Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/Pq1JDScQxASZxKfEZ4FkUj5f8zQ.roa
File: Pq1JDScQxASZxKfEZ4FkUj5f8zQ.roa (raw, json)
Hash identifier: KkZg8dKFyXc+08Y0op8e6TxBbpaao81MfwcjSr5khb8=
Subject key identifier: 3E:AD:49:0D:27:10:C4:04:99:C4:A7:C4:67:81:64:52:3E:5F:F3:34
Certificate issuer: /CN=3af7710df8add64bb9688e0f4581bea67e402c66
Certificate serial: 018B9B5405592AB25EE21B2687F8DA5A6C63
Authority key identifier: 3A:F7:71:0D:F8:AD:D6:4B:B9:68:8E:0F:45:81:BE:A6:7E:40:2C:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvdxDfit1ku5aI4PRYG-pn5ALGY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/Pq1JDScQxASZxKfEZ4FkUj5f8zQ.roa
Signing time: Sat 04 Nov 2023 17:14:16 +0000
ROA not before: Sat 04 Nov 2023 17:14:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198964
IP address blocks: 46.21.31.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:9b:54:05:59:2a:b2:5e:e2:1b:26:87:f8:da:5a:6c:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af7710df8add64bb9688e0f4581bea67e402c66
Validity
Not Before: Nov 4 17:14:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3ead490d2710c40499c4a7c4678164523e5ff334
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:81:44:32:5b:77:8e:93:a8:ef:1e:ce:37:96:
c8:4f:9e:27:c8:a0:d2:6d:1e:ae:95:34:38:36:a9:
c3:2f:bb:af:4b:21:cd:62:2a:44:c4:06:a7:e6:fb:
bc:8c:a9:42:ec:aa:d1:e2:ed:66:a7:a9:27:4d:37:
09:c8:76:45:6a:f5:ef:ce:68:fd:e1:dc:d5:f9:aa:
8e:fc:cb:a6:83:c3:4b:e3:b0:a7:c2:0b:95:75:e5:
a7:50:ce:95:00:18:71:cd:c2:02:4f:e7:82:76:d0:
f0:1b:64:0b:dc:68:67:a1:4b:0e:5c:d4:08:2a:da:
99:7b:01:1a:6b:0c:5a:7b:e6:3e:04:ee:a9:0c:0d:
d5:d6:7c:84:d7:7f:02:88:3a:ff:26:bb:85:df:8c:
73:e9:6a:db:6e:40:61:65:93:72:09:68:68:be:6d:
e3:78:cc:ea:3b:61:82:e2:ef:e9:7a:0d:13:01:8f:
42:7f:d1:16:9d:11:e4:a8:45:10:35:7f:2b:bd:eb:
dc:46:7b:ab:57:b5:ff:87:26:14:c5:41:16:8f:6b:
c4:ab:4e:34:7e:25:54:a9:38:95:18:c9:c5:27:85:
a4:18:25:33:3d:69:31:60:0f:46:f8:42:a7:92:c5:
85:3a:c2:ca:e2:8a:c3:ba:bf:2d:f5:41:45:a2:9e:
8a:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:AD:49:0D:27:10:C4:04:99:C4:A7:C4:67:81:64:52:3E:5F:F3:34
X509v3 Authority Key Identifier:
keyid:3A:F7:71:0D:F8:AD:D6:4B:B9:68:8E:0F:45:81:BE:A6:7E:40:2C:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvdxDfit1ku5aI4PRYG-pn5ALGY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/Pq1JDScQxASZxKfEZ4FkUj5f8zQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/OvdxDfit1ku5aI4PRYG-pn5ALGY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.21.31.0/24
Signature Algorithm: sha256WithRSAEncryption
82:24:94:c2:4d:48:3d:dc:ad:84:c8:59:03:8d:eb:32:6b:8c:
04:48:a1:95:fe:1d:24:eb:f9:f9:2b:98:1c:77:b6:fd:bd:7d:
c7:ba:ec:cf:e9:16:1e:ce:d2:27:1a:8a:75:c0:12:b8:57:ba:
98:49:b2:cf:00:04:26:84:38:52:45:9f:4d:6b:04:76:81:95:
6b:cc:95:80:95:47:1c:e2:97:4d:42:c0:18:d0:44:e4:17:37:
30:64:8b:f3:42:3d:95:50:3d:1f:b9:eb:42:f3:77:bc:81:a9:
7d:89:2a:eb:98:0a:67:8a:b0:c9:16:b2:31:04:f5:fe:bb:d9:
db:42:48:04:a4:84:f1:fd:b3:ca:94:f9:be:c0:9e:37:bd:79:
cd:73:a8:34:75:25:af:cc:fa:cc:54:f8:2a:7c:2f:f2:b0:30:
f3:27:91:9d:67:be:bb:f5:b1:ae:15:54:ec:0f:c1:04:ee:7d:
b4:1e:61:db:07:4a:8f:07:df:86:e6:5a:c0:46:25:55:25:41:
7a:f0:12:e8:48:da:20:99:35:81:5c:db:38:21:cf:f2:59:aa:
1f:e2:c6:2d:28:68:05:c4:9a:f0:f4:7d:69:48:a5:be:c6:6d:
6a:56:27:f5:44:8c:a0:b1:12:8c:06:ef:e2:0d:89:9e:a6:9e:
73:1a:f6:36
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYubVAVZKrJe4hsmh/jaWmxjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjc3MTBkZjhhZGQ2NGJiOTY4OGUwZjQ1ODFiZWE2N2U0
MDJjNjYwHhcNMjMxMTA0MTcxNDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZWFkNDkwZDI3MTBjNDA0OTljNGE3YzQ2NzgxNjQ1MjNlNWZmMzM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi4FEMlt3jpOo7x7ON5bIT54nyKDS
bR6ulTQ4NqnDL7uvSyHNYipExAan5vu8jKlC7KrR4u1mp6knTTcJyHZFavXvzmj9
4dzV+aqO/Mumg8NL47CnwguVdeWnUM6VABhxzcICT+eCdtDwG2QL3GhnoUsOXNQI
KtqZewEaawxae+Y+BO6pDA3V1nyE138CiDr/JruF34xz6WrbbkBhZZNyCWhovm3j
eMzqO2GC4u/peg0TAY9Cf9EWnRHkqEUQNX8rvevcRnurV7X/hyYUxUEWj2vEq040
fiVUqTiVGMnFJ4WkGCUzPWkxYA9G+EKnksWFOsLK4orDur8t9UFFop6KVQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD6tSQ0nEMQEmcSnxGeBZFI+X/M0MB8GA1UdIwQY
MBaAFDr3cQ34rdZLuWiOD0WBvqZ+QCxmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZkeERmaXQxa3U1YUk0UFJZRy1wbjVBTEdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi9mNTlmZTMtOTU2ZS00OTM3LTg1OGQt
ZWVjNDE2YTg4NmY3LzEvUHExSkRTY1F4QVNaeEtmRVo0RmtVajVmOHpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi9mNTlmZTMtOTU2ZS00OTM3LTg1OGQtZWVjNDE2YTg4NmY3
LzEvT3ZkeERmaXQxa3U1YUk0UFJZRy1wbjVBTEdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALhUfMA0G
CSqGSIb3DQEBCwUAA4IBAQCCJJTCTUg93K2EyFkDjesya4wESKGV/h0k6/n5K5gc
d7b9vX3HuuzP6RYeztInGop1wBK4V7qYSbLPAAQmhDhSRZ9NawR2gZVrzJWAlUcc
4pdNQsAY0ETkFzcwZIvzQj2VUD0fuetC83e8gal9iSrrmApnirDJFrIxBPX+u9nb
QkgEpITx/bPKlPm+wJ43vXnNc6g0dSWvzPrMVPgqfC/ysDDzJ5GdZ7679bGuFVTs
D8EE7n20HmHbB0qPB9+G5lrARiVVJUF68BLoSNogmTWBXNs4Ic/yWaof4sYtKGgF
xJrw9H1pSKW+xm1qVif1RIygsRKMBu/iDYmepp5zGvY2
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:30:27 2025 by rpki-client