Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/34439e-9cd2-44c5-9cfd-555f3f18e54f/1/k-Zi4SyOAJdCftvO-UZKc5q-4H8.roa
File: k-Zi4SyOAJdCftvO-UZKc5q-4H8.roa (raw, json)
Hash identifier: wMe5LG7dl60g1S1RWj8kfVTbZ+iLkDh/bseTbUFDgxU=
Subject key identifier: 93:E6:62:E1:2C:8E:00:97:42:7E:DB:CE:F9:46:4A:73:9A:BE:E0:7F
Certificate issuer: /CN=acf6ea0ffb2aee4f76ee1a1048969b8b5065da45
Certificate serial: 0189DDD914B0D672DA4132ED518303DE417A
Authority key identifier: AC:F6:EA:0F:FB:2A:EE:4F:76:EE:1A:10:48:96:9B:8B:50:65:DA:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rPbqD_sq7k927hoQSJabi1Bl2kU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/34439e-9cd2-44c5-9cfd-555f3f18e54f/1/k-Zi4SyOAJdCftvO-UZKc5q-4H8.roa
Signing time: Thu 10 Aug 2023 05:08:58 +0000
ROA not before: Thu 10 Aug 2023 05:08:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15924
IP address blocks: 46.226.121.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:dd:d9:14:b0:d6:72:da:41:32:ed:51:83:03:de:41:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=acf6ea0ffb2aee4f76ee1a1048969b8b5065da45
Validity
Not Before: Aug 10 05:08:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=93e662e12c8e0097427edbcef9464a739abee07f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:03:e4:2c:fb:84:c7:19:9a:1b:99:0a:b0:79:
f6:42:74:7b:3e:d4:72:de:2d:fc:f4:78:20:19:55:
49:3c:da:5c:6b:4a:b5:a3:ce:a9:11:b9:4f:3b:e2:
31:0a:6c:42:6e:6b:b3:e3:eb:49:09:e0:a3:b4:fd:
1c:a0:14:6d:ad:0d:09:59:9a:30:69:54:7d:9d:ee:
b7:1b:4a:92:57:ac:68:49:d8:cd:6e:da:22:ec:73:
be:e3:5d:0b:9a:93:e5:72:7d:2d:8f:ea:3c:d4:fa:
a9:e9:ea:96:d4:ad:e5:1c:93:0d:6e:81:9e:a2:52:
15:b8:2c:65:b4:05:ec:fe:87:bf:2d:2d:ec:80:23:
5e:25:b1:c1:fd:80:78:73:10:d3:e8:6c:81:54:30:
33:d8:dc:db:12:a2:f4:55:1f:7d:98:4f:61:40:21:
53:b2:56:8a:2e:2d:82:9b:7b:f5:ae:aa:38:50:cb:
32:b7:6d:50:e0:cf:a5:32:29:09:10:a3:7a:40:7b:
c5:8b:e3:22:da:f3:41:7a:b6:81:20:19:3d:20:5d:
fd:ac:cc:fe:ad:7b:ae:fb:5b:52:8c:d3:2a:d2:5f:
55:32:8d:53:1f:b7:47:84:0b:69:b6:1b:79:a5:b5:
32:48:61:58:c4:0c:e1:88:db:63:6f:ea:20:83:67:
f4:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:E6:62:E1:2C:8E:00:97:42:7E:DB:CE:F9:46:4A:73:9A:BE:E0:7F
X509v3 Authority Key Identifier:
keyid:AC:F6:EA:0F:FB:2A:EE:4F:76:EE:1A:10:48:96:9B:8B:50:65:DA:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rPbqD_sq7k927hoQSJabi1Bl2kU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/34439e-9cd2-44c5-9cfd-555f3f18e54f/1/k-Zi4SyOAJdCftvO-UZKc5q-4H8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/34439e-9cd2-44c5-9cfd-555f3f18e54f/1/rPbqD_sq7k927hoQSJabi1Bl2kU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.226.121.0/24
Signature Algorithm: sha256WithRSAEncryption
36:66:2a:9c:0c:c6:01:0d:3c:de:8b:e7:52:cb:50:e0:28:86:
64:0a:ed:2b:cf:a9:66:d4:ca:dc:32:2f:10:5d:50:2e:46:ab:
1e:bd:f3:23:fe:32:5b:49:5c:5f:c6:8d:08:02:20:78:be:a8:
33:53:fa:3c:2b:91:0e:31:04:01:6c:41:75:eb:8f:8d:f5:e2:
81:62:f9:a5:5a:a4:da:aa:2d:bd:36:04:85:1a:1f:e6:0a:bf:
95:22:5a:82:42:46:97:dc:18:d9:3a:59:6a:2e:ae:04:e0:11:
3f:67:16:53:8b:58:13:71:05:08:ca:69:cd:cd:74:d9:86:4d:
3c:27:3b:8f:36:aa:0a:53:b3:8c:a1:6d:a2:50:33:3d:2e:33:
63:fe:ac:e6:5f:52:9d:9e:ee:28:85:0f:4a:66:9f:35:39:db:
ae:3b:43:ac:70:ae:2d:12:b1:b5:0d:9d:f9:2a:96:ed:02:c0:
69:73:6d:2a:0c:07:49:2b:06:05:21:aa:34:f5:18:23:71:20:
82:a6:0d:ff:12:40:32:c6:d8:2f:6a:50:b2:d7:ac:42:5d:a1:
9c:5c:05:19:41:25:12:66:fa:40:b5:a1:fa:4e:5c:8f:b2:0d:
83:2a:bd:e3:b7:bd:2a:4b:08:68:6e:69:37:82:ba:34:4d:a6:
4f:52:97:ee
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYnd2RSw1nLaQTLtUYMD3kF6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjZjZlYTBmZmIyYWVlNGY3NmVlMWExMDQ4OTY5YjhiNTA2
NWRhNDUwHhcNMjMwODEwMDUwODU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5M2U2NjJlMTJjOGUwMDk3NDI3ZWRiY2VmOTQ2NGE3MzlhYmVlMDdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmwPkLPuExxmaG5kKsHn2QnR7PtRy
3i389HggGVVJPNpca0q1o86pEblPO+IxCmxCbmuz4+tJCeCjtP0coBRtrQ0JWZow
aVR9ne63G0qSV6xoSdjNbtoi7HO+410LmpPlcn0tj+o81Pqp6eqW1K3lHJMNboGe
olIVuCxltAXs/oe/LS3sgCNeJbHB/YB4cxDT6GyBVDAz2NzbEqL0VR99mE9hQCFT
slaKLi2Cm3v1rqo4UMsyt21Q4M+lMikJEKN6QHvFi+Mi2vNBeraBIBk9IF39rMz+
rXuu+1tSjNMq0l9VMo1TH7dHhAtptht5pbUySGFYxAzhiNtjb+ogg2f02QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJPmYuEsjgCXQn7bzvlGSnOavuB/MB8GA1UdIwQY
MBaAFKz26g/7Ku5Pdu4aEEiWm4tQZdpFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclBicURfc3E3azkyN2hvUVNKYWJpMUJsMmtVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi8zNDQzOWUtOWNkMi00NGM1LTljZmQt
NTU1ZjNmMThlNTRmLzEvay1aaTRTeU9BSmRDZnR2Ty1VWktjNXEtNEg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi8zNDQzOWUtOWNkMi00NGM1LTljZmQtNTU1ZjNmMThlNTRm
LzEvclBicURfc3E3azkyN2hvUVNKYWJpMUJsMmtVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALuJ5MA0G
CSqGSIb3DQEBCwUAA4IBAQA2ZiqcDMYBDTzei+dSy1DgKIZkCu0rz6lm1MrcMi8Q
XVAuRqsevfMj/jJbSVxfxo0IAiB4vqgzU/o8K5EOMQQBbEF164+N9eKBYvmlWqTa
qi29NgSFGh/mCr+VIlqCQkaX3BjZOllqLq4E4BE/ZxZTi1gTcQUIymnNzXTZhk08
JzuPNqoKU7OMoW2iUDM9LjNj/qzmX1Kdnu4ohQ9KZp81OduuO0OscK4tErG1DZ35
KpbtAsBpc20qDAdJKwYFIao09RgjcSCCpg3/EkAyxtgvalCy16xCXaGcXAUZQSUS
ZvpAtaH6TlyPsg2DKr3jt70qSwhobmk3gro0TaZPUpfu
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:17:45 2025 by rpki-client