Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/w-SdV2u2yowhK0EjRKQ4pfTnrFU.roa
File: w-SdV2u2yowhK0EjRKQ4pfTnrFU.roa (raw, json)
Hash identifier: yFm4eQHFCGK9zuCmId16n7S4UTMoLrmb6K2HPxCoOC4=
Subject key identifier: C3:E4:9D:57:6B:B6:CA:8C:21:2B:41:23:44:A4:38:A5:F4:E7:AC:55
Certificate issuer: /CN=67499595a65aab0b53768def08091e31061e9e65
Certificate serial: 018C5EE922E24A41B1A34DD5FD93F735F864
Authority key identifier: 67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/w-SdV2u2yowhK0EjRKQ4pfTnrFU.roa
Signing time: Tue 12 Dec 2023 16:43:06 +0000
ROA not before: Tue 12 Dec 2023 16:43:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34458
IP address blocks: 46.20.106.0/24 maxlen: 24
185.100.171.0/24 maxlen: 24
185.100.168.0/24 maxlen: 24
46.20.104.0/24 maxlen: 24
185.169.222.0/24 maxlen: 24
185.169.223.0/24 maxlen: 24
46.20.101.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:5e:e9:22:e2:4a:41:b1:a3:4d:d5:fd:93:f7:35:f8:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67499595a65aab0b53768def08091e31061e9e65
Validity
Not Before: Dec 12 16:43:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c3e49d576bb6ca8c212b412344a438a5f4e7ac55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:27:c4:d0:de:3a:ff:1c:a7:be:87:6c:12:04:
b4:48:1a:e6:a0:18:b6:b4:4d:56:4c:db:6c:26:e7:
bf:1a:74:53:00:aa:9a:cd:d1:a1:7e:87:94:eb:d5:
9e:7e:55:08:ac:87:2a:cd:01:c5:b3:9b:ac:35:27:
77:f4:1d:51:aa:47:c1:d3:9c:48:ca:d0:22:f4:14:
ee:ca:98:08:b6:e1:49:8d:89:f0:e8:de:a9:28:5d:
1d:c0:ae:ef:ae:db:bc:a7:6b:11:9d:8b:d5:18:da:
68:38:24:ea:b3:87:33:1f:a8:6e:0e:0a:36:dd:7e:
b9:db:09:cb:cd:bf:57:9a:a7:86:2c:c0:36:d1:09:
90:17:67:1d:b7:7d:7d:70:6a:43:f5:c7:f0:d4:57:
7c:70:fd:54:9d:24:b1:f0:1c:ab:64:4d:98:83:8f:
ed:c9:67:b5:6a:76:e2:a4:e0:e1:b4:48:f2:3f:a2:
e8:36:65:57:a0:29:51:f8:e3:5c:de:70:6c:1b:82:
7e:92:3a:09:5b:9c:a6:a5:d0:5c:5a:aa:d9:54:8a:
dd:4f:81:27:4b:27:f9:76:37:42:75:0a:e9:ac:92:
34:da:80:b0:ef:ac:f1:d1:19:2c:ea:60:34:f0:a1:
9b:bc:c4:fc:11:1c:a7:ea:a0:61:00:23:69:54:80:
76:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:E4:9D:57:6B:B6:CA:8C:21:2B:41:23:44:A4:38:A5:F4:E7:AC:55
X509v3 Authority Key Identifier:
keyid:67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/w-SdV2u2yowhK0EjRKQ4pfTnrFU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/Z0mVlaZaqwtTdo3vCAkeMQYenmU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.20.101.0/24
46.20.104.0/24
46.20.106.0/24
185.100.168.0/24
185.100.171.0/24
185.169.222.0/23
Signature Algorithm: sha256WithRSAEncryption
4a:f5:3c:2d:c1:76:b3:65:e5:6e:9b:ca:66:1f:5e:44:95:db:
3c:65:1a:06:5d:f5:89:a2:58:07:99:07:c7:99:d8:0d:fa:60:
79:6e:8b:77:7b:6d:a5:23:4d:5b:61:2a:91:55:86:de:a4:42:
c1:bb:a6:93:1d:3e:3f:68:9a:93:66:21:b3:fc:08:b9:a6:94:
c1:3b:92:24:f3:bc:46:9c:bc:ad:fb:da:38:0b:17:f9:bb:13:
f6:9c:9e:ce:bd:83:76:c8:8c:9c:4e:39:3d:70:b7:81:77:a3:
49:1b:d6:13:3f:56:22:9e:9d:97:b7:c3:63:3a:11:83:54:46:
d1:b3:7a:ba:f1:1e:ec:33:35:8e:b9:72:90:b0:c8:81:e7:38:
31:49:8e:4d:19:59:05:c2:2e:1f:8c:49:5f:4e:09:ff:44:d1:
f9:d9:4f:7e:3e:d1:6d:19:00:8c:87:d8:f4:da:9e:18:55:cf:
c4:f5:28:57:11:6f:c5:20:e0:ea:d3:5f:ff:1b:ce:32:a9:6e:
cf:6f:4c:e1:e3:97:2c:1c:f9:df:2e:71:57:1f:83:a0:1a:64:
1b:89:4a:c6:98:d4:f0:a3:e3:ea:79:07:a1:99:82:8d:97:60:
fe:85:65:69:52:35:5b:61:85:40:64:fe:79:a1:b4:64:10:71:
7b:85:6d:ce
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYxe6SLiSkGxo03V/ZP3NfhkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3NDk5NTk1YTY1YWFiMGI1Mzc2OGRlZjA4MDkxZTMxMDYx
ZTllNjUwHhcNMjMxMjEyMTY0MzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjM2U0OWQ1NzZiYjZjYThjMjEyYjQxMjM0NGE0MzhhNWY0ZTdhYzU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0yfE0N46/xynvodsEgS0SBrmoBi2
tE1WTNtsJue/GnRTAKqazdGhfoeU69WeflUIrIcqzQHFs5usNSd39B1RqkfB05xI
ytAi9BTuypgItuFJjYnw6N6pKF0dwK7vrtu8p2sRnYvVGNpoOCTqs4czH6huDgo2
3X652wnLzb9XmqeGLMA20QmQF2cdt319cGpD9cfw1Fd8cP1UnSSx8ByrZE2Yg4/t
yWe1anbipODhtEjyP6LoNmVXoClR+ONc3nBsG4J+kjoJW5ympdBcWqrZVIrdT4En
Syf5djdCdQrprJI02oCw76zx0Rks6mA08KGbvMT8ERyn6qBhACNpVIB29QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFMPknVdrtsqMIStBI0SkOKX056xVMB8GA1UdIwQY
MBaAFGdJlZWmWqsLU3aN7wgJHjEGHp5lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTct
MzU1MDgwNDE2NTJkLzEvdy1TZFYydTJ5b3doSzBFalJLUTRwZlRuckZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTctMzU1MDgwNDE2NTJk
LzEvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALhRlAwQA
LhRoAwQALhRqAwQAuWSoAwQAuWSrAwQBuaneMA0GCSqGSIb3DQEBCwUAA4IBAQBK
9TwtwXazZeVum8pmH15Elds8ZRoGXfWJolgHmQfHmdgN+mB5bot3e22lI01bYSqR
VYbepELBu6aTHT4/aJqTZiGz/Ai5ppTBO5Ik87xGnLyt+9o4Cxf5uxP2nJ7OvYN2
yIycTjk9cLeBd6NJG9YTP1Yinp2Xt8NjOhGDVEbRs3q68R7sMzWOuXKQsMiB5zgx
SY5NGVkFwi4fjElfTgn/RNH52U9+PtFtGQCMh9j02p4YVc/E9ShXEW/FIODq01//
G84yqW7Pb0zh45csHPnfLnFXH4OgGmQbiUrGmNTwo+PqeQehmYKNl2D+hWVpUjVb
YYVAZP55obRkEHF7hW3O
-----END CERTIFICATE-----
Generated at Sat Apr 19 07:17:43 2025 by rpki-client