Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/435d88-371e-4f86-a90a-cfbbc14671a3/1/Y7DdLn0ptP4OEsTzWjGKN1eKS6A.roa
File: Y7DdLn0ptP4OEsTzWjGKN1eKS6A.roa (raw, json)
Hash identifier: 3/nwa5oQxZDPIwqU5bR1mUyTUtpUP5P8lzYTL3onAP4=
Subject key identifier: 63:B0:DD:2E:7D:29:B4:FE:0E:12:C4:F3:5A:31:8A:37:57:8A:4B:A0
Certificate issuer: /CN=fd0c6b2bd29d3168487c9ec5fde4c3fc42d9cfbe
Certificate serial: 01856F1DAE740E638D86724EC95ECA49005B
Authority key identifier: FD:0C:6B:2B:D2:9D:31:68:48:7C:9E:C5:FD:E4:C3:FC:42:D9:CF:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_QxrK9KdMWhIfJ7F_eTD_ELZz74.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/435d88-371e-4f86-a90a-cfbbc14671a3/1/Y7DdLn0ptP4OEsTzWjGKN1eKS6A.roa
Signing time: Sun 01 Jan 2023 20:54:54 +0000
ROA not before: Sun 01 Jan 2023 20:54:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 196881
IP address blocks: 46.30.137.0/24 maxlen: 24
46.30.138.0/23 maxlen: 23
46.30.138.0/24 maxlen: 24
46.30.139.0/24 maxlen: 24
185.156.104.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:1d:ae:74:0e:63:8d:86:72:4e:c9:5e:ca:49:00:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fd0c6b2bd29d3168487c9ec5fde4c3fc42d9cfbe
Validity
Not Before: Jan 1 20:54:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=63b0dd2e7d29b4fe0e12c4f35a318a37578a4ba0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:3a:fa:1a:c8:6f:16:48:65:98:2e:26:28:62:
e6:32:e7:ea:7d:cf:b3:c7:ee:e8:75:39:64:76:18:
55:fa:d3:cf:f7:1f:b0:b7:7d:8f:1e:b3:73:31:0c:
dd:97:84:eb:4b:fe:cb:bc:47:27:0a:7e:a6:af:6c:
a1:1c:4e:33:4e:09:ad:97:29:f8:26:17:fa:1a:35:
4a:35:c5:7b:6c:a5:b8:d3:3b:f2:77:a7:bb:27:9c:
ab:86:aa:4e:ff:28:8b:19:36:fb:44:e6:f6:bb:99:
3d:f4:75:2d:2a:ce:97:20:fe:37:be:2b:84:a9:86:
29:17:c8:f9:3c:6a:d6:59:a2:7e:61:b1:e9:6d:02:
3f:72:85:0b:dd:fb:c5:d9:df:08:ba:34:ab:4b:eb:
0e:a1:b5:c0:2f:2e:79:e4:95:7c:a6:ec:4c:38:de:
50:97:64:ce:ab:a5:6d:b8:16:0d:40:3a:d0:79:a1:
f0:e3:e6:c3:9c:bf:45:97:17:69:68:e9:04:6b:d2:
e7:22:f0:c1:82:80:74:df:b8:b8:47:a2:4e:f0:af:
df:b1:94:2d:df:a0:f2:da:af:07:a5:f4:58:d1:25:
ef:2a:37:33:37:bf:fc:89:be:9d:7d:97:50:98:06:
68:7e:51:1e:e3:2e:c5:27:43:ab:43:3e:fb:a7:c6:
e2:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:B0:DD:2E:7D:29:B4:FE:0E:12:C4:F3:5A:31:8A:37:57:8A:4B:A0
X509v3 Authority Key Identifier:
keyid:FD:0C:6B:2B:D2:9D:31:68:48:7C:9E:C5:FD:E4:C3:FC:42:D9:CF:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_QxrK9KdMWhIfJ7F_eTD_ELZz74.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/435d88-371e-4f86-a90a-cfbbc14671a3/1/Y7DdLn0ptP4OEsTzWjGKN1eKS6A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/435d88-371e-4f86-a90a-cfbbc14671a3/1/_QxrK9KdMWhIfJ7F_eTD_ELZz74.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.30.137.0-46.30.139.255
185.156.104.0/24
Signature Algorithm: sha256WithRSAEncryption
63:18:d7:e7:a6:f0:52:a8:d2:61:20:01:1f:a8:e0:e3:68:58:
a4:8f:37:73:1f:ef:57:84:4b:be:69:44:e7:47:d2:83:9a:73:
69:26:b5:7c:16:c7:b9:2b:de:57:7d:a1:d6:9b:71:b0:e6:51:
ae:37:15:f8:0a:10:9e:11:d6:52:b6:5d:78:34:7b:23:86:8c:
3c:c6:21:2b:75:37:d4:b7:2d:0f:82:8c:96:34:33:c4:da:68:
d1:b0:a2:f5:64:fe:37:58:b8:5f:8c:2e:2a:b7:95:ad:97:35:
4c:1c:c7:55:62:e8:24:9d:96:a9:9f:2c:e6:79:d8:2f:64:df:
30:df:bc:75:e3:d3:d6:35:dd:87:03:10:f9:e3:3a:e1:49:19:
04:94:d0:91:70:d7:83:4d:e8:75:bf:9c:1a:f2:c2:91:18:90:
ea:a4:5d:fb:e2:4d:e2:4d:c9:dc:0a:e6:ae:64:a8:6b:7d:2f:
e2:39:c3:24:21:9c:34:c5:01:7c:28:b8:4b:34:c8:1e:8c:08:
ec:5b:71:be:08:c7:c1:77:b1:b8:08:cc:3a:2b:4e:f5:90:01:
68:06:a9:23:0f:4e:fc:c4:6a:bf:77:3e:2e:63:4f:0d:34:55:
95:15:e3:b8:10:38:08:49:8d:30:e6:05:2d:70:91:53:ee:d1:
39:aa:1d:af
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVvHa50DmONhnJOyV7KSQBbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkMGM2YjJiZDI5ZDMxNjg0ODdjOWVjNWZkZTRjM2ZjNDJk
OWNmYmUwHhcNMjMwMTAxMjA1NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2M2IwZGQyZTdkMjliNGZlMGUxMmM0ZjM1YTMxOGEzNzU3OGE0YmEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnzr6GshvFkhlmC4mKGLmMufqfc+z
x+7odTlkdhhV+tPP9x+wt32PHrNzMQzdl4TrS/7LvEcnCn6mr2yhHE4zTgmtlyn4
Jhf6GjVKNcV7bKW40zvyd6e7J5yrhqpO/yiLGTb7ROb2u5k99HUtKs6XIP43viuE
qYYpF8j5PGrWWaJ+YbHpbQI/coUL3fvF2d8IujSrS+sOobXALy555JV8puxMON5Q
l2TOq6VtuBYNQDrQeaHw4+bDnL9FlxdpaOkEa9LnIvDBgoB037i4R6JO8K/fsZQt
36Dy2q8HpfRY0SXvKjczN7/8ib6dfZdQmAZoflEe4y7FJ0OrQz77p8bi3wIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFGOw3S59KbT+DhLE81oxijdXikugMB8GA1UdIwQY
MBaAFP0MayvSnTFoSHyexf3kw/xC2c++MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1F4cks5S2RNV2hJZko3Rl9lVERfRUxaejc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi80MzVkODgtMzcxZS00Zjg2LWE5MGEt
Y2ZiYmMxNDY3MWEzLzEvWTdEZExuMHB0UDRPRXNUeldqR0tOMWVLUzZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi80MzVkODgtMzcxZS00Zjg2LWE5MGEtY2ZiYmMxNDY3MWEz
LzEvX1F4cks5S2RNV2hJZko3Rl9lVERfRUxaejc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAAuHokD
BAIuHogDBAC5nGgwDQYJKoZIhvcNAQELBQADggEBAGMY1+em8FKo0mEgAR+o4ONo
WKSPN3Mf71eES75pROdH0oOac2kmtXwWx7kr3ld9odabcbDmUa43FfgKEJ4R1lK2
XXg0eyOGjDzGISt1N9S3LQ+CjJY0M8TaaNGwovVk/jdYuF+MLiq3la2XNUwcx1Vi
6CSdlqmfLOZ52C9k3zDfvHXj09Y13YcDEPnjOuFJGQSU0JFw14NN6HW/nBrywpEY
kOqkXfviTeJNydwK5q5kqGt9L+I5wyQhnDTFAXwouEs0yB6MCOxbcb4Ix8F3sbgI
zDorTvWQAWgGqSMPTvzEar93Pi5jTw00VZUV47gQOAhJjTDmBS1wkVPu0TmqHa8=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:01:26 2025 by rpki-client