Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/Y232aq2lnnaqxciU9-hSS3ODJfY.roa
File: Y232aq2lnnaqxciU9-hSS3ODJfY.roa (raw, json)
Hash identifier: KI4G0payFXhwy/xIBIDspyZSdxYk/kB9sqS+s5L8lxs=
Subject key identifier: 63:6D:F6:6A:AD:A5:9E:76:AA:C5:C8:94:F7:E8:52:4B:73:83:25:F6
Certificate issuer: /CN=5b52634a2eb03f8565b5e33dc2b9f49041f7cfb0
Certificate serial: 01856F42BB5DA7A95A34FBEA2F455052B73B
Authority key identifier: 5B:52:63:4A:2E:B0:3F:85:65:B5:E3:3D:C2:B9:F4:90:41:F7:CF:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W1JjSi6wP4VlteM9wrn0kEH3z7A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/Y232aq2lnnaqxciU9-hSS3ODJfY.roa
Signing time: Sun 01 Jan 2023 21:35:22 +0000
ROA not before: Sun 01 Jan 2023 21:35:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44400
IP address blocks: 46.143.0.0/22 maxlen: 32
79.127.118.0/24 maxlen: 32
79.127.44.0/23 maxlen: 32
79.127.60.0/23 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:bb:5d:a7:a9:5a:34:fb:ea:2f:45:50:52:b7:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b52634a2eb03f8565b5e33dc2b9f49041f7cfb0
Validity
Not Before: Jan 1 21:35:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=636df66aada59e76aac5c894f7e8524b738325f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:8c:7d:2a:a4:4b:4b:73:82:30:53:c2:7e:fe:
65:f2:b1:b2:60:8e:84:b2:db:7c:fc:b1:c9:74:85:
21:44:e5:5f:85:ec:64:46:02:87:b8:c9:ef:fb:99:
6b:30:7e:7f:e8:cc:0f:d1:f8:c1:5b:11:0d:47:ee:
28:b2:60:59:48:1b:8f:81:e9:a3:50:f3:ba:b9:7c:
cf:a7:1a:73:b9:e7:8a:ea:72:53:a1:7f:7c:71:d2:
49:de:da:f2:3c:34:16:32:f2:25:9b:a4:5b:c8:f4:
e3:e2:36:74:c3:f4:e8:ff:c3:55:84:d5:cb:10:9e:
13:16:80:e4:cd:7b:1d:0b:2d:13:d7:0b:53:83:66:
8d:43:27:94:b6:a2:93:c7:3d:d7:23:aa:72:9d:3c:
56:29:3d:06:0f:1b:8f:ff:78:98:b7:ef:b4:3d:54:
58:7f:39:7b:22:ce:34:05:f8:3f:e3:d0:79:76:62:
71:8b:9b:fd:e0:59:38:88:fa:71:4a:0e:93:d4:9e:
93:44:2e:fb:04:48:d8:e5:d1:cf:d3:9c:8c:82:64:
b4:9e:ca:24:29:fc:5d:56:04:9e:60:2c:c4:8f:3e:
1e:af:85:2f:5c:a7:3b:66:74:19:54:95:e5:36:01:
b6:64:49:f2:c2:a9:64:f5:90:93:42:54:57:92:59:
1f:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:6D:F6:6A:AD:A5:9E:76:AA:C5:C8:94:F7:E8:52:4B:73:83:25:F6
X509v3 Authority Key Identifier:
keyid:5B:52:63:4A:2E:B0:3F:85:65:B5:E3:3D:C2:B9:F4:90:41:F7:CF:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W1JjSi6wP4VlteM9wrn0kEH3z7A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/Y232aq2lnnaqxciU9-hSS3ODJfY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/W1JjSi6wP4VlteM9wrn0kEH3z7A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.143.0.0/22
79.127.44.0/23
79.127.60.0/23
79.127.118.0/24
Signature Algorithm: sha256WithRSAEncryption
ab:e0:bb:e2:9c:7c:07:50:48:d9:4c:1c:25:1c:31:23:14:ab:
f1:d3:97:80:b5:15:a7:5b:2a:cd:d5:b1:3c:b9:52:d8:1a:f7:
fb:5c:ab:fd:6f:fc:c4:10:ef:4b:e1:82:af:62:97:6b:12:c0:
72:be:be:86:93:62:4c:68:9a:d9:37:1c:4e:3b:c8:f2:c4:ea:
6c:81:15:fd:90:1a:46:15:85:6f:9c:2d:6d:99:22:34:e8:2a:
7f:c9:11:3f:5d:eb:7f:5b:ec:02:18:c8:79:c0:b6:0f:e4:08:
15:98:06:a0:17:65:c3:30:c0:41:88:31:34:7c:47:a8:d5:63:
df:01:c4:4b:96:c4:4d:fe:d9:42:c8:5c:79:b2:5e:0d:2c:c5:
9f:e6:4b:ff:14:7a:4e:03:b1:6a:23:13:98:f1:1f:e8:18:6a:
0b:78:9d:09:3a:b7:65:46:58:7a:90:80:2a:a1:3b:e9:20:d8:
67:ab:c3:e6:5b:78:be:2c:eb:e8:73:58:22:73:f5:6d:0b:b6:
c4:45:ff:db:17:88:6a:f2:70:53:7f:fa:b0:ee:9a:d4:db:51:
dd:70:3e:e6:a8:c9:5c:c0:3f:07:0a:d8:3f:37:05:5d:26:61:
b8:67:a8:95:98:e3:d4:a9:ee:91:66:31:26:fc:d3:d3:9a:f5:
e6:bd:39:f8
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVvQrtdp6laNPvqL0VQUrc7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViNTI2MzRhMmViMDNmODU2NWI1ZTMzZGMyYjlmNDkwNDFm
N2NmYjAwHhcNMjMwMTAxMjEzNTIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzZkZjY2YWFkYTU5ZTc2YWFjNWM4OTRmN2U4NTI0YjczODMyNWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoYx9KqRLS3OCMFPCfv5l8rGyYI6E
stt8/LHJdIUhROVfhexkRgKHuMnv+5lrMH5/6MwP0fjBWxENR+4osmBZSBuPgemj
UPO6uXzPpxpzueeK6nJToX98cdJJ3tryPDQWMvIlm6RbyPTj4jZ0w/To/8NVhNXL
EJ4TFoDkzXsdCy0T1wtTg2aNQyeUtqKTxz3XI6pynTxWKT0GDxuP/3iYt++0PVRY
fzl7Is40Bfg/49B5dmJxi5v94Fk4iPpxSg6T1J6TRC77BEjY5dHP05yMgmS0nsok
KfxdVgSeYCzEjz4er4UvXKc7ZnQZVJXlNgG2ZEnywqlk9ZCTQlRXklkf/wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGNt9mqtpZ52qsXIlPfoUktzgyX2MB8GA1UdIwQY
MBaAFFtSY0ousD+FZbXjPcK59JBB98+wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzFKalNpNndQNFZsdGVNOXdybjBrRUgzejdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC83YTViNDQtNmIxOC00MmQzLWE4ZDUt
ZGM2NTU0ZmQxMjM1LzEvWTIzMmFxMmxubmFxeGNpVTktaFNTM09ESmZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC83YTViNDQtNmIxOC00MmQzLWE4ZDUtZGM2NTU0ZmQxMjM1
LzEvVzFKalNpNndQNFZsdGVNOXdybjBrRUgzejdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCLo8AAwQB
T38sAwQBT388AwQAT392MA0GCSqGSIb3DQEBCwUAA4IBAQCr4LvinHwHUEjZTBwl
HDEjFKvx05eAtRWnWyrN1bE8uVLYGvf7XKv9b/zEEO9L4YKvYpdrEsByvr6Gk2JM
aJrZNxxOO8jyxOpsgRX9kBpGFYVvnC1tmSI06Cp/yRE/Xet/W+wCGMh5wLYP5AgV
mAagF2XDMMBBiDE0fEeo1WPfAcRLlsRN/tlCyFx5sl4NLMWf5kv/FHpOA7FqIxOY
8R/oGGoLeJ0JOrdlRlh6kIAqoTvpINhnq8PmW3i+LOvoc1gic/VtC7bERf/bF4hq
8nBTf/qw7prU21HdcD7mqMlcwD8HCtg/NwVdJmG4Z6iVmOPUqe6RZjEm/NPTmvXm
vTn4
-----END CERTIFICATE-----
Generated at Thu Apr 17 13:59:36 2025 by rpki-client