Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/DbkeEXED42oQypoc09VJAOzxn7Q.roa
File: DbkeEXED42oQypoc09VJAOzxn7Q.roa (raw, json)
Hash identifier: OZeSevDrhsTW/Yfa8naTPboRrgqanGPlou0bZfm+VcQ=
Subject key identifier: 0D:B9:1E:11:71:03:E3:6A:10:CA:9A:1C:D3:D5:49:00:EC:F1:9F:B4
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 018617349DF32ADA276036A8D8286A21CC64
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/DbkeEXED42oQypoc09VJAOzxn7Q.roa
Signing time: Fri 03 Feb 2023 12:16:09 +0000
ROA not before: Fri 03 Feb 2023 12:16:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61302
IP address blocks: 46.23.96.0/24 maxlen: 24
46.23.98.0/24 maxlen: 24
5.178.2.0/24 maxlen: 24
5.178.3.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:17:34:9d:f3:2a:da:27:60:36:a8:d8:28:6a:21:cc:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Feb 3 12:16:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0db91e117103e36a10ca9a1cd3d54900ecf19fb4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:83:a3:f6:a7:86:30:97:62:87:99:0c:07:d3:
0f:43:02:b2:a9:0e:51:7c:27:45:c3:6b:2e:9e:2f:
f9:ea:29:94:ef:35:20:e2:8c:14:29:16:02:47:78:
77:99:24:e7:6f:7e:ce:30:af:00:60:e0:33:9e:7b:
e9:c9:8d:23:cb:b0:9e:80:77:b6:c1:e0:2e:4e:20:
11:65:bf:eb:10:40:a1:5c:66:d9:86:6b:38:2e:62:
60:15:f9:4d:c5:6b:6c:ec:9a:d8:e3:06:8b:1f:d2:
c3:51:89:b7:5e:29:74:94:60:f9:85:91:f5:7e:e4:
8e:57:54:f4:71:e1:ff:aa:15:f5:74:45:60:ec:fd:
dd:02:c3:b4:83:62:09:26:a2:29:10:50:d5:93:da:
97:e8:1f:3e:22:1c:b5:4f:bc:31:b8:31:b1:11:23:
3b:6c:3e:9c:fd:87:ca:6b:68:63:83:3c:28:51:0c:
03:2d:0b:ed:b6:8b:0a:9c:df:e6:09:59:f9:dd:ca:
32:a2:f0:57:33:4b:03:79:50:5c:89:0c:1e:10:9b:
ba:15:32:d9:76:76:89:32:f8:dc:f1:c9:70:3f:5c:
3a:61:3c:e5:03:ce:95:7f:9d:b5:32:ca:d1:07:51:
27:c4:9b:5b:bd:95:f1:ed:9b:7d:67:97:07:37:d1:
5c:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:B9:1E:11:71:03:E3:6A:10:CA:9A:1C:D3:D5:49:00:EC:F1:9F:B4
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/DbkeEXED42oQypoc09VJAOzxn7Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.178.2.0/23
46.23.96.0/24
46.23.98.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:a6:f7:9f:17:71:68:bf:ab:27:d2:4f:15:da:e4:71:60:98:
17:86:c3:7a:7c:3f:93:fe:4b:23:58:61:bd:c8:30:d2:ca:03:
21:f7:14:77:c8:42:05:71:27:ac:2c:74:e1:4f:81:77:88:db:
d7:c3:00:93:2c:06:a2:39:5c:05:9c:d1:3d:3a:a8:8b:1e:9f:
9e:d5:2b:e5:a6:e5:00:20:39:18:b7:12:97:17:95:f0:de:09:
5e:20:a4:3f:f6:72:b2:f2:05:4a:09:bd:c4:79:4a:fb:5a:72:
a9:fa:84:d6:7a:cc:4f:42:7d:c9:9f:8c:a8:67:42:75:a3:89:
d0:69:05:b9:2d:c8:58:e5:56:c9:ad:e5:e6:87:f4:36:3f:dd:
f2:40:c7:80:80:18:3d:cb:62:1c:88:d6:49:93:34:26:8d:40:
0e:19:6c:3b:ff:92:a5:ab:cb:1f:79:2b:1f:cd:46:0b:ab:97:
e9:16:2e:7c:6c:f1:d6:2f:4d:dd:b5:05:c5:ab:f0:85:81:90:
8a:12:86:40:7a:5a:29:ef:76:c3:41:10:c8:a7:c3:c2:c7:e3:
4a:53:5c:9a:55:a1:fe:93:2a:ae:a6:14:a0:10:a3:7b:0a:f0:
c9:37:ed:8e:4e:14:36:0d:03:3a:6c:e3:2f:a0:b3:71:80:33:
38:a0:05:53
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYYXNJ3zKtonYDao2ChqIcxkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjMwMjAzMTIxNjA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZGI5MWUxMTcxMDNlMzZhMTBjYTlhMWNkM2Q1NDkwMGVjZjE5ZmI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgoOj9qeGMJdih5kMB9MPQwKyqQ5R
fCdFw2suni/56imU7zUg4owUKRYCR3h3mSTnb37OMK8AYOAznnvpyY0jy7CegHe2
weAuTiARZb/rEEChXGbZhms4LmJgFflNxWts7JrY4waLH9LDUYm3Xil0lGD5hZH1
fuSOV1T0ceH/qhX1dEVg7P3dAsO0g2IJJqIpEFDVk9qX6B8+Ihy1T7wxuDGxESM7
bD6c/YfKa2hjgzwoUQwDLQvttosKnN/mCVn53coyovBXM0sDeVBciQweEJu6FTLZ
dnaJMvjc8clwP1w6YTzlA86Vf521MsrRB1EnxJtbvZXx7Zt9Z5cHN9FcjQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFA25HhFxA+NqEMqaHNPVSQDs8Z+0MB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvRGJrZUVYRUQ0Mm9ReXBvYzA5VkpBT3p4bjdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBBbICAwQA
LhdgAwQALhdiMA0GCSqGSIb3DQEBCwUAA4IBAQBspvefF3Fov6sn0k8V2uRxYJgX
hsN6fD+T/ksjWGG9yDDSygMh9xR3yEIFcSesLHThT4F3iNvXwwCTLAaiOVwFnNE9
OqiLHp+e1SvlpuUAIDkYtxKXF5Xw3gleIKQ/9nKy8gVKCb3EeUr7WnKp+oTWesxP
Qn3Jn4yoZ0J1o4nQaQW5LchY5VbJreXmh/Q2P93yQMeAgBg9y2IciNZJkzQmjUAO
GWw7/5Klq8sfeSsfzUYLq5fpFi58bPHWL03dtQXFq/CFgZCKEoZAelop73bDQRDI
p8PCx+NKU1yaVaH+kyquphSgEKN7CvDJN+2OThQ2DQM6bOMvoLNxgDM4oAVT
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:46:00 2025 by rpki-client