Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/mi0vS8_qXsZ6M2U2q6r9brpx0qw.roa
File: mi0vS8_qXsZ6M2U2q6r9brpx0qw.roa (raw, json)
Hash identifier: 7on2CqGQTEWZX2JRjxnhtC2nOwhd1ibBSuLKF1xgP18=
Subject key identifier: 9A:2D:2F:4B:CF:EA:5E:C6:7A:33:65:36:AB:AA:FD:6E:BA:71:D2:AC
Certificate issuer: /CN=67499595a65aab0b53768def08091e31061e9e65
Certificate serial: 018C95F127197442352D836F71ED298C90C2
Authority key identifier: 67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/mi0vS8_qXsZ6M2U2q6r9brpx0qw.roa
Signing time: Sat 23 Dec 2023 09:10:58 +0000
ROA not before: Sat 23 Dec 2023 09:10:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48449
IP address blocks: 46.20.110.0/24 maxlen: 24
46.20.106.0/24 maxlen: 24
46.20.108.0/24 maxlen: 24
185.160.195.0/24 maxlen: 24
185.160.194.0/24 maxlen: 24
185.169.221.0/24 maxlen: 24
46.20.104.0/24 maxlen: 24
185.169.222.0/24 maxlen: 24
46.20.101.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:95:f1:27:19:74:42:35:2d:83:6f:71:ed:29:8c:90:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67499595a65aab0b53768def08091e31061e9e65
Validity
Not Before: Dec 23 09:10:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9a2d2f4bcfea5ec67a336536abaafd6eba71d2ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:67:ec:8e:b8:44:23:95:91:59:04:35:aa:c2:
4c:86:2e:b3:43:84:94:03:ba:ea:77:8d:e9:ef:84:
ba:e1:bd:fa:f9:34:4a:b4:30:71:2a:27:b2:e0:28:
27:40:52:eb:83:fe:ca:2b:e8:06:6f:9c:69:56:c0:
53:23:3b:f5:37:3b:e2:5b:ca:c5:f1:0f:b7:47:f3:
e6:07:f1:f6:be:9b:d1:9a:70:2e:4d:af:ab:4a:b5:
eb:22:82:8f:e8:c2:4a:3b:34:65:f5:99:f6:69:d9:
f7:d4:2d:ec:22:56:55:e4:29:07:b4:f2:94:44:5c:
51:70:42:29:91:b8:36:b4:89:61:51:6d:4d:32:7d:
0c:8b:9d:f5:69:b6:0c:4c:b9:e0:46:79:d8:70:33:
c1:96:82:58:b4:d6:67:2d:b6:88:d8:e9:24:19:c1:
e9:fa:e5:60:23:e9:41:10:77:f9:70:2d:c8:22:68:
a6:77:e9:63:9a:47:52:cf:7e:5a:53:a5:0a:9e:14:
f6:2e:21:a6:f0:f0:8d:ac:78:24:aa:89:ae:75:f1:
3c:2c:78:8d:ec:fd:5e:c1:95:05:d2:87:be:2d:39:
d3:80:7f:6c:ad:a4:88:ac:da:04:a0:0f:ae:20:69:
7c:c2:13:05:9b:c8:d4:8b:9a:be:55:5e:1b:0f:1c:
84:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:2D:2F:4B:CF:EA:5E:C6:7A:33:65:36:AB:AA:FD:6E:BA:71:D2:AC
X509v3 Authority Key Identifier:
keyid:67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/mi0vS8_qXsZ6M2U2q6r9brpx0qw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/Z0mVlaZaqwtTdo3vCAkeMQYenmU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.20.101.0/24
46.20.104.0/24
46.20.106.0/24
46.20.108.0/24
46.20.110.0/24
185.160.194.0/23
185.169.221.0-185.169.222.255
Signature Algorithm: sha256WithRSAEncryption
24:5e:7b:8c:9c:2e:31:1c:02:ff:43:b0:8b:31:b2:39:af:e9:
32:3a:a7:ea:a4:f3:71:cf:a4:52:05:29:da:80:08:63:a5:83:
98:96:4c:2b:b2:9a:93:a5:d0:fd:45:c0:6d:12:9e:28:aa:ec:
6c:33:e0:e6:ba:fb:d7:17:07:d9:b7:a5:af:d5:c0:a6:25:19:
b4:c0:d1:01:00:d5:8d:cc:62:c0:72:f6:c9:3d:29:d8:7a:6d:
4a:3e:c3:50:fc:7c:b2:78:41:bf:96:0e:6b:65:2a:d6:21:09:
5c:6d:c3:fa:70:71:fb:6b:9a:b4:9f:fd:a4:ed:1f:26:60:5f:
df:fa:a6:2e:36:6b:c9:97:a9:63:6f:20:63:33:f3:85:f6:ab:
c8:8c:4b:dc:21:07:63:f8:61:5e:03:47:b8:e5:ed:b9:6e:71:
d7:d3:17:c7:0f:33:4f:c0:ed:e5:15:f2:a7:38:f6:26:fa:a2:
33:a8:51:37:c1:f3:53:c6:32:af:a6:f4:d8:7f:fe:be:99:18:
4f:c7:39:be:5e:6b:58:22:8c:5f:9f:e8:a1:fe:f7:bd:e8:7b:
fd:eb:d4:ef:a9:e3:49:dd:21:25:56:81:df:4b:95:60:49:00:
d9:7a:28:3e:82:76:1a:24:33:b9:33:73:ab:0d:0f:dc:7a:96:
9f:6d:5b:f1
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYyV8ScZdEI1LYNvce0pjJDCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3NDk5NTk1YTY1YWFiMGI1Mzc2OGRlZjA4MDkxZTMxMDYx
ZTllNjUwHhcNMjMxMjIzMDkxMDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTJkMmY0YmNmZWE1ZWM2N2EzMzY1MzZhYmFhZmQ2ZWJhNzFkMmFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvGfsjrhEI5WRWQQ1qsJMhi6zQ4SU
A7rqd43p74S64b36+TRKtDBxKiey4CgnQFLrg/7KK+gGb5xpVsBTIzv1NzviW8rF
8Q+3R/PmB/H2vpvRmnAuTa+rSrXrIoKP6MJKOzRl9Zn2adn31C3sIlZV5CkHtPKU
RFxRcEIpkbg2tIlhUW1NMn0Mi531abYMTLngRnnYcDPBloJYtNZnLbaI2OkkGcHp
+uVgI+lBEHf5cC3IImimd+ljmkdSz35aU6UKnhT2LiGm8PCNrHgkqomudfE8LHiN
7P1ewZUF0oe+LTnTgH9sraSIrNoEoA+uIGl8whMFm8jUi5q+VV4bDxyEdQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFJotL0vP6l7GejNlNquq/W66cdKsMB8GA1UdIwQY
MBaAFGdJlZWmWqsLU3aN7wgJHjEGHp5lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTct
MzU1MDgwNDE2NTJkLzEvbWkwdlM4X3FYc1o2TTJVMnE2cjlicnB4MHF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTctMzU1MDgwNDE2NTJk
LzEvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQALhRlAwQA
LhRoAwQALhRqAwQALhRsAwQALhRuAwQBuaDCMAwDBAC5qd0DBAC5qd4wDQYJKoZI
hvcNAQELBQADggEBACRee4ycLjEcAv9DsIsxsjmv6TI6p+qk83HPpFIFKdqACGOl
g5iWTCuympOl0P1FwG0Sniiq7Gwz4Oa6+9cXB9m3pa/VwKYlGbTA0QEA1Y3MYsBy
9sk9Kdh6bUo+w1D8fLJ4Qb+WDmtlKtYhCVxtw/pwcftrmrSf/aTtHyZgX9/6pi42
a8mXqWNvIGMz84X2q8iMS9whB2P4YV4DR7jl7blucdfTF8cPM0/A7eUV8qc49ib6
ojOoUTfB81PGMq+m9Nh//r6ZGE/HOb5ea1gijF+f6KH+973oe/3r1O+p40ndISVW
gd9LlWBJANl6KD6CdhokM7kzc6sND9x6lp9tW/E=
-----END CERTIFICATE-----
Generated at Sat Apr 19 07:10:01 2025 by rpki-client