Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/ea6a24-8075-47de-b1e6-86640fca33bf/1/5nfyDowQiTe90j6uj6jQkuv548g.roa
File: 5nfyDowQiTe90j6uj6jQkuv548g.roa (raw, json)
Hash identifier: f1zv63F50LQ0dEwyv/0OTaXbxYJEnUtyFyzE6Zg8gME=
Subject key identifier: E6:77:F2:0E:8C:10:89:37:BD:D2:3E:AE:8F:A8:D0:92:EB:F9:E3:C8
Certificate issuer: /CN=aa44e2e812f09ac4fe2b47e4269ce1a02021ca0e
Certificate serial: 0CDCF7DA
Authority key identifier: AA:44:E2:E8:12:F0:9A:C4:FE:2B:47:E4:26:9C:E1:A0:20:21:CA:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qkTi6BLwmsT-K0fkJpzhoCAhyg4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/ea6a24-8075-47de-b1e6-86640fca33bf/1/5nfyDowQiTe90j6uj6jQkuv548g.roa
Signing time: Sat 01 Jan 2022 08:54:04 +0000
ROA not before: Sat 01 Jan 2022 08:54:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205294
IP address blocks: 46.226.216.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 215807962 (0xcdcf7da)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa44e2e812f09ac4fe2b47e4269ce1a02021ca0e
Validity
Not Before: Jan 1 08:54:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e677f20e8c108937bdd23eae8fa8d092ebf9e3c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:89:84:d2:73:b8:02:7d:bf:0e:be:f4:62:9f:
75:24:95:6d:b1:90:32:03:d0:0f:28:bd:37:63:4a:
fc:33:99:a8:d3:10:cb:a1:bd:c9:f3:16:da:c4:b6:
d3:ec:af:8c:c0:33:ff:62:21:29:ca:ab:ba:06:97:
2b:57:a0:0a:26:7c:a2:8a:57:f6:c4:e0:8e:a2:ef:
0e:b1:03:8e:95:ba:ce:a4:74:2d:b2:ff:79:bd:c1:
64:65:d6:da:6a:d1:da:aa:5a:cd:20:67:09:22:d0:
4f:19:3e:fa:c9:81:e9:ca:41:c5:d0:dd:d0:b4:e3:
54:a0:1c:7b:7a:b8:97:e9:ac:30:62:60:4d:94:47:
09:33:f9:d3:bb:56:bd:d4:2b:0c:e1:db:37:81:c9:
dd:10:cc:f7:e1:b8:f7:bd:22:32:0d:f2:95:ea:34:
ba:5a:f5:cb:97:2c:7b:6f:21:13:5d:61:cf:46:6d:
9c:c4:74:10:5c:73:0e:30:fa:70:54:d3:d2:8c:3c:
0a:d6:e0:4c:62:21:48:c6:13:2c:88:84:4c:81:26:
5e:4d:49:63:ab:66:8a:d9:b8:34:71:be:20:48:e7:
1d:17:50:3d:66:20:a1:e3:a2:63:ac:77:45:69:31:
f4:88:87:46:b2:bf:fe:51:7b:09:bf:ea:48:eb:5e:
85:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:77:F2:0E:8C:10:89:37:BD:D2:3E:AE:8F:A8:D0:92:EB:F9:E3:C8
X509v3 Authority Key Identifier:
keyid:AA:44:E2:E8:12:F0:9A:C4:FE:2B:47:E4:26:9C:E1:A0:20:21:CA:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qkTi6BLwmsT-K0fkJpzhoCAhyg4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/ea6a24-8075-47de-b1e6-86640fca33bf/1/5nfyDowQiTe90j6uj6jQkuv548g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/ea6a24-8075-47de-b1e6-86640fca33bf/1/qkTi6BLwmsT-K0fkJpzhoCAhyg4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.226.216.0/24
Signature Algorithm: sha256WithRSAEncryption
61:8a:7b:52:56:d9:20:9b:ce:c8:2f:0c:89:2b:af:bc:d0:5c:
c9:21:e5:c1:fc:72:d8:72:4f:6c:cd:dc:75:ab:ae:a1:9a:9a:
b0:1d:5f:c1:51:6d:27:2a:8b:7d:72:68:b0:5f:78:6a:cd:3c:
22:58:8f:64:ea:61:22:1c:d1:2e:21:20:fe:5f:eb:f9:89:fb:
82:98:7d:23:58:74:6c:d8:3e:f3:3c:bf:40:88:76:95:83:00:
da:51:bc:b6:8d:3a:5c:a2:a4:22:ec:20:97:6c:65:7d:e4:ad:
69:ca:37:83:80:5e:4e:31:4e:d9:66:ab:6c:bf:0b:5d:fe:33:
04:dc:d7:12:4a:60:93:e6:94:99:48:66:81:d4:8e:1d:7f:65:
9f:28:47:f6:bf:38:50:55:61:0b:bc:f0:5c:10:09:9c:8e:ff:
d6:c1:23:54:2d:2e:69:56:71:2c:44:da:8b:2c:1f:fb:50:10:
00:37:9a:c3:5c:03:5f:2c:56:14:d5:0a:50:be:ee:f3:9a:7b:
6c:82:01:f3:67:3d:d0:09:b9:fc:23:e2:92:21:60:1d:c9:79:
47:28:c8:4a:85:d4:27:f1:2f:6e:e0:dc:9f:fd:6f:d9:fd:44:
c1:a1:87:ed:e8:28:34:13:58:3f:90:ae:6b:37:b5:28:d7:6c:
d4:3f:b7:57
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEDNz32jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
YTQ0ZTJlODEyZjA5YWM0ZmUyYjQ3ZTQyNjljZTFhMDIwMjFjYTBlMB4XDTIyMDEw
MTA4NTQwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTY3N2YyMGU4YzEw
ODkzN2JkZDIzZWFlOGZhOGQwOTJlYmY5ZTNjODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKeJhNJzuAJ9vw6+9GKfdSSVbbGQMgPQDyi9N2NK/DOZqNMQ
y6G9yfMW2sS20+yvjMAz/2IhKcqrugaXK1egCiZ8oopX9sTgjqLvDrEDjpW6zqR0
LbL/eb3BZGXW2mrR2qpazSBnCSLQTxk++smB6cpBxdDd0LTjVKAce3q4l+msMGJg
TZRHCTP507tWvdQrDOHbN4HJ3RDM9+G4970iMg3yleo0ulr1y5cse28hE11hz0Zt
nMR0EFxzDjD6cFTT0ow8CtbgTGIhSMYTLIiETIEmXk1JY6tmitm4NHG+IEjnHRdQ
PWYgoeOiY6x3RWkx9IiHRrK//lF7Cb/qSOtehbECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTmd/IOjBCJN73SPq6PqNCS6/njyDAfBgNVHSMEGDAWgBSqROLoEvCaxP4r
R+QmnOGgICHKDjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3FrVGk2Qkx3bXNULUswZmtKcHpob0NBaHlnNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2IvZWE2YTI0LTgwNzUtNDdkZS1iMWU2LTg2NjQwZmNhMzNiZi8x
LzVuZnlEb3dRaVRlOTBqNnVqNmpRa3V2NTQ4Zy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Iv
ZWE2YTI0LTgwNzUtNDdkZS1iMWU2LTg2NjQwZmNhMzNiZi8xL3FrVGk2Qkx3bXNU
LUswZmtKcHpob0NBaHlnNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC7i2DANBgkqhkiG9w0BAQsFAAOC
AQEAYYp7UlbZIJvOyC8MiSuvvNBcySHlwfxy2HJPbM3cdauuoZqasB1fwVFtJyqL
fXJosF94as08IliPZOphIhzRLiEg/l/r+Yn7gph9I1h0bNg+8zy/QIh2lYMA2lG8
to06XKKkIuwgl2xlfeStaco3g4BeTjFO2WarbL8LXf4zBNzXEkpgk+aUmUhmgdSO
HX9lnyhH9r84UFVhC7zwXBAJnI7/1sEjVC0uaVZxLETaiywf+1AQADeaw1wDXyxW
FNUKUL7u85p7bIIB82c90Am5/CPikiFgHcl5RyjISoXUJ/EvbuDcn/1v2f1EwaGH
7egoNBNYP5Cuaze1KNds1D+3Vw==
-----END CERTIFICATE-----
Generated at Wed Apr 23 03:50:41 2025 by rpki-client