Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/f03cdc-2945-408c-8889-c69871f5d305/1/sh_h-a4WCDVaXrjVQchK_Wp2PV0.roa
File: sh_h-a4WCDVaXrjVQchK_Wp2PV0.roa (raw, json)
Hash identifier: OBPBOe6ArXmmRO3lL+MPYX3D2lyv0OGcEbN4jLWjeOY=
Subject key identifier: B2:1F:E1:F9:AE:16:08:35:5A:5E:B8:D5:41:C8:4A:FD:6A:76:3D:5D
Certificate issuer: /CN=5dedd6b0e36f4bd8f1d57e26cc1c2d18c6993c04
Certificate serial: 01823FA6676B28F7CDB5345FE75E6A3D504A
Authority key identifier: 5D:ED:D6:B0:E3:6F:4B:D8:F1:D5:7E:26:CC:1C:2D:18:C6:99:3C:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xe3WsONvS9jx1X4mzBwtGMaZPAQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/f03cdc-2945-408c-8889-c69871f5d305/1/sh_h-a4WCDVaXrjVQchK_Wp2PV0.roa
Signing time: Wed 27 Jul 2022 12:34:06 +0000
ROA not before: Wed 27 Jul 2022 12:34:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15987
IP address blocks: 46.41.14.0/24 maxlen: 24
46.41.32.0/24 maxlen: 24
185.112.252.0/22 maxlen: 24
188.246.17.0/24 maxlen: 24
188.246.23.0/24 maxlen: 24
2a02:a00:1009::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:3f:a6:67:6b:28:f7:cd:b5:34:5f:e7:5e:6a:3d:50:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5dedd6b0e36f4bd8f1d57e26cc1c2d18c6993c04
Validity
Not Before: Jul 27 12:34:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b21fe1f9ae1608355a5eb8d541c84afd6a763d5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:6f:b6:f0:30:66:86:f4:b0:e8:42:9a:9a:eb:
ea:35:24:fa:b6:d5:6f:50:d6:50:95:1e:c3:a8:f7:
d8:f6:bf:8a:a9:50:f5:eb:64:51:fe:d8:f8:18:d8:
f7:94:af:e3:b2:36:70:cd:59:53:c7:5b:64:d0:a3:
15:6b:08:e3:da:b6:56:1e:c1:6b:a4:cf:87:7a:40:
6e:e3:84:5f:a3:a5:ef:e2:36:e5:8f:ac:2b:4b:be:
03:82:e6:88:42:5e:6f:fe:13:d0:04:d1:a5:75:3c:
70:36:14:08:64:5f:93:95:e5:42:3f:dc:e1:b8:9b:
ea:64:75:78:7f:a8:00:f9:5e:4d:db:66:cc:03:d6:
0f:aa:d6:86:c6:61:c0:c4:39:d9:df:3f:9f:be:29:
77:3c:4a:35:e3:b7:d4:f5:d9:d9:45:b1:34:45:85:
28:dc:9b:b3:ad:5d:b9:ae:a7:45:e5:2d:c5:83:10:
6d:b1:c8:33:0b:66:4b:11:5a:50:8c:46:10:0c:21:
22:2a:ba:b5:8b:fb:f9:8c:ed:35:c5:98:e8:36:d9:
4a:9e:66:d3:2d:11:a2:9b:d5:fb:6e:05:22:ed:9c:
17:33:68:6f:9f:b6:30:4d:3b:ff:ec:e4:71:a3:d2:
cf:0f:c1:21:c4:95:0d:01:c2:62:f6:c9:97:8c:c6:
09:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:1F:E1:F9:AE:16:08:35:5A:5E:B8:D5:41:C8:4A:FD:6A:76:3D:5D
X509v3 Authority Key Identifier:
keyid:5D:ED:D6:B0:E3:6F:4B:D8:F1:D5:7E:26:CC:1C:2D:18:C6:99:3C:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xe3WsONvS9jx1X4mzBwtGMaZPAQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/f03cdc-2945-408c-8889-c69871f5d305/1/sh_h-a4WCDVaXrjVQchK_Wp2PV0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/f03cdc-2945-408c-8889-c69871f5d305/1/Xe3WsONvS9jx1X4mzBwtGMaZPAQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.41.14.0/24
46.41.32.0/24
185.112.252.0/22
188.246.17.0/24
188.246.23.0/24
IPv6:
2a02:a00:1009::/48
Signature Algorithm: sha256WithRSAEncryption
a1:8a:c0:06:91:13:4b:04:16:3a:ca:f3:b8:da:6c:b8:41:a3:
45:9c:7b:2a:2c:8c:99:ea:1b:e8:51:13:61:25:8f:4e:79:6e:
11:9a:02:12:d5:a1:28:ed:73:08:7b:00:73:a7:06:21:0d:e3:
db:cb:74:ca:f2:ab:25:04:5f:ac:8c:45:67:b3:22:68:af:55:
1f:ed:bd:7c:54:5a:52:38:2d:c3:07:b5:bb:af:b9:d3:05:cb:
ec:c2:d8:fd:fd:b6:7a:d6:78:87:c5:e2:90:3e:12:82:f7:d7:
78:b6:a1:34:fd:44:95:58:7a:f5:e9:a3:d6:b4:80:aa:0e:34:
99:73:a9:b9:e7:00:32:d5:14:af:9a:30:40:dd:48:a7:4b:5a:
41:69:77:dd:ad:85:32:c2:89:49:f2:54:4c:62:7f:47:47:87:
67:86:a6:de:8f:e4:29:36:8f:0a:6d:a6:c7:79:6d:d8:12:86:
d3:a8:14:d7:da:73:ca:4f:7f:f6:36:11:28:10:3f:1d:60:a4:
6b:52:1d:07:79:a8:0b:f1:58:1e:3a:a8:78:1e:12:77:d4:50:
a8:7f:0b:62:78:6a:8c:1b:7b:a9:bd:0c:6a:57:dc:9f:0a:84:
61:b6:39:21:f4:d9:55:12:af:20:a7:24:33:22:af:94:5e:0b:
b1:80:97:86
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYI/pmdrKPfNtTRf515qPVBKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkZWRkNmIwZTM2ZjRiZDhmMWQ1N2UyNmNjMWMyZDE4YzY5
OTNjMDQwHhcNMjIwNzI3MTIzNDA2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjFmZTFmOWFlMTYwODM1NWE1ZWI4ZDU0MWM4NGFmZDZhNzYzZDVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn2+28DBmhvSw6EKamuvqNST6ttVv
UNZQlR7DqPfY9r+KqVD162RR/tj4GNj3lK/jsjZwzVlTx1tk0KMVawjj2rZWHsFr
pM+HekBu44Rfo6Xv4jblj6wrS74DguaIQl5v/hPQBNGldTxwNhQIZF+TleVCP9zh
uJvqZHV4f6gA+V5N22bMA9YPqtaGxmHAxDnZ3z+fvil3PEo147fU9dnZRbE0RYUo
3JuzrV25rqdF5S3FgxBtscgzC2ZLEVpQjEYQDCEiKrq1i/v5jO01xZjoNtlKnmbT
LRGim9X7bgUi7ZwXM2hvn7YwTTv/7ORxo9LPD8EhxJUNAcJi9smXjMYJHwIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFLIf4fmuFgg1Wl641UHISv1qdj1dMB8GA1UdIwQY
MBaAFF3t1rDjb0vY8dV+JswcLRjGmTwEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGUzV3NPTnZTOWp4MVg0bXpCd3RHTWFaUEFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS9mMDNjZGMtMjk0NS00MDhjLTg4ODkt
YzY5ODcxZjVkMzA1LzEvc2hfaC1hNFdDRFZhWHJqVlFjaEtfV3AyUFYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS9mMDNjZGMtMjk0NS00MDhjLTg4ODktYzY5ODcxZjVkMzA1
LzEvWGUzV3NPTnZTOWp4MVg0bXpCd3RHTWFaUEFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAkBAIAATAeAwQALikOAwQA
LikgAwQCuXD8AwQAvPYRAwQAvPYXMA8EAgACMAkDBwAqAgoAEAkwDQYJKoZIhvcN
AQELBQADggEBAKGKwAaRE0sEFjrK87jabLhBo0WceyosjJnqG+hRE2Elj055bhGa
AhLVoSjtcwh7AHOnBiEN49vLdMryqyUEX6yMRWezImivVR/tvXxUWlI4LcMHtbuv
udMFy+zC2P39tnrWeIfF4pA+EoL313i2oTT9RJVYevXpo9a0gKoONJlzqbnnADLV
FK+aMEDdSKdLWkFpd92thTLCiUnyVExif0dHh2eGpt6P5Ck2jwptpsd5bdgShtOo
FNfac8pPf/Y2ESgQPx1gpGtSHQd5qAvxWB46qHgeEnfUUKh/C2J4aowbe6m9DGpX
3J8KhGG2OSH02VUSryCnJDMir5ReC7GAl4Y=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:53:24 2025 by rpki-client