Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/b24b2d-3523-422e-9bcf-3671d67eb9f8/1/CHv7dGpYF6Z_8tXWdSCamADLY_0.roa
File: CHv7dGpYF6Z_8tXWdSCamADLY_0.roa (raw, json)
Hash identifier: 5NjLJxJYF/WLykmuV8Y2SzQOfFpJ5xUPuN+oPwCQmKA=
Subject key identifier: 08:7B:FB:74:6A:58:17:A6:7F:F2:D5:D6:75:20:9A:98:00:CB:63:FD
Certificate issuer: /CN=d4375814344df0bf6d017733acdc488f002631b2
Certificate serial: 01856F94B14ECD4174D0E9BC27D1AEB13B27
Authority key identifier: D4:37:58:14:34:4D:F0:BF:6D:01:77:33:AC:DC:48:8F:00:26:31:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1DdYFDRN8L9tAXczrNxIjwAmMbI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/b24b2d-3523-422e-9bcf-3671d67eb9f8/1/CHv7dGpYF6Z_8tXWdSCamADLY_0.roa
Signing time: Sun 01 Jan 2023 23:04:53 +0000
ROA not before: Sun 01 Jan 2023 23:04:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 136520
IP address blocks: 46.8.202.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:94:b1:4e:cd:41:74:d0:e9:bc:27:d1:ae:b1:3b:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4375814344df0bf6d017733acdc488f002631b2
Validity
Not Before: Jan 1 23:04:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=087bfb746a5817a67ff2d5d675209a9800cb63fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:28:5f:ac:80:88:0b:83:0e:ad:9a:51:00:a3:
84:f5:64:9b:a6:28:5d:3b:e1:c2:7a:a9:69:71:8c:
a3:9f:4b:7e:ea:2a:7d:82:d3:ca:60:b7:9b:e9:55:
c4:26:45:a2:0a:9a:1f:44:f4:96:fe:95:3c:d7:a9:
67:2c:f9:ef:18:60:4e:44:73:44:73:0f:35:48:cc:
cb:1f:76:5e:f8:db:86:46:2a:e4:a2:a6:af:bc:c7:
e5:00:39:9e:fb:a1:41:de:af:17:22:01:7a:5f:85:
c1:98:1e:5a:dc:32:e7:6b:6b:12:54:1c:9b:8f:c0:
ec:ae:3a:a6:af:41:2f:db:d9:89:b8:26:2b:cb:14:
a8:05:f0:6f:c1:fc:30:f2:72:40:87:7c:33:2b:2d:
ee:22:cb:0e:26:ab:17:01:5f:c3:5d:9c:a7:8c:7a:
cc:f3:8a:2c:1a:a0:3b:84:37:65:23:85:fa:b4:21:
25:49:c5:94:35:0e:be:4c:d5:9f:01:ad:25:8e:f4:
df:55:70:cf:c4:25:86:3e:f1:88:2b:67:ae:d0:ee:
88:be:74:a9:2e:97:b0:17:80:c5:ca:44:0b:25:2a:
eb:2e:3e:cc:54:e0:14:20:4a:d2:c8:28:f8:8d:87:
05:29:c7:0f:77:42:30:3f:8b:64:84:b0:22:19:e7:
a1:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:7B:FB:74:6A:58:17:A6:7F:F2:D5:D6:75:20:9A:98:00:CB:63:FD
X509v3 Authority Key Identifier:
keyid:D4:37:58:14:34:4D:F0:BF:6D:01:77:33:AC:DC:48:8F:00:26:31:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1DdYFDRN8L9tAXczrNxIjwAmMbI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/b24b2d-3523-422e-9bcf-3671d67eb9f8/1/CHv7dGpYF6Z_8tXWdSCamADLY_0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/b24b2d-3523-422e-9bcf-3671d67eb9f8/1/1DdYFDRN8L9tAXczrNxIjwAmMbI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.8.202.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:33:29:1b:43:6e:77:03:45:79:19:9b:b5:5b:29:6f:04:2d:
97:df:55:cd:96:ea:12:5a:a0:4a:6d:b7:f4:80:d4:9d:eb:8b:
62:7a:46:e1:c9:e4:d8:b6:3f:59:c7:83:75:36:1a:d8:fc:5c:
87:c5:bc:0d:09:19:90:ae:02:2b:19:b0:42:28:01:a3:36:ba:
5c:85:4a:3e:96:b7:51:08:28:ea:4e:0f:fa:f1:df:4d:cc:40:
61:13:bb:10:60:ca:47:07:14:95:d6:10:54:1b:98:2a:d7:5f:
20:31:df:4c:d2:fa:84:d6:ee:3a:f0:a9:7b:b4:0d:23:47:bf:
b2:dc:c3:52:d4:09:bb:a0:29:bc:b1:2e:56:5b:6e:ff:69:df:
0d:f8:32:4a:8d:ae:1b:00:b3:25:31:a1:17:1b:42:77:ae:f0:
1e:87:dd:6c:d3:2a:5d:c4:9c:b1:16:49:d7:18:a4:9c:94:5f:
cb:2e:72:1a:54:a4:fd:0a:c8:63:b4:ee:ca:b3:50:41:f0:63:
f6:39:4e:6f:f8:b6:e6:7b:cb:65:11:59:b0:36:92:b3:75:d0:
5c:f3:94:64:7b:0a:f1:38:31:be:6b:46:43:03:3b:78:6e:33:
bf:a0:5c:2c:59:ee:ca:f8:25:78:e9:cf:95:94:18:8e:c6:6d:
e3:83:0e:e9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvlLFOzUF00Om8J9GusTsnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0Mzc1ODE0MzQ0ZGYwYmY2ZDAxNzczM2FjZGM0ODhmMDAy
NjMxYjIwHhcNMjMwMTAxMjMwNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODdiZmI3NDZhNTgxN2E2N2ZmMmQ1ZDY3NTIwOWE5ODAwY2I2M2ZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqihfrICIC4MOrZpRAKOE9WSbpihd
O+HCeqlpcYyjn0t+6ip9gtPKYLeb6VXEJkWiCpofRPSW/pU816lnLPnvGGBORHNE
cw81SMzLH3Ze+NuGRirkoqavvMflADme+6FB3q8XIgF6X4XBmB5a3DLna2sSVByb
j8Dsrjqmr0Ev29mJuCYryxSoBfBvwfww8nJAh3wzKy3uIssOJqsXAV/DXZynjHrM
84osGqA7hDdlI4X6tCElScWUNQ6+TNWfAa0ljvTfVXDPxCWGPvGIK2eu0O6IvnSp
LpewF4DFykQLJSrrLj7MVOAUIErSyCj4jYcFKccPd0IwP4tkhLAiGeehuQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAh7+3RqWBemf/LV1nUgmpgAy2P9MB8GA1UdIwQY
MBaAFNQ3WBQ0TfC/bQF3M6zcSI8AJjGyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMURkWUZEUk44TDl0QVhjenJOeElqd0FtTWJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC9iMjRiMmQtMzUyMy00MjJlLTliY2Yt
MzY3MWQ2N2ViOWY4LzEvQ0h2N2RHcFlGNlpfOHRYV2RTQ2FtQURMWV8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC9iMjRiMmQtMzUyMy00MjJlLTliY2YtMzY3MWQ2N2ViOWY4
LzEvMURkWUZEUk44TDl0QVhjenJOeElqd0FtTWJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALgjKMA0G
CSqGSIb3DQEBCwUAA4IBAQCMMykbQ253A0V5GZu1WylvBC2X31XNluoSWqBKbbf0
gNSd64tiekbhyeTYtj9Zx4N1NhrY/FyHxbwNCRmQrgIrGbBCKAGjNrpchUo+lrdR
CCjqTg/68d9NzEBhE7sQYMpHBxSV1hBUG5gq118gMd9M0vqE1u468Kl7tA0jR7+y
3MNS1Am7oCm8sS5WW27/ad8N+DJKja4bALMlMaEXG0J3rvAeh91s0ypdxJyxFknX
GKSclF/LLnIaVKT9CshjtO7Ks1BB8GP2OU5v+Lbme8tlEVmwNpKzddBc85Rkewrx
ODG+a0ZDAzt4bjO/oFwsWe7K+CV46c+VlBiOxm3jgw7p
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:35:25 2025 by rpki-client