Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/_UBKfVpJ8uvY2KlEB9RSK2yyI74.roa
File: _UBKfVpJ8uvY2KlEB9RSK2yyI74.roa (raw, json)
Hash identifier: hzAA9SkvwN0dCWJ2QxDUK0AbiGJU/bWv+Wdn/GZXwEY=
Subject key identifier: FD:40:4A:7D:5A:49:F2:EB:D8:D8:A9:44:07:D4:52:2B:6C:B2:23:BE
Certificate issuer: /CN=3af7710df8add64bb9688e0f4581bea67e402c66
Certificate serial: 01857270F6CA42F6BB1830B2DECEE165E5C0
Authority key identifier: 3A:F7:71:0D:F8:AD:D6:4B:B9:68:8E:0F:45:81:BE:A6:7E:40:2C:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvdxDfit1ku5aI4PRYG-pn5ALGY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/_UBKfVpJ8uvY2KlEB9RSK2yyI74.roa
Signing time: Mon 02 Jan 2023 12:24:43 +0000
ROA not before: Mon 02 Jan 2023 12:24:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5392
IP address blocks: 46.21.18.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:70:f6:ca:42:f6:bb:18:30:b2:de:ce:e1:65:e5:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af7710df8add64bb9688e0f4581bea67e402c66
Validity
Not Before: Jan 2 12:24:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fd404a7d5a49f2ebd8d8a94407d4522b6cb223be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:1f:e5:1a:46:ea:c3:85:37:9f:0d:f5:82:ee:
86:ec:83:5b:7e:0d:e0:64:05:9e:ca:b8:e1:98:da:
59:8a:3e:33:a6:bc:b0:fe:12:f6:a1:96:c1:d1:be:
6d:26:44:e6:60:68:42:06:e4:c7:6a:2c:b7:8b:d6:
b8:f0:eb:f5:e1:bf:6e:db:d2:50:33:d7:f1:d6:ea:
cc:65:7d:19:b1:4a:30:d6:27:71:73:88:65:21:9e:
0c:52:31:16:30:27:ad:dd:4b:d0:ae:8d:37:cd:46:
b5:38:72:3f:06:ca:dd:e2:09:ea:d6:52:23:fb:64:
d4:d4:96:7d:c2:9b:43:8c:97:29:0d:97:44:5b:58:
f3:c3:b4:fc:bd:15:e2:e6:26:41:18:be:07:38:35:
8f:8a:b7:b8:86:1a:c6:42:2c:87:1b:df:2b:c3:0b:
e7:2a:c6:45:50:24:05:f4:4e:46:23:02:5d:8c:7d:
86:84:c9:43:fe:d8:60:7b:26:38:9a:af:09:45:aa:
ed:5b:6e:b0:de:58:31:d9:16:4a:57:d6:6a:2d:b5:
7b:77:ca:a6:2c:70:1d:48:ef:43:78:fa:a8:81:8f:
55:61:07:62:63:97:2c:db:34:22:ad:54:28:c7:46:
cf:85:7b:c6:9c:4f:cd:21:c5:1d:77:bf:6f:9c:be:
8a:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:40:4A:7D:5A:49:F2:EB:D8:D8:A9:44:07:D4:52:2B:6C:B2:23:BE
X509v3 Authority Key Identifier:
keyid:3A:F7:71:0D:F8:AD:D6:4B:B9:68:8E:0F:45:81:BE:A6:7E:40:2C:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvdxDfit1ku5aI4PRYG-pn5ALGY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/_UBKfVpJ8uvY2KlEB9RSK2yyI74.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/OvdxDfit1ku5aI4PRYG-pn5ALGY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.21.18.0/23
Signature Algorithm: sha256WithRSAEncryption
5b:b1:12:ba:d7:75:a2:d3:ef:1c:75:a6:af:cc:c8:ee:9f:1e:
db:04:7d:91:6a:a7:e0:f7:05:51:14:d6:85:9b:2d:df:40:f9:
58:34:5e:48:a8:84:22:b6:0d:8f:7a:dd:24:bf:9a:fe:85:36:
b8:af:8e:56:cf:51:99:65:2e:1e:67:5c:75:6e:9f:96:c0:06:
ee:2e:90:68:42:78:ec:5a:bc:39:b7:d6:b2:eb:f7:60:6d:13:
f0:b9:ef:bb:4f:88:6b:db:b8:c6:a8:d6:74:83:8e:9b:b6:ac:
46:43:90:c3:c0:ed:e9:03:e2:09:23:65:ec:48:c9:e1:f9:4b:
5d:23:51:a8:f2:7a:b8:a3:f3:03:c3:3e:0e:dd:61:2d:3d:a4:
92:cd:23:6b:59:13:80:97:90:ae:43:12:56:da:b3:9e:b0:11:
38:22:0d:39:b1:0b:7c:99:fa:0f:10:5a:f5:0f:4c:29:ed:40:
77:d8:c7:32:e4:92:6a:36:10:b2:a5:b1:09:c7:62:47:8f:04:
c3:44:64:1b:23:63:c4:bf:aa:bd:78:a2:cf:31:fa:b5:56:f8:
5a:f7:1c:f7:e9:10:db:cc:7e:4c:47:72:5d:ac:e6:a9:fb:8b:
de:c8:35:78:63:5a:0a:ba:cb:2c:87:02:d8:d5:87:b9:8b:9d:
a9:6f:b8:a8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVycPbKQva7GDCy3s7hZeXAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjc3MTBkZjhhZGQ2NGJiOTY4OGUwZjQ1ODFiZWE2N2U0
MDJjNjYwHhcNMjMwMTAyMTIyNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDQwNGE3ZDVhNDlmMmViZDhkOGE5NDQwN2Q0NTIyYjZjYjIyM2JlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqh/lGkbqw4U3nw31gu6G7INbfg3g
ZAWeyrjhmNpZij4zpryw/hL2oZbB0b5tJkTmYGhCBuTHaiy3i9a48Ov14b9u29JQ
M9fx1urMZX0ZsUow1idxc4hlIZ4MUjEWMCet3UvQro03zUa1OHI/Bsrd4gnq1lIj
+2TU1JZ9wptDjJcpDZdEW1jzw7T8vRXi5iZBGL4HODWPire4hhrGQiyHG98rwwvn
KsZFUCQF9E5GIwJdjH2GhMlD/thgeyY4mq8JRartW26w3lgx2RZKV9ZqLbV7d8qm
LHAdSO9DePqogY9VYQdiY5cs2zQirVQox0bPhXvGnE/NIcUdd79vnL6KPwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP1ASn1aSfLr2NipRAfUUitssiO+MB8GA1UdIwQY
MBaAFDr3cQ34rdZLuWiOD0WBvqZ+QCxmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZkeERmaXQxa3U1YUk0UFJZRy1wbjVBTEdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi9mNTlmZTMtOTU2ZS00OTM3LTg1OGQt
ZWVjNDE2YTg4NmY3LzEvX1VCS2ZWcEo4dXZZMktsRUI5UlNLMnl5STc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi9mNTlmZTMtOTU2ZS00OTM3LTg1OGQtZWVjNDE2YTg4NmY3
LzEvT3ZkeERmaXQxa3U1YUk0UFJZRy1wbjVBTEdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLhUSMA0G
CSqGSIb3DQEBCwUAA4IBAQBbsRK613Wi0+8cdaavzMjunx7bBH2Raqfg9wVRFNaF
my3fQPlYNF5IqIQitg2Pet0kv5r+hTa4r45Wz1GZZS4eZ1x1bp+WwAbuLpBoQnjs
Wrw5t9ay6/dgbRPwue+7T4hr27jGqNZ0g46btqxGQ5DDwO3pA+IJI2XsSMnh+Utd
I1Go8nq4o/MDwz4O3WEtPaSSzSNrWROAl5CuQxJW2rOesBE4Ig05sQt8mfoPEFr1
D0wp7UB32Mcy5JJqNhCypbEJx2JHjwTDRGQbI2PEv6q9eKLPMfq1Vvha9xz36RDb
zH5MR3JdrOap+4veyDV4Y1oKussshwLY1Ye5i52pb7io
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:15:15 2025 by rpki-client