Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/403ec4-266e-4ea4-ba3a-4fdc48da8f33/1/fpkTmhArIJEYX6FV4-dV6_5smdc.roa
File: fpkTmhArIJEYX6FV4-dV6_5smdc.roa (raw, json)
Hash identifier: sSu1MyOeXFM2imfZJukkI0vOmixPCC0YAWdc43QsZa4=
Subject key identifier: 7E:99:13:9A:10:2B:20:91:18:5F:A1:55:E3:E7:55:EB:FE:6C:99:D7
Certificate issuer: /CN=23d8f620999506cc86d7548ea7282bb129f02d68
Certificate serial: 0342BDBB
Authority key identifier: 23:D8:F6:20:99:95:06:CC:86:D7:54:8E:A7:28:2B:B1:29:F0:2D:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I9j2IJmVBsyG11SOpygrsSnwLWg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/403ec4-266e-4ea4-ba3a-4fdc48da8f33/1/fpkTmhArIJEYX6FV4-dV6_5smdc.roa
Signing time: Thu 10 Feb 2022 09:50:11 +0000
ROA not before: Thu 10 Feb 2022 09:50:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16509
IP address blocks: 46.227.42.0/24 maxlen: 24
185.31.204.0/24 maxlen: 24
46.227.41.0/24 maxlen: 24
46.227.40.0/24 maxlen: 24
46.227.44.0/24 maxlen: 24
185.31.206.0/24 maxlen: 24
46.227.43.0/24 maxlen: 24
185.31.205.0/24 maxlen: 24
185.31.207.0/24 maxlen: 24
46.227.45.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 54705595 (0x342bdbb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23d8f620999506cc86d7548ea7282bb129f02d68
Validity
Not Before: Feb 10 09:50:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7e99139a102b2091185fa155e3e755ebfe6c99d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:ec:17:4e:45:80:bd:cd:4c:f7:d8:b9:fb:f6:
1b:78:49:8a:3a:a3:68:9c:5a:82:ef:f3:26:b4:dc:
15:c3:cb:70:df:d1:64:20:21:69:74:09:b3:d7:8f:
e1:79:e3:d4:84:1a:37:a5:b4:4e:28:73:f6:6b:02:
7c:b9:54:b9:7c:75:a2:25:e0:d0:48:ed:97:78:77:
f2:ef:78:8c:64:64:48:b9:fb:c8:77:89:22:21:08:
da:df:af:86:a9:b7:e1:d6:98:a6:4f:40:52:cb:8b:
0d:31:45:32:1e:2e:77:0f:1c:05:7b:0c:17:d6:13:
d5:21:eb:c7:3e:f7:b9:0f:56:fa:21:98:5d:ef:e5:
b3:87:cc:01:79:94:0c:b8:71:25:bb:53:30:0a:ba:
d1:24:4e:66:f5:70:a0:a6:e4:16:4a:6e:a3:48:56:
17:f6:79:34:2d:f7:b9:03:23:86:61:b0:08:a2:ef:
63:30:7c:69:54:22:e3:f2:26:a5:20:68:8a:26:11:
96:21:82:cc:a2:4d:b7:54:1e:78:83:c7:5d:56:62:
77:e8:a6:0f:d7:76:75:db:1a:51:ed:c5:5a:08:83:
dd:dc:98:1a:c2:b1:ba:60:4b:74:ea:84:86:29:9a:
c1:0d:ae:8d:48:ef:b4:74:12:d4:30:bf:f7:e7:ac:
36:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:99:13:9A:10:2B:20:91:18:5F:A1:55:E3:E7:55:EB:FE:6C:99:D7
X509v3 Authority Key Identifier:
keyid:23:D8:F6:20:99:95:06:CC:86:D7:54:8E:A7:28:2B:B1:29:F0:2D:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I9j2IJmVBsyG11SOpygrsSnwLWg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/403ec4-266e-4ea4-ba3a-4fdc48da8f33/1/fpkTmhArIJEYX6FV4-dV6_5smdc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/403ec4-266e-4ea4-ba3a-4fdc48da8f33/1/I9j2IJmVBsyG11SOpygrsSnwLWg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.227.40.0-46.227.45.255
185.31.204.0/22
Signature Algorithm: sha256WithRSAEncryption
2e:89:26:66:62:64:37:5c:64:a3:41:fc:44:34:83:e5:25:fa:
b8:48:2c:35:07:76:9c:b9:96:30:e3:ee:0b:09:36:d4:27:89:
f6:c2:7d:bb:67:3c:de:82:a8:97:7d:29:00:ed:35:56:c0:30:
db:51:c7:f3:77:8c:13:43:9a:8c:87:c1:2d:37:9a:ff:31:7c:
e6:e6:d6:f5:7e:5f:49:39:b1:65:b2:d8:e7:21:55:b2:d0:03:
e0:b7:b1:79:33:e8:07:95:cc:5c:b1:c2:16:cb:44:36:70:c2:
be:e5:a4:33:9a:cf:01:fe:f7:59:e7:23:61:1d:03:2b:be:31:
ac:fd:9e:a3:29:f6:a5:b6:28:78:1c:fd:72:30:4c:3d:3c:5e:
8f:81:00:7c:53:50:b4:2b:71:e1:c8:9a:4e:60:d2:6a:45:0d:
0c:b4:93:df:d5:31:52:25:36:bb:a7:f5:3c:57:6b:df:78:00:
d5:47:71:42:3b:97:c4:05:c1:1c:07:bb:9c:9e:14:6a:8a:fa:
9e:78:5b:f8:4a:a0:96:cd:4f:d2:40:06:44:52:93:4d:a4:bb:
f8:0e:cd:f8:76:7b:b2:5f:e9:2a:aa:b5:44:54:5e:b7:29:f3:
37:22:31:17:d3:c0:e3:c8:82:16:e5:55:eb:f2:40:41:6c:09:
b5:38:24:11
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIEA0K9uzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
M2Q4ZjYyMDk5OTUwNmNjODZkNzU0OGVhNzI4MmJiMTI5ZjAyZDY4MB4XDTIyMDIx
MDA5NTAxMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2U5OTEzOWExMDJi
MjA5MTE4NWZhMTU1ZTNlNzU1ZWJmZTZjOTlkNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN3sF05FgL3NTPfYufv2G3hJijqjaJxagu/zJrTcFcPLcN/R
ZCAhaXQJs9eP4Xnj1IQaN6W0Tihz9msCfLlUuXx1oiXg0Ejtl3h38u94jGRkSLn7
yHeJIiEI2t+vhqm34daYpk9AUsuLDTFFMh4udw8cBXsMF9YT1SHrxz73uQ9W+iGY
Xe/ls4fMAXmUDLhxJbtTMAq60SROZvVwoKbkFkpuo0hWF/Z5NC33uQMjhmGwCKLv
YzB8aVQi4/ImpSBoiiYRliGCzKJNt1QeeIPHXVZid+imD9d2ddsaUe3FWgiD3dyY
GsKxumBLdOqEhimawQ2ujUjvtHQS1DC/9+esNgsCAwEAAaOCAhcwggITMB0GA1Ud
DgQWBBR+mROaECsgkRhfoVXj51Xr/myZ1zAfBgNVHSMEGDAWgBQj2PYgmZUGzIbX
VI6nKCuxKfAtaDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0k5ajJJSm1WQnN5RzExU09weWdyc1Nud0xXZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmEvNDAzZWM0LTI2NmUtNGVhNC1iYTNhLTRmZGM0OGRhOGYzMy8x
L2Zwa1RtaEFySUpFWVg2RlY0LWRWNl81c21kYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmEv
NDAzZWM0LTI2NmUtNGVhNC1iYTNhLTRmZGM0OGRhOGYzMy8xL0k5ajJJSm1WQnN5
RzExU09weWdyc1Nud0xXZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAt
BggrBgEFBQcBBwEB/wQeMBwwGgQCAAEwFDAMAwQDLuMoAwQBLuMsAwQCuR/MMA0G
CSqGSIb3DQEBCwUAA4IBAQAuiSZmYmQ3XGSjQfxENIPlJfq4SCw1B3acuZYw4+4L
CTbUJ4n2wn27ZzzegqiXfSkA7TVWwDDbUcfzd4wTQ5qMh8EtN5r/MXzm5tb1fl9J
ObFlstjnIVWy0APgt7F5M+gHlcxcscIWy0Q2cMK+5aQzms8B/vdZ5yNhHQMrvjGs
/Z6jKfaltih4HP1yMEw9PF6PgQB8U1C0K3HhyJpOYNJqRQ0MtJPf1TFSJTa7p/U8
V2vfeADVR3FCO5fEBcEcB7ucnhRqivqeeFv4SqCWzU/SQAZEUpNNpLv4Ds34dnuy
X+kqqrVEVF63KfM3IjEX08DjyIIW5VXr8kBBbAm1OCQR
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:23:09 2025 by rpki-client