Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/b24b2d-3523-422e-9bcf-3671d67eb9f8/1/O43z92up5AkW9uExZrfnNix6tAs.roa
File: O43z92up5AkW9uExZrfnNix6tAs.roa (raw, json)
Hash identifier: ymL0Y8nNDYNltFXX6KRp05tr3lxBMu8Hp78EgZlj3Fs=
Subject key identifier: 3B:8D:F3:F7:6B:A9:E4:09:16:F6:E1:31:66:B7:E7:36:2C:7A:B4:0B
Certificate issuer: /CN=d4375814344df0bf6d017733acdc488f002631b2
Certificate serial: 0186F01C8A270D8793DCDB24718637B46278
Authority key identifier: D4:37:58:14:34:4D:F0:BF:6D:01:77:33:AC:DC:48:8F:00:26:31:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1DdYFDRN8L9tAXczrNxIjwAmMbI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/b24b2d-3523-422e-9bcf-3671d67eb9f8/1/O43z92up5AkW9uExZrfnNix6tAs.roa
Signing time: Fri 17 Mar 2023 15:07:27 +0000
ROA not before: Fri 17 Mar 2023 15:07:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43624
IP address blocks: 46.8.202.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:f0:1c:8a:27:0d:87:93:dc:db:24:71:86:37:b4:62:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4375814344df0bf6d017733acdc488f002631b2
Validity
Not Before: Mar 17 15:07:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3b8df3f76ba9e40916f6e13166b7e7362c7ab40b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:2a:fe:35:ed:06:ac:4b:d0:21:89:37:84:ae:
dd:90:d0:cf:ea:a8:9d:48:55:b9:90:63:ef:71:ad:
7d:18:5c:8a:eb:a0:bf:62:d3:e5:0f:e1:bd:54:95:
b0:3f:71:e0:bb:a8:83:80:f8:0a:5a:a3:fe:47:ad:
23:2e:c4:29:70:ea:60:36:ad:d2:4d:dc:7a:6c:8f:
32:6d:3c:a1:27:78:17:4a:33:9b:ff:d8:a6:f0:97:
f1:61:1d:68:32:70:86:77:90:98:58:e0:0d:b8:19:
f9:f5:32:38:ca:fa:01:db:96:03:8d:6f:e6:b6:10:
cd:d7:2a:38:53:ea:68:b9:f1:96:dc:c5:a2:59:32:
b2:07:54:7d:25:65:b7:58:30:01:e9:8c:53:b3:62:
0e:38:49:63:49:59:60:2b:16:20:35:5e:9b:42:5e:
2c:f6:70:80:36:38:4f:61:ff:22:d9:68:73:1c:59:
c4:36:a1:05:c9:8a:5b:e4:fd:d5:c9:e1:f1:dc:e3:
f1:04:47:ad:a4:58:5a:cb:01:79:c0:f6:cf:6c:a8:
af:1b:ec:bc:18:d6:74:aa:79:6e:79:b8:89:d3:42:
80:c8:27:fd:58:fb:59:5c:fc:d3:d4:87:50:ce:e9:
6d:04:f9:0d:51:77:b8:4b:22:b8:c7:91:f2:d2:0b:
10:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:8D:F3:F7:6B:A9:E4:09:16:F6:E1:31:66:B7:E7:36:2C:7A:B4:0B
X509v3 Authority Key Identifier:
keyid:D4:37:58:14:34:4D:F0:BF:6D:01:77:33:AC:DC:48:8F:00:26:31:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1DdYFDRN8L9tAXczrNxIjwAmMbI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/b24b2d-3523-422e-9bcf-3671d67eb9f8/1/O43z92up5AkW9uExZrfnNix6tAs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/b24b2d-3523-422e-9bcf-3671d67eb9f8/1/1DdYFDRN8L9tAXczrNxIjwAmMbI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.8.202.0/24
Signature Algorithm: sha256WithRSAEncryption
70:0b:35:a9:48:b4:9c:8d:98:fb:e4:4b:9c:5b:90:d2:2f:fc:
1d:28:dc:ed:40:e0:e2:38:0e:f8:ff:ba:5f:12:a0:cd:b2:26:
92:48:89:cf:44:75:ba:d6:7c:42:68:c0:9c:a3:38:a9:f3:12:
59:ac:fb:db:ee:f2:29:84:dd:ce:de:a2:ca:8b:22:a4:ae:3c:
55:fc:4c:19:d2:14:e5:c2:0c:d2:ea:3a:ab:b2:e8:c0:59:80:
ca:62:2a:13:b6:44:21:26:e5:e5:04:f6:a1:6e:54:64:00:b0:
2d:ee:c1:37:b3:e9:7d:c2:ff:0f:f2:c5:f9:73:0c:1e:12:1b:
81:4e:5a:44:d3:8a:b9:a9:7f:de:cb:f2:57:63:be:2d:06:5d:
ff:76:af:47:55:ba:49:9c:d0:de:13:81:a8:43:86:bb:e1:ed:
5a:fe:50:50:6a:6e:e0:2e:c5:da:d0:27:25:9a:5a:a9:90:f0:
9b:24:9b:be:40:02:9c:e0:f1:a7:67:46:5c:cc:9b:b6:29:69:
70:c7:52:11:eb:69:6a:49:98:d1:05:f2:34:64:3e:a8:ac:fc:
ae:15:12:90:c6:8b:c8:82:7d:c6:93:94:89:af:eb:35:50:33:
39:98:29:f0:ce:5f:2d:7b:40:7b:54:e2:87:fb:3f:a3:67:52:
9a:cc:8b:b2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYbwHIonDYeT3NskcYY3tGJ4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0Mzc1ODE0MzQ0ZGYwYmY2ZDAxNzczM2FjZGM0ODhmMDAy
NjMxYjIwHhcNMjMwMzE3MTUwNzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjhkZjNmNzZiYTllNDA5MTZmNmUxMzE2NmI3ZTczNjJjN2FiNDBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtSr+Ne0GrEvQIYk3hK7dkNDP6qid
SFW5kGPvca19GFyK66C/YtPlD+G9VJWwP3Hgu6iDgPgKWqP+R60jLsQpcOpgNq3S
Tdx6bI8ybTyhJ3gXSjOb/9im8JfxYR1oMnCGd5CYWOANuBn59TI4yvoB25YDjW/m
thDN1yo4U+poufGW3MWiWTKyB1R9JWW3WDAB6YxTs2IOOEljSVlgKxYgNV6bQl4s
9nCANjhPYf8i2WhzHFnENqEFyYpb5P3VyeHx3OPxBEetpFhaywF5wPbPbKivG+y8
GNZ0qnluebiJ00KAyCf9WPtZXPzT1IdQzultBPkNUXe4SyK4x5Hy0gsQ5QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDuN8/drqeQJFvbhMWa35zYserQLMB8GA1UdIwQY
MBaAFNQ3WBQ0TfC/bQF3M6zcSI8AJjGyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMURkWUZEUk44TDl0QVhjenJOeElqd0FtTWJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC9iMjRiMmQtMzUyMy00MjJlLTliY2Yt
MzY3MWQ2N2ViOWY4LzEvTzQzejkydXA1QWtXOXVFeFpyZm5OaXg2dEFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC9iMjRiMmQtMzUyMy00MjJlLTliY2YtMzY3MWQ2N2ViOWY4
LzEvMURkWUZEUk44TDl0QVhjenJOeElqd0FtTWJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALgjKMA0G
CSqGSIb3DQEBCwUAA4IBAQBwCzWpSLScjZj75EucW5DSL/wdKNztQODiOA74/7pf
EqDNsiaSSInPRHW61nxCaMCcozip8xJZrPvb7vIphN3O3qLKiyKkrjxV/EwZ0hTl
wgzS6jqrsujAWYDKYioTtkQhJuXlBPahblRkALAt7sE3s+l9wv8P8sX5cwweEhuB
TlpE04q5qX/ey/JXY74tBl3/dq9HVbpJnNDeE4GoQ4a74e1a/lBQam7gLsXa0Ccl
mlqpkPCbJJu+QAKc4PGnZ0ZczJu2KWlwx1IR62lqSZjRBfI0ZD6orPyuFRKQxovI
gn3Gk5SJr+s1UDM5mCnwzl8te0B7VOKH+z+jZ1KazIuy
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:39:18 2025 by rpki-client