Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/f3a79d-38cf-4905-ab5f-5bca45efde8c/1/qY09C55m__iuSgvvoLWlF5okLjY.roa
File: qY09C55m__iuSgvvoLWlF5okLjY.roa (raw, json)
Hash identifier: uIJNBrRwuO3e4tGV3bAlshM1A51aU2yjnaxWnfE30P0=
Subject key identifier: A9:8D:3D:0B:9E:66:FF:F8:AE:4A:0B:EF:A0:B5:A5:17:9A:24:2E:36
Certificate issuer: /CN=fa46a4f1143abe3adfc4b6835fa134e3df2cac34
Certificate serial: 018571277698DED4EBA7EB2E0BD6468C8794
Authority key identifier: FA:46:A4:F1:14:3A:BE:3A:DF:C4:B6:83:5F:A1:34:E3:DF:2C:AC:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-kak8RQ6vjrfxLaDX6E0498srDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/f3a79d-38cf-4905-ab5f-5bca45efde8c/1/qY09C55m__iuSgvvoLWlF5okLjY.roa
Signing time: Mon 02 Jan 2023 06:24:49 +0000
ROA not before: Mon 02 Jan 2023 06:24:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49909
IP address blocks: 46.20.128.0/20 maxlen: 24
178.21.120.0/21 maxlen: 24
2a00:1d10::/32 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:27:76:98:de:d4:eb:a7:eb:2e:0b:d6:46:8c:87:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fa46a4f1143abe3adfc4b6835fa134e3df2cac34
Validity
Not Before: Jan 2 06:24:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a98d3d0b9e66fff8ae4a0befa0b5a5179a242e36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:fe:4d:d1:6f:41:12:27:e1:97:5f:ae:0f:2c:
cd:e7:95:62:13:47:e6:08:f4:9f:8c:80:93:1d:b7:
7b:b7:d9:09:9d:44:a5:19:99:c9:b0:49:da:31:fd:
58:2a:72:55:1b:de:b6:24:62:56:fa:b9:4f:ef:81:
35:e3:c4:97:07:dc:82:5c:79:4b:3f:31:f8:25:6b:
b3:ca:02:1c:a8:7c:91:21:3a:c8:2d:72:f4:b2:32:
62:39:1b:b6:d5:68:a0:39:17:55:50:91:ad:d4:fc:
d4:db:e3:8c:ab:89:0a:d3:fa:87:a5:1f:c6:82:4f:
ac:12:d3:47:12:5a:b2:a8:a8:98:ad:4b:29:bd:1b:
bb:4a:f3:3d:ac:6e:cd:4f:e9:f8:ea:0f:da:5b:ec:
dd:17:03:9f:d3:db:70:9c:5a:44:69:fe:f2:4f:f4:
d4:95:e3:7d:63:a3:17:4a:c3:2f:6d:c8:90:e7:f0:
d3:1a:a8:9c:39:dd:78:09:f0:04:c8:e4:d2:51:38:
c2:63:86:2a:f6:89:65:d8:bc:16:d3:69:c5:ec:d7:
69:64:48:d0:4d:7a:63:bb:ea:3b:9a:bc:3d:13:5b:
b0:68:36:7c:3a:ff:d3:35:19:8a:2d:fb:06:ab:4f:
a6:c0:ab:2a:fe:2c:24:1b:68:d7:3a:ee:02:68:8e:
69:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:8D:3D:0B:9E:66:FF:F8:AE:4A:0B:EF:A0:B5:A5:17:9A:24:2E:36
X509v3 Authority Key Identifier:
keyid:FA:46:A4:F1:14:3A:BE:3A:DF:C4:B6:83:5F:A1:34:E3:DF:2C:AC:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-kak8RQ6vjrfxLaDX6E0498srDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/f3a79d-38cf-4905-ab5f-5bca45efde8c/1/qY09C55m__iuSgvvoLWlF5okLjY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/f3a79d-38cf-4905-ab5f-5bca45efde8c/1/1-kak8RQ6vjrfxLaDX6E0498srDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.20.128.0/20
178.21.120.0/21
IPv6:
2a00:1d10::/32
Signature Algorithm: sha256WithRSAEncryption
48:1d:b0:53:1f:79:75:89:07:dd:74:cf:4f:62:66:52:a2:0e:
b1:ae:11:bd:06:ff:e9:26:4d:3e:5b:e1:22:64:af:41:c7:2e:
76:8d:77:0b:1d:0a:91:91:9f:99:5e:01:3e:d8:f2:14:66:bd:
4a:71:fc:dd:19:16:6f:36:c7:d7:39:3c:02:70:d1:06:22:a8:
64:12:4e:0b:d4:fd:c2:4c:78:7e:34:1a:4e:20:b4:04:85:72:
11:bc:de:ea:03:c0:86:22:15:97:bc:1d:76:4a:bc:92:19:20:
be:56:62:bc:3f:e6:f4:c3:6c:a7:59:f1:23:d2:65:cd:0a:a6:
8f:8e:49:5a:d4:2e:41:3b:4f:d3:bd:bc:1c:90:cf:94:03:a5:
d8:a1:98:35:06:3c:c2:1e:ed:ca:9f:4d:0e:92:3b:77:67:84:
b8:1a:ef:ca:90:60:be:b5:78:10:10:9b:3a:a7:e2:f3:dc:67:
32:3b:a5:78:c0:ba:d5:bd:82:ed:f1:21:6d:a8:1d:8f:16:95:
f7:dd:57:22:88:9e:fd:e2:c4:9d:17:ed:a3:5f:ee:36:35:9d:
5a:fb:72:c9:c2:e4:0e:5a:51:e1:05:72:d1:ff:6c:75:03:3f:
e8:a5:5c:ce:24:52:bf:29:67:2c:39:46:f9:3f:e0:21:5d:2c:
8c:31:6c:b7
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVxJ3aY3tTrp+suC9ZGjIeUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhNDZhNGYxMTQzYWJlM2FkZmM0YjY4MzVmYTEzNGUzZGYy
Y2FjMzQwHhcNMjMwMTAyMDYyNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOThkM2QwYjllNjZmZmY4YWU0YTBiZWZhMGI1YTUxNzlhMjQyZTM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAif5N0W9BEifhl1+uDyzN55ViE0fm
CPSfjICTHbd7t9kJnUSlGZnJsEnaMf1YKnJVG962JGJW+rlP74E148SXB9yCXHlL
PzH4JWuzygIcqHyRITrILXL0sjJiORu21WigORdVUJGt1PzU2+OMq4kK0/qHpR/G
gk+sEtNHElqyqKiYrUspvRu7SvM9rG7NT+n46g/aW+zdFwOf09twnFpEaf7yT/TU
leN9Y6MXSsMvbciQ5/DTGqicOd14CfAEyOTSUTjCY4Yq9oll2LwW02nF7NdpZEjQ
TXpju+o7mrw9E1uwaDZ8Ov/TNRmKLfsGq0+mwKsq/iwkG2jXOu4CaI5pHQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFKmNPQueZv/4rkoL76C1pReaJC42MB8GA1UdIwQY
MBaAFPpGpPEUOr4638S2g1+hNOPfLKw0MA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1rYWs4UlE2dmpyZnhMYURYNkUwNDk4c3JEUS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGMvZjNhNzlkLTM4Y2YtNDkwNS1hYjVm
LTViY2E0NWVmZGU4Yy8xL3FZMDlDNTVtX19pdVNndnZvTFdsRjVva0xqWS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZGMvZjNhNzlkLTM4Y2YtNDkwNS1hYjVmLTViY2E0NWVmZGU4
Yy8xLzEta2FrOFJRNnZqcmZ4TGFEWDZFMDQ5OHNyRFEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwNAYIKwYBBQUHAQcBAf8EJTAjMBIEAgABMAwDBAQuFIAD
BAOyFXgwDQQCAAIwBwMFACoAHRAwDQYJKoZIhvcNAQELBQADggEBAEgdsFMfeXWJ
B910z09iZlKiDrGuEb0G/+kmTT5b4SJkr0HHLnaNdwsdCpGRn5leAT7Y8hRmvUpx
/N0ZFm82x9c5PAJw0QYiqGQSTgvU/cJMeH40Gk4gtASFchG83uoDwIYiFZe8HXZK
vJIZIL5WYrw/5vTDbKdZ8SPSZc0Kpo+OSVrULkE7T9O9vByQz5QDpdihmDUGPMIe
7cqfTQ6SO3dnhLga78qQYL61eBAQmzqn4vPcZzI7pXjAutW9gu3xIW2oHY8Wlffd
VyKInv3ixJ0X7aNf7jY1nVr7csnC5A5aUeEFctH/bHUDP+ilXM4kUr8pZyw5Rvk/
4CFdLIwxbLc=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:00:29 2025 by rpki-client