Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/cf4ab4-e914-40e1-82df-14dc7ec0495d/1/oK-Hlu3nQLRMJZpqf-33cY_P1XE.roa
File: oK-Hlu3nQLRMJZpqf-33cY_P1XE.roa (raw, json)
Hash identifier: Z1dV4UkUYobrYPshyidqOaCmR02zcXM45pH3H1biMW0=
Subject key identifier: A0:AF:87:96:ED:E7:40:B4:4C:25:9A:6A:7F:ED:F7:71:8F:CF:D5:71
Certificate issuer: /CN=fcd7a721eda459ebdf98e029f87c90a980e81d94
Certificate serial: 0612F727
Authority key identifier: FC:D7:A7:21:ED:A4:59:EB:DF:98:E0:29:F8:7C:90:A9:80:E8:1D:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_NenIe2kWevfmOAp-HyQqYDoHZQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/cf4ab4-e914-40e1-82df-14dc7ec0495d/1/oK-Hlu3nQLRMJZpqf-33cY_P1XE.roa
Signing time: Sat 01 Jan 2022 05:02:38 +0000
ROA not before: Sat 01 Jan 2022 05:02:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 396982
IP address blocks: 46.235.152.0/21 maxlen: 21
185.180.48.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101906215 (0x612f727)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fcd7a721eda459ebdf98e029f87c90a980e81d94
Validity
Not Before: Jan 1 05:02:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a0af8796ede740b44c259a6a7fedf7718fcfd571
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:2f:55:2b:77:0e:64:b3:f1:8c:45:99:34:e2:
3f:be:cd:dc:e7:28:78:ae:f7:70:7d:b0:93:6c:d1:
59:88:81:72:2d:ab:9f:22:8e:f0:63:5a:61:44:d4:
d5:2e:5b:f5:65:5c:02:e3:35:11:d5:06:62:4f:53:
69:1e:c7:8f:a5:00:5c:69:6f:68:fd:b6:d3:2d:ad:
f2:2c:32:51:19:ea:a4:e5:b7:3c:30:ac:1b:66:6c:
1f:f6:7a:de:b9:02:db:e2:38:ae:d1:07:21:c9:8f:
5f:03:f6:cf:13:dc:42:39:9b:8a:8e:ec:36:6d:df:
1c:54:cc:8a:81:a0:d2:f5:a8:51:73:f1:60:0b:c7:
ae:23:2d:d7:70:d2:92:ec:c9:2b:91:71:ef:21:65:
4a:1b:82:13:f8:52:b5:63:be:d8:93:22:d7:a8:90:
46:36:ef:63:80:0a:10:80:b4:1d:be:6f:2a:50:95:
b8:5c:9c:2f:8f:37:73:5c:e7:71:a3:32:55:24:82:
7d:82:1f:5c:68:20:a8:3a:df:fd:da:21:32:2c:32:
71:7f:66:9b:7c:ed:d5:2e:ef:c3:a6:c9:5f:bc:bd:
4c:3e:f2:01:f1:b7:2e:8f:1d:ba:ea:01:20:8d:5e:
cb:7d:30:94:93:ad:25:51:65:0c:b7:6c:ee:ce:74:
a3:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:AF:87:96:ED:E7:40:B4:4C:25:9A:6A:7F:ED:F7:71:8F:CF:D5:71
X509v3 Authority Key Identifier:
keyid:FC:D7:A7:21:ED:A4:59:EB:DF:98:E0:29:F8:7C:90:A9:80:E8:1D:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_NenIe2kWevfmOAp-HyQqYDoHZQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/cf4ab4-e914-40e1-82df-14dc7ec0495d/1/oK-Hlu3nQLRMJZpqf-33cY_P1XE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/cf4ab4-e914-40e1-82df-14dc7ec0495d/1/_NenIe2kWevfmOAp-HyQqYDoHZQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.235.152.0/21
185.180.48.0/22
Signature Algorithm: sha256WithRSAEncryption
bc:88:98:7e:f8:28:ee:35:31:db:c3:f7:76:44:22:8c:fd:92:
45:9e:93:07:cc:25:7d:27:ff:4d:33:19:77:28:da:1f:53:ea:
22:b2:5f:10:73:db:40:7b:e8:74:62:14:be:68:f4:a5:30:2e:
a5:79:7b:94:5e:65:0e:33:1d:be:de:bb:33:72:d0:4d:d9:5b:
10:29:57:80:ae:6a:a2:8b:63:1d:d6:4a:06:fd:83:36:08:83:
f6:6b:6b:65:5d:2d:de:21:48:ad:2b:ea:92:5f:61:bf:16:bf:
af:bc:85:34:e0:57:ae:33:e3:18:cc:0f:76:fb:05:6e:10:87:
54:99:9d:d7:60:5c:60:74:98:b9:bd:09:d4:14:c1:ad:9b:a2:
53:cd:31:c1:4f:63:70:f8:d1:f7:d1:74:c0:6d:84:02:4d:8c:
bf:3f:2b:b5:7f:55:02:c5:9e:9d:e9:03:01:70:5a:57:d4:46:
e8:5d:3b:8d:47:69:21:79:8e:4a:d3:34:13:b7:1d:16:81:fb:
b1:cc:44:22:ed:a2:c8:99:b5:a6:73:a2:81:d9:1d:8d:1d:02:
a3:81:3d:df:b1:09:a2:e8:ca:45:59:f9:c6:7c:68:e9:c3:f3:
fd:20:0e:d0:cb:18:69:e7:5a:10:dc:c5:a3:6d:01:48:d4:64:
8f:af:dc:fc
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBhL3JzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
Y2Q3YTcyMWVkYTQ1OWViZGY5OGUwMjlmODdjOTBhOTgwZTgxZDk0MB4XDTIyMDEw
MTA1MDIzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTBhZjg3OTZlZGU3
NDBiNDRjMjU5YTZhN2ZlZGY3NzE4ZmNmZDU3MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMYvVSt3DmSz8YxFmTTiP77N3OcoeK73cH2wk2zRWYiBci2r
nyKO8GNaYUTU1S5b9WVcAuM1EdUGYk9TaR7Hj6UAXGlvaP220y2t8iwyURnqpOW3
PDCsG2ZsH/Z63rkC2+I4rtEHIcmPXwP2zxPcQjmbio7sNm3fHFTMioGg0vWoUXPx
YAvHriMt13DSkuzJK5Fx7yFlShuCE/hStWO+2JMi16iQRjbvY4AKEIC0Hb5vKlCV
uFycL483c1zncaMyVSSCfYIfXGggqDrf/dohMiwycX9mm3zt1S7vw6bJX7y9TD7y
AfG3Lo8duuoBII1ey30wlJOtJVFlDLds7s50o0cCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBSgr4eW7edAtEwlmmp/7fdxj8/VcTAfBgNVHSMEGDAWgBT816ch7aRZ69+Y
4Cn4fJCpgOgdlDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L19OZW5JZTJrV2V2Zm1PQXAtSHlRcVlEb0haUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTUvY2Y0YWI0LWU5MTQtNDBlMS04MmRmLTE0ZGM3ZWMwNDk1ZC8x
L29LLUhsdTNuUUxSTUpacHFmLTMzY1lfUDFYRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTUv
Y2Y0YWI0LWU5MTQtNDBlMS04MmRmLTE0ZGM3ZWMwNDk1ZC8xL19OZW5JZTJrV2V2
Zm1PQXAtSHlRcVlEb0haUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAy7rmAMEArm0MDANBgkqhkiG9w0B
AQsFAAOCAQEAvIiYfvgo7jUx28P3dkQijP2SRZ6TB8wlfSf/TTMZdyjaH1PqIrJf
EHPbQHvodGIUvmj0pTAupXl7lF5lDjMdvt67M3LQTdlbEClXgK5qootjHdZKBv2D
NgiD9mtrZV0t3iFIrSvqkl9hvxa/r7yFNOBXrjPjGMwPdvsFbhCHVJmd12BcYHSY
ub0J1BTBrZuiU80xwU9jcPjR99F0wG2EAk2Mvz8rtX9VAsWenekDAXBaV9RG6F07
jUdpIXmOStM0E7cdFoH7scxEIu2iyJm1pnOigdkdjR0Co4E937EJoujKRVn5xnxo
6cPz/SAO0MsYaedaENzFo20BSNRkj6/c/A==
-----END CERTIFICATE-----
Generated at Thu Apr 17 02:08:55 2025 by rpki-client