Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/71ab69-6965-4b70-968d-bb57a4ef7153/1/Ft3JKieJh0uzWwg2FM6jk8FbEto.roa
File: Ft3JKieJh0uzWwg2FM6jk8FbEto.roa (raw, json)
Hash identifier: mOq6AnIMwHaVkkn94s2MA5X188qMruccV8MhEUDrJhk=
Subject key identifier: 16:DD:C9:2A:27:89:87:4B:B3:5B:08:36:14:CE:A3:93:C1:5B:12:DA
Certificate issuer: /CN=7fc956a52b73504a4f1ff34547199297a7f5de9d
Certificate serial: 018825DCF3AE7C1A5D774092CF57C46B73D1
Authority key identifier: 7F:C9:56:A5:2B:73:50:4A:4F:1F:F3:45:47:19:92:97:A7:F5:DE:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/f8lWpStzUEpPH_NFRxmSl6f13p0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/71ab69-6965-4b70-968d-bb57a4ef7153/1/Ft3JKieJh0uzWwg2FM6jk8FbEto.roa
Signing time: Tue 16 May 2023 18:40:17 +0000
ROA not before: Tue 16 May 2023 18:40:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203239
IP address blocks: 146.247.46.0/24 maxlen: 24
2a0d:1e00::/48 maxlen: 48
2a0d:1e00:46::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:25:dc:f3:ae:7c:1a:5d:77:40:92:cf:57:c4:6b:73:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7fc956a52b73504a4f1ff34547199297a7f5de9d
Validity
Not Before: May 16 18:40:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=16ddc92a2789874bb35b083614cea393c15b12da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:1a:4a:b4:ec:28:f3:b4:51:1b:3c:3a:19:ac:
54:2b:c9:14:ea:56:fd:7e:f5:ce:3d:a3:39:99:58:
c0:f1:01:4c:aa:2a:35:fa:33:de:77:12:44:1b:6b:
99:fb:dd:65:d8:ed:35:12:63:46:02:e6:01:8a:af:
e4:54:16:ac:32:e1:99:2b:1d:a8:17:56:9b:10:f8:
9a:12:a8:8d:51:ad:b1:5c:a1:8b:87:af:72:c8:d1:
28:54:a9:96:ff:d4:49:7b:ac:ad:1f:36:64:75:5a:
6b:6e:bb:28:7f:ae:9e:f9:98:21:6c:4a:91:17:2b:
c9:db:39:5b:a5:3c:0c:12:17:ab:cf:99:7b:9f:d3:
62:a2:9d:ed:26:1c:c5:a0:d5:e1:4f:eb:9c:6a:9a:
47:c0:27:86:bb:9b:5f:0a:0f:d3:55:13:0c:a4:67:
86:bf:b5:7a:a2:00:49:1f:b3:1f:ed:7d:40:8f:92:
39:e9:1d:99:70:1f:48:bc:0d:d6:e6:1c:0a:b6:6f:
85:33:c3:b6:77:1b:d3:21:b8:10:57:dc:4f:85:82:
9d:2a:ec:c5:47:eb:35:3c:e2:cc:06:ec:ac:35:66:
4f:d7:4b:0d:81:6a:1c:24:74:ac:00:a3:ff:84:b0:
33:38:d2:b1:6b:a2:ee:95:13:a3:03:45:c2:30:05:
39:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:DD:C9:2A:27:89:87:4B:B3:5B:08:36:14:CE:A3:93:C1:5B:12:DA
X509v3 Authority Key Identifier:
keyid:7F:C9:56:A5:2B:73:50:4A:4F:1F:F3:45:47:19:92:97:A7:F5:DE:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8lWpStzUEpPH_NFRxmSl6f13p0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/71ab69-6965-4b70-968d-bb57a4ef7153/1/Ft3JKieJh0uzWwg2FM6jk8FbEto.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/71ab69-6965-4b70-968d-bb57a4ef7153/1/f8lWpStzUEpPH_NFRxmSl6f13p0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.247.46.0/24
IPv6:
2a0d:1e00::/48
2a0d:1e00:46::/48
Signature Algorithm: sha256WithRSAEncryption
1d:60:28:7a:e8:12:57:e3:46:46:c4:e8:84:e7:dc:a4:1f:7e:
6d:73:bc:4e:19:73:3d:16:07:22:1b:67:4a:1c:a1:93:40:14:
32:87:fa:43:ff:44:e6:96:65:82:11:05:db:65:c9:9f:02:d1:
1e:1b:eb:c6:05:bb:d2:98:2d:c6:da:79:ee:da:88:63:35:4a:
7c:75:11:12:90:d5:43:a9:f3:c6:77:6c:00:78:01:76:df:70:
59:54:7c:05:37:68:ef:90:50:20:30:7d:2e:43:25:a9:ba:8c:
fa:00:59:18:87:4f:fa:3f:b0:71:f4:de:1a:26:3c:9d:af:e9:
f9:6b:ed:9c:84:53:29:03:9b:fb:f4:b7:50:4e:c8:17:1f:35:
7b:48:4a:af:53:97:bc:f7:41:46:fc:47:7a:85:bf:29:3d:da:
3a:f5:86:5b:4d:c5:41:e3:66:4a:45:f1:68:03:3a:33:6e:45:
d8:93:13:ab:c9:3a:19:b7:48:de:08:5c:49:7f:5d:12:ac:2c:
10:eb:da:d3:5f:3d:99:67:3b:57:39:82:f8:a9:a3:7d:da:8a:
4b:6a:a4:f2:ed:73:34:1a:45:3c:3e:c2:ce:b2:e1:73:df:e4:
51:cb:40:a0:d9:e7:84:88:eb:cc:de:04:a8:4d:de:59:84:94:
b3:fe:62:a0
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYgl3POufBpdd0CSz1fEa3PRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmYzk1NmE1MmI3MzUwNGE0ZjFmZjM0NTQ3MTk5Mjk3YTdm
NWRlOWQwHhcNMjMwNTE2MTg0MDE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNmRkYzkyYTI3ODk4NzRiYjM1YjA4MzYxNGNlYTM5M2MxNWIxMmRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArBpKtOwo87RRGzw6GaxUK8kU6lb9
fvXOPaM5mVjA8QFMqio1+jPedxJEG2uZ+91l2O01EmNGAuYBiq/kVBasMuGZKx2o
F1abEPiaEqiNUa2xXKGLh69yyNEoVKmW/9RJe6ytHzZkdVprbrsof66e+ZghbEqR
FyvJ2zlbpTwMEherz5l7n9Niop3tJhzFoNXhT+ucappHwCeGu5tfCg/TVRMMpGeG
v7V6ogBJH7Mf7X1Aj5I56R2ZcB9IvA3W5hwKtm+FM8O2dxvTIbgQV9xPhYKdKuzF
R+s1POLMBuysNWZP10sNgWocJHSsAKP/hLAzONKxa6LulROjA0XCMAU5VwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFBbdySoniYdLs1sINhTOo5PBWxLaMB8GA1UdIwQY
MBaAFH/JVqUrc1BKTx/zRUcZkpen9d6dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZjhsV3BTdHpVRXBQSF9ORlJ4bVNsNmYxM3AwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS83MWFiNjktNjk2NS00YjcwLTk2OGQt
YmI1N2E0ZWY3MTUzLzEvRnQzSktpZUpoMHV6V3dnMkZNNmprOEZiRXRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS83MWFiNjktNjk2NS00YjcwLTk2OGQtYmI1N2E0ZWY3MTUz
LzEvZjhsV3BTdHpVRXBQSF9ORlJ4bVNsNmYxM3AwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQAkvcuMBgE
AgACMBIDBwAqDR4AAAADBwAqDR4AAEYwDQYJKoZIhvcNAQELBQADggEBAB1gKHro
ElfjRkbE6ITn3KQffm1zvE4Zcz0WByIbZ0ocoZNAFDKH+kP/ROaWZYIRBdtlyZ8C
0R4b68YFu9KYLcbaee7aiGM1Snx1ERKQ1UOp88Z3bAB4AXbfcFlUfAU3aO+QUCAw
fS5DJam6jPoAWRiHT/o/sHH03homPJ2v6flr7ZyEUykDm/v0t1BOyBcfNXtISq9T
l7z3QUb8R3qFvyk92jr1hltNxUHjZkpF8WgDOjNuRdiTE6vJOhm3SN4IXEl/XRKs
LBDr2tNfPZlnO1c5gvipo33aiktqpPLtczQaRTw+ws6y4XPf5FHLQKDZ54SI68ze
BKhN3lmElLP+YqA=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:09:58 2025 by rpki-client