Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/E_ty2FP44RKNEp5VIYVC1ophKgI.roa
File: E_ty2FP44RKNEp5VIYVC1ophKgI.roa (raw, json)
Hash identifier: mtql7ziSgrDrQUGdOfc43B6sH9rY7BmAovRWBWfDEZ4=
Subject key identifier: 13:FB:72:D8:53:F8:E1:12:8D:12:9E:55:21:85:42:D6:8A:61:2A:02
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 01861792EA4F49ACAF3887AC50F94C9C673E
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/E_ty2FP44RKNEp5VIYVC1ophKgI.roa
Signing time: Fri 03 Feb 2023 13:59:09 +0000
ROA not before: Fri 03 Feb 2023 13:59:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61302
IP address blocks: 46.23.96.0/24 maxlen: 24
46.23.98.0/24 maxlen: 24
5.178.2.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:17:92:ea:4f:49:ac:af:38:87:ac:50:f9:4c:9c:67:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Feb 3 13:59:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=13fb72d853f8e1128d129e55218542d68a612a02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:d9:1a:78:b2:1a:4f:67:bd:1b:6d:d7:a1:7d:
68:16:4e:06:75:a3:97:96:0f:3d:8b:b5:b0:4b:ac:
71:36:a6:aa:c1:cf:3f:15:92:64:62:15:f6:c2:f8:
d1:ff:0e:16:82:af:17:11:8a:ea:f4:ac:97:d6:58:
29:67:f6:cc:cc:67:45:19:2d:19:07:da:93:59:69:
47:ef:30:77:09:b6:15:dc:98:07:b6:e7:df:70:ed:
3d:6c:43:03:2f:dc:ed:e3:9b:0b:21:d5:7f:45:71:
aa:49:fd:88:a9:e2:b0:02:53:46:9e:5a:a9:2d:d0:
2d:c4:0e:da:ba:88:7f:20:56:c3:69:75:74:32:e6:
a1:27:34:27:73:8d:3e:3e:2c:71:44:10:9c:92:06:
18:c5:93:1b:ba:d2:ec:c9:6a:43:07:70:2d:40:67:
d1:05:48:60:b1:43:22:ed:81:1f:e5:15:19:22:06:
b5:e9:9c:b0:bd:4e:9b:56:3a:7d:da:68:6e:a6:c0:
e0:3f:f4:e3:ef:6e:e9:a8:79:b9:86:39:31:d1:0f:
2c:17:a6:bc:12:c6:45:ea:b4:72:a6:2d:eb:50:ec:
b0:df:a2:14:80:43:8e:4f:3a:65:de:5a:27:89:e2:
21:0f:6a:63:0b:d8:9d:7c:c9:43:b2:12:5b:e8:e5:
31:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:FB:72:D8:53:F8:E1:12:8D:12:9E:55:21:85:42:D6:8A:61:2A:02
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/E_ty2FP44RKNEp5VIYVC1ophKgI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.178.2.0/24
46.23.96.0/24
46.23.98.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:ec:5a:20:f2:5a:0a:21:25:a4:ae:86:a6:cb:ad:f4:9c:54:
b5:33:cb:47:0c:e2:c4:98:fc:97:69:35:35:b7:4c:e5:83:ac:
8f:6e:43:c8:19:a2:14:c8:de:d7:a0:de:3d:e3:5f:1d:24:d3:
80:3f:ed:00:ff:57:da:4a:2e:ba:aa:a5:e2:64:d3:d2:a7:2c:
02:89:b7:23:c7:f0:1e:98:ea:a6:09:31:7a:4f:e3:3a:a5:7f:
82:12:0e:23:e2:38:f2:00:bb:2a:50:62:a7:08:5e:2b:e3:86:
6f:a9:71:3e:1a:8e:d8:31:a7:c3:60:76:40:92:42:ef:96:4c:
52:d5:ab:ac:e0:e3:ec:cd:af:df:f6:21:0e:78:c8:54:e9:27:
d1:61:0d:33:55:81:24:98:b1:2b:59:c5:1d:52:67:d9:b6:72:
39:c8:18:c4:8b:5c:0e:d7:fd:3c:45:51:19:2d:10:07:92:a0:
6c:a5:2b:cd:70:fc:26:4e:3f:bb:b9:56:3b:22:cf:81:dd:15:
08:fa:6d:4f:4e:3a:52:07:24:50:76:6f:08:9a:85:1a:a4:5c:
f6:a5:6f:ae:7b:dc:ba:22:95:b4:19:43:9d:56:15:ef:68:cb:
d4:80:2d:f7:5f:a3:cd:95:06:71:12:77:73:dd:ce:7b:8b:41:
0f:7f:cc:10
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYYXkupPSayvOIesUPlMnGc+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjMwMjAzMTM1OTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxM2ZiNzJkODUzZjhlMTEyOGQxMjllNTUyMTg1NDJkNjhhNjEyYTAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn9kaeLIaT2e9G23XoX1oFk4GdaOX
lg89i7WwS6xxNqaqwc8/FZJkYhX2wvjR/w4Wgq8XEYrq9KyX1lgpZ/bMzGdFGS0Z
B9qTWWlH7zB3CbYV3JgHtuffcO09bEMDL9zt45sLIdV/RXGqSf2IqeKwAlNGnlqp
LdAtxA7auoh/IFbDaXV0MuahJzQnc40+PixxRBCckgYYxZMbutLsyWpDB3AtQGfR
BUhgsUMi7YEf5RUZIga16ZywvU6bVjp92mhupsDgP/Tj727pqHm5hjkx0Q8sF6a8
EsZF6rRypi3rUOyw36IUgEOOTzpl3lonieIhD2pjC9idfMlDshJb6OUxLQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBP7cthT+OESjRKeVSGFQtaKYSoCMB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvRV90eTJGUDQ0UktORXA1VklZVkMxb3BoS2dJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQABbICAwQA
LhdgAwQALhdiMA0GCSqGSIb3DQEBCwUAA4IBAQBM7Fog8loKISWkroamy630nFS1
M8tHDOLEmPyXaTU1t0zlg6yPbkPIGaIUyN7XoN49418dJNOAP+0A/1faSi66qqXi
ZNPSpywCibcjx/AemOqmCTF6T+M6pX+CEg4j4jjyALsqUGKnCF4r44ZvqXE+Go7Y
MafDYHZAkkLvlkxS1aus4OPsza/f9iEOeMhU6SfRYQ0zVYEkmLErWcUdUmfZtnI5
yBjEi1wO1/08RVEZLRAHkqBspSvNcPwmTj+7uVY7Is+B3RUI+m1PTjpSByRQdm8I
moUapFz2pW+ue9y6IpW0GUOdVhXvaMvUgC33X6PNlQZxEndz3c57i0EPf8wQ
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:35:11 2025 by rpki-client