Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/RRYQlbcj-ihTYk3z-0jD6rfkSoY.roa
File: RRYQlbcj-ihTYk3z-0jD6rfkSoY.roa (raw, json)
Hash identifier: PuApdFMnGFyfHv86FqL2jpY2w4n+xKIS3INYz07GquM=
Subject key identifier: 45:16:10:95:B7:23:FA:28:53:62:4D:F3:FB:48:C3:EA:B7:E4:4A:86
Certificate issuer: /CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Certificate serial: 018B6700ED98E04470FC7DFA50B97518CC42
Authority key identifier: D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/RRYQlbcj-ihTYk3z-0jD6rfkSoY.roa
Signing time: Wed 25 Oct 2023 13:23:15 +0000
ROA not before: Wed 25 Oct 2023 13:23:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 46.37.98.0/24 maxlen: 24
46.37.113.0/24 maxlen: 24
46.37.127.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:67:00:ed:98:e0:44:70:fc:7d:fa:50:b9:75:18:cc:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Validity
Not Before: Oct 25 13:23:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=45161095b723fa2853624df3fb48c3eab7e44a86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:ed:30:47:e1:fa:d0:3a:5d:c2:a4:42:89:53:
77:0f:8d:eb:f6:82:ee:6b:31:42:85:af:bc:de:4f:
e7:43:47:00:97:6c:2c:81:ad:c0:c3:d6:02:2a:d7:
92:c7:17:93:ed:c4:04:bd:00:6c:2a:5e:41:43:dc:
f9:9f:50:47:74:04:2b:81:a6:84:7a:02:1e:86:ff:
cc:97:28:47:af:b2:89:4f:77:99:73:49:e9:85:d8:
22:9b:6e:f4:94:4e:03:93:e7:e0:1f:18:e4:17:ea:
53:9c:65:ba:1f:d0:a1:96:af:6b:e0:8a:6f:f0:02:
bb:f5:4e:8d:69:07:21:6f:7e:5d:89:b4:03:7c:da:
ab:55:7b:80:b9:9f:5f:ab:d5:26:71:99:7f:01:ef:
12:4b:16:20:b6:88:8e:a1:73:90:94:b9:c3:ef:67:
35:e8:1d:86:78:2f:b9:86:37:6b:3c:37:22:14:80:
91:9a:18:86:e6:15:53:57:cb:12:c2:39:60:80:51:
59:29:5f:9d:21:04:7f:88:90:a3:c1:90:8d:6a:3f:
46:d8:9d:55:87:c9:d9:e5:7e:5f:6d:4c:d8:ac:4e:
21:61:af:a4:68:5a:c4:fa:18:1b:e6:78:a3:a2:a4:
10:cb:50:da:c8:00:19:95:b5:43:0a:ab:ff:a6:54:
6c:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:16:10:95:B7:23:FA:28:53:62:4D:F3:FB:48:C3:EA:B7:E4:4A:86
X509v3 Authority Key Identifier:
keyid:D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/RRYQlbcj-ihTYk3z-0jD6rfkSoY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.37.98.0/24
46.37.113.0/24
46.37.127.0/24
Signature Algorithm: sha256WithRSAEncryption
b2:70:1c:bd:f6:13:5e:d2:d2:ea:74:a5:27:79:7a:82:b4:9d:
f9:68:e9:fb:44:ba:b4:67:86:49:88:3d:6e:67:18:7d:b3:1b:
78:15:36:b0:b0:97:58:7b:1d:26:17:70:0b:d6:b3:c5:b7:5d:
39:0f:a8:99:36:89:e6:88:db:ce:0d:6c:ab:5e:b8:57:0d:53:
c8:b2:60:d3:03:80:c6:39:58:58:e5:5a:ef:04:02:ce:a5:d7:
14:e6:12:ef:a2:1c:74:27:d4:bc:2a:3b:10:27:ce:0c:26:10:
b3:a1:8d:fe:ec:1f:ac:86:ca:97:ba:aa:a5:d6:f4:53:3d:44:
4b:e6:d3:8b:0c:ab:a2:65:e7:69:1b:62:eb:84:cd:63:10:f3:
9e:91:62:95:01:9e:d2:b0:91:f1:df:55:e0:15:01:ac:a5:0f:
6f:f6:72:94:d9:90:41:93:93:e4:1b:e4:36:4b:40:9e:49:94:
d1:06:eb:a0:4b:17:54:b4:5d:d5:59:99:b4:82:84:c3:3e:2e:
fa:ee:7c:f6:ae:e1:cf:9d:db:6a:f5:30:13:aa:ba:6c:97:25:
04:f9:df:d7:c6:0f:c0:b4:95:4f:bf:a3:2b:20:69:f8:c7:7a:
e9:ed:e0:3d:0a:cf:dc:91:58:b1:60:ee:74:7a:c5:d6:88:74:
a7:37:6b:43
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYtnAO2Y4ERw/H36ULl1GMxCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2YwODg0OTE4YTUwMjM5ZWY3MDUxOGVlOWZjMDRmMWFh
ZTE5MjkwHhcNMjMxMDI1MTMyMzE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTE2MTA5NWI3MjNmYTI4NTM2MjRkZjNmYjQ4YzNlYWI3ZTQ0YTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtu0wR+H60DpdwqRCiVN3D43r9oLu
azFCha+83k/nQ0cAl2wsga3Aw9YCKteSxxeT7cQEvQBsKl5BQ9z5n1BHdAQrgaaE
egIehv/MlyhHr7KJT3eZc0nphdgim270lE4Dk+fgHxjkF+pTnGW6H9Chlq9r4Ipv
8AK79U6NaQchb35dibQDfNqrVXuAuZ9fq9UmcZl/Ae8SSxYgtoiOoXOQlLnD72c1
6B2GeC+5hjdrPDciFICRmhiG5hVTV8sSwjlggFFZKV+dIQR/iJCjwZCNaj9G2J1V
h8nZ5X5fbUzYrE4hYa+kaFrE+hgb5nijoqQQy1DayAAZlbVDCqv/plRsnwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEUWEJW3I/ooU2JN8/tIw+q35EqGMB8GA1UdIwQY
MBaAFNPPCISRilAjnvcFGO6fwE8arhkpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEt
MjMxNTQ5NDA5NzIwLzEvUlJZUWxiY2otaWhUWWszei0wakQ2cmZrU29ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEtMjMxNTQ5NDA5NzIw
LzEvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALiViAwQA
LiVxAwQALiV/MA0GCSqGSIb3DQEBCwUAA4IBAQCycBy99hNe0tLqdKUneXqCtJ35
aOn7RLq0Z4ZJiD1uZxh9sxt4FTawsJdYex0mF3AL1rPFt105D6iZNonmiNvODWyr
XrhXDVPIsmDTA4DGOVhY5VrvBALOpdcU5hLvohx0J9S8KjsQJ84MJhCzoY3+7B+s
hsqXuqql1vRTPURL5tOLDKuiZedpG2LrhM1jEPOekWKVAZ7SsJHx31XgFQGspQ9v
9nKU2ZBBk5PkG+Q2S0CeSZTRBuugSxdUtF3VWZm0goTDPi767nz2ruHPndtq9TAT
qrpslyUE+d/Xxg/AtJVPv6MrIGn4x3rp7eA9Cs/ckVixYO50esXWiHSnN2tD
-----END CERTIFICATE-----
Generated at Tue Jun 10 13:00:21 2025 by rpki-client