Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/zCR5utOoFNGzNEMbcmWP5CEMaW0.roa
File: zCR5utOoFNGzNEMbcmWP5CEMaW0.roa (raw, json)
Hash identifier: 4tIJ39d8/zOTjaR1U7gJQbkxkQ3+lAbUYtlZNjPDfow=
Subject key identifier: CC:24:79:BA:D3:A8:14:D1:B3:34:43:1B:72:65:8F:E4:21:0C:69:6D
Certificate issuer: /CN=67499595a65aab0b53768def08091e31061e9e65
Certificate serial: 018C4BCA55EF10C0E7CA902BA01C887500F2
Authority key identifier: 67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/zCR5utOoFNGzNEMbcmWP5CEMaW0.roa
Signing time: Fri 08 Dec 2023 23:36:40 +0000
ROA not before: Fri 08 Dec 2023 23:36:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48449
IP address blocks: 46.20.110.0/24 maxlen: 24
46.20.108.0/24 maxlen: 24
185.160.195.0/24 maxlen: 24
185.160.194.0/24 maxlen: 24
185.100.169.0/24 maxlen: 24
185.169.221.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:4b:ca:55:ef:10:c0:e7:ca:90:2b:a0:1c:88:75:00:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67499595a65aab0b53768def08091e31061e9e65
Validity
Not Before: Dec 8 23:36:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cc2479bad3a814d1b334431b72658fe4210c696d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:2e:ea:eb:57:78:de:4f:af:fa:0e:9d:e4:61:
40:d1:54:85:07:02:7d:a6:16:2b:e0:d6:64:90:14:
2c:ca:9a:04:64:b6:e2:1f:e3:b0:6f:44:66:c8:1b:
5c:68:ea:aa:e1:3e:8b:88:c0:52:32:78:6d:28:c7:
0b:5f:29:6f:ee:0d:fe:60:a6:0c:59:ca:33:0e:69:
a6:85:4c:03:cf:de:0b:8c:61:a8:71:aa:90:9a:a4:
c1:db:60:5d:65:56:5b:c7:23:4c:3b:a6:13:c9:a9:
6b:fb:b6:e6:bb:50:87:a1:34:c8:a0:01:e4:34:2f:
7a:ab:0a:b9:0e:c9:46:3b:5b:44:50:b6:2e:79:06:
b1:43:3c:7f:e2:38:78:f1:ad:e3:7b:86:84:fd:c0:
1b:7f:d8:b6:16:b9:12:37:8a:15:25:d6:d5:48:c9:
9b:48:e1:cc:e8:84:03:1d:1d:f7:45:42:27:72:83:
02:83:59:f0:b4:82:26:20:2b:7a:29:1d:27:8e:9a:
d3:80:8a:7c:a5:7a:6e:03:dc:51:08:4f:e1:74:06:
e2:c1:46:10:8f:07:b0:82:a7:06:ee:fe:08:9f:b6:
2a:6b:4f:52:37:29:3e:2f:d5:8f:7b:4d:56:10:1f:
6b:34:bb:ff:56:1b:2b:62:4e:01:5a:e5:1d:32:64:
92:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:24:79:BA:D3:A8:14:D1:B3:34:43:1B:72:65:8F:E4:21:0C:69:6D
X509v3 Authority Key Identifier:
keyid:67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/zCR5utOoFNGzNEMbcmWP5CEMaW0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/Z0mVlaZaqwtTdo3vCAkeMQYenmU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.20.108.0/24
46.20.110.0/24
185.100.169.0/24
185.160.194.0/23
185.169.221.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:db:91:9a:df:02:0b:35:cf:3b:d3:bb:a5:aa:c8:e3:99:64:
b5:2b:1a:66:53:2a:2a:8c:7f:21:17:c2:b6:dc:4b:c5:3a:24:
44:09:8c:3c:a8:67:5b:50:d9:e7:e3:e2:5e:60:dd:2f:e8:73:
db:25:d5:26:0e:24:9b:fe:9e:ca:e9:6a:1c:e9:9a:26:dd:93:
9b:42:17:9b:68:a4:54:ce:bb:05:73:18:99:b2:a3:fe:85:a4:
5b:69:06:ce:b1:14:d5:67:31:b4:1b:ce:40:7f:5d:e0:ea:a5:
7e:02:eb:17:fa:e9:fc:e6:8b:55:2c:1a:c9:54:d4:0b:b0:af:
01:11:67:34:8a:00:ec:26:dd:cd:a1:c4:4c:b1:e1:1d:83:db:
49:a0:d2:14:f2:e4:a6:4c:9d:24:42:1f:85:80:64:fe:3d:c1:
0c:5b:a7:94:c8:94:9b:34:c7:7a:d1:3b:51:bd:e3:2c:9f:51:
e9:ec:eb:23:5a:cd:7b:bc:88:84:21:d3:98:9f:d0:4d:08:ba:
3f:15:7a:f8:98:02:b3:07:1c:57:1a:13:83:e5:ec:e3:61:2a:
c7:1b:1b:c5:39:90:70:a5:ef:67:4e:61:0a:a5:64:0d:4a:cc:
fa:fe:72:0f:b3:be:1f:6c:c6:7d:66:1f:0e:bf:bc:0c:0c:63:
dd:b2:89:3c
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYxLylXvEMDnypAroByIdQDyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3NDk5NTk1YTY1YWFiMGI1Mzc2OGRlZjA4MDkxZTMxMDYx
ZTllNjUwHhcNMjMxMjA4MjMzNjQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzI0NzliYWQzYTgxNGQxYjMzNDQzMWI3MjY1OGZlNDIxMGM2OTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvC7q61d43k+v+g6d5GFA0VSFBwJ9
phYr4NZkkBQsypoEZLbiH+Owb0RmyBtcaOqq4T6LiMBSMnhtKMcLXylv7g3+YKYM
WcozDmmmhUwDz94LjGGocaqQmqTB22BdZVZbxyNMO6YTyalr+7bmu1CHoTTIoAHk
NC96qwq5DslGO1tEULYueQaxQzx/4jh48a3je4aE/cAbf9i2FrkSN4oVJdbVSMmb
SOHM6IQDHR33RUIncoMCg1nwtIImICt6KR0njprTgIp8pXpuA9xRCE/hdAbiwUYQ
jwewgqcG7v4In7Yqa09SNyk+L9WPe01WEB9rNLv/VhsrYk4BWuUdMmSSYwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFMwkebrTqBTRszRDG3Jlj+QhDGltMB8GA1UdIwQY
MBaAFGdJlZWmWqsLU3aN7wgJHjEGHp5lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTct
MzU1MDgwNDE2NTJkLzEvekNSNXV0T29GTkd6TkVNYmNtV1A1Q0VNYVcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTctMzU1MDgwNDE2NTJk
LzEvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALhRsAwQA
LhRuAwQAuWSpAwQBuaDCAwQAuandMA0GCSqGSIb3DQEBCwUAA4IBAQCa25Ga3wIL
Nc8707ulqsjjmWS1KxpmUyoqjH8hF8K23EvFOiRECYw8qGdbUNnn4+JeYN0v6HPb
JdUmDiSb/p7K6Woc6Zom3ZObQhebaKRUzrsFcxiZsqP+haRbaQbOsRTVZzG0G85A
f13g6qV+AusX+un85otVLBrJVNQLsK8BEWc0igDsJt3NocRMseEdg9tJoNIU8uSm
TJ0kQh+FgGT+PcEMW6eUyJSbNMd60TtRveMsn1Hp7OsjWs17vIiEIdOYn9BNCLo/
FXr4mAKzBxxXGhOD5ezjYSrHGxvFOZBwpe9nTmEKpWQNSsz6/nIPs74fbMZ9Zh8O
v7wMDGPdsok8
-----END CERTIFICATE-----
Generated at Sat Apr 19 07:14:40 2025 by rpki-client