Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/a5ce7e-7d1d-48ef-8f36-0b740a36a8ee/1/lK9VmpJnwleq1x-rJxgKcDYBjyw.roa
File: lK9VmpJnwleq1x-rJxgKcDYBjyw.roa (raw, json)
Hash identifier: KT/ikvTrPMwmLa8zemAKcuqUk+zB9OtxnAZIclXxbAU=
Subject key identifier: 94:AF:55:9A:92:67:C2:57:AA:D7:1F:AB:27:18:0A:70:36:01:8F:2C
Certificate issuer: /CN=72c6460b4fb1ef46bc7457ff0cf463bdc4e03fa9
Certificate serial: 018963ECD04CFE931F1D5D595CA47DC50335
Authority key identifier: 72:C6:46:0B:4F:B1:EF:46:BC:74:57:FF:0C:F4:63:BD:C4:E0:3F:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/csZGC0-x70a8dFf_DPRjvcTgP6k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/a5ce7e-7d1d-48ef-8f36-0b740a36a8ee/1/lK9VmpJnwleq1x-rJxgKcDYBjyw.roa
Signing time: Mon 17 Jul 2023 12:56:51 +0000
ROA not before: Mon 17 Jul 2023 12:56:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57344
IP address blocks: 46.253.134.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:63:ec:d0:4c:fe:93:1f:1d:5d:59:5c:a4:7d:c5:03:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72c6460b4fb1ef46bc7457ff0cf463bdc4e03fa9
Validity
Not Before: Jul 17 12:56:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=94af559a9267c257aad71fab27180a7036018f2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:9e:ca:d1:e1:10:6e:9f:ee:6c:4c:24:fa:62:
c4:f6:dd:30:8e:69:7a:b5:f0:79:63:00:42:5e:96:
21:02:59:c6:ac:4c:34:4c:c8:54:8e:82:71:10:6b:
6a:73:0a:32:09:9e:cc:4d:94:39:4c:c5:c6:f7:b8:
a2:31:dd:e6:c6:51:8f:eb:3d:21:15:14:c9:76:a3:
b8:fb:a7:ed:0b:39:02:7a:62:b8:a2:28:0a:2e:99:
6d:04:f8:d3:23:a1:e7:bf:91:15:6b:27:1e:e1:1c:
f8:2d:7c:c9:08:71:c5:0d:80:75:89:f4:68:24:f4:
0c:0a:38:63:55:e2:8d:12:ac:dd:ec:9e:2b:50:f8:
69:0a:89:1e:e7:41:04:71:fe:7a:48:b8:22:6c:f8:
24:f0:52:6f:55:b3:26:db:a2:cd:f0:99:50:40:35:
d1:c4:75:98:1a:4e:2b:3c:8b:4b:84:24:03:ae:6f:
ba:29:35:0e:e6:5b:a9:04:7f:ad:b3:7f:fe:07:13:
e8:ed:e1:7e:2e:e9:10:3f:68:cb:c6:41:cc:10:58:
dc:b7:82:a3:8f:ac:4f:6c:d2:e7:13:7e:da:ed:40:
fa:67:51:c5:25:26:29:cb:31:c4:15:a8:f1:d8:8b:
28:1c:e8:8f:7a:b0:1f:21:e0:08:dc:17:af:c1:90:
96:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:AF:55:9A:92:67:C2:57:AA:D7:1F:AB:27:18:0A:70:36:01:8F:2C
X509v3 Authority Key Identifier:
keyid:72:C6:46:0B:4F:B1:EF:46:BC:74:57:FF:0C:F4:63:BD:C4:E0:3F:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/csZGC0-x70a8dFf_DPRjvcTgP6k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/a5ce7e-7d1d-48ef-8f36-0b740a36a8ee/1/lK9VmpJnwleq1x-rJxgKcDYBjyw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/a5ce7e-7d1d-48ef-8f36-0b740a36a8ee/1/csZGC0-x70a8dFf_DPRjvcTgP6k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.253.134.0/24
Signature Algorithm: sha256WithRSAEncryption
10:77:51:2b:a0:39:e0:a4:93:45:c8:7b:0a:f8:66:7a:71:e0:
36:f8:12:8d:de:d3:73:80:73:88:71:72:44:08:fb:43:d7:05:
29:2c:e7:39:1b:cd:ae:66:68:58:cc:bc:1d:8e:ed:73:8a:bc:
c2:a8:5e:cc:e0:5c:3a:46:0e:5d:87:ac:28:9e:07:c0:45:db:
bb:98:c8:28:d1:33:6a:75:b0:e8:9d:69:a1:59:d4:cd:e8:f8:
99:46:ba:52:6f:1d:82:95:8f:c5:c0:f1:f4:8f:1c:73:c9:dc:
fd:4d:4b:54:4f:78:14:c6:21:87:af:7f:5c:7d:e1:27:0b:0a:
ab:93:a7:2e:26:f4:49:0a:52:46:a2:52:51:54:9b:88:34:9d:
28:39:24:ab:2b:1a:d7:aa:16:28:1f:ba:e2:95:7a:5f:5b:ef:
52:fd:26:12:d4:45:3e:38:02:32:21:d3:b4:d6:30:3a:b4:71:
eb:2c:e0:43:9a:7b:9e:e3:6d:27:23:0d:d8:ee:cf:d7:b1:74:
3a:9c:62:7c:28:0f:b3:38:3c:f4:ec:71:ed:d1:32:f5:9d:eb:
c8:12:22:9c:ae:ef:4c:b4:2c:bc:44:1a:92:be:fb:80:39:6e:
ca:b2:df:b6:ba:68:22:32:25:41:d8:7d:e4:4c:11:ed:9f:54:
f8:f1:7b:33
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYlj7NBM/pMfHV1ZXKR9xQM1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYzY0NjBiNGZiMWVmNDZiYzc0NTdmZjBjZjQ2M2JkYzRl
MDNmYTkwHhcNMjMwNzE3MTI1NjUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGFmNTU5YTkyNjdjMjU3YWFkNzFmYWIyNzE4MGE3MDM2MDE4ZjJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgp7K0eEQbp/ubEwk+mLE9t0wjml6
tfB5YwBCXpYhAlnGrEw0TMhUjoJxEGtqcwoyCZ7MTZQ5TMXG97iiMd3mxlGP6z0h
FRTJdqO4+6ftCzkCemK4oigKLpltBPjTI6Hnv5EVayce4Rz4LXzJCHHFDYB1ifRo
JPQMCjhjVeKNEqzd7J4rUPhpCoke50EEcf56SLgibPgk8FJvVbMm26LN8JlQQDXR
xHWYGk4rPItLhCQDrm+6KTUO5lupBH+ts3/+BxPo7eF+LukQP2jLxkHMEFjct4Kj
j6xPbNLnE37a7UD6Z1HFJSYpyzHEFajx2IsoHOiPerAfIeAI3BevwZCWLwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJSvVZqSZ8JXqtcfqycYCnA2AY8sMB8GA1UdIwQY
MBaAFHLGRgtPse9GvHRX/wz0Y73E4D+pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3NaR0MwLXg3MGE4ZEZmX0RQUmp2Y1RnUDZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS9hNWNlN2UtN2QxZC00OGVmLThmMzYt
MGI3NDBhMzZhOGVlLzEvbEs5Vm1wSm53bGVxMXgtckp4Z0tjRFlCanl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS9hNWNlN2UtN2QxZC00OGVmLThmMzYtMGI3NDBhMzZhOGVl
LzEvY3NaR0MwLXg3MGE4ZEZmX0RQUmp2Y1RnUDZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALv2GMA0G
CSqGSIb3DQEBCwUAA4IBAQAQd1EroDngpJNFyHsK+GZ6ceA2+BKN3tNzgHOIcXJE
CPtD1wUpLOc5G82uZmhYzLwdju1zirzCqF7M4Fw6Rg5dh6wongfARdu7mMgo0TNq
dbDonWmhWdTN6PiZRrpSbx2ClY/FwPH0jxxzydz9TUtUT3gUxiGHr39cfeEnCwqr
k6cuJvRJClJGolJRVJuINJ0oOSSrKxrXqhYoH7rilXpfW+9S/SYS1EU+OAIyIdO0
1jA6tHHrLOBDmnue420nIw3Y7s/XsXQ6nGJ8KA+zODz07HHt0TL1nevIEiKcru9M
tCy8RBqSvvuAOW7Kst+2umgiMiVB2H3kTBHtn1T48Xsz
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:05:31 2025 by rpki-client