Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/oApryxuX1569RKjjJpn6kpEARCw.roa
File: oApryxuX1569RKjjJpn6kpEARCw.roa (raw, json)
Hash identifier: i8DRDyxCDivEh5yubnisAyR9TSGxgpw3vELxB7d5Dgo=
Subject key identifier: A0:0A:6B:CB:1B:97:D7:9E:BD:44:A8:E3:26:99:FA:92:91:00:44:2C
Certificate issuer: /CN=3af7710df8add64bb9688e0f4581bea67e402c66
Certificate serial: 01857270F9424BC9355AAFA5706EAFFF62DD
Authority key identifier: 3A:F7:71:0D:F8:AD:D6:4B:B9:68:8E:0F:45:81:BE:A6:7E:40:2C:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvdxDfit1ku5aI4PRYG-pn5ALGY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/oApryxuX1569RKjjJpn6kpEARCw.roa
Signing time: Mon 02 Jan 2023 12:24:44 +0000
ROA not before: Mon 02 Jan 2023 12:24:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203639
IP address blocks: 185.155.186.0/24 maxlen: 24
185.155.187.0/24 maxlen: 24
46.21.23.0/24 maxlen: 24
46.21.22.0/24 maxlen: 24
46.21.28.0/24 maxlen: 24
46.21.30.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:70:f9:42:4b:c9:35:5a:af:a5:70:6e:af:ff:62:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af7710df8add64bb9688e0f4581bea67e402c66
Validity
Not Before: Jan 2 12:24:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a00a6bcb1b97d79ebd44a8e32699fa929100442c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:2a:a2:00:d3:bc:ed:2c:a1:92:a5:b7:db:18:
30:b8:af:52:82:9e:d8:18:b8:ca:3d:17:53:0c:39:
7c:31:37:1a:b0:b5:43:37:9b:7c:02:00:c7:e2:36:
17:3a:9d:54:34:2f:5c:b1:75:4f:85:6a:3c:97:d7:
24:80:30:28:2e:60:9c:a8:38:72:e9:ef:cb:e6:ac:
08:2c:ff:3b:77:10:38:9f:47:72:46:60:d1:66:05:
6c:fa:68:97:ba:7c:6a:8e:3e:8f:7a:c2:7d:e1:7f:
4f:5c:31:41:f9:b0:81:16:79:58:42:59:81:82:75:
2a:1c:6d:1f:33:9c:c9:d3:b5:ca:4a:7d:56:e3:91:
07:38:f0:e9:72:7f:11:3f:33:b1:fc:cf:4c:3d:5e:
ab:9d:11:40:7f:ca:1c:f3:d7:b8:e0:68:f8:86:e1:
4d:2c:79:b5:30:d9:f2:ae:e5:9a:2a:24:d8:ad:77:
53:32:f3:21:de:85:db:23:9a:b5:c0:e2:40:82:aa:
f9:09:13:5d:42:19:50:af:44:1c:6a:58:fd:ca:ed:
99:94:66:1b:98:a6:14:c1:49:ff:d8:a9:67:d5:6c:
1e:2a:a9:43:fd:eb:26:8a:48:9d:80:97:37:d4:45:
63:23:1f:bd:77:35:a8:a1:8a:b7:6b:db:b8:b5:26:
8f:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:0A:6B:CB:1B:97:D7:9E:BD:44:A8:E3:26:99:FA:92:91:00:44:2C
X509v3 Authority Key Identifier:
keyid:3A:F7:71:0D:F8:AD:D6:4B:B9:68:8E:0F:45:81:BE:A6:7E:40:2C:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvdxDfit1ku5aI4PRYG-pn5ALGY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/oApryxuX1569RKjjJpn6kpEARCw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/OvdxDfit1ku5aI4PRYG-pn5ALGY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.21.22.0/23
46.21.28.0/24
46.21.30.0/24
185.155.186.0/23
Signature Algorithm: sha256WithRSAEncryption
83:42:4c:fd:c5:61:5d:9b:b3:7a:41:d2:19:d4:bb:5e:30:e8:
a4:da:df:0f:80:6c:98:8c:63:0e:30:92:e9:be:d4:ef:ef:de:
c4:51:af:c4:a7:70:39:d6:9e:40:ad:0c:49:5d:99:88:ff:96:
2e:59:e8:e4:a2:22:18:70:cd:e1:49:d4:63:31:ad:b1:25:60:
df:be:c1:41:c9:12:4b:82:be:dd:1a:b9:dc:ea:64:0b:70:6b:
93:49:ee:41:c0:d3:96:e6:88:65:89:39:6a:f7:af:17:24:75:
7c:4d:07:70:0f:7c:01:af:f5:be:48:64:37:37:92:37:17:e5:
e5:64:2e:c9:25:2e:fa:cf:fb:25:4b:95:49:ba:cd:80:70:91:
04:d2:b8:a6:d5:04:62:11:45:ea:70:31:69:7a:30:46:68:64:
8a:c2:f3:75:e2:6b:c9:ad:74:68:cf:ab:3a:90:00:fe:1b:df:
06:11:1b:e0:2a:00:5f:bb:78:b3:3f:1f:0d:e8:92:56:cf:e7:
8d:fd:95:36:48:18:8f:d7:fa:cf:5a:ad:9d:47:8a:68:46:47:
d5:28:93:61:d0:c6:67:be:6f:54:e5:68:e9:0d:84:86:24:39:
26:39:ff:c0:bd:36:5a:e2:f8:48:99:d7:1c:fd:75:1a:26:d7:
c2:f3:00:41
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVycPlCS8k1Wq+lcG6v/2LdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjc3MTBkZjhhZGQ2NGJiOTY4OGUwZjQ1ODFiZWE2N2U0
MDJjNjYwHhcNMjMwMTAyMTIyNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDBhNmJjYjFiOTdkNzllYmQ0NGE4ZTMyNjk5ZmE5MjkxMDA0NDJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhSqiANO87SyhkqW32xgwuK9Sgp7Y
GLjKPRdTDDl8MTcasLVDN5t8AgDH4jYXOp1UNC9csXVPhWo8l9ckgDAoLmCcqDhy
6e/L5qwILP87dxA4n0dyRmDRZgVs+miXunxqjj6PesJ94X9PXDFB+bCBFnlYQlmB
gnUqHG0fM5zJ07XKSn1W45EHOPDpcn8RPzOx/M9MPV6rnRFAf8oc89e44Gj4huFN
LHm1MNnyruWaKiTYrXdTMvMh3oXbI5q1wOJAgqr5CRNdQhlQr0Qcalj9yu2ZlGYb
mKYUwUn/2Kln1WweKqlD/esmikidgJc31EVjIx+9dzWooYq3a9u4tSaPmwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKAKa8sbl9eevUSo4yaZ+pKRAEQsMB8GA1UdIwQY
MBaAFDr3cQ34rdZLuWiOD0WBvqZ+QCxmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZkeERmaXQxa3U1YUk0UFJZRy1wbjVBTEdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi9mNTlmZTMtOTU2ZS00OTM3LTg1OGQt
ZWVjNDE2YTg4NmY3LzEvb0Fwcnl4dVgxNTY5UktqakpwbjZrcEVBUkN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi9mNTlmZTMtOTU2ZS00OTM3LTg1OGQtZWVjNDE2YTg4NmY3
LzEvT3ZkeERmaXQxa3U1YUk0UFJZRy1wbjVBTEdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBLhUWAwQA
LhUcAwQALhUeAwQBuZu6MA0GCSqGSIb3DQEBCwUAA4IBAQCDQkz9xWFdm7N6QdIZ
1LteMOik2t8PgGyYjGMOMJLpvtTv797EUa/Ep3A51p5ArQxJXZmI/5YuWejkoiIY
cM3hSdRjMa2xJWDfvsFByRJLgr7dGrnc6mQLcGuTSe5BwNOW5ohliTlq968XJHV8
TQdwD3wBr/W+SGQ3N5I3F+XlZC7JJS76z/slS5VJus2AcJEE0rim1QRiEUXqcDFp
ejBGaGSKwvN14mvJrXRoz6s6kAD+G98GERvgKgBfu3izPx8N6JJWz+eN/ZU2SBiP
1/rPWq2dR4poRkfVKJNh0MZnvm9U5WjpDYSGJDkmOf/AvTZa4vhImdcc/XUaJtfC
8wBB
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:22:17 2025 by rpki-client