Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/c144dc-f562-4a3e-b6ca-c162ddfdee73/1/0MtUp_UvG1VZHFF56zrM2Q__3-0.roa
File: 0MtUp_UvG1VZHFF56zrM2Q__3-0.roa (raw, json)
Hash identifier: ojaMa7percCC4RZyzcjpO1KYVsPzxDnplSPywZZw7nk=
Subject key identifier: D0:CB:54:A7:F5:2F:1B:55:59:1C:51:79:EB:3A:CC:D9:0F:FF:DF:ED
Certificate issuer: /CN=59ce1cc57acd4d8181ed305385dee78db175e221
Certificate serial: 01857230FCC5EEF8A2EC0687833D8EE0A57B
Authority key identifier: 59:CE:1C:C5:7A:CD:4D:81:81:ED:30:53:85:DE:E7:8D:B1:75:E2:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wc4cxXrNTYGB7TBThd7njbF14iE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/c144dc-f562-4a3e-b6ca-c162ddfdee73/1/0MtUp_UvG1VZHFF56zrM2Q__3-0.roa
Signing time: Mon 02 Jan 2023 11:14:51 +0000
ROA not before: Mon 02 Jan 2023 11:14:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205254
IP address blocks: 185.255.44.0/24 maxlen: 24
185.255.44.0/22 maxlen: 22
185.255.46.0/24 maxlen: 24
185.255.45.0/24 maxlen: 24
185.255.47.0/24 maxlen: 24
46.161.192.0/21 maxlen: 21
46.161.192.0/24 maxlen: 24
46.161.198.0/24 maxlen: 24
46.161.197.0/24 maxlen: 24
46.161.193.0/24 maxlen: 24
46.161.199.0/24 maxlen: 24
46.161.194.0/24 maxlen: 24
46.161.196.0/24 maxlen: 24
46.161.195.0/24 maxlen: 24
2a0c:58c0::/29 maxlen: 29
2a0c:58c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:30:fc:c5:ee:f8:a2:ec:06:87:83:3d:8e:e0:a5:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=59ce1cc57acd4d8181ed305385dee78db175e221
Validity
Not Before: Jan 2 11:14:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d0cb54a7f52f1b55591c5179eb3accd90fffdfed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:4e:05:0d:4b:9c:bb:b0:82:77:3f:00:d6:27:
e2:0c:06:93:ce:5b:53:c0:e8:8c:e9:e0:69:ea:d7:
b5:c4:cc:a3:e9:fc:8e:0a:a1:e1:7a:08:96:cc:18:
cd:74:5c:28:97:4b:58:4b:96:fa:ad:28:00:75:a6:
52:62:09:24:5f:e0:01:7c:cf:1d:66:be:ea:fc:5e:
c6:27:1c:d1:3b:5d:4a:b8:33:e3:b4:70:6d:ec:f6:
f8:32:65:a3:8b:a2:bc:07:89:06:60:2b:89:8b:9d:
43:5b:4d:1b:9b:a3:2e:5c:47:6e:19:f2:a3:dc:34:
95:f9:a9:60:d5:43:20:c2:40:1e:98:14:cd:c3:0a:
56:98:43:ca:f2:63:6f:9e:60:11:b8:6f:a2:cb:74:
30:cc:ac:35:99:36:79:8b:6f:19:78:df:ff:35:f2:
42:5a:8a:f8:3a:c3:49:c8:95:c3:c8:fd:5a:8b:b8:
33:34:b2:e5:41:ef:4a:06:26:d9:6e:cc:54:87:95:
81:0e:3b:da:f8:9a:96:c5:4e:54:e3:a2:16:1d:8c:
10:ab:f1:49:87:06:67:cc:ae:45:fb:43:eb:a4:2d:
58:0d:31:ba:9b:e1:99:02:3a:60:f1:a3:32:eb:e9:
76:c9:85:1e:20:f8:d1:d5:1a:16:07:6e:79:62:3d:
b5:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:CB:54:A7:F5:2F:1B:55:59:1C:51:79:EB:3A:CC:D9:0F:FF:DF:ED
X509v3 Authority Key Identifier:
keyid:59:CE:1C:C5:7A:CD:4D:81:81:ED:30:53:85:DE:E7:8D:B1:75:E2:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wc4cxXrNTYGB7TBThd7njbF14iE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/c144dc-f562-4a3e-b6ca-c162ddfdee73/1/0MtUp_UvG1VZHFF56zrM2Q__3-0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/c144dc-f562-4a3e-b6ca-c162ddfdee73/1/Wc4cxXrNTYGB7TBThd7njbF14iE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.161.192.0/21
185.255.44.0/22
IPv6:
2a0c:58c0::/29
Signature Algorithm: sha256WithRSAEncryption
bb:7c:3e:ca:a0:35:e1:3a:50:55:66:74:24:91:ca:64:c1:44:
e0:ec:bc:f9:55:b9:db:d8:08:9b:12:b5:65:73:2d:fa:24:42:
03:d6:c0:32:7e:5c:c4:2c:8e:d0:a6:e2:17:7f:de:d4:42:57:
63:03:7b:80:18:20:93:86:23:7f:a9:9d:d9:3c:61:71:39:68:
a2:bf:90:d5:ca:bc:0f:18:3f:33:27:11:0a:4b:a2:9f:65:c9:
93:85:24:c8:b2:61:a1:33:13:17:47:2f:8a:66:df:8c:b0:20:
20:83:07:de:57:3d:20:6f:c9:9d:d0:23:15:e4:b4:8d:c3:82:
1f:13:ae:f1:3a:4a:fb:33:06:a3:fe:9b:d6:34:4a:ef:d0:43:
cf:0e:45:42:2e:66:89:17:55:b0:cd:c1:5a:5a:03:55:61:49:
b8:69:df:0e:f3:83:17:f3:c2:a4:01:a5:9d:e7:37:a7:c7:dd:
da:60:e8:56:cd:7f:48:77:d0:6e:ee:fb:e8:0a:6f:da:bd:79:
07:e6:d2:ba:83:fc:55:a8:ad:dc:e5:6c:1e:cd:55:67:d9:8f:
e2:28:a5:91:d3:dc:0f:cd:c9:3e:04:d2:96:63:4e:0f:3c:a6:
a4:a1:0f:30:8c:d9:c4:6b:0e:31:d1:35:b8:06:34:a4:01:2c:
de:8b:21:3b
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVyMPzF7vii7AaHgz2O4KV7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5Y2UxY2M1N2FjZDRkODE4MWVkMzA1Mzg1ZGVlNzhkYjE3
NWUyMjEwHhcNMjMwMTAyMTExNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGNiNTRhN2Y1MmYxYjU1NTkxYzUxNzllYjNhY2NkOTBmZmZkZmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjU4FDUucu7CCdz8A1ifiDAaTzltT
wOiM6eBp6te1xMyj6fyOCqHhegiWzBjNdFwol0tYS5b6rSgAdaZSYgkkX+ABfM8d
Zr7q/F7GJxzRO11KuDPjtHBt7Pb4MmWji6K8B4kGYCuJi51DW00bm6MuXEduGfKj
3DSV+alg1UMgwkAemBTNwwpWmEPK8mNvnmARuG+iy3QwzKw1mTZ5i28ZeN//NfJC
Wor4OsNJyJXDyP1ai7gzNLLlQe9KBibZbsxUh5WBDjva+JqWxU5U46IWHYwQq/FJ
hwZnzK5F+0PrpC1YDTG6m+GZAjpg8aMy6+l2yYUeIPjR1RoWB255Yj21aQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFNDLVKf1LxtVWRxRees6zNkP/9/tMB8GA1UdIwQY
MBaAFFnOHMV6zU2Bge0wU4Xe542xdeIhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2M0Y3hYck5UWUdCN1RCVGhkN25qYkYxNGlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS9jMTQ0ZGMtZjU2Mi00YTNlLWI2Y2Et
YzE2MmRkZmRlZTczLzEvME10VXBfVXZHMVZaSEZGNTZ6ck0yUV9fMy0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS9jMTQ0ZGMtZjU2Mi00YTNlLWI2Y2EtYzE2MmRkZmRlZTcz
LzEvV2M0Y3hYck5UWUdCN1RCVGhkN25qYkYxNGlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDLqHAAwQC
uf8sMA0EAgACMAcDBQMqDFjAMA0GCSqGSIb3DQEBCwUAA4IBAQC7fD7KoDXhOlBV
ZnQkkcpkwUTg7Lz5Vbnb2AibErVlcy36JEID1sAyflzELI7QpuIXf97UQldjA3uA
GCCThiN/qZ3ZPGFxOWiiv5DVyrwPGD8zJxEKS6KfZcmThSTIsmGhMxMXRy+KZt+M
sCAggwfeVz0gb8md0CMV5LSNw4IfE67xOkr7Mwaj/pvWNErv0EPPDkVCLmaJF1Ww
zcFaWgNVYUm4ad8O84MX88KkAaWd5zenx93aYOhWzX9Id9Bu7vvoCm/avXkH5tK6
g/xVqK3c5WwezVVn2Y/iKKWR09wPzck+BNKWY04PPKakoQ8wjNnEaw4x0TW4BjSk
ASzeiyE7
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:43:23 2025 by rpki-client