Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/5759f6-93e2-4029-a49f-35ba267ded3b/1/onbauqcABKYo2iYaAmFzZ_10esY.roa
File: onbauqcABKYo2iYaAmFzZ_10esY.roa (raw, json)
Hash identifier: RysQxsjFHjknfXoPHLQQp5IheQ9wU2Zqk0tTQLkSoO0=
Subject key identifier: A2:76:DA:BA:A7:00:04:A6:28:DA:26:1A:02:61:73:67:FD:74:7A:C6
Certificate issuer: /CN=0e75fb4f52a829d136e29a9a025c636d19ae328e
Certificate serial: 0187234F5DF92DCAB4F22A8D04235085DD19
Authority key identifier: 0E:75:FB:4F:52:A8:29:D1:36:E2:9A:9A:02:5C:63:6D:19:AE:32:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DnX7T1KoKdE24pqaAlxjbRmuMo4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/5759f6-93e2-4029-a49f-35ba267ded3b/1/onbauqcABKYo2iYaAmFzZ_10esY.roa
Signing time: Mon 27 Mar 2023 13:43:36 +0000
ROA not before: Mon 27 Mar 2023 13:43:36 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43733
IP address blocks: 46.130.0.0/17 maxlen: 17
46.130.0.0/16 maxlen: 16
46.130.128.0/17 maxlen: 17
46.130.255.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:23:4f:5d:f9:2d:ca:b4:f2:2a:8d:04:23:50:85:dd:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e75fb4f52a829d136e29a9a025c636d19ae328e
Validity
Not Before: Mar 27 13:43:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a276dabaa70004a628da261a02617367fd747ac6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:3d:ca:c9:17:91:6e:25:3e:dd:f3:a6:d6:ec:
b2:77:c4:41:41:49:05:46:31:f5:23:33:b1:37:6f:
45:eb:b2:6d:3e:79:78:e2:a9:66:28:54:87:21:34:
ea:d8:e8:7d:70:bc:f7:32:a9:ae:c9:f0:0e:2d:26:
46:3d:b5:5d:51:3f:f0:76:6a:11:85:5f:e2:1c:02:
9d:1c:f7:d7:c6:c7:32:c3:f3:32:56:8f:ba:a1:76:
a2:b5:12:1c:e9:91:67:8e:26:b6:86:25:a3:99:7a:
87:97:3a:f9:b5:e9:ce:92:bb:13:2d:a2:72:19:88:
ec:98:ef:50:81:58:bc:47:62:be:8c:ac:e8:a7:b3:
c7:6a:0a:b1:72:e1:4d:40:e1:db:60:15:4a:72:84:
df:d9:60:bf:a3:a7:0d:6e:4a:4f:45:dc:75:76:4c:
52:c2:8a:20:21:32:d4:98:85:ef:31:95:74:96:11:
9e:0f:fb:f9:59:08:94:90:2d:03:e5:f4:f4:26:7a:
38:6b:39:2f:75:82:cd:4e:42:d4:0b:a4:58:67:fa:
36:b9:ac:e6:61:2c:07:6d:05:0c:d6:8c:1b:7c:ad:
65:d1:c9:7e:bf:4b:cd:23:fe:cc:fb:1b:d1:b9:2e:
3c:af:24:5f:0f:0f:c4:cf:84:7f:3e:2b:bb:25:7d:
08:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:76:DA:BA:A7:00:04:A6:28:DA:26:1A:02:61:73:67:FD:74:7A:C6
X509v3 Authority Key Identifier:
keyid:0E:75:FB:4F:52:A8:29:D1:36:E2:9A:9A:02:5C:63:6D:19:AE:32:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DnX7T1KoKdE24pqaAlxjbRmuMo4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/5759f6-93e2-4029-a49f-35ba267ded3b/1/onbauqcABKYo2iYaAmFzZ_10esY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/5759f6-93e2-4029-a49f-35ba267ded3b/1/DnX7T1KoKdE24pqaAlxjbRmuMo4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.130.0.0/16
Signature Algorithm: sha256WithRSAEncryption
02:e8:ea:fb:97:5b:b9:02:62:dd:7f:80:1a:a2:dc:ec:0c:42:
5c:ab:c4:54:f6:5d:18:25:e1:b2:15:1a:da:ba:b3:14:ff:b6:
45:c9:49:19:2e:50:4b:40:ba:4f:40:72:fa:e9:2a:7a:73:fb:
45:8a:04:c0:fa:f2:9e:0d:21:77:82:8f:2a:28:14:37:30:00:
e5:a8:17:17:7a:ff:52:40:23:ba:ff:9b:b1:d4:1e:01:67:de:
ad:c3:33:f3:65:e5:8f:4f:79:4f:e2:e8:75:85:e5:21:ca:c1:
8e:ca:39:35:d7:fa:31:aa:b6:eb:4b:c2:7e:71:03:a1:0a:4d:
5f:91:44:ff:14:98:ea:a4:ae:26:74:67:27:3c:00:7b:b2:f5:
a7:12:0d:b3:0a:0f:bc:cd:8a:2b:e4:c0:71:ad:1b:55:c1:9f:
38:a4:e4:58:de:bf:d3:7e:20:75:0a:e0:4b:c4:55:0b:95:9a:
aa:78:81:a7:10:ab:07:b2:95:7a:75:0e:b4:ad:38:7c:f0:50:
7d:ff:a8:a3:c7:4b:95:7b:46:4c:ba:bf:18:1f:71:5c:e9:33:
6a:f1:09:45:6c:4b:03:46:ae:63:3f:a2:44:b2:80:b2:f3:e5:
96:49:15:f9:7f:bb:25:41:b9:23:78:23:46:c0:9e:10:42:0d:
cd:98:86:a7
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYcjT135Lcq08iqNBCNQhd0ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlNzVmYjRmNTJhODI5ZDEzNmUyOWE5YTAyNWM2MzZkMTlh
ZTMyOGUwHhcNMjMwMzI3MTM0MzM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjc2ZGFiYWE3MDAwNGE2MjhkYTI2MWEwMjYxNzM2N2ZkNzQ3YWM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApD3KyReRbiU+3fOm1uyyd8RBQUkF
RjH1IzOxN29F67JtPnl44qlmKFSHITTq2Oh9cLz3MqmuyfAOLSZGPbVdUT/wdmoR
hV/iHAKdHPfXxscyw/MyVo+6oXaitRIc6ZFnjia2hiWjmXqHlzr5tenOkrsTLaJy
GYjsmO9QgVi8R2K+jKzop7PHagqxcuFNQOHbYBVKcoTf2WC/o6cNbkpPRdx1dkxS
woogITLUmIXvMZV0lhGeD/v5WQiUkC0D5fT0Jno4azkvdYLNTkLUC6RYZ/o2uazm
YSwHbQUM1owbfK1l0cl+v0vNI/7M+xvRuS48ryRfDw/Ez4R/Piu7JX0IcQIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFKJ22rqnAASmKNomGgJhc2f9dHrGMB8GA1UdIwQY
MBaAFA51+09SqCnRNuKamgJcY20ZrjKOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRG5YN1QxS29LZEUyNHBxYUFseGpiUm11TW80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC81NzU5ZjYtOTNlMi00MDI5LWE0OWYt
MzViYTI2N2RlZDNiLzEvb25iYXVxY0FCS1lvMmlZYUFtRnpaXzEwZXNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC81NzU5ZjYtOTNlMi00MDI5LWE0OWYtMzViYTI2N2RlZDNi
LzEvRG5YN1QxS29LZEUyNHBxYUFseGpiUm11TW80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMALoIwDQYJ
KoZIhvcNAQELBQADggEBAALo6vuXW7kCYt1/gBqi3OwMQlyrxFT2XRgl4bIVGtq6
sxT/tkXJSRkuUEtAuk9AcvrpKnpz+0WKBMD68p4NIXeCjyooFDcwAOWoFxd6/1JA
I7r/m7HUHgFn3q3DM/Nl5Y9PeU/i6HWF5SHKwY7KOTXX+jGqtutLwn5xA6EKTV+R
RP8UmOqkriZ0Zyc8AHuy9acSDbMKD7zNiivkwHGtG1XBnzik5Fjev9N+IHUK4EvE
VQuVmqp4gacQqweylXp1DrStOHzwUH3/qKPHS5V7Rky6vxgfcVzpM2rxCUVsSwNG
rmM/okSygLLz5ZZJFfl/uyVBuSN4I0bAnhBCDc2Yhqc=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:59:21 2025 by rpki-client