Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/e15cf6-6f13-4d27-9166-b064660f704f/1/33iREEXVnUx6aMtV5vlnQbShcaE.roa
File: 33iREEXVnUx6aMtV5vlnQbShcaE.roa (raw, json)
Hash identifier: Y8PnFtGKoRxiPUfzrXfig54toPc5eJzxiYJtzS1pnZU=
Subject key identifier: DF:78:91:10:45:D5:9D:4C:7A:68:CB:55:E6:F9:67:41:B4:A1:71:A1
Certificate issuer: /CN=c88c53b477c3bfa70b61f427b47994c2d1783458
Certificate serial: 018C686F2FDA54E9B4D3CF7A3046D203DDF3
Authority key identifier: C8:8C:53:B4:77:C3:BF:A7:0B:61:F4:27:B4:79:94:C2:D1:78:34:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yIxTtHfDv6cLYfQntHmUwtF4NFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/e15cf6-6f13-4d27-9166-b064660f704f/1/33iREEXVnUx6aMtV5vlnQbShcaE.roa
Signing time: Thu 14 Dec 2023 13:06:06 +0000
ROA not before: Thu 14 Dec 2023 13:06:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197369
IP address blocks: 188.240.4.0/22 maxlen: 22
46.16.40.0/21 maxlen: 21
46.16.45.0/24 maxlen: 24
46.16.47.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:68:6f:2f:da:54:e9:b4:d3:cf:7a:30:46:d2:03:dd:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c88c53b477c3bfa70b61f427b47994c2d1783458
Validity
Not Before: Dec 14 13:06:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=df78911045d59d4c7a68cb55e6f96741b4a171a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:d5:f2:6f:bf:d5:69:a1:79:63:90:cc:a7:cd:
d2:c7:91:7f:9c:d2:58:d8:1d:d3:21:de:2f:1f:09:
4d:2b:4a:06:5a:f1:1e:73:4b:c8:da:ce:03:df:47:
85:bb:b2:d9:a2:d0:0e:7b:03:78:9e:27:7e:8e:89:
c8:9f:8c:c2:ca:8e:6f:55:71:1e:6c:e6:3c:53:0f:
0a:9b:77:25:c4:2a:5e:c7:a0:85:da:df:9a:ad:f7:
2d:14:b9:cf:42:d3:e9:ff:6e:26:35:5d:d4:30:ca:
a2:1c:84:f3:3f:db:84:f8:e7:b5:87:46:db:ce:4f:
ef:5c:ad:c4:a0:cf:2a:d9:e8:9b:52:b9:5a:dc:3a:
34:d5:b8:42:8b:40:60:fd:bd:24:2f:a3:76:d9:8a:
2c:56:ad:90:e4:97:ff:5c:fe:4f:0a:8f:66:be:37:
80:89:c5:aa:7b:89:4f:a2:bb:3d:66:16:9b:f5:93:
c7:a9:d5:50:36:66:a9:03:47:c2:4e:4e:2b:b4:9c:
0d:0c:dc:f8:93:39:3a:f0:df:59:c3:d0:fb:e3:55:
7b:17:1d:8f:23:82:db:74:15:75:8b:b2:4f:a0:ac:
a4:a2:13:2c:28:c1:1a:57:da:17:e5:f1:1e:9d:3f:
b1:cc:50:9f:70:79:24:f6:22:bf:a8:3e:32:4e:82:
16:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:78:91:10:45:D5:9D:4C:7A:68:CB:55:E6:F9:67:41:B4:A1:71:A1
X509v3 Authority Key Identifier:
keyid:C8:8C:53:B4:77:C3:BF:A7:0B:61:F4:27:B4:79:94:C2:D1:78:34:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yIxTtHfDv6cLYfQntHmUwtF4NFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/e15cf6-6f13-4d27-9166-b064660f704f/1/33iREEXVnUx6aMtV5vlnQbShcaE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/e15cf6-6f13-4d27-9166-b064660f704f/1/yIxTtHfDv6cLYfQntHmUwtF4NFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.16.40.0/21
188.240.4.0/22
Signature Algorithm: sha256WithRSAEncryption
83:57:58:6f:b2:81:0e:d7:d9:ce:9e:e0:f1:1d:3f:24:69:c8:
c1:d2:5d:1d:6e:78:2d:93:1f:48:a4:69:fd:42:99:22:47:4e:
13:14:a3:73:15:c6:d5:5e:cc:70:eb:33:cd:fb:3e:b3:3d:93:
9a:70:4a:88:18:bd:63:13:bb:4e:e8:be:4a:e6:47:16:fe:2d:
b4:9b:3f:dd:f8:e2:e2:64:8a:6b:50:ef:ea:4c:db:f0:67:8c:
58:de:a5:22:3b:f3:27:6b:b2:41:a9:de:e5:4a:29:7a:09:bc:
75:1a:52:9b:a9:3e:f0:fe:d8:ea:7c:63:7a:1e:52:90:6f:c7:
a3:7f:25:c2:95:f2:01:80:b1:17:ac:54:fd:d8:2f:fb:50:6a:
4b:ac:23:a3:be:fc:e8:76:ca:3e:83:53:35:97:7c:c1:b3:10:
11:6c:f3:ea:f0:4e:b7:6c:19:a6:3f:78:04:f8:ff:0e:e0:e5:
cc:6b:da:bb:f1:7e:69:27:28:61:e6:8c:7f:e4:61:23:e8:0a:
83:34:39:95:f8:7f:77:9c:ae:3e:f8:1a:a7:6c:26:49:c2:3d:
05:85:2f:41:ce:21:01:56:6c:86:17:42:a0:fe:23:b5:f2:0d:
27:52:89:7a:55:df:21:68:ae:b0:f5:90:50:3a:13:9e:53:08:
d0:b9:e1:85
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYxoby/aVOm00896MEbSA93zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4OGM1M2I0NzdjM2JmYTcwYjYxZjQyN2I0Nzk5NGMyZDE3
ODM0NTgwHhcNMjMxMjE0MTMwNjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjc4OTExMDQ1ZDU5ZDRjN2E2OGNiNTVlNmY5Njc0MWI0YTE3MWExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgtXyb7/VaaF5Y5DMp83Sx5F/nNJY
2B3TId4vHwlNK0oGWvEec0vI2s4D30eFu7LZotAOewN4nid+jonIn4zCyo5vVXEe
bOY8Uw8Km3clxCpex6CF2t+arfctFLnPQtPp/24mNV3UMMqiHITzP9uE+Oe1h0bb
zk/vXK3EoM8q2eibUrla3Do01bhCi0Bg/b0kL6N22YosVq2Q5Jf/XP5PCo9mvjeA
icWqe4lPors9Zhab9ZPHqdVQNmapA0fCTk4rtJwNDNz4kzk68N9Zw9D741V7Fx2P
I4LbdBV1i7JPoKykohMsKMEaV9oX5fEenT+xzFCfcHkk9iK/qD4yToIW3wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFN94kRBF1Z1MemjLVeb5Z0G0oXGhMB8GA1UdIwQY
MBaAFMiMU7R3w7+nC2H0J7R5lMLReDRYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUl4VHRIZkR2NmNMWWZRbnRIbVV3dEY0TkZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi9lMTVjZjYtNmYxMy00ZDI3LTkxNjYt
YjA2NDY2MGY3MDRmLzEvMzNpUkVFWFZuVXg2YU10VjV2bG5RYlNoY2FFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi9lMTVjZjYtNmYxMy00ZDI3LTkxNjYtYjA2NDY2MGY3MDRm
LzEveUl4VHRIZkR2NmNMWWZRbnRIbVV3dEY0TkZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDLhAoAwQC
vPAEMA0GCSqGSIb3DQEBCwUAA4IBAQCDV1hvsoEO19nOnuDxHT8kacjB0l0dbngt
kx9IpGn9QpkiR04TFKNzFcbVXsxw6zPN+z6zPZOacEqIGL1jE7tO6L5K5kcW/i20
mz/d+OLiZIprUO/qTNvwZ4xY3qUiO/Mna7JBqd7lSil6Cbx1GlKbqT7w/tjqfGN6
HlKQb8ejfyXClfIBgLEXrFT92C/7UGpLrCOjvvzodso+g1M1l3zBsxARbPPq8E63
bBmmP3gE+P8O4OXMa9q78X5pJyhh5ox/5GEj6AqDNDmV+H93nK4++BqnbCZJwj0F
hS9BziEBVmyGF0Kg/iO18g0nUol6Vd8haK6w9ZBQOhOeUwjQueGF
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:26:42 2025 by rpki-client