Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/6e909d-d325-48a1-9443-cc9a758c9916/1/Kb3H-8XAAGKDzAbZu1sq88XELys.roa
File: Kb3H-8XAAGKDzAbZu1sq88XELys.roa (raw, json)
Hash identifier: EMFJpq5RzI3T2LifW/mGodrj8GEH2ffh7nE2i3hQrB4=
Subject key identifier: 29:BD:C7:FB:C5:C0:00:62:83:CC:06:D9:BB:5B:2A:F3:C5:C4:2F:2B
Certificate issuer: /CN=ae7a9b1745a5a70c3bf7bcc2c2ee166460aff7a8
Certificate serial: 018790E99AC6D06FF14F3489006BB3C29D93
Authority key identifier: AE:7A:9B:17:45:A5:A7:0C:3B:F7:BC:C2:C2:EE:16:64:60:AF:F7:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rnqbF0Wlpww797zCwu4WZGCv96g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/6e909d-d325-48a1-9443-cc9a758c9916/1/Kb3H-8XAAGKDzAbZu1sq88XELys.roa
Signing time: Mon 17 Apr 2023 20:30:41 +0000
ROA not before: Mon 17 Apr 2023 20:30:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6712
IP address blocks: 46.160.64.0/20 maxlen: 24
91.250.0.0/19 maxlen: 24
46.160.80.0/21 maxlen: 24
46.160.96.0/19 maxlen: 24
91.250.32.0/19 maxlen: 24
2a00:1210:ffff::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:90:e9:9a:c6:d0:6f:f1:4f:34:89:00:6b:b3:c2:9d:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae7a9b1745a5a70c3bf7bcc2c2ee166460aff7a8
Validity
Not Before: Apr 17 20:30:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=29bdc7fbc5c0006283cc06d9bb5b2af3c5c42f2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:8c:4d:bb:c7:9f:6b:c6:71:5d:ce:b3:4a:a4:
b3:c8:78:4f:da:42:8f:f9:1d:4a:f8:e6:c7:ef:10:
2c:3d:67:ec:0c:97:f0:67:56:b2:45:3d:2e:95:19:
98:e4:94:79:85:1e:76:e0:11:1c:89:57:57:36:63:
f5:ee:17:f0:8d:6c:f9:42:b5:65:00:d0:53:e5:ce:
84:5f:bf:7f:16:3f:1a:be:43:b7:59:4e:85:4e:65:
18:7e:40:7a:1b:1a:a8:ad:ef:6d:c2:5e:e9:61:06:
34:00:b0:cd:f0:2c:bd:70:87:61:7f:d7:38:26:07:
13:97:7f:3b:9c:64:50:2d:50:e0:35:bc:8c:6b:29:
ef:b0:32:cb:6b:a0:04:40:9e:47:0a:1f:ec:cf:57:
a6:95:7b:ae:9f:c0:4f:12:e7:b5:4d:62:af:b7:3c:
6e:1a:41:82:22:67:4b:08:be:c7:1a:48:d8:f8:0c:
1c:4d:56:3e:3d:90:c0:6f:2c:57:53:3f:4f:d4:34:
b7:c0:cb:ea:24:7f:5a:7e:fb:ec:13:4c:a5:60:bb:
8a:9b:e1:d0:4d:4b:6e:7b:0e:bd:ac:f7:da:c9:21:
51:c4:9f:e2:9f:e0:d6:fc:b9:dc:60:d6:e6:7f:c0:
2d:5d:27:08:54:b2:66:83:04:70:76:2b:c1:ef:c2:
85:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:BD:C7:FB:C5:C0:00:62:83:CC:06:D9:BB:5B:2A:F3:C5:C4:2F:2B
X509v3 Authority Key Identifier:
keyid:AE:7A:9B:17:45:A5:A7:0C:3B:F7:BC:C2:C2:EE:16:64:60:AF:F7:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rnqbF0Wlpww797zCwu4WZGCv96g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/6e909d-d325-48a1-9443-cc9a758c9916/1/Kb3H-8XAAGKDzAbZu1sq88XELys.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/6e909d-d325-48a1-9443-cc9a758c9916/1/rnqbF0Wlpww797zCwu4WZGCv96g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.160.64.0-46.160.87.255
46.160.96.0/19
91.250.0.0/18
IPv6:
2a00:1210:ffff::/48
Signature Algorithm: sha256WithRSAEncryption
2c:1a:ca:b8:dc:f6:ef:2e:33:d1:bd:f3:78:46:3d:68:26:11:
b0:44:01:18:eb:2a:84:0f:d9:8b:a2:c9:0d:65:a4:2d:b0:1b:
fe:65:1b:d9:21:41:67:1d:9a:4c:28:c2:5d:0e:9f:5a:0f:33:
e3:52:1f:e3:a1:45:60:4e:cd:93:d4:a0:33:57:9f:12:8e:47:
af:71:4d:8b:e0:28:a4:08:e8:e6:ff:66:66:78:1e:18:77:d1:
23:8e:34:be:5e:51:a3:16:36:5d:9f:8f:87:10:80:6d:71:a1:
50:5b:9f:d7:4a:bd:d8:58:ff:1b:75:59:f8:8f:fc:1e:53:eb:
d3:18:45:90:a7:af:af:03:3d:fe:bc:fb:02:34:a4:7c:b1:57:
20:e2:fa:80:48:98:1f:d7:dc:96:a7:fd:25:c1:cb:a9:ff:11:
90:ce:15:f5:2a:ea:12:3b:59:e5:d0:c3:55:cf:1e:3b:5c:dd:
fa:12:46:b9:cf:f2:a1:9f:f6:2c:a7:c4:2c:d4:65:9d:5c:78:
8b:36:eb:09:ae:d9:4f:58:52:a3:db:e9:8c:a6:96:20:09:38:
8a:e8:77:f3:5c:90:c3:12:ec:db:94:3d:fc:fd:78:bd:28:64:
c9:53:be:f3:6d:52:4b:8c:04:c3:72:6f:e7:25:ac:aa:6b:34:
1a:20:b9:cc
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAYeQ6ZrG0G/xTzSJAGuzwp2TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlN2E5YjE3NDVhNWE3MGMzYmY3YmNjMmMyZWUxNjY0NjBh
ZmY3YTgwHhcNMjMwNDE3MjAzMDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWJkYzdmYmM1YzAwMDYyODNjYzA2ZDliYjViMmFmM2M1YzQyZjJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj4xNu8efa8ZxXc6zSqSzyHhP2kKP
+R1K+ObH7xAsPWfsDJfwZ1ayRT0ulRmY5JR5hR524BEciVdXNmP17hfwjWz5QrVl
ANBT5c6EX79/Fj8avkO3WU6FTmUYfkB6Gxqore9twl7pYQY0ALDN8Cy9cIdhf9c4
JgcTl387nGRQLVDgNbyMaynvsDLLa6AEQJ5HCh/sz1emlXuun8BPEue1TWKvtzxu
GkGCImdLCL7HGkjY+AwcTVY+PZDAbyxXUz9P1DS3wMvqJH9afvvsE0ylYLuKm+HQ
TUtuew69rPfaySFRxJ/in+DW/LncYNbmf8AtXScIVLJmgwRwdivB78KFOwIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFCm9x/vFwABig8wG2btbKvPFxC8rMB8GA1UdIwQY
MBaAFK56mxdFpacMO/e8wsLuFmRgr/eoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcm5xYkYwV2xwd3c3OTd6Q3d1NFdaR0N2OTZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy82ZTkwOWQtZDMyNS00OGExLTk0NDMt
Y2M5YTc1OGM5OTE2LzEvS2IzSC04WEFBR0tEekFiWnUxc3E4OFhFTHlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy82ZTkwOWQtZDMyNS00OGExLTk0NDMtY2M5YTc1OGM5OTE2
LzEvcm5xYkYwV2xwd3c3OTd6Q3d1NFdaR0N2OTZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEQGCCsGAQUFBwEHAQH/BDUwMzAgBAIAATAaMAwDBAYuoEAD
BAMuoFADBAUuoGADBAZb+gAwDwQCAAIwCQMHACoAEhD//zANBgkqhkiG9w0BAQsF
AAOCAQEALBrKuNz27y4z0b3zeEY9aCYRsEQBGOsqhA/Zi6LJDWWkLbAb/mUb2SFB
Zx2aTCjCXQ6fWg8z41If46FFYE7Nk9SgM1efEo5Hr3FNi+AopAjo5v9mZngeGHfR
I440vl5RoxY2XZ+PhxCAbXGhUFuf10q92Fj/G3VZ+I/8HlPr0xhFkKevrwM9/rz7
AjSkfLFXIOL6gEiYH9fclqf9JcHLqf8RkM4V9SrqEjtZ5dDDVc8eO1zd+hJGuc/y
oZ/2LKfELNRlnVx4izbrCa7ZT1hSo9vpjKaWIAk4iuh381yQwxLs25Q9/P14vShk
yVO+821SS4wEw3Jv5yWsqms0GiC5zA==
-----END CERTIFICATE-----
Generated at Mon Apr 21 02:54:03 2025 by rpki-client