Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/71ab69-6965-4b70-968d-bb57a4ef7153/1/RKXr_FCASwz3feuo8aWNbDflWF8.roa
File: RKXr_FCASwz3feuo8aWNbDflWF8.roa (raw, json)
Hash identifier: 3CKjw+eTXtcUtdW3ytKqVugmSy+ctLZb2dgkDZs/eek=
Subject key identifier: 44:A5:EB:FC:50:80:4B:0C:F7:7D:EB:A8:F1:A5:8D:6C:37:E5:58:5F
Certificate issuer: /CN=7fc956a52b73504a4f1ff34547199297a7f5de9d
Certificate serial: 018602C061B9136A3246DF880700C91789B0
Authority key identifier: 7F:C9:56:A5:2B:73:50:4A:4F:1F:F3:45:47:19:92:97:A7:F5:DE:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/f8lWpStzUEpPH_NFRxmSl6f13p0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/71ab69-6965-4b70-968d-bb57a4ef7153/1/RKXr_FCASwz3feuo8aWNbDflWF8.roa
Signing time: Mon 30 Jan 2023 12:56:47 +0000
ROA not before: Mon 30 Jan 2023 12:56:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203239
IP address blocks: 146.247.46.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:02:c0:61:b9:13:6a:32:46:df:88:07:00:c9:17:89:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7fc956a52b73504a4f1ff34547199297a7f5de9d
Validity
Not Before: Jan 30 12:56:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=44a5ebfc50804b0cf77deba8f1a58d6c37e5585f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:1f:79:26:1c:a7:88:6d:99:8f:b0:38:ff:96:
78:cc:91:80:1c:94:16:fa:2d:e3:c4:b2:87:0a:89:
03:d2:49:18:03:74:c0:57:a1:2e:cc:1d:bf:24:90:
67:de:a6:d9:d4:b5:c0:e0:0c:e8:50:1f:d6:77:e4:
34:8c:b1:ee:d1:06:f6:de:b8:f8:b9:eb:36:1c:e4:
81:09:95:82:a9:79:cf:36:42:06:80:82:93:b6:9d:
a5:58:1b:9b:df:03:28:e9:94:2b:8b:ea:e7:79:e9:
fd:83:f8:f7:c3:fe:04:5e:e5:6c:c7:f5:3c:c9:10:
de:2e:9f:bb:b0:31:88:94:1a:65:2a:92:12:2e:f6:
5f:a2:67:84:5a:00:a9:d7:51:eb:a1:5f:c9:04:18:
d0:1e:ae:74:83:34:c3:7b:31:0c:62:de:34:e3:4e:
cf:1f:db:bd:d7:13:37:80:6e:6f:c0:62:84:b6:64:
d7:ee:73:b9:a8:cb:30:f9:01:d7:fb:1f:b0:55:d5:
f1:0e:cf:05:1f:8c:5b:fc:08:cd:fc:96:12:0e:9d:
28:76:9d:e3:b2:5b:b7:61:61:2e:46:0c:e0:3a:d8:
d8:2c:38:79:17:a0:17:38:5c:bf:d2:8f:3d:77:b9:
17:02:0e:18:7b:d8:73:38:89:81:0d:6c:1b:a3:14:
c9:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:A5:EB:FC:50:80:4B:0C:F7:7D:EB:A8:F1:A5:8D:6C:37:E5:58:5F
X509v3 Authority Key Identifier:
keyid:7F:C9:56:A5:2B:73:50:4A:4F:1F:F3:45:47:19:92:97:A7:F5:DE:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8lWpStzUEpPH_NFRxmSl6f13p0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/71ab69-6965-4b70-968d-bb57a4ef7153/1/RKXr_FCASwz3feuo8aWNbDflWF8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/71ab69-6965-4b70-968d-bb57a4ef7153/1/f8lWpStzUEpPH_NFRxmSl6f13p0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.247.46.0/24
Signature Algorithm: sha256WithRSAEncryption
23:a6:fb:22:cf:0c:4d:19:94:50:31:a5:87:73:85:5d:d7:08:
43:ff:a2:f4:9e:b4:72:20:70:bd:13:93:16:8d:36:6f:21:1b:
af:24:20:38:5e:54:cd:45:63:86:99:84:0d:f3:9c:0b:f6:77:
5b:e0:58:32:0b:b4:2b:25:03:b4:c9:b9:2c:b1:06:50:52:a8:
a9:fa:ca:75:1c:65:0e:dd:a4:4c:c0:28:4a:41:ff:1f:17:9b:
c2:68:4c:3c:46:f8:de:00:57:aa:cb:10:95:fc:62:7e:ea:1f:
d4:44:09:5b:30:5f:70:c0:b4:49:bc:93:dd:98:e4:53:6d:a1:
b3:06:fd:09:32:f3:c1:19:d9:e5:d6:09:45:5b:a2:c1:8a:14:
92:dc:aa:37:68:45:54:5d:d4:17:97:a3:c2:a1:6a:a9:07:7d:
88:20:12:2a:c7:83:be:ef:3d:23:17:b3:74:78:03:32:32:cf:
a5:1d:d9:5d:d0:47:31:39:82:89:7c:de:60:1b:ad:c9:09:3a:
0a:1a:8a:a8:b6:7d:c1:c9:81:0f:46:da:33:27:63:2c:d0:46:
4d:c0:7e:90:9d:03:e2:ed:9c:e8:d2:8a:04:b6:16:96:17:e6:
be:44:22:c6:ec:65:21:cf:5b:52:c3:ac:9c:14:e4:57:38:f7:
f1:20:89:61
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYYCwGG5E2oyRt+IBwDJF4mwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmYzk1NmE1MmI3MzUwNGE0ZjFmZjM0NTQ3MTk5Mjk3YTdm
NWRlOWQwHhcNMjMwMTMwMTI1NjQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NGE1ZWJmYzUwODA0YjBjZjc3ZGViYThmMWE1OGQ2YzM3ZTU1ODVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmR95JhyniG2Zj7A4/5Z4zJGAHJQW
+i3jxLKHCokD0kkYA3TAV6EuzB2/JJBn3qbZ1LXA4AzoUB/Wd+Q0jLHu0Qb23rj4
ues2HOSBCZWCqXnPNkIGgIKTtp2lWBub3wMo6ZQri+rneen9g/j3w/4EXuVsx/U8
yRDeLp+7sDGIlBplKpISLvZfomeEWgCp11HroV/JBBjQHq50gzTDezEMYt40407P
H9u91xM3gG5vwGKEtmTX7nO5qMsw+QHX+x+wVdXxDs8FH4xb/AjN/JYSDp0odp3j
slu3YWEuRgzgOtjYLDh5F6AXOFy/0o89d7kXAg4Ye9hzOImBDWwboxTJxQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFESl6/xQgEsM933rqPGljWw35VhfMB8GA1UdIwQY
MBaAFH/JVqUrc1BKTx/zRUcZkpen9d6dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZjhsV3BTdHpVRXBQSF9ORlJ4bVNsNmYxM3AwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS83MWFiNjktNjk2NS00YjcwLTk2OGQt
YmI1N2E0ZWY3MTUzLzEvUktYcl9GQ0FTd3ozZmV1bzhhV05iRGZsV0Y4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS83MWFiNjktNjk2NS00YjcwLTk2OGQtYmI1N2E0ZWY3MTUz
LzEvZjhsV3BTdHpVRXBQSF9ORlJ4bVNsNmYxM3AwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkvcuMA0G
CSqGSIb3DQEBCwUAA4IBAQAjpvsizwxNGZRQMaWHc4Vd1whD/6L0nrRyIHC9E5MW
jTZvIRuvJCA4XlTNRWOGmYQN85wL9ndb4FgyC7QrJQO0ybkssQZQUqip+sp1HGUO
3aRMwChKQf8fF5vCaEw8RvjeAFeqyxCV/GJ+6h/URAlbMF9wwLRJvJPdmORTbaGz
Bv0JMvPBGdnl1glFW6LBihSS3Ko3aEVUXdQXl6PCoWqpB32IIBIqx4O+7z0jF7N0
eAMyMs+lHdld0EcxOYKJfN5gG63JCToKGoqotn3ByYEPRtozJ2Ms0EZNwH6QnQPi
7Zzo0ooEthaWF+a+RCLG7GUhz1tSw6ycFORXOPfxIIlh
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:19:14 2025 by rpki-client