Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/c144dc-f562-4a3e-b6ca-c162ddfdee73/1/i6jUf4OPR0nWLdhaekRWyMX7PEU.roa
File: i6jUf4OPR0nWLdhaekRWyMX7PEU.roa (raw, json)
Hash identifier: N8BZlEy/VweN2EYikIVTgOCenbLeY2LlqCAjRWr9n0w=
Subject key identifier: 8B:A8:D4:7F:83:8F:47:49:D6:2D:D8:5A:7A:44:56:C8:C5:FB:3C:45
Certificate issuer: /CN=59ce1cc57acd4d8181ed305385dee78db175e221
Certificate serial: 0184DBA67018AEE5615BCA347D825F090637
Authority key identifier: 59:CE:1C:C5:7A:CD:4D:81:81:ED:30:53:85:DE:E7:8D:B1:75:E2:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wc4cxXrNTYGB7TBThd7njbF14iE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/c144dc-f562-4a3e-b6ca-c162ddfdee73/1/i6jUf4OPR0nWLdhaekRWyMX7PEU.roa
Signing time: Sun 04 Dec 2022 05:40:28 +0000
ROA not before: Sun 04 Dec 2022 05:40:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205254
IP address blocks: 185.255.44.0/24 maxlen: 24
185.255.44.0/22 maxlen: 22
185.255.46.0/24 maxlen: 24
185.255.45.0/24 maxlen: 24
185.255.47.0/24 maxlen: 24
46.161.192.0/21 maxlen: 21
46.161.192.0/24 maxlen: 24
46.161.198.0/24 maxlen: 24
46.161.197.0/24 maxlen: 24
46.161.193.0/24 maxlen: 24
46.161.199.0/24 maxlen: 24
46.161.194.0/24 maxlen: 24
46.161.196.0/24 maxlen: 24
46.161.195.0/24 maxlen: 24
2a0c:58c0::/29 maxlen: 29
2a0c:58c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:db:a6:70:18:ae:e5:61:5b:ca:34:7d:82:5f:09:06:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=59ce1cc57acd4d8181ed305385dee78db175e221
Validity
Not Before: Dec 4 05:40:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8ba8d47f838f4749d62dd85a7a4456c8c5fb3c45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:94:2d:de:3c:b9:3d:19:11:6a:1a:6f:18:e5:
dd:af:32:ac:5b:3c:e6:f8:64:b1:6c:05:95:ca:71:
10:21:99:6e:c2:4d:c2:13:99:c8:6a:eb:62:09:09:
cb:42:0c:84:f1:36:4f:f1:61:75:03:7b:2c:d5:d3:
78:6b:c9:a6:ba:58:32:62:98:df:ae:dc:a2:71:73:
93:2a:8e:e9:6a:84:13:da:ce:e0:7f:a4:1b:22:3e:
cc:d9:b7:07:17:76:b1:1b:69:26:39:af:52:0d:fd:
a5:c8:83:cc:d9:e4:1c:77:8c:ba:0d:b3:56:66:0d:
a8:65:b4:84:0a:94:08:7a:00:27:31:48:d6:11:e7:
2e:3b:94:80:97:02:c1:ab:04:d0:16:fa:e0:e1:3a:
6e:39:6e:fe:3c:7d:1e:f7:bf:32:9f:f9:30:71:cb:
e3:46:2f:14:f7:10:42:0a:e3:f4:72:21:eb:c4:54:
9d:3f:30:7b:3c:37:d1:dd:2d:28:0d:78:76:7f:4d:
2e:fe:50:c8:7c:09:82:99:e6:7e:85:fb:09:d7:7f:
3c:04:a5:47:73:89:77:60:7b:0a:3c:04:79:92:af:
ef:b8:de:0d:2b:d9:b2:9b:40:d0:29:75:0b:e1:73:
45:01:3a:c1:cd:b6:d3:30:18:f2:54:39:4d:45:37:
e4:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:A8:D4:7F:83:8F:47:49:D6:2D:D8:5A:7A:44:56:C8:C5:FB:3C:45
X509v3 Authority Key Identifier:
keyid:59:CE:1C:C5:7A:CD:4D:81:81:ED:30:53:85:DE:E7:8D:B1:75:E2:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wc4cxXrNTYGB7TBThd7njbF14iE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/c144dc-f562-4a3e-b6ca-c162ddfdee73/1/i6jUf4OPR0nWLdhaekRWyMX7PEU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/c144dc-f562-4a3e-b6ca-c162ddfdee73/1/Wc4cxXrNTYGB7TBThd7njbF14iE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.161.192.0/21
185.255.44.0/22
IPv6:
2a0c:58c0::/29
Signature Algorithm: sha256WithRSAEncryption
c3:54:bc:27:6e:93:99:ac:28:81:1d:38:d3:e8:c7:bf:fb:f5:
df:2c:1c:cd:bc:8a:b5:56:c3:81:df:e3:e3:7f:22:df:21:31:
00:5c:7e:a5:14:dc:ee:79:10:64:c0:c2:b3:1f:6e:91:b2:4d:
e7:b0:6c:d0:2a:93:8d:8c:1b:d1:43:ad:43:eb:8f:ff:6f:3a:
af:dc:6a:00:3c:3a:62:7c:e8:3a:ef:b3:56:b9:13:2f:f5:b1:
cf:17:01:68:96:84:82:04:b5:28:97:58:94:a6:ab:88:23:59:
20:64:91:6e:d6:db:13:9d:e0:c5:c3:8a:15:3a:2c:6c:ce:6d:
03:11:b0:52:d9:f6:c0:7d:ed:a0:78:e7:bd:63:42:44:19:ea:
09:4e:6d:18:69:ef:71:fc:c8:7e:e1:da:5f:6d:21:f4:69:09:
39:7c:ea:9e:92:5a:e8:31:5b:63:f1:03:e8:53:4d:19:50:68:
79:c9:ee:78:f8:b6:d5:12:53:4a:82:11:dd:71:0c:8a:d3:d6:
b3:7e:7b:d6:4e:69:59:22:26:0d:fe:b7:83:19:0a:19:ab:63:
3e:4a:44:5d:99:39:74:96:04:1f:9e:a6:bb:22:72:cf:7b:c1:
7b:f4:2e:55:ea:96:cc:06:db:3f:b4:f3:ca:48:65:8e:af:b8:
d5:aa:17:12
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYTbpnAYruVhW8o0fYJfCQY3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5Y2UxY2M1N2FjZDRkODE4MWVkMzA1Mzg1ZGVlNzhkYjE3
NWUyMjEwHhcNMjIxMjA0MDU0MDI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YmE4ZDQ3ZjgzOGY0NzQ5ZDYyZGQ4NWE3YTQ0NTZjOGM1ZmIzYzQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiZQt3jy5PRkRahpvGOXdrzKsWzzm
+GSxbAWVynEQIZluwk3CE5nIautiCQnLQgyE8TZP8WF1A3ss1dN4a8mmulgyYpjf
rtyicXOTKo7paoQT2s7gf6QbIj7M2bcHF3axG2kmOa9SDf2lyIPM2eQcd4y6DbNW
Zg2oZbSECpQIegAnMUjWEecuO5SAlwLBqwTQFvrg4TpuOW7+PH0e978yn/kwccvj
Ri8U9xBCCuP0ciHrxFSdPzB7PDfR3S0oDXh2f00u/lDIfAmCmeZ+hfsJ1388BKVH
c4l3YHsKPAR5kq/vuN4NK9mym0DQKXUL4XNFATrBzbbTMBjyVDlNRTfkmwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFIuo1H+Dj0dJ1i3YWnpEVsjF+zxFMB8GA1UdIwQY
MBaAFFnOHMV6zU2Bge0wU4Xe542xdeIhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2M0Y3hYck5UWUdCN1RCVGhkN25qYkYxNGlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS9jMTQ0ZGMtZjU2Mi00YTNlLWI2Y2Et
YzE2MmRkZmRlZTczLzEvaTZqVWY0T1BSMG5XTGRoYWVrUld5TVg3UEVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS9jMTQ0ZGMtZjU2Mi00YTNlLWI2Y2EtYzE2MmRkZmRlZTcz
LzEvV2M0Y3hYck5UWUdCN1RCVGhkN25qYkYxNGlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDLqHAAwQC
uf8sMA0EAgACMAcDBQMqDFjAMA0GCSqGSIb3DQEBCwUAA4IBAQDDVLwnbpOZrCiB
HTjT6Me/+/XfLBzNvIq1VsOB3+PjfyLfITEAXH6lFNzueRBkwMKzH26Rsk3nsGzQ
KpONjBvRQ61D64//bzqv3GoAPDpifOg677NWuRMv9bHPFwFoloSCBLUol1iUpquI
I1kgZJFu1tsTneDFw4oVOixszm0DEbBS2fbAfe2geOe9Y0JEGeoJTm0Yae9x/Mh+
4dpfbSH0aQk5fOqeklroMVtj8QPoU00ZUGh5ye54+LbVElNKghHdcQyK09azfnvW
TmlZIiYN/reDGQoZq2M+SkRdmTl0lgQfnqa7InLPe8F79C5V6pbMBts/tPPKSGWO
r7jVqhcS
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:16:29 2025 by rpki-client