Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/6becb0-18fd-4add-bb41-2e1c0af4faa4/1/RARoN0NRoTTYBVfiuU1otDWiHyU.roa
File: RARoN0NRoTTYBVfiuU1otDWiHyU.roa (raw, json)
Hash identifier: q3o6ZLNLRHtCzQW9glGSBv2VgBNZWknb5ZnokeCjgrI=
Subject key identifier: 44:04:68:37:43:51:A1:34:D8:05:57:E2:B9:4D:68:B4:35:A2:1F:25
Certificate issuer: /CN=0f6363d428b7915c108825f09706004b8ea3d4b5
Certificate serial: 018830495CBCC5E2D10E88C55017CEA7FDA4
Authority key identifier: 0F:63:63:D4:28:B7:91:5C:10:88:25:F0:97:06:00:4B:8E:A3:D4:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D2Nj1Ci3kVwQiCXwlwYAS46j1LU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/6becb0-18fd-4add-bb41-2e1c0af4faa4/1/RARoN0NRoTTYBVfiuU1otDWiHyU.roa
Signing time: Thu 18 May 2023 19:14:54 +0000
ROA not before: Thu 18 May 2023 19:14:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47537
IP address blocks: 46.28.44.0/24 maxlen: 24
46.28.45.0/24 maxlen: 24
46.28.46.0/24 maxlen: 24
46.28.47.0/24 maxlen: 24
91.208.12.0/24 maxlen: 24
2a02:2d00:21::/48 maxlen: 48
2a02:2d00:1::/48 maxlen: 48
2a02:2d00:30::/48 maxlen: 48
2a02:2d00:20::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:30:49:5c:bc:c5:e2:d1:0e:88:c5:50:17:ce:a7:fd:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f6363d428b7915c108825f09706004b8ea3d4b5
Validity
Not Before: May 18 19:14:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=440468374351a134d80557e2b94d68b435a21f25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:07:14:89:1f:98:66:fe:e4:74:44:3b:4b:4d:
cc:7f:b6:a7:43:ab:ce:8b:63:97:cd:bd:d5:1c:d2:
ef:2d:31:0b:90:06:82:4a:53:a3:aa:eb:37:0a:13:
bd:11:fc:66:06:e5:30:6f:ad:c0:97:bf:85:bc:2b:
19:99:51:3e:11:6b:e6:f0:d4:b6:43:f3:0b:da:8f:
fa:bb:db:9d:2b:af:71:53:41:39:5a:c0:14:99:18:
f4:f7:17:58:05:a0:67:ac:3d:e5:cf:67:68:50:96:
35:0f:df:77:a9:8d:ed:a2:f7:08:ca:34:ea:ce:e2:
f8:c2:ab:87:ed:10:88:8e:68:29:26:ef:58:72:91:
41:1b:d8:02:9f:54:a4:18:dc:41:d8:75:2a:91:94:
cf:30:98:04:6b:a8:a2:6a:17:d5:01:03:48:97:62:
dd:68:ad:a7:0c:d6:02:d7:32:6f:f8:08:b8:55:55:
bf:80:b9:89:f7:22:44:40:53:95:52:e3:89:b0:41:
37:77:ce:7a:1c:46:c5:bc:dd:ff:2a:fe:5d:d0:5a:
82:7c:7b:28:e8:d5:51:18:e6:ea:1e:20:ff:bc:ce:
10:8b:99:f2:ab:8d:e4:8c:8b:b1:db:0c:20:97:9e:
02:63:19:27:32:a8:1f:95:a2:38:be:bb:4e:25:69:
92:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:04:68:37:43:51:A1:34:D8:05:57:E2:B9:4D:68:B4:35:A2:1F:25
X509v3 Authority Key Identifier:
keyid:0F:63:63:D4:28:B7:91:5C:10:88:25:F0:97:06:00:4B:8E:A3:D4:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D2Nj1Ci3kVwQiCXwlwYAS46j1LU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/6becb0-18fd-4add-bb41-2e1c0af4faa4/1/RARoN0NRoTTYBVfiuU1otDWiHyU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/6becb0-18fd-4add-bb41-2e1c0af4faa4/1/D2Nj1Ci3kVwQiCXwlwYAS46j1LU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.28.44.0/22
91.208.12.0/24
IPv6:
2a02:2d00:1::/48
2a02:2d00:20::/47
2a02:2d00:30::/48
Signature Algorithm: sha256WithRSAEncryption
be:9c:45:b3:19:59:1d:ba:ab:c5:ae:1d:89:19:7a:49:73:b9:
9e:6d:69:48:83:26:a5:11:9a:42:36:68:fc:9c:2f:c0:b3:19:
b1:a3:1b:04:3e:91:a8:d3:34:ff:14:f7:8c:77:0e:6c:5a:ba:
20:69:4d:e0:be:e7:63:10:4d:7a:9c:88:ee:76:60:9d:63:18:
ce:33:fb:5d:b3:ad:89:e2:7c:60:6a:d8:fc:b7:8b:0e:1d:17:
a0:47:bc:99:dd:c1:e0:cc:ad:89:e9:11:3d:c4:27:a4:2b:78:
2e:18:c8:94:aa:25:97:d6:37:72:5a:53:1a:d4:da:83:55:39:
c3:a6:8b:06:fa:cc:49:5d:b4:4e:e6:5a:6e:13:35:7d:fe:60:
3c:9b:02:4b:64:a8:81:ef:a2:c2:03:fc:99:bc:b4:de:8b:fd:
26:82:8d:4e:a2:1f:0c:76:fe:70:93:57:dd:68:79:98:5c:db:
d7:20:b7:a9:76:2c:76:b8:08:42:1c:fb:5e:39:31:9f:e0:e3:
ed:95:e4:ed:7a:56:a4:b6:4a:8b:83:5c:8f:bf:d9:13:07:47:
f6:11:9c:05:6b:57:a7:9b:9f:23:f2:d1:dd:72:c8:f9:f1:17:
eb:bc:99:28:8e:22:ce:07:72:df:44:87:14:24:8d:8a:82:b3:
e1:01:54:11
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYgwSVy8xeLRDojFUBfOp/2kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmNjM2M2Q0MjhiNzkxNWMxMDg4MjVmMDk3MDYwMDRiOGVh
M2Q0YjUwHhcNMjMwNTE4MTkxNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDA0NjgzNzQzNTFhMTM0ZDgwNTU3ZTJiOTRkNjhiNDM1YTIxZjI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhQcUiR+YZv7kdEQ7S03Mf7anQ6vO
i2OXzb3VHNLvLTELkAaCSlOjqus3ChO9EfxmBuUwb63Al7+FvCsZmVE+EWvm8NS2
Q/ML2o/6u9udK69xU0E5WsAUmRj09xdYBaBnrD3lz2doUJY1D993qY3tovcIyjTq
zuL4wquH7RCIjmgpJu9YcpFBG9gCn1SkGNxB2HUqkZTPMJgEa6iiahfVAQNIl2Ld
aK2nDNYC1zJv+Ai4VVW/gLmJ9yJEQFOVUuOJsEE3d856HEbFvN3/Kv5d0FqCfHso
6NVRGObqHiD/vM4Qi5nyq43kjIux2wwgl54CYxknMqgflaI4vrtOJWmSEQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFEQEaDdDUaE02AVX4rlNaLQ1oh8lMB8GA1UdIwQY
MBaAFA9jY9Qot5FcEIgl8JcGAEuOo9S1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDJOajFDaTNrVndRaUNYd2x3WUFTNDZqMUxVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy82YmVjYjAtMThmZC00YWRkLWJiNDEt
MmUxYzBhZjRmYWE0LzEvUkFSb04wTlJvVFRZQlZmaXVVMW90RFdpSHlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy82YmVjYjAtMThmZC00YWRkLWJiNDEtMmUxYzBhZjRmYWE0
LzEvRDJOajFDaTNrVndRaUNYd2x3WUFTNDZqMUxVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzASBAIAATAMAwQCLhwsAwQA
W9AMMCEEAgACMBsDBwAqAi0AAAEDBwEqAi0AACADBwAqAi0AADAwDQYJKoZIhvcN
AQELBQADggEBAL6cRbMZWR26q8WuHYkZeklzuZ5taUiDJqURmkI2aPycL8CzGbGj
GwQ+kajTNP8U94x3DmxauiBpTeC+52MQTXqciO52YJ1jGM4z+12zrYnifGBq2Py3
iw4dF6BHvJndweDMrYnpET3EJ6QreC4YyJSqJZfWN3JaUxrU2oNVOcOmiwb6zEld
tE7mWm4TNX3+YDybAktkqIHvosID/Jm8tN6L/SaCjU6iHwx2/nCTV91oeZhc29cg
t6l2LHa4CEIc+145MZ/g4+2V5O16VqS2SouDXI+/2RMHR/YRnAVrV6ebnyPy0d1y
yPnxF+u8mSiOIs4Hct9EhxQkjYqCs+EBVBE=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:48:52 2025 by rpki-client