Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/4ff06f-e97f-4c5a-9da7-7ee090504fba/1/3nQMgh4IC4OmfkImegGxxEl8B8g.roa
File: 3nQMgh4IC4OmfkImegGxxEl8B8g.roa (raw, json)
Hash identifier: 7wjWIfmUEQwqdktXSbYtrzJYJTjPlJ7DNd2YzRs6yYw=
Subject key identifier: DE:74:0C:82:1E:08:0B:83:A6:7E:42:26:7A:01:B1:C4:49:7C:07:C8
Certificate issuer: /CN=a7f00d1bffff3a53e94f867d743d031b922db5b1
Certificate serial: 01856EF8E58BF9890E2FB4E33A750AEB4EBD
Authority key identifier: A7:F0:0D:1B:FF:FF:3A:53:E9:4F:86:7D:74:3D:03:1B:92:2D:B5:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p_ANG___OlPpT4Z9dD0DG5IttbE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/4ff06f-e97f-4c5a-9da7-7ee090504fba/1/3nQMgh4IC4OmfkImegGxxEl8B8g.roa
Signing time: Sun 01 Jan 2023 20:14:43 +0000
ROA not before: Sun 01 Jan 2023 20:14:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201924
IP address blocks: 46.29.2.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:f8:e5:8b:f9:89:0e:2f:b4:e3:3a:75:0a:eb:4e:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7f00d1bffff3a53e94f867d743d031b922db5b1
Validity
Not Before: Jan 1 20:14:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=de740c821e080b83a67e42267a01b1c4497c07c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:38:99:1c:d7:1f:c4:86:b0:93:82:05:5a:ef:
ab:4d:66:23:cb:ed:53:9c:f4:02:a4:f6:85:d1:09:
ff:a8:e4:bf:40:7d:db:68:3d:5e:0a:93:f6:89:58:
ea:6d:5e:32:84:bd:14:77:89:ef:4c:1b:62:74:e3:
5d:6a:35:61:a2:58:4b:d4:a8:80:e3:46:72:8d:38:
5f:04:28:5c:4c:95:03:3a:20:cc:8c:64:95:7a:12:
90:46:de:f2:c1:20:0b:9a:e6:f3:83:63:c5:a9:f8:
a2:75:b6:d6:c1:b8:0b:4a:c8:d5:4d:ef:2d:3b:b0:
41:26:af:f6:7b:76:bf:ba:0a:15:42:5c:c3:fd:0b:
4e:17:6e:63:ad:46:9d:46:9c:3e:f7:c3:80:92:5c:
6e:74:a3:b5:d6:ff:49:24:c9:c0:6d:89:dd:fd:f0:
c0:b9:30:3d:8b:82:48:b2:e9:91:63:e6:3f:1d:7c:
48:9f:8a:8b:1c:85:e8:03:29:69:28:a7:56:cd:e1:
da:0d:6d:c9:4c:fb:f0:bd:47:8a:38:b7:c5:67:88:
df:35:d5:b1:87:85:ce:30:0c:2b:39:e3:b8:c5:ec:
8a:23:89:a7:d3:04:fd:d0:3b:2b:15:df:98:00:93:
d9:a2:28:8c:88:dd:37:32:00:4b:e3:03:b8:18:cb:
7f:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:74:0C:82:1E:08:0B:83:A6:7E:42:26:7A:01:B1:C4:49:7C:07:C8
X509v3 Authority Key Identifier:
keyid:A7:F0:0D:1B:FF:FF:3A:53:E9:4F:86:7D:74:3D:03:1B:92:2D:B5:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p_ANG___OlPpT4Z9dD0DG5IttbE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/4ff06f-e97f-4c5a-9da7-7ee090504fba/1/3nQMgh4IC4OmfkImegGxxEl8B8g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/4ff06f-e97f-4c5a-9da7-7ee090504fba/1/p_ANG___OlPpT4Z9dD0DG5IttbE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.29.2.0/24
Signature Algorithm: sha256WithRSAEncryption
85:8b:70:40:a4:1d:c2:a6:b8:2b:0a:2d:ec:bc:56:ac:d9:88:
14:97:20:84:d0:df:ca:87:08:07:c0:e3:d3:27:4c:1a:36:14:
06:e5:63:26:81:27:0b:2f:80:ae:4b:6b:a4:27:b7:91:25:f1:
ae:cb:d5:2c:19:59:d1:b2:04:43:c5:45:10:c0:cb:61:62:f6:
15:14:a0:ae:c9:4c:7c:9b:49:d2:a4:d7:b9:5e:00:44:f8:82:
f9:ff:60:1a:58:00:f5:f4:db:74:56:3a:f2:a5:7d:33:38:ee:
97:e3:e6:b4:9a:c7:94:2b:52:8b:d0:f0:0a:b4:89:ae:14:0c:
c1:fb:47:52:1f:71:da:30:f5:87:e8:96:92:51:b2:78:32:0f:
6c:30:0d:1d:96:99:d6:b7:0c:ae:fd:5d:b5:aa:f4:b9:66:eb:
65:be:1b:0c:6e:70:bf:80:34:45:ab:4e:1d:39:83:f0:5d:4e:
f3:9f:06:ea:29:97:f0:54:5b:27:34:48:8a:64:f2:6c:b4:ce:
7a:76:db:22:9b:83:27:1c:27:43:8a:31:17:46:79:ca:68:a3:
84:c4:2f:03:b5:c7:9f:89:ce:0d:63:d3:d0:68:c0:e5:47:d4:
76:3d:ff:64:8f:88:6d:76:6c:61:12:89:b9:89:a7:fc:dd:a6:
f2:51:b4:fd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVu+OWL+YkOL7TjOnUK6069MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3ZjAwZDFiZmZmZjNhNTNlOTRmODY3ZDc0M2QwMzFiOTIy
ZGI1YjEwHhcNMjMwMTAxMjAxNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTc0MGM4MjFlMDgwYjgzYTY3ZTQyMjY3YTAxYjFjNDQ5N2MwN2M4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmTiZHNcfxIawk4IFWu+rTWYjy+1T
nPQCpPaF0Qn/qOS/QH3baD1eCpP2iVjqbV4yhL0Ud4nvTBtidONdajVholhL1KiA
40ZyjThfBChcTJUDOiDMjGSVehKQRt7ywSALmubzg2PFqfiidbbWwbgLSsjVTe8t
O7BBJq/2e3a/ugoVQlzD/QtOF25jrUadRpw+98OAklxudKO11v9JJMnAbYnd/fDA
uTA9i4JIsumRY+Y/HXxIn4qLHIXoAylpKKdWzeHaDW3JTPvwvUeKOLfFZ4jfNdWx
h4XOMAwrOeO4xeyKI4mn0wT90DsrFd+YAJPZoiiMiN03MgBL4wO4GMt/6QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN50DIIeCAuDpn5CJnoBscRJfAfIMB8GA1UdIwQY
MBaAFKfwDRv//zpT6U+GfXQ9AxuSLbWxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcF9BTkdfX19PbFBwVDRaOWREMERHNUl0dGJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi80ZmYwNmYtZTk3Zi00YzVhLTlkYTct
N2VlMDkwNTA0ZmJhLzEvM25RTWdoNElDNE9tZmtJbWVnR3h4RWw4QjhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi80ZmYwNmYtZTk3Zi00YzVhLTlkYTctN2VlMDkwNTA0ZmJh
LzEvcF9BTkdfX19PbFBwVDRaOWREMERHNUl0dGJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALh0CMA0G
CSqGSIb3DQEBCwUAA4IBAQCFi3BApB3CprgrCi3svFas2YgUlyCE0N/KhwgHwOPT
J0waNhQG5WMmgScLL4CuS2ukJ7eRJfGuy9UsGVnRsgRDxUUQwMthYvYVFKCuyUx8
m0nSpNe5XgBE+IL5/2AaWAD19Nt0VjrypX0zOO6X4+a0mseUK1KL0PAKtImuFAzB
+0dSH3HaMPWH6JaSUbJ4Mg9sMA0dlpnWtwyu/V21qvS5ZutlvhsMbnC/gDRFq04d
OYPwXU7znwbqKZfwVFsnNEiKZPJstM56dtsim4MnHCdDijEXRnnKaKOExC8Dtcef
ic4NY9PQaMDlR9R2Pf9kj4htdmxhEom5iaf83abyUbT9
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:19:43 2025 by rpki-client