Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/e15cf6-6f13-4d27-9166-b064660f704f/1/e8vOZxyZ8RMtmSiq-sCMQKZAYWc.roa
File: e8vOZxyZ8RMtmSiq-sCMQKZAYWc.roa (raw, json)
Hash identifier: NSTqcIiLiVV3jNXW9c2mtdQpkmZWU5kMfiz0WeMx2/k=
Subject key identifier: 7B:CB:CE:67:1C:99:F1:13:2D:99:28:AA:FA:C0:8C:40:A6:40:61:67
Certificate issuer: /CN=c88c53b477c3bfa70b61f427b47994c2d1783458
Certificate serial: 05B80B6D
Authority key identifier: C8:8C:53:B4:77:C3:BF:A7:0B:61:F4:27:B4:79:94:C2:D1:78:34:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yIxTtHfDv6cLYfQntHmUwtF4NFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/e15cf6-6f13-4d27-9166-b064660f704f/1/e8vOZxyZ8RMtmSiq-sCMQKZAYWc.roa
Signing time: Sat 01 Jan 2022 13:55:03 +0000
ROA not before: Sat 01 Jan 2022 13:55:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197369
IP address blocks: 46.16.40.0/21 maxlen: 21
46.16.45.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95947629 (0x5b80b6d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c88c53b477c3bfa70b61f427b47994c2d1783458
Validity
Not Before: Jan 1 13:55:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7bcbce671c99f1132d9928aafac08c40a6406167
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:12:1d:0a:83:73:ef:10:bd:36:81:59:69:bc:
4d:73:14:78:33:91:d6:f9:96:13:60:a6:aa:f1:0c:
51:88:e0:09:69:a0:31:cf:1e:08:47:fe:6e:67:28:
92:c0:d1:e8:4e:74:55:d2:12:67:65:0c:16:a2:fc:
a8:52:e8:e5:50:2f:4a:12:1c:b3:6f:b9:a8:fc:c5:
0d:66:8e:b5:a9:83:27:a5:97:e9:5c:b0:8e:76:fe:
09:36:a1:6c:dd:70:10:8d:25:bc:67:2b:67:99:62:
03:7c:ed:f1:27:8e:39:0b:7e:08:67:ca:d0:ca:ef:
98:2c:64:8a:eb:63:73:16:e2:01:2f:99:b1:86:db:
ee:1c:81:c7:68:9c:b0:b0:8b:0e:37:13:fe:b8:b3:
f2:5e:00:9a:7e:91:cf:2b:d5:94:b2:9c:32:05:fa:
00:c7:cb:10:66:c2:4e:10:4b:90:13:67:db:1e:40:
81:72:d1:d4:61:5b:f8:fd:bc:53:5e:1d:97:3b:52:
ab:a9:89:e3:c4:98:95:a4:38:f3:c5:61:21:87:bd:
65:47:15:e6:2f:e6:27:b9:fa:42:a8:d9:37:1b:18:
68:1f:6d:c0:33:a9:0d:62:41:a4:57:1e:47:05:79:
f1:12:49:0c:87:ea:c3:71:29:93:e1:4d:aa:61:fd:
73:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:CB:CE:67:1C:99:F1:13:2D:99:28:AA:FA:C0:8C:40:A6:40:61:67
X509v3 Authority Key Identifier:
keyid:C8:8C:53:B4:77:C3:BF:A7:0B:61:F4:27:B4:79:94:C2:D1:78:34:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yIxTtHfDv6cLYfQntHmUwtF4NFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/e15cf6-6f13-4d27-9166-b064660f704f/1/e8vOZxyZ8RMtmSiq-sCMQKZAYWc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/e15cf6-6f13-4d27-9166-b064660f704f/1/yIxTtHfDv6cLYfQntHmUwtF4NFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.16.40.0/21
Signature Algorithm: sha256WithRSAEncryption
c2:e5:f7:18:ea:cc:91:53:22:ce:bb:7f:30:bc:e3:2d:49:c9:
7b:72:85:01:08:c2:2c:cb:71:53:fb:b0:fe:d8:64:d5:e5:28:
2c:94:15:60:e9:da:a7:91:1c:8a:f3:bf:b7:92:ca:e2:3f:91:
51:dc:b6:95:cc:db:e3:f9:95:f9:ec:52:c2:44:11:4a:1d:d3:
43:71:1f:27:ad:d0:c6:9e:24:ab:1e:9b:ac:89:a7:a7:06:93:
21:62:09:a5:01:e4:bc:95:4e:35:17:25:3c:58:62:30:55:01:
c9:d4:5f:ec:32:5f:af:5c:06:6d:77:3a:67:e8:d4:c4:85:ac:
07:aa:b7:96:7a:33:25:40:65:fc:49:e9:36:65:35:96:4c:44:
31:e1:b9:bc:38:0b:cd:6d:67:e0:fc:bd:d1:2f:08:60:c3:82:
0e:57:7f:46:51:c0:e9:e1:c0:dc:a8:44:e6:fa:31:48:80:00:
c6:09:13:b3:9f:2e:60:07:20:6e:06:3d:01:03:1c:9e:88:77:
a7:ab:e9:db:6d:79:52:28:8d:d6:1d:36:89:dd:13:e1:5a:dc:
91:1e:f6:54:5d:cb:a0:1d:76:76:f3:60:9e:75:c1:e4:73:93:
b1:7e:ff:3a:a4:82:95:51:1c:fc:18:91:b9:25:19:cb:b5:d1:
51:09:c1:1d
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBbgLbTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
ODhjNTNiNDc3YzNiZmE3MGI2MWY0MjdiNDc5OTRjMmQxNzgzNDU4MB4XDTIyMDEw
MTEzNTUwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2JjYmNlNjcxYzk5
ZjExMzJkOTkyOGFhZmFjMDhjNDBhNjQwNjE2NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALkSHQqDc+8QvTaBWWm8TXMUeDOR1vmWE2CmqvEMUYjgCWmg
Mc8eCEf+bmcoksDR6E50VdISZ2UMFqL8qFLo5VAvShIcs2+5qPzFDWaOtamDJ6WX
6Vywjnb+CTahbN1wEI0lvGcrZ5liA3zt8SeOOQt+CGfK0MrvmCxkiutjcxbiAS+Z
sYbb7hyBx2icsLCLDjcT/riz8l4Amn6RzyvVlLKcMgX6AMfLEGbCThBLkBNn2x5A
gXLR1GFb+P28U14dlztSq6mJ48SYlaQ488VhIYe9ZUcV5i/mJ7n6QqjZNxsYaB9t
wDOpDWJBpFceRwV58RJJDIfqw3Epk+FNqmH9c9MCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBR7y85nHJnxEy2ZKKr6wIxApkBhZzAfBgNVHSMEGDAWgBTIjFO0d8O/pwth
9Ce0eZTC0Xg0WDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3lJeFR0SGZEdjZjTFlmUW50SG1Vd3RGNE5GZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjYvZTE1Y2Y2LTZmMTMtNGQyNy05MTY2LWIwNjQ2NjBmNzA0Zi8x
L2U4dk9aeHlaOFJNdG1TaXEtc0NNUUtaQVlXYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjYv
ZTE1Y2Y2LTZmMTMtNGQyNy05MTY2LWIwNjQ2NjBmNzA0Zi8xL3lJeFR0SGZEdjZj
TFlmUW50SG1Vd3RGNE5GZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAy4QKDANBgkqhkiG9w0BAQsFAAOC
AQEAwuX3GOrMkVMizrt/MLzjLUnJe3KFAQjCLMtxU/uw/thk1eUoLJQVYOnap5Ec
ivO/t5LK4j+RUdy2lczb4/mV+exSwkQRSh3TQ3EfJ63Qxp4kqx6brImnpwaTIWIJ
pQHkvJVONRclPFhiMFUBydRf7DJfr1wGbXc6Z+jUxIWsB6q3lnozJUBl/EnpNmU1
lkxEMeG5vDgLzW1n4Py90S8IYMOCDld/RlHA6eHA3KhE5voxSIAAxgkTs58uYAcg
bgY9AQMcnoh3p6vp2215UiiN1h02id0T4VrckR72VF3LoB12dvNgnnXB5HOTsX7/
OqSClVEc/BiRuSUZy7XRUQnBHQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:59:21 2025 by rpki-client