:25:41:a6:29:10:7c:
a0:f8:e6:cc:c1:1b:2b:d5:d9:28:fc:77:07:cb:9d:85:6c:c1:
ba:ac:12:06:1e:00:b2:ce:a4:11:a2:fb:72:05:1e:01:0f:07:
f9:93:1b:43:36:a2:93:12:5b:cc:61:4d:bf:5f:a8:d6:e5:5a:
aa:f1:79:38:b7:68:58:53:89:98:ea:5a:25:30:7a:15:1e:cd:
cf:63:19:1e:2d:c6:0a:57:2b:2f:7e:0b:1a:ef:81:f6:64:b5:
b7:73:c2:3e:de:60:28:47:11:72:8f:15:1d:0c:46:d0:93:52:
f2:4e:61:a2:51:09:ec:b1:d1:70:de:dc:dd:52:2b:4e:58:5d:
e4:81:72:b7:7b:d5:29:af:41:8a:e6:79:8c:67:43:9c:18:50:
7d:9f:c9:4f:d1:c4:ed:89:b8:4d:6a:8a:c7:5a:51:07:10:e3:
ae:76:7d:1e:c9:b6:15:7e:44:3f:d2:d5:48:c8:56:06:b8:df:
55:dd:9c:66:a6:f9:fe:57:42:13:35:2a:ff:8a:c6:3b:42:e1:
d9:81:e2:95
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYxe6SM3s3RJBKdC2loCE8C5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3NDk5NTk1YTY1YWFiMGI1Mzc2OGRlZjA4MDkxZTMxMDYx
ZTllNjUwHhcNMjMxMjEyMTY0MzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWY4N2I0ODExZGJhZjAxNjI1M2U2ZGYxZjc1YmY5YzA2NmJhNjgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAly3i0kkYrPjtuQZIAq4uhNyGi4OK
Ssksc5n58aLrhHK99QEbZcyHM6OnIoXtvVbwmod8Ad/C79X92Cj9jxbdeTbnStJ1
6tkKK2ROrJFvHPoFr/z6RIgKd/PW2nUG/8DhPVLw8d6ccLDWpnq953tyTYhBUubO
zqVCQ7c/UiuItVKkv6cnFHGCn1riPoHITyMVnhH+R568jLV+KA1g0XZx4NZuqL6i
fh5xsAViuaKDgasnOVuDq5rAMJBEDDsfojpunaXRBJnSQt7Dfc9GGGZ6H4AxDP3u
uoJ/sVjS57UtWCrdAsCCfIremaUS2umzw/CMNlQg5fpHQt34YDWQwhCY+QIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFJX4e0gR268BYlPm3x91v5wGa6aBMB8GA1UdIwQY
MBaAFGdJlZWmWqsLU3aN7wgJHjEGHp5lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTct
MzU1MDgwNDE2NTJkLzEvbGZoN1NCSGJyd0ZpVS1iZkgzV19uQVpycG9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTctMzU1MDgwNDE2NTJk
LzEvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQALhRsAwQA
LhRuMAwDBAC5ZKkDBAC5ZKoDBAG5oMIDBAC5qd0wDQYJKoZIhvcNAQELBQADggEB
AFQYTI6WBoG8HHe9MW+EwR9XGwF65uGPPtGGr5kbx+nktjoW7gV+Q87/MDTc9lcn
ECVBpikQfKD45szBGyvV2Sj8dwfLnYVswbqsEgYeALLOpBGi+3IFHgEPB/mTG0M2
opMSW8xhTb9fqNblWqrxeTi3aFhTiZjqWiUwehUezc9jGR4txgpXKy9+CxrvgfZk
tbdzwj7eYChHEXKPFR0MRtCTUvJOYaJRCeyx0XDe3N1SK05YXeSBcrd71SmvQYrm
eYxnQ5wYUH2fyU/RxO2JuE1qisdaUQcQ4652fR7JthV+RD/S1UjIVga431XdnGam
+f5XQhM1Kv+KxjtC4dmB4pU=
-----END CERTIFICATE-----
Generated at Sat Apr 19 07:23:47 2025 by rpki-client