Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/71ab69-6965-4b70-968d-bb57a4ef7153/1/3ZvENWB8bhJHzJy9Q4d6qSYpTPg.roa
File: 3ZvENWB8bhJHzJy9Q4d6qSYpTPg.roa (raw, json)
Hash identifier: +BmpfaVqNLuLBb1NMUyxJ+LvKbRUukq9WL4htYkb86o=
Subject key identifier: DD:9B:C4:35:60:7C:6E:12:47:CC:9C:BD:43:87:7A:A9:26:29:4C:F8
Certificate issuer: /CN=7fc956a52b73504a4f1ff34547199297a7f5de9d
Certificate serial: 0186FE0F16CC89F78094E6234FDCAAF9E0BC
Authority key identifier: 7F:C9:56:A5:2B:73:50:4A:4F:1F:F3:45:47:19:92:97:A7:F5:DE:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/f8lWpStzUEpPH_NFRxmSl6f13p0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/71ab69-6965-4b70-968d-bb57a4ef7153/1/3ZvENWB8bhJHzJy9Q4d6qSYpTPg.roa
Signing time: Mon 20 Mar 2023 08:07:27 +0000
ROA not before: Mon 20 Mar 2023 08:07:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203239
IP address blocks: 146.247.46.0/24 maxlen: 24
2a0d:1e00:46::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:fe:0f:16:cc:89:f7:80:94:e6:23:4f:dc:aa:f9:e0:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7fc956a52b73504a4f1ff34547199297a7f5de9d
Validity
Not Before: Mar 20 08:07:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dd9bc435607c6e1247cc9cbd43877aa926294cf8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:0b:49:c6:b0:9f:79:83:9b:6b:bc:60:a2:20:
35:db:62:61:d0:9a:78:dc:c6:9c:a5:7b:db:df:b3:
21:1e:42:fe:eb:33:6c:32:01:b8:a8:de:ae:47:b6:
fb:1f:d9:e4:fb:46:ee:2f:37:26:01:c6:fd:08:f5:
bf:20:94:f3:48:08:60:34:48:4e:c1:b5:95:9d:fc:
d8:9a:d1:1c:b3:c6:f3:78:93:6d:e4:a5:66:fa:ca:
99:74:c7:b8:6f:a0:3e:9b:36:26:6e:00:5a:09:a9:
17:2f:14:25:ec:69:27:e6:c9:d3:40:e8:e5:41:4f:
ba:88:ab:7b:66:36:6d:16:3a:e0:0d:ea:5b:d6:e7:
67:a4:44:8e:4a:7d:a1:18:96:d4:be:cc:e1:a9:b3:
3a:b4:b1:9c:12:d0:89:53:31:df:59:2e:30:1e:e9:
3d:b3:41:19:e2:e2:01:50:a4:45:73:36:5d:ca:e0:
25:37:b3:f1:3b:55:2a:13:7e:89:aa:e3:af:83:6d:
b8:2c:f4:a4:8f:7c:41:45:07:46:94:63:7d:6d:89:
5f:f5:a3:5f:af:e2:82:64:a7:5b:86:51:44:43:5c:
09:98:58:13:82:4c:44:95:8e:6b:f9:3f:10:04:71:
95:60:f1:c9:52:07:19:fb:26:c7:b0:3c:e2:6b:21:
bd:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:9B:C4:35:60:7C:6E:12:47:CC:9C:BD:43:87:7A:A9:26:29:4C:F8
X509v3 Authority Key Identifier:
keyid:7F:C9:56:A5:2B:73:50:4A:4F:1F:F3:45:47:19:92:97:A7:F5:DE:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8lWpStzUEpPH_NFRxmSl6f13p0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/71ab69-6965-4b70-968d-bb57a4ef7153/1/3ZvENWB8bhJHzJy9Q4d6qSYpTPg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/71ab69-6965-4b70-968d-bb57a4ef7153/1/f8lWpStzUEpPH_NFRxmSl6f13p0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.247.46.0/24
IPv6:
2a0d:1e00:46::/48
Signature Algorithm: sha256WithRSAEncryption
26:61:6e:19:b3:65:f0:b1:99:5f:9b:62:77:09:88:34:54:c6:
1e:3f:18:c1:84:a5:3d:dd:b6:ec:ff:80:3c:be:71:44:ea:00:
45:66:f5:f1:14:df:c5:1c:cc:fd:02:25:2b:54:b6:18:bd:98:
fb:b1:b5:fe:7b:d3:01:14:87:38:c0:e2:4b:17:cd:a6:21:c7:
44:55:f4:0e:4e:f0:8d:23:1d:9b:b1:e1:9d:26:4b:31:c7:d7:
92:6c:cf:80:30:6d:4f:88:a2:b5:08:25:82:0a:1d:8c:68:c1:
a1:03:57:11:e3:45:e8:86:6d:58:fa:3c:43:94:d0:67:8a:4a:
26:83:de:73:47:e0:20:0b:fe:36:b4:82:59:00:7a:c4:58:9f:
3e:f8:80:a5:c3:75:48:a6:9a:8b:58:e8:e7:12:65:1a:ef:c3:
49:7d:c1:f7:5c:c2:8f:2a:f0:01:8f:18:a8:fe:a1:d7:8c:6a:
e0:f0:94:d7:b3:c6:60:cf:53:7d:dd:88:fb:05:8d:8e:c4:3e:
87:10:7f:5c:c3:3e:7f:b4:3a:ff:c4:90:9c:2f:18:29:c6:04:
8b:63:5e:00:75:f8:cc:b7:30:1c:74:f8:b2:52:23:e1:3d:fa:
1e:32:14:37:22:e2:41:8d:ad:21:5d:60:d7:95:06:44:6e:b8:
79:f7:61:69
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYb+DxbMifeAlOYjT9yq+eC8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmYzk1NmE1MmI3MzUwNGE0ZjFmZjM0NTQ3MTk5Mjk3YTdm
NWRlOWQwHhcNMjMwMzIwMDgwNzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDliYzQzNTYwN2M2ZTEyNDdjYzljYmQ0Mzg3N2FhOTI2Mjk0Y2Y4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0gtJxrCfeYOba7xgoiA122Jh0Jp4
3MacpXvb37MhHkL+6zNsMgG4qN6uR7b7H9nk+0buLzcmAcb9CPW/IJTzSAhgNEhO
wbWVnfzYmtEcs8bzeJNt5KVm+sqZdMe4b6A+mzYmbgBaCakXLxQl7Gkn5snTQOjl
QU+6iKt7ZjZtFjrgDepb1udnpESOSn2hGJbUvszhqbM6tLGcEtCJUzHfWS4wHuk9
s0EZ4uIBUKRFczZdyuAlN7PxO1UqE36JquOvg224LPSkj3xBRQdGlGN9bYlf9aNf
r+KCZKdbhlFEQ1wJmFgTgkxElY5r+T8QBHGVYPHJUgcZ+ybHsDziayG9LQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFN2bxDVgfG4SR8ycvUOHeqkmKUz4MB8GA1UdIwQY
MBaAFH/JVqUrc1BKTx/zRUcZkpen9d6dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZjhsV3BTdHpVRXBQSF9ORlJ4bVNsNmYxM3AwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS83MWFiNjktNjk2NS00YjcwLTk2OGQt
YmI1N2E0ZWY3MTUzLzEvM1p2RU5XQjhiaEpIekp5OVE0ZDZxU1lwVFBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS83MWFiNjktNjk2NS00YjcwLTk2OGQtYmI1N2E0ZWY3MTUz
LzEvZjhsV3BTdHpVRXBQSF9ORlJ4bVNsNmYxM3AwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAkvcuMA8E
AgACMAkDBwAqDR4AAEYwDQYJKoZIhvcNAQELBQADggEBACZhbhmzZfCxmV+bYncJ
iDRUxh4/GMGEpT3dtuz/gDy+cUTqAEVm9fEU38UczP0CJStUthi9mPuxtf570wEU
hzjA4ksXzaYhx0RV9A5O8I0jHZux4Z0mSzHH15Jsz4AwbU+IorUIJYIKHYxowaED
VxHjReiGbVj6PEOU0GeKSiaD3nNH4CAL/ja0glkAesRYnz74gKXDdUimmotY6OcS
ZRrvw0l9wfdcwo8q8AGPGKj+odeMauDwlNezxmDPU33diPsFjY7EPocQf1zDPn+0
Ov/EkJwvGCnGBItjXgB1+My3MBx0+LJSI+E9+h4yFDci4kGNrSFdYNeVBkRuuHn3
YWk=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:14:25 2025 by rpki-client