Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/5a698d-998a-48ba-8dc5-333f0c99279e/1/GlkM56L4V1ArJi5ujZIkL-4jvsw.roa
File: GlkM56L4V1ArJi5ujZIkL-4jvsw.roa (raw, json)
Hash identifier: QmtpqJ/tLPvJrS45eY5AYhG5fJ+BN7Y6sNP0gOII/3c=
Subject key identifier: 1A:59:0C:E7:A2:F8:57:50:2B:26:2E:6E:8D:92:24:2F:EE:23:BE:CC
Certificate issuer: /CN=66f90e75df98afb43019ce750350e769b99fbc13
Certificate serial: 01856F94CDA71DCE43527FA818EE916E904C
Authority key identifier: 66:F9:0E:75:DF:98:AF:B4:30:19:CE:75:03:50:E7:69:B9:9F:BC:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZvkOdd-Yr7QwGc51A1DnabmfvBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/5a698d-998a-48ba-8dc5-333f0c99279e/1/GlkM56L4V1ArJi5ujZIkL-4jvsw.roa
Signing time: Sun 01 Jan 2023 23:05:00 +0000
ROA not before: Sun 01 Jan 2023 23:05:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3356
IP address blocks: 46.23.240.0/20 maxlen: 20
46.23.242.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:94:cd:a7:1d:ce:43:52:7f:a8:18:ee:91:6e:90:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66f90e75df98afb43019ce750350e769b99fbc13
Validity
Not Before: Jan 1 23:05:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1a590ce7a2f857502b262e6e8d92242fee23becc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:df:bd:82:c5:e1:75:4a:bb:fb:30:e8:10:ee:
e7:75:49:64:91:59:9c:7a:b4:d0:43:0d:3e:e4:80:
c2:18:77:ee:c4:df:cf:3f:1c:78:8b:b1:9a:37:30:
da:e7:05:9f:85:17:0e:af:1c:f0:3c:b1:c3:54:dd:
12:f3:92:a5:db:5d:91:f1:0e:a9:48:05:cd:29:de:
b3:b1:ec:70:4d:5a:6d:59:f5:d3:b8:29:de:1c:81:
ce:91:76:79:79:17:b8:bc:8f:8a:77:40:bc:20:c0:
75:3a:d6:6d:c7:38:6f:1f:6f:5f:8d:5c:9b:3c:11:
7c:9c:e3:b1:df:08:f3:72:82:58:97:87:54:6f:6a:
47:dc:50:dd:b0:dc:48:2b:82:35:5a:3d:e5:d2:d0:
c1:81:31:45:45:50:14:d9:f5:3c:b7:44:27:a8:6e:
09:7c:7c:55:e3:66:03:d7:b1:7e:0a:4d:54:79:25:
61:8c:0c:38:fa:59:71:a9:ff:ae:19:33:59:2c:d5:
6a:4f:ad:00:b9:38:66:5f:25:ea:be:8f:08:6b:03:
d7:ef:46:fb:e0:1f:37:47:ce:31:d6:55:15:e6:82:
5d:5f:b1:e1:4b:d4:b0:17:9c:17:35:d7:e2:c2:b1:
bd:48:da:4d:9e:86:0e:d6:1f:54:aa:90:f8:fa:fb:
f9:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:59:0C:E7:A2:F8:57:50:2B:26:2E:6E:8D:92:24:2F:EE:23:BE:CC
X509v3 Authority Key Identifier:
keyid:66:F9:0E:75:DF:98:AF:B4:30:19:CE:75:03:50:E7:69:B9:9F:BC:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZvkOdd-Yr7QwGc51A1DnabmfvBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/5a698d-998a-48ba-8dc5-333f0c99279e/1/GlkM56L4V1ArJi5ujZIkL-4jvsw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/5a698d-998a-48ba-8dc5-333f0c99279e/1/ZvkOdd-Yr7QwGc51A1DnabmfvBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.23.240.0/20
Signature Algorithm: sha256WithRSAEncryption
1b:dc:aa:1d:7e:4a:43:5e:7e:59:73:5b:bd:a4:79:7d:22:65:
29:bb:95:74:68:ad:86:cf:fb:7d:f0:a3:16:40:63:60:44:17:
d1:5d:cb:c3:18:bb:1d:c7:3e:1a:7f:a8:ff:25:b2:f9:3c:20:
d4:01:21:ac:d6:c5:ea:eb:5f:d0:54:eb:b6:1f:16:7c:87:df:
5d:a1:88:7f:0d:bc:b7:13:92:b7:da:75:6e:8b:3e:ea:76:64:
bf:b1:b9:83:41:8d:9f:cf:ab:57:21:88:b5:f8:c9:5b:59:1e:
a3:3b:a4:19:7c:3a:04:31:92:7d:7e:b1:07:3f:b4:15:91:2b:
14:2a:a8:c1:ec:87:b7:16:e3:66:bb:27:70:a6:71:25:e4:d7:
77:f2:ef:b8:d5:d0:4e:bb:5c:42:af:18:16:72:9c:d6:d6:3f:
7d:03:25:a5:c7:13:47:bf:90:26:b6:cb:aa:30:7d:22:1b:38:
84:6b:b9:e5:ea:4c:09:49:c5:f6:25:9c:95:19:5b:9c:74:fa:
29:5a:e8:84:6c:17:52:14:10:57:66:42:ae:1b:cc:67:02:bb:
12:3f:83:8b:82:25:29:e8:21:57:3f:a9:af:f8:ea:1c:37:d2:
21:30:a0:13:9a:82:7d:24:6b:92:0b:bb:41:ae:ac:61:6e:16:
a1:91:91:f7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvlM2nHc5DUn+oGO6RbpBMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZjkwZTc1ZGY5OGFmYjQzMDE5Y2U3NTAzNTBlNzY5Yjk5
ZmJjMTMwHhcNMjMwMTAxMjMwNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTU5MGNlN2EyZjg1NzUwMmIyNjJlNmU4ZDkyMjQyZmVlMjNiZWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2t+9gsXhdUq7+zDoEO7ndUlkkVmc
erTQQw0+5IDCGHfuxN/PPxx4i7GaNzDa5wWfhRcOrxzwPLHDVN0S85Kl212R8Q6p
SAXNKd6zsexwTVptWfXTuCneHIHOkXZ5eRe4vI+Kd0C8IMB1OtZtxzhvH29fjVyb
PBF8nOOx3wjzcoJYl4dUb2pH3FDdsNxIK4I1Wj3l0tDBgTFFRVAU2fU8t0QnqG4J
fHxV42YD17F+Ck1UeSVhjAw4+llxqf+uGTNZLNVqT60AuThmXyXqvo8IawPX70b7
4B83R84x1lUV5oJdX7HhS9SwF5wXNdfiwrG9SNpNnoYO1h9UqpD4+vv5JwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBpZDOei+FdQKyYubo2SJC/uI77MMB8GA1UdIwQY
MBaAFGb5DnXfmK+0MBnOdQNQ52m5n7wTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnZrT2RkLVlyN1F3R2M1MUExRG5hYm1mdkJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS81YTY5OGQtOTk4YS00OGJhLThkYzUt
MzMzZjBjOTkyNzllLzEvR2xrTTU2TDRWMUFySmk1dWpaSWtMLTRqdnN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS81YTY5OGQtOTk4YS00OGJhLThkYzUtMzMzZjBjOTkyNzll
LzEvWnZrT2RkLVlyN1F3R2M1MUExRG5hYm1mdkJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQELhfwMA0G
CSqGSIb3DQEBCwUAA4IBAQAb3KodfkpDXn5Zc1u9pHl9ImUpu5V0aK2Gz/t98KMW
QGNgRBfRXcvDGLsdxz4af6j/JbL5PCDUASGs1sXq61/QVOu2HxZ8h99doYh/Dby3
E5K32nVuiz7qdmS/sbmDQY2fz6tXIYi1+MlbWR6jO6QZfDoEMZJ9frEHP7QVkSsU
KqjB7Ie3FuNmuydwpnEl5Nd38u+41dBOu1xCrxgWcpzW1j99AyWlxxNHv5Amtsuq
MH0iGziEa7nl6kwJScX2JZyVGVucdPopWuiEbBdSFBBXZkKuG8xnArsSP4OLgiUp
6CFXP6mv+OocN9IhMKATmoJ9JGuSC7tBrqxhbhahkZH3
-----END CERTIFICATE-----
Generated at Wed Apr 16 05:09:02 2025 by rpki-client