Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/6d7c1c-8ebd-4246-83f9-5f3cc318f180/1/4GlmLRhw3Vr94lQ1DV2pDOxcmBc.roa
File: 4GlmLRhw3Vr94lQ1DV2pDOxcmBc.roa (raw, json)
Hash identifier: NPXsvZw4gtecEVfBH51CwLdxZQY4gDaKBD0NmSIpHeQ=
Subject key identifier: E0:69:66:2D:18:70:DD:5A:FD:E2:54:35:0D:5D:A9:0C:EC:5C:98:17
Certificate issuer: /CN=0c048b5f815235c393fea761e07eb8b8bbf87fd3
Certificate serial: 01856DD432B292C95AF7CBB0A51DBCBD205A
Authority key identifier: 0C:04:8B:5F:81:52:35:C3:93:FE:A7:61:E0:7E:B8:B8:BB:F8:7F:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DASLX4FSNcOT_qdh4H64uLv4f9M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/6d7c1c-8ebd-4246-83f9-5f3cc318f180/1/4GlmLRhw3Vr94lQ1DV2pDOxcmBc.roa
Signing time: Sun 01 Jan 2023 14:55:01 +0000
ROA not before: Sun 01 Jan 2023 14:55:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56588
IP address blocks: 46.226.136.0/21 maxlen: 21
2a00:6a00::/29 maxlen: 29
2a00:6a00::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:d4:32:b2:92:c9:5a:f7:cb:b0:a5:1d:bc:bd:20:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c048b5f815235c393fea761e07eb8b8bbf87fd3
Validity
Not Before: Jan 1 14:55:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e069662d1870dd5afde254350d5da90cec5c9817
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:94:f4:9c:ce:a1:5e:ad:12:05:95:6a:a0:e5:
68:1d:3f:da:1c:5d:af:30:7e:a5:45:60:4c:3d:80:
d6:b4:ef:69:ea:53:ae:11:5b:4e:90:96:be:c0:59:
dc:d3:b1:b2:1a:b5:e3:fa:e6:1f:60:c3:8a:5a:c5:
e8:fe:cd:fc:e1:0f:94:e4:53:fd:2c:45:bc:8f:9a:
5e:ae:c5:1e:59:9d:94:49:3c:41:73:09:13:f6:84:
d3:bc:18:58:72:6c:93:68:c6:cf:c4:d7:d9:e2:31:
c7:7d:66:bd:08:49:b4:ef:02:75:0c:1e:3c:05:0a:
53:19:9d:e8:aa:d6:39:82:8b:49:b1:e6:cc:f2:3f:
fe:b2:68:ed:7d:50:98:35:8e:da:4b:4a:a1:53:d6:
52:50:5f:96:5c:7c:7b:f0:ac:73:71:bf:2d:85:fc:
6f:5f:75:43:c8:fa:d0:34:98:70:14:b6:83:59:60:
a0:b3:67:8d:dc:2c:aa:9a:3b:a6:59:b6:3f:9f:ac:
9a:27:ad:bd:38:19:b6:82:96:07:c0:06:a6:d5:8d:
5b:a5:d2:ff:4a:ef:80:0a:12:f1:fa:86:dc:bd:eb:
49:2d:5c:85:0f:7d:db:11:b1:4d:a5:5e:ec:c1:ab:
a2:15:a9:72:b2:f0:a8:54:18:31:b5:97:47:28:59:
fe:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:69:66:2D:18:70:DD:5A:FD:E2:54:35:0D:5D:A9:0C:EC:5C:98:17
X509v3 Authority Key Identifier:
keyid:0C:04:8B:5F:81:52:35:C3:93:FE:A7:61:E0:7E:B8:B8:BB:F8:7F:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DASLX4FSNcOT_qdh4H64uLv4f9M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/6d7c1c-8ebd-4246-83f9-5f3cc318f180/1/4GlmLRhw3Vr94lQ1DV2pDOxcmBc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/6d7c1c-8ebd-4246-83f9-5f3cc318f180/1/DASLX4FSNcOT_qdh4H64uLv4f9M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.226.136.0/21
IPv6:
2a00:6a00::/29
Signature Algorithm: sha256WithRSAEncryption
b4:2f:92:82:3a:39:7e:68:d7:5d:48:4f:7f:f1:89:b6:05:25:
ae:f9:4a:57:20:0f:95:de:d0:bf:d5:37:4d:c9:fc:68:6b:87:
78:42:98:7f:4d:31:79:8c:b2:63:40:8a:3a:db:93:d6:9b:f0:
a2:78:f6:03:07:12:24:9b:c6:e4:2b:e6:5a:49:e8:e7:4d:6d:
72:e9:96:e0:39:42:d1:b5:9b:8b:50:1f:86:10:ac:89:26:3c:
69:1a:ed:27:98:e2:9b:b2:a6:aa:5c:4a:d8:b1:f9:7d:fc:67:
cb:69:5e:a7:e4:54:6d:13:9c:72:a1:f7:d9:05:33:f7:e8:0f:
5d:e7:c8:9d:54:82:fd:a7:cd:44:74:22:7e:8f:52:b5:5c:27:
c4:87:6c:66:18:92:c4:b0:10:1e:80:73:c7:d5:78:7b:b5:96:
9a:51:b5:2c:80:f7:44:d4:8e:82:88:e7:5d:94:1d:f9:a0:e3:
63:e3:99:15:05:de:58:f5:37:2a:71:dc:b4:d4:a2:44:5a:c7:
2f:11:4e:06:f0:42:f7:69:78:ef:d9:e9:85:0b:84:8b:51:c3:
dd:2d:a9:49:21:52:3f:e9:af:93:c6:9d:10:66:e3:b2:8a:7d:
d8:f8:d1:d6:bc:aa:4e:10:21:b5:11:13:a5:16:18:be:ba:cc:
e9:ab:78:1f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVt1DKyksla98uwpR28vSBaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjMDQ4YjVmODE1MjM1YzM5M2ZlYTc2MWUwN2ViOGI4YmJm
ODdmZDMwHhcNMjMwMTAxMTQ1NTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDY5NjYyZDE4NzBkZDVhZmRlMjU0MzUwZDVkYTkwY2VjNWM5ODE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgZT0nM6hXq0SBZVqoOVoHT/aHF2v
MH6lRWBMPYDWtO9p6lOuEVtOkJa+wFnc07GyGrXj+uYfYMOKWsXo/s384Q+U5FP9
LEW8j5persUeWZ2USTxBcwkT9oTTvBhYcmyTaMbPxNfZ4jHHfWa9CEm07wJ1DB48
BQpTGZ3oqtY5gotJsebM8j/+smjtfVCYNY7aS0qhU9ZSUF+WXHx78Kxzcb8thfxv
X3VDyPrQNJhwFLaDWWCgs2eN3CyqmjumWbY/n6yaJ629OBm2gpYHwAam1Y1bpdL/
Su+AChLx+obcvetJLVyFD33bEbFNpV7swauiFalysvCoVBgxtZdHKFn+QQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOBpZi0YcN1a/eJUNQ1dqQzsXJgXMB8GA1UdIwQY
MBaAFAwEi1+BUjXDk/6nYeB+uLi7+H/TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREFTTFg0RlNOY09UX3FkaDRINjR1THY0ZjlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My82ZDdjMWMtOGViZC00MjQ2LTgzZjkt
NWYzY2MzMThmMTgwLzEvNEdsbUxSaHczVnI5NGxRMURWMnBET3hjbUJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My82ZDdjMWMtOGViZC00MjQ2LTgzZjktNWYzY2MzMThmMTgw
LzEvREFTTFg0RlNOY09UX3FkaDRINjR1THY0ZjlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDLuKIMA0E
AgACMAcDBQMqAGoAMA0GCSqGSIb3DQEBCwUAA4IBAQC0L5KCOjl+aNddSE9/8Ym2
BSWu+UpXIA+V3tC/1TdNyfxoa4d4Qph/TTF5jLJjQIo625PWm/CiePYDBxIkm8bk
K+ZaSejnTW1y6ZbgOULRtZuLUB+GEKyJJjxpGu0nmOKbsqaqXErYsfl9/GfLaV6n
5FRtE5xyoffZBTP36A9d58idVIL9p81EdCJ+j1K1XCfEh2xmGJLEsBAegHPH1Xh7
tZaaUbUsgPdE1I6CiOddlB35oONj45kVBd5Y9Tcqcdy01KJEWscvEU4G8EL3aXjv
2emFC4SLUcPdLalJIVI/6a+Txp0QZuOyin3Y+NHWvKpOECG1EROlFhi+uszpq3gf
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:03:41 2025 by rpki-client