Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/8cac0c-3426-4f07-af20-cbb95183b27a/1/_qG0nmctRpAApx-BqUEXljTuGoc.roa
File: _qG0nmctRpAApx-BqUEXljTuGoc.roa (raw, json)
Hash identifier: 3aRNOxI1Q658vloW3tDRm4gFQxuFh0YBGQxnUs89XfY=
Subject key identifier: FE:A1:B4:9E:67:2D:46:90:00:A7:1F:81:A9:41:17:96:34:EE:1A:87
Certificate issuer: /CN=a36d0ae5e2fbffcce08770ebc20c216b9fbf9485
Certificate serial: 01859BAA2EBDE3468A1FAF1D8FC9432DCC93
Authority key identifier: A3:6D:0A:E5:E2:FB:FF:CC:E0:87:70:EB:C2:0C:21:6B:9F:BF:94:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o20K5eL7_8zgh3Drwgwha5-_lIU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/8cac0c-3426-4f07-af20-cbb95183b27a/1/_qG0nmctRpAApx-BqUEXljTuGoc.roa
Signing time: Tue 10 Jan 2023 12:31:39 +0000
ROA not before: Tue 10 Jan 2023 12:31:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57865
IP address blocks: 46.191.184.0/22 maxlen: 22
46.191.190.0/23 maxlen: 23
46.191.188.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:9b:aa:2e:bd:e3:46:8a:1f:af:1d:8f:c9:43:2d:cc:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a36d0ae5e2fbffcce08770ebc20c216b9fbf9485
Validity
Not Before: Jan 10 12:31:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fea1b49e672d469000a71f81a941179634ee1a87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:3b:93:6f:d0:89:a5:db:7a:e4:93:54:d0:42:
e1:28:bd:59:d0:19:4d:ac:f6:f7:0c:1d:f9:a6:46:
86:77:c4:ea:d1:87:8b:3e:34:5c:20:16:ba:b6:fd:
98:0f:1c:3a:83:54:1e:4a:51:5b:ea:26:80:25:c4:
18:91:67:ea:80:f0:cf:fc:65:92:da:75:a1:55:4c:
14:8f:4a:8a:7d:e3:3f:94:c7:af:4f:a9:4b:20:ad:
d1:b0:9a:bb:be:15:de:67:2c:e1:b6:fd:d8:af:87:
5b:c3:d5:19:f8:a0:4e:cc:e9:0a:d9:44:cd:13:25:
09:37:9c:ec:44:84:32:4b:ed:de:13:ba:f2:c1:3b:
8f:d4:76:45:34:d8:7c:5e:d8:96:b1:5b:4f:60:b7:
37:e0:bb:0a:ba:f0:c5:3d:22:0f:83:8a:64:5c:c4:
f1:37:b2:ca:af:dc:a0:06:61:69:56:0d:07:8e:c9:
18:74:e0:f3:69:f2:c0:fe:0e:ee:a4:dd:8b:1e:2a:
f9:e3:91:7e:0e:d9:b5:5f:77:dc:dc:f5:a0:ae:83:
90:4a:8c:b0:20:45:39:4d:aa:d7:a3:9f:b8:1f:13:
f5:64:a7:2c:d1:c0:6f:4b:1b:39:e5:84:5c:d5:4e:
5b:88:9a:ff:bb:00:c0:65:40:f4:38:28:cb:4d:49:
6b:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:A1:B4:9E:67:2D:46:90:00:A7:1F:81:A9:41:17:96:34:EE:1A:87
X509v3 Authority Key Identifier:
keyid:A3:6D:0A:E5:E2:FB:FF:CC:E0:87:70:EB:C2:0C:21:6B:9F:BF:94:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o20K5eL7_8zgh3Drwgwha5-_lIU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/8cac0c-3426-4f07-af20-cbb95183b27a/1/_qG0nmctRpAApx-BqUEXljTuGoc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/8cac0c-3426-4f07-af20-cbb95183b27a/1/o20K5eL7_8zgh3Drwgwha5-_lIU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.191.184.0/21
Signature Algorithm: sha256WithRSAEncryption
7b:61:2d:28:57:a9:ff:ad:a3:e5:fd:87:77:bd:5c:5c:17:5f:
8c:7a:a2:53:66:43:ee:74:5f:f9:3d:dd:22:ba:c8:f3:2a:69:
52:c3:85:86:99:ad:79:df:72:eb:68:97:46:0d:7e:fb:26:b1:
21:d0:39:1c:61:da:d3:c9:b2:8b:0c:a1:c2:11:8d:56:34:b0:
b0:8b:9d:38:3c:a7:76:95:76:7c:95:21:91:2c:2f:15:e4:a5:
a5:9b:ea:da:ed:47:78:9d:89:a1:1a:58:7a:84:41:55:6b:e6:
a0:57:1b:e3:60:94:d6:90:5a:60:52:3b:da:1e:43:25:13:fe:
5b:d7:d5:3f:36:7d:75:fa:98:d5:b8:a5:5a:d1:42:62:bf:d7:
9e:7b:1f:c2:15:c0:ff:6e:27:77:08:7d:02:81:68:dc:9b:96:
37:2d:a2:62:0b:e6:fb:b0:2f:6a:70:25:10:62:9a:a1:cc:0e:
57:c2:83:33:58:6c:95:73:17:c9:37:6b:49:9e:85:7e:20:61:
26:31:77:5b:00:bd:6b:8f:fb:75:82:a3:a7:b9:60:60:dc:6c:
de:bf:fb:50:91:e6:b5:f7:c8:bc:52:cb:fe:8e:36:9d:2f:29:
45:4f:5c:39:94:12:7a:67:c1:de:48:fd:f2:1e:3b:d5:3e:f9:
4e:72:73:ee
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYWbqi6940aKH68dj8lDLcyTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzNmQwYWU1ZTJmYmZmY2NlMDg3NzBlYmMyMGMyMTZiOWZi
Zjk0ODUwHhcNMjMwMTEwMTIzMTM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZWExYjQ5ZTY3MmQ0NjkwMDBhNzFmODFhOTQxMTc5NjM0ZWUxYTg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArjuTb9CJpdt65JNU0ELhKL1Z0BlN
rPb3DB35pkaGd8Tq0YeLPjRcIBa6tv2YDxw6g1QeSlFb6iaAJcQYkWfqgPDP/GWS
2nWhVUwUj0qKfeM/lMevT6lLIK3RsJq7vhXeZyzhtv3Yr4dbw9UZ+KBOzOkK2UTN
EyUJN5zsRIQyS+3eE7rywTuP1HZFNNh8XtiWsVtPYLc34LsKuvDFPSIPg4pkXMTx
N7LKr9ygBmFpVg0HjskYdODzafLA/g7upN2LHir545F+Dtm1X3fc3PWgroOQSoyw
IEU5TarXo5+4HxP1ZKcs0cBvSxs55YRc1U5biJr/uwDAZUD0OCjLTUlr7wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP6htJ5nLUaQAKcfgalBF5Y07hqHMB8GA1UdIwQY
MBaAFKNtCuXi+//M4Idw68IMIWufv5SFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzIwSzVlTDdfOHpnaDNEcndnd2hhNS1fbElVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC84Y2FjMGMtMzQyNi00ZjA3LWFmMjAt
Y2JiOTUxODNiMjdhLzEvX3FHMG5tY3RScEFBcHgtQnFVRVhsalR1R29jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC84Y2FjMGMtMzQyNi00ZjA3LWFmMjAtY2JiOTUxODNiMjdh
LzEvbzIwSzVlTDdfOHpnaDNEcndnd2hhNS1fbElVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDLr+4MA0G
CSqGSIb3DQEBCwUAA4IBAQB7YS0oV6n/raPl/Yd3vVxcF1+MeqJTZkPudF/5Pd0i
usjzKmlSw4WGma1533LraJdGDX77JrEh0DkcYdrTybKLDKHCEY1WNLCwi504PKd2
lXZ8lSGRLC8V5KWlm+ra7Ud4nYmhGlh6hEFVa+agVxvjYJTWkFpgUjvaHkMlE/5b
19U/Nn11+pjVuKVa0UJiv9eeex/CFcD/bid3CH0CgWjcm5Y3LaJiC+b7sC9qcCUQ
YpqhzA5XwoMzWGyVcxfJN2tJnoV+IGEmMXdbAL1rj/t1gqOnuWBg3Gzev/tQkea1
98i8Usv+jjadLylFT1w5lBJ6Z8HeSP3yHjvVPvlOcnPu
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:05:08 2025 by rpki-client