Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/b24b2d-3523-422e-9bcf-3671d67eb9f8/1/0NHqI-TQIWFWbHPvuRvJ1X8i7_Y.roa
File: 0NHqI-TQIWFWbHPvuRvJ1X8i7_Y.roa (raw, json)
Hash identifier: 8BVykgpsbvQ49U2xUcr936zYvmLX8dvNwcCRzIu+TSw=
Subject key identifier: D0:D1:EA:23:E4:D0:21:61:56:6C:73:EF:B9:1B:C9:D5:7F:22:EF:F6
Certificate issuer: /CN=d4375814344df0bf6d017733acdc488f002631b2
Certificate serial: 018535CF8566C8BC906D4C2F59F261A08BA6
Authority key identifier: D4:37:58:14:34:4D:F0:BF:6D:01:77:33:AC:DC:48:8F:00:26:31:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1DdYFDRN8L9tAXczrNxIjwAmMbI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/b24b2d-3523-422e-9bcf-3671d67eb9f8/1/0NHqI-TQIWFWbHPvuRvJ1X8i7_Y.roa
Signing time: Wed 21 Dec 2022 17:51:10 +0000
ROA not before: Wed 21 Dec 2022 17:51:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 400509
IP address blocks: 46.8.195.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:35:cf:85:66:c8:bc:90:6d:4c:2f:59:f2:61:a0:8b:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4375814344df0bf6d017733acdc488f002631b2
Validity
Not Before: Dec 21 17:51:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d0d1ea23e4d02161566c73efb91bc9d57f22eff6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:25:fd:17:05:18:aa:bd:67:6b:36:91:79:65:
81:ed:20:7a:a4:ce:ee:f2:50:b8:34:8a:e9:61:7c:
85:4b:b9:b7:43:cf:13:1a:32:66:88:3a:c9:7c:bf:
3c:83:57:cc:c0:38:40:81:42:9e:69:0e:1e:9a:2b:
a8:42:2e:c5:53:7f:5d:51:3b:23:1b:81:e8:9c:0a:
54:87:32:a9:13:fd:8a:a6:51:16:49:0d:f0:94:d2:
cb:b1:22:ce:3c:7d:ae:8e:2e:77:e0:5d:c8:32:8b:
58:59:53:e9:af:92:74:7d:48:30:0b:a7:27:43:a9:
22:a3:3b:c2:69:73:2a:1b:d2:a0:e4:3f:d1:c1:42:
aa:64:91:2f:47:9a:2f:93:64:9f:21:93:ea:32:4c:
70:05:31:bf:b9:b2:54:27:b1:12:78:75:a4:58:26:
70:21:af:49:22:52:df:cb:81:b2:fa:0d:82:e0:75:
82:7c:d6:3e:6d:a1:9c:4d:3e:b4:26:a4:66:bc:cc:
1b:97:a6:f3:88:5d:e1:5e:b1:bc:51:64:18:9f:cf:
7c:bc:bc:b4:4f:92:33:70:6c:db:9e:2a:46:5a:4d:
74:84:55:1f:0e:73:a3:7f:95:66:1b:d9:6b:e6:b6:
8c:fd:95:34:e4:23:ab:de:54:2c:0c:23:04:14:89:
6c:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:D1:EA:23:E4:D0:21:61:56:6C:73:EF:B9:1B:C9:D5:7F:22:EF:F6
X509v3 Authority Key Identifier:
keyid:D4:37:58:14:34:4D:F0:BF:6D:01:77:33:AC:DC:48:8F:00:26:31:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1DdYFDRN8L9tAXczrNxIjwAmMbI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/b24b2d-3523-422e-9bcf-3671d67eb9f8/1/0NHqI-TQIWFWbHPvuRvJ1X8i7_Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/b24b2d-3523-422e-9bcf-3671d67eb9f8/1/1DdYFDRN8L9tAXczrNxIjwAmMbI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.8.195.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:7d:0d:3a:e7:da:17:09:4b:9c:c1:74:4d:b2:69:f3:d5:c9:
a1:c4:2a:63:5d:34:bb:71:06:d4:be:6b:cd:91:95:4d:18:aa:
92:f4:7c:4d:ae:97:19:48:93:d4:93:40:b3:13:5c:23:12:76:
c1:7d:b9:28:a6:6a:aa:96:1d:34:ba:1f:8f:0f:69:df:f6:e0:
b5:ff:5c:df:a9:ab:12:95:ee:97:b8:b6:50:0b:03:c9:41:fd:
66:8a:0c:13:67:f8:ac:ed:55:94:dc:50:bc:02:6c:3e:e6:71:
49:2e:11:f6:eb:87:de:36:4d:72:c4:6b:d1:e2:62:dd:1e:3a:
0c:c8:7c:74:cc:2a:af:6f:e4:57:ec:a7:4b:0e:5f:01:29:3e:
b1:67:6d:28:83:86:67:1e:a9:15:a2:01:db:89:3a:6b:29:e6:
2c:c2:b0:fc:b0:81:3e:38:e4:46:5a:f7:e9:de:61:1d:65:a9:
87:d5:8e:a9:d4:12:e2:52:d8:82:46:0e:9e:8c:14:95:eb:77:
aa:1a:e7:ce:00:f5:5d:a5:a5:bc:54:40:28:cf:91:d0:47:c2:
ca:a1:00:f5:e5:9c:5a:40:b5:50:c2:2c:e1:18:06:4c:89:13:
f3:bd:25:bf:1a:e3:91:bf:ab:be:9a:d0:76:6c:c9:83:8b:89:
f9:fd:48:bd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYU1z4VmyLyQbUwvWfJhoIumMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0Mzc1ODE0MzQ0ZGYwYmY2ZDAxNzczM2FjZGM0ODhmMDAy
NjMxYjIwHhcNMjIxMjIxMTc1MTEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGQxZWEyM2U0ZDAyMTYxNTY2YzczZWZiOTFiYzlkNTdmMjJlZmY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArCX9FwUYqr1nazaReWWB7SB6pM7u
8lC4NIrpYXyFS7m3Q88TGjJmiDrJfL88g1fMwDhAgUKeaQ4emiuoQi7FU39dUTsj
G4HonApUhzKpE/2KplEWSQ3wlNLLsSLOPH2uji534F3IMotYWVPpr5J0fUgwC6cn
Q6kiozvCaXMqG9Kg5D/RwUKqZJEvR5ovk2SfIZPqMkxwBTG/ubJUJ7ESeHWkWCZw
Ia9JIlLfy4Gy+g2C4HWCfNY+baGcTT60JqRmvMwbl6bziF3hXrG8UWQYn898vLy0
T5IzcGzbnipGWk10hFUfDnOjf5VmG9lr5raM/ZU05COr3lQsDCMEFIlsjwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNDR6iPk0CFhVmxz77kbydV/Iu/2MB8GA1UdIwQY
MBaAFNQ3WBQ0TfC/bQF3M6zcSI8AJjGyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMURkWUZEUk44TDl0QVhjenJOeElqd0FtTWJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC9iMjRiMmQtMzUyMy00MjJlLTliY2Yt
MzY3MWQ2N2ViOWY4LzEvME5IcUktVFFJV0ZXYkhQdnVSdkoxWDhpN19ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC9iMjRiMmQtMzUyMy00MjJlLTliY2YtMzY3MWQ2N2ViOWY4
LzEvMURkWUZEUk44TDl0QVhjenJOeElqd0FtTWJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALgjDMA0G
CSqGSIb3DQEBCwUAA4IBAQAMfQ0659oXCUucwXRNsmnz1cmhxCpjXTS7cQbUvmvN
kZVNGKqS9HxNrpcZSJPUk0CzE1wjEnbBfbkopmqqlh00uh+PD2nf9uC1/1zfqasS
le6XuLZQCwPJQf1migwTZ/is7VWU3FC8Amw+5nFJLhH264feNk1yxGvR4mLdHjoM
yHx0zCqvb+RX7KdLDl8BKT6xZ20og4ZnHqkVogHbiTprKeYswrD8sIE+OORGWvfp
3mEdZamH1Y6p1BLiUtiCRg6ejBSV63eqGufOAPVdpaW8VEAoz5HQR8LKoQD15Zxa
QLVQwizhGAZMiRPzvSW/GuORv6u+mtB2bMmDi4n5/Ui9
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:41:35 2025 by rpki-client