Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/ea6a24-8075-47de-b1e6-86640fca33bf/1/iN4InbnZcEoKAzUHqsjP5DsMmkw.roa
File: iN4InbnZcEoKAzUHqsjP5DsMmkw.roa (raw, json)
Hash identifier: 8FCfAQTgOxEaF3FgP1O6MbLzSyZFWoHZPEYmJJ4AfIw=
Subject key identifier: 88:DE:08:9D:B9:D9:70:4A:0A:03:35:07:AA:C8:CF:E4:3B:0C:9A:4C
Certificate issuer: /CN=aa44e2e812f09ac4fe2b47e4269ce1a02021ca0e
Certificate serial: 01856EF41DE9CA08A8E32E1A41F4956C1941
Authority key identifier: AA:44:E2:E8:12:F0:9A:C4:FE:2B:47:E4:26:9C:E1:A0:20:21:CA:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qkTi6BLwmsT-K0fkJpzhoCAhyg4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/ea6a24-8075-47de-b1e6-86640fca33bf/1/iN4InbnZcEoKAzUHqsjP5DsMmkw.roa
Signing time: Sun 01 Jan 2023 20:09:30 +0000
ROA not before: Sun 01 Jan 2023 20:09:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205294
IP address blocks: 46.226.216.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:f4:1d:e9:ca:08:a8:e3:2e:1a:41:f4:95:6c:19:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa44e2e812f09ac4fe2b47e4269ce1a02021ca0e
Validity
Not Before: Jan 1 20:09:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=88de089db9d9704a0a033507aac8cfe43b0c9a4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:79:82:86:0e:a0:3c:85:e2:2b:75:6f:2d:fd:
2c:35:29:40:78:8d:95:21:83:b7:92:24:17:4c:d9:
ea:71:d6:50:9a:1c:0a:37:91:65:eb:75:8b:56:5d:
f8:d7:12:ee:c2:15:c4:7b:77:06:e7:e9:7c:08:74:
0f:17:a0:13:8e:b5:4a:6c:25:50:42:f3:d1:96:95:
77:d9:37:fa:1b:eb:42:f4:31:5f:1f:bb:96:84:24:
c7:62:dd:fe:5b:a6:f7:33:3d:8e:85:b2:4f:fb:d8:
73:3e:e1:b2:07:d2:74:ec:e1:f1:27:f3:3b:16:62:
4a:2a:82:d1:06:73:1b:a7:07:26:b8:24:f8:8e:ad:
32:bd:fa:92:86:54:5e:33:5e:b7:51:b2:41:de:50:
5b:31:bd:f1:e2:0f:44:4a:5c:0c:12:c0:1d:be:9a:
38:1f:02:01:4e:49:df:8d:f7:0a:1b:a7:a1:df:e2:
79:db:83:62:3e:a2:a3:af:76:ab:e7:f1:55:3a:51:
55:cb:2c:29:e9:65:df:18:e1:ac:8b:ca:7d:26:6e:
b9:a3:26:8f:42:e8:c0:25:b1:33:48:af:d2:a6:37:
4f:28:f5:3e:11:a2:ca:b9:0d:75:f4:d4:be:03:a5:
9f:ed:35:e4:4e:fd:92:4f:3e:7b:af:57:c7:1a:82:
f7:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:DE:08:9D:B9:D9:70:4A:0A:03:35:07:AA:C8:CF:E4:3B:0C:9A:4C
X509v3 Authority Key Identifier:
keyid:AA:44:E2:E8:12:F0:9A:C4:FE:2B:47:E4:26:9C:E1:A0:20:21:CA:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qkTi6BLwmsT-K0fkJpzhoCAhyg4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/ea6a24-8075-47de-b1e6-86640fca33bf/1/iN4InbnZcEoKAzUHqsjP5DsMmkw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/ea6a24-8075-47de-b1e6-86640fca33bf/1/qkTi6BLwmsT-K0fkJpzhoCAhyg4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.226.216.0/24
Signature Algorithm: sha256WithRSAEncryption
34:a4:54:e0:90:de:2b:f2:26:66:34:ce:ad:a6:11:63:d8:3b:
b5:fc:73:59:47:ea:af:ed:9f:d8:76:9e:83:c4:94:3f:5a:f5:
44:18:90:21:fc:d5:c3:87:2c:c8:0f:99:ac:66:e4:3a:21:4a:
38:41:0b:93:af:57:79:55:90:0d:41:1d:36:fd:19:61:64:a6:
55:25:cc:02:24:e4:91:c5:a8:63:27:32:c6:b6:3c:4f:59:c3:
42:13:6c:28:66:78:19:53:9d:fd:18:75:62:02:5a:35:5b:21:
21:37:3c:14:72:9d:30:c5:df:40:60:f9:55:8c:ab:78:0d:f5:
1b:0c:3f:71:b4:be:ae:37:99:61:1c:6c:94:9a:3b:43:9a:e2:
ef:2c:e0:c9:83:ad:db:44:0d:b8:b2:6e:f7:a7:f1:08:5a:2f:
26:01:3f:db:83:dd:29:a8:a5:cc:0b:ae:da:65:26:02:53:eb:
39:c9:f4:60:03:6f:f4:0b:09:17:e8:81:9a:b8:90:91:dc:96:
18:28:75:5c:e0:20:53:74:56:b9:30:8f:e1:15:48:c1:4b:d6:
77:d2:2e:44:e1:d9:60:59:25:b8:fd:f2:78:4c:8a:36:74:f7:
fd:3a:1d:df:a8:df:a9:01:22:84:6d:73:de:c2:fd:a1:85:5e:
49:44:15:da
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVu9B3pygio4y4aQfSVbBlBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhNDRlMmU4MTJmMDlhYzRmZTJiNDdlNDI2OWNlMWEwMjAy
MWNhMGUwHhcNMjMwMTAxMjAwOTMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGRlMDg5ZGI5ZDk3MDRhMGEwMzM1MDdhYWM4Y2ZlNDNiMGM5YTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq3mChg6gPIXiK3VvLf0sNSlAeI2V
IYO3kiQXTNnqcdZQmhwKN5Fl63WLVl341xLuwhXEe3cG5+l8CHQPF6ATjrVKbCVQ
QvPRlpV32Tf6G+tC9DFfH7uWhCTHYt3+W6b3Mz2OhbJP+9hzPuGyB9J07OHxJ/M7
FmJKKoLRBnMbpwcmuCT4jq0yvfqShlReM163UbJB3lBbMb3x4g9ESlwMEsAdvpo4
HwIBTknfjfcKG6eh3+J524NiPqKjr3ar5/FVOlFVyywp6WXfGOGsi8p9Jm65oyaP
QujAJbEzSK/SpjdPKPU+EaLKuQ119NS+A6Wf7TXkTv2STz57r1fHGoL31wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIjeCJ252XBKCgM1B6rIz+Q7DJpMMB8GA1UdIwQY
MBaAFKpE4ugS8JrE/itH5Cac4aAgIcoOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWtUaTZCTHdtc1QtSzBma0pwemhvQ0FoeWc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi9lYTZhMjQtODA3NS00N2RlLWIxZTYt
ODY2NDBmY2EzM2JmLzEvaU40SW5iblpjRW9LQXpVSHFzalA1RHNNbWt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi9lYTZhMjQtODA3NS00N2RlLWIxZTYtODY2NDBmY2EzM2Jm
LzEvcWtUaTZCTHdtc1QtSzBma0pwemhvQ0FoeWc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALuLYMA0G
CSqGSIb3DQEBCwUAA4IBAQA0pFTgkN4r8iZmNM6tphFj2Du1/HNZR+qv7Z/Ydp6D
xJQ/WvVEGJAh/NXDhyzID5msZuQ6IUo4QQuTr1d5VZANQR02/RlhZKZVJcwCJOSR
xahjJzLGtjxPWcNCE2woZngZU539GHViAlo1WyEhNzwUcp0wxd9AYPlVjKt4DfUb
DD9xtL6uN5lhHGyUmjtDmuLvLODJg63bRA24sm73p/EIWi8mAT/bg90pqKXMC67a
ZSYCU+s5yfRgA2/0CwkX6IGauJCR3JYYKHVc4CBTdFa5MI/hFUjBS9Z30i5E4dlg
WSW4/fJ4TIo2dPf9Oh3fqN+pASKEbXPewv2hhV5JRBXa
-----END CERTIFICATE-----
Generated at Mon Apr 21 10:55:01 2025 by rpki-client