Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/vq3KIIVYF1B4gXMj0Oxo-eB9rCE.roa
File: vq3KIIVYF1B4gXMj0Oxo-eB9rCE.roa (raw, json)
Hash identifier: 9+noFad5YU4+nx59YYgibAUfUtBgxEnThuHDhJ/RPi4=
Subject key identifier: BE:AD:CA:20:85:58:17:50:78:81:73:23:D0:EC:68:F9:E0:7D:AC:21
Certificate issuer: /CN=5b52634a2eb03f8565b5e33dc2b9f49041f7cfb0
Certificate serial: 01856F42BC4FE73C40C2D215C2B51D95E4C3
Authority key identifier: 5B:52:63:4A:2E:B0:3F:85:65:B5:E3:3D:C2:B9:F4:90:41:F7:CF:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W1JjSi6wP4VlteM9wrn0kEH3z7A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/vq3KIIVYF1B4gXMj0Oxo-eB9rCE.roa
Signing time: Sun 01 Jan 2023 21:35:22 +0000
ROA not before: Sun 01 Jan 2023 21:35:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49100
IP address blocks: 79.127.0.0/21 maxlen: 32
46.143.24.0/21 maxlen: 32
46.143.32.0/20 maxlen: 32
79.127.64.0/20 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:bc:4f:e7:3c:40:c2:d2:15:c2:b5:1d:95:e4:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b52634a2eb03f8565b5e33dc2b9f49041f7cfb0
Validity
Not Before: Jan 1 21:35:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=beadca208558175078817323d0ec68f9e07dac21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:f6:07:13:07:cc:66:21:98:a4:3f:c3:fc:a9:
76:24:58:2d:81:02:82:e9:b8:30:47:cc:f7:91:78:
aa:17:de:95:fc:bc:d1:23:e7:1f:67:b2:66:c7:16:
50:67:3d:b9:35:ee:eb:af:fc:f0:48:06:07:c7:45:
8f:9e:03:39:8b:a2:60:80:0f:38:fb:63:4f:35:b2:
42:8d:0d:58:ad:10:29:b9:4d:39:99:59:38:17:87:
cd:4a:c0:b0:5d:84:ae:4e:15:03:03:1c:6a:4c:bc:
4b:ff:6a:eb:14:15:a4:f0:48:59:2b:a0:5a:df:b6:
a2:c4:6d:21:86:70:40:1e:fd:80:cd:f8:16:3d:45:
56:b2:e3:70:f9:04:1f:57:55:7c:23:0f:28:e1:45:
69:5c:24:3a:eb:85:a4:d5:84:ae:27:31:53:3c:c4:
e0:16:1c:f3:dc:d9:cf:6e:f2:64:7a:90:a7:f1:b8:
f3:17:7c:04:54:92:5b:25:36:24:b5:0d:fa:a8:d9:
dd:e1:13:21:d1:97:32:24:30:d0:64:4d:1d:d6:3b:
b3:69:58:21:d2:bc:32:9d:5b:5b:82:a5:1b:7b:c7:
94:9c:aa:80:eb:d1:cd:46:7f:8b:a2:88:0a:d4:10:
84:f4:d9:47:64:11:10:46:06:4e:3d:f5:d5:d3:db:
19:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:AD:CA:20:85:58:17:50:78:81:73:23:D0:EC:68:F9:E0:7D:AC:21
X509v3 Authority Key Identifier:
keyid:5B:52:63:4A:2E:B0:3F:85:65:B5:E3:3D:C2:B9:F4:90:41:F7:CF:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W1JjSi6wP4VlteM9wrn0kEH3z7A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/vq3KIIVYF1B4gXMj0Oxo-eB9rCE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/W1JjSi6wP4VlteM9wrn0kEH3z7A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.143.24.0-46.143.47.255
79.127.0.0/21
79.127.64.0/20
Signature Algorithm: sha256WithRSAEncryption
8c:0f:fa:56:1d:9c:dc:15:2e:51:ac:c7:44:c4:01:a9:e2:b0:
97:d2:df:7c:22:12:9f:e3:49:b5:51:83:48:fc:5f:d4:5d:e5:
9c:2b:16:35:f9:91:d2:fa:09:1e:6e:e7:68:54:21:da:70:55:
e1:c2:a9:01:1c:b3:a2:a4:d1:2a:f9:22:56:fa:88:7c:91:1a:
fc:77:9a:fb:15:3c:49:61:3b:31:1d:c9:85:7b:5c:fe:99:6f:
ed:9e:b4:5c:8d:8a:1f:cc:f4:12:ae:d5:4e:6b:e8:ae:9c:34:
ff:00:d8:ad:38:ec:5d:53:24:f3:48:52:58:20:e2:a1:4c:b4:
89:9a:e0:88:52:e0:12:17:70:8d:c3:ba:e6:93:23:6f:9d:6e:
99:48:fc:bb:94:2e:a7:6a:c6:2c:59:47:88:45:cd:2f:ed:f8:
b0:fa:48:99:6f:eb:d3:50:e7:c2:1d:a0:d6:73:73:06:25:1d:
d5:13:8f:81:c6:46:a8:2a:13:c3:9d:de:18:36:76:13:2c:e5:
56:77:55:84:79:d3:39:dc:1d:f4:53:92:54:c0:57:fc:69:46:
83:85:32:47:c2:cb:a2:db:c3:1c:26:bf:3a:d7:bf:92:6f:ec:
b6:e4:35:40:eb:78:67:83:b9:c8:6e:b2:1d:d7:e8:04:81:64:
7d:4d:3e:35
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYVvQrxP5zxAwtIVwrUdleTDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViNTI2MzRhMmViMDNmODU2NWI1ZTMzZGMyYjlmNDkwNDFm
N2NmYjAwHhcNMjMwMTAxMjEzNTIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZWFkY2EyMDg1NTgxNzUwNzg4MTczMjNkMGVjNjhmOWUwN2RhYzIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqfYHEwfMZiGYpD/D/Kl2JFgtgQKC
6bgwR8z3kXiqF96V/LzRI+cfZ7JmxxZQZz25Ne7rr/zwSAYHx0WPngM5i6JggA84
+2NPNbJCjQ1YrRApuU05mVk4F4fNSsCwXYSuThUDAxxqTLxL/2rrFBWk8EhZK6Ba
37aixG0hhnBAHv2AzfgWPUVWsuNw+QQfV1V8Iw8o4UVpXCQ664Wk1YSuJzFTPMTg
Fhzz3NnPbvJkepCn8bjzF3wEVJJbJTYktQ36qNnd4RMh0ZcyJDDQZE0d1juzaVgh
0rwynVtbgqUbe8eUnKqA69HNRn+LoogK1BCE9NlHZBEQRgZOPfXV09sZwwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFL6tyiCFWBdQeIFzI9DsaPngfawhMB8GA1UdIwQY
MBaAFFtSY0ousD+FZbXjPcK59JBB98+wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzFKalNpNndQNFZsdGVNOXdybjBrRUgzejdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC83YTViNDQtNmIxOC00MmQzLWE4ZDUt
ZGM2NTU0ZmQxMjM1LzEvdnEzS0lJVllGMUI0Z1hNajBPeG8tZUI5ckNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC83YTViNDQtNmIxOC00MmQzLWE4ZDUtZGM2NTU0ZmQxMjM1
LzEvVzFKalNpNndQNFZsdGVNOXdybjBrRUgzejdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAMujxgD
BAQujyADBANPfwADBARPf0AwDQYJKoZIhvcNAQELBQADggEBAIwP+lYdnNwVLlGs
x0TEAanisJfS33wiEp/jSbVRg0j8X9Rd5ZwrFjX5kdL6CR5u52hUIdpwVeHCqQEc
s6Kk0Sr5Ilb6iHyRGvx3mvsVPElhOzEdyYV7XP6Zb+2etFyNih/M9BKu1U5r6K6c
NP8A2K047F1TJPNIUlgg4qFMtIma4IhS4BIXcI3DuuaTI2+dbplI/LuULqdqxixZ
R4hFzS/t+LD6SJlv69NQ58IdoNZzcwYlHdUTj4HGRqgqE8Od3hg2dhMs5VZ3VYR5
0zncHfRTklTAV/xpRoOFMkfCy6LbwxwmvzrXv5Jv7LbkNUDreGeDuchush3X6ASB
ZH1NPjU=
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:40:40 2025 by rpki-client