Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/oEh2cXRMPWXvcx1bIaQG8ImP8qU.roa
File: oEh2cXRMPWXvcx1bIaQG8ImP8qU.roa (raw, json)
Hash identifier: RmBPv5ByMpq9C/7qg3Y/1kHpR3PuE9/LcVexfeCM55w=
Subject key identifier: A0:48:76:71:74:4C:3D:65:EF:73:1D:5B:21:A4:06:F0:89:8F:F2:A5
Certificate issuer: /CN=67499595a65aab0b53768def08091e31061e9e65
Certificate serial: 018866D1CA4A6AABC10835C46C2655B1956C
Authority key identifier: 67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/oEh2cXRMPWXvcx1bIaQG8ImP8qU.roa
Signing time: Mon 29 May 2023 09:23:24 +0000
ROA not before: Mon 29 May 2023 09:23:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 147293
IP address blocks: 46.20.109.0/24 maxlen: 24
46.20.99.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:66:d1:ca:4a:6a:ab:c1:08:35:c4:6c:26:55:b1:95:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67499595a65aab0b53768def08091e31061e9e65
Validity
Not Before: May 29 09:23:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a0487671744c3d65ef731d5b21a406f0898ff2a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:f4:f9:5a:f7:e8:10:71:99:08:17:b2:ad:1d:
18:6a:52:25:bd:74:7d:15:5b:5d:f8:24:ba:66:8d:
ea:a8:56:3a:f0:f2:49:ca:33:86:b5:dc:29:d9:d6:
fd:ce:2f:e9:28:38:d2:4b:81:ef:1c:87:8e:47:b0:
35:21:f3:e7:e5:38:d1:c7:de:f6:c7:29:5e:12:70:
d7:a7:2b:04:ec:bb:9d:76:2f:fe:09:32:e0:34:e9:
ef:d3:08:51:c4:62:31:4b:c0:2c:67:eb:3f:ec:b4:
3d:80:22:03:ce:fd:a0:37:3f:7f:0a:0d:92:53:27:
d9:28:93:83:5c:18:26:3f:b3:e3:cf:13:c4:1a:0e:
fb:88:ec:42:96:60:ea:4f:74:e7:ae:c3:be:7e:50:
d7:d6:e4:c1:e6:e6:27:7d:13:7b:37:dd:3a:4f:19:
a5:44:97:33:21:fe:07:9d:b9:09:e8:17:d5:26:0f:
9c:a4:3d:ac:dd:f6:cd:45:67:4f:cd:04:c5:23:9c:
c9:7a:09:88:d1:80:14:eb:c1:0f:7e:40:0c:ca:27:
49:b3:f2:cb:1b:3a:ae:29:3c:85:42:f6:5a:e2:b3:
12:a0:37:ef:8b:b2:c6:2b:5d:20:32:92:1f:fc:cf:
bd:8d:e0:3b:71:6f:01:32:eb:ae:0b:c5:48:c2:48:
e6:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:48:76:71:74:4C:3D:65:EF:73:1D:5B:21:A4:06:F0:89:8F:F2:A5
X509v3 Authority Key Identifier:
keyid:67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/oEh2cXRMPWXvcx1bIaQG8ImP8qU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/Z0mVlaZaqwtTdo3vCAkeMQYenmU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.20.99.0/24
46.20.109.0/24
Signature Algorithm: sha256WithRSAEncryption
08:46:45:71:e9:b3:a9:8c:2d:24:67:97:ce:84:1d:dd:30:f6:
9e:ad:11:52:cd:82:a2:25:73:13:3b:97:3a:4d:32:e9:50:da:
ea:fd:1b:2a:64:86:fa:d0:09:3d:5d:9c:4a:a0:31:a2:8b:e3:
ae:0b:12:2b:bc:c2:06:97:87:87:cc:64:1f:82:c7:a2:15:fd:
cb:6f:39:94:db:2d:b4:b3:52:8e:54:40:d6:aa:e1:7a:65:22:
c6:fb:9a:e2:e0:db:b9:5d:d1:26:72:9e:de:f4:e8:f4:70:68:
a8:3d:dc:59:a1:30:b4:3d:fd:98:20:eb:e1:5a:c3:20:59:d1:
22:a7:0c:a7:48:98:dc:1a:ef:49:6b:07:a7:a1:da:32:aa:14:
5d:68:1a:07:e8:e0:11:e6:05:a6:e0:38:3a:41:d3:8f:20:f7:
30:ee:69:45:d3:19:db:65:68:96:10:fd:4c:0e:0d:59:4a:18:
62:a1:70:6b:31:df:32:a5:2d:ea:78:6e:a1:bb:ee:ac:90:c5:
a7:d1:62:23:bd:fc:83:e3:97:01:74:f9:a5:6c:76:da:4a:b2:
57:af:87:42:46:02:08:12:6e:63:e4:6c:24:6f:d3:34:b7:0a:
ed:d9:9b:81:0c:7c:3e:4b:75:b2:a8:6d:30:30:a9:e2:6d:f9:
8d:28:dc:43
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYhm0cpKaqvBCDXEbCZVsZVsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3NDk5NTk1YTY1YWFiMGI1Mzc2OGRlZjA4MDkxZTMxMDYx
ZTllNjUwHhcNMjMwNTI5MDkyMzI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDQ4NzY3MTc0NGMzZDY1ZWY3MzFkNWIyMWE0MDZmMDg5OGZmMmE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkPT5WvfoEHGZCBeyrR0YalIlvXR9
FVtd+CS6Zo3qqFY68PJJyjOGtdwp2db9zi/pKDjSS4HvHIeOR7A1IfPn5TjRx972
xyleEnDXpysE7Luddi/+CTLgNOnv0whRxGIxS8AsZ+s/7LQ9gCIDzv2gNz9/Cg2S
UyfZKJODXBgmP7PjzxPEGg77iOxClmDqT3TnrsO+flDX1uTB5uYnfRN7N906Txml
RJczIf4HnbkJ6BfVJg+cpD2s3fbNRWdPzQTFI5zJegmI0YAU68EPfkAMyidJs/LL
GzquKTyFQvZa4rMSoDfvi7LGK10gMpIf/M+9jeA7cW8BMuuuC8VIwkjmowIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKBIdnF0TD1l73MdWyGkBvCJj/KlMB8GA1UdIwQY
MBaAFGdJlZWmWqsLU3aN7wgJHjEGHp5lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTct
MzU1MDgwNDE2NTJkLzEvb0VoMmNYUk1QV1h2Y3gxYklhUUc4SW1QOHFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTctMzU1MDgwNDE2NTJk
LzEvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALhRjAwQA
LhRtMA0GCSqGSIb3DQEBCwUAA4IBAQAIRkVx6bOpjC0kZ5fOhB3dMPaerRFSzYKi
JXMTO5c6TTLpUNrq/RsqZIb60Ak9XZxKoDGii+OuCxIrvMIGl4eHzGQfgseiFf3L
bzmU2y20s1KOVEDWquF6ZSLG+5ri4Nu5XdEmcp7e9Oj0cGioPdxZoTC0Pf2YIOvh
WsMgWdEipwynSJjcGu9JawenodoyqhRdaBoH6OAR5gWm4Dg6QdOPIPcw7mlF0xnb
ZWiWEP1MDg1ZShhioXBrMd8ypS3qeG6hu+6skMWn0WIjvfyD45cBdPmlbHbaSrJX
r4dCRgIIEm5j5Gwkb9M0twrt2ZuBDHw+S3WyqG0wMKnibfmNKNxD
-----END CERTIFICATE-----
Generated at Sat Apr 19 07:11:14 2025 by rpki-client