Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/o7aifAPx-4n-MSAII0lbhMuKCEk.roa
File: o7aifAPx-4n-MSAII0lbhMuKCEk.roa (raw, json)
Hash identifier: cYV3+BYHpqVCsSpBOU2NejIA00EnOtWg4iazvOqR3Us=
Subject key identifier: A3:B6:A2:7C:03:F1:FB:89:FE:31:20:08:23:49:5B:84:CB:8A:08:49
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 03A9FC8C
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/o7aifAPx-4n-MSAII0lbhMuKCEk.roa
Signing time: Wed 18 May 2022 19:23:17 +0000
ROA not before: Wed 18 May 2022 19:23:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2118
IP address blocks: 46.23.98.0/24 maxlen: 24
46.23.96.0/24 maxlen: 24
46.23.99.0/24 maxlen: 24
46.23.108.0/24 maxlen: 24
46.23.111.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 61471884 (0x3a9fc8c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: May 18 19:23:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a3b6a27c03f1fb89fe31200823495b84cb8a0849
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:9b:c8:c4:5c:0d:63:a9:7e:97:f2:6e:b8:b0:
4a:1c:81:58:e7:8c:96:ad:dc:bb:25:01:72:80:ca:
1c:bb:71:db:07:1c:29:2c:4a:5f:73:f3:8e:89:a0:
3a:29:3a:e4:19:4b:27:90:ab:f9:f9:45:ab:e2:30:
ac:85:19:ad:98:ab:d8:2a:c7:a7:09:70:45:f8:ce:
36:2a:09:01:de:d4:99:b3:9c:90:6d:af:17:d9:9c:
b1:a1:fd:a6:c9:a7:9d:97:73:bb:52:c4:6a:4d:5f:
d8:87:ed:8f:08:86:f3:85:29:2b:4c:fb:65:f3:35:
e7:8c:5e:88:a6:95:f8:3c:5b:f1:2b:63:5d:fb:73:
2b:7c:3a:f9:5e:9c:0d:50:00:14:1a:c2:ef:70:c4:
79:21:87:6a:76:cd:e0:44:a6:52:16:fc:ed:54:ee:
f7:ac:ab:49:69:49:d0:89:72:0b:35:c7:40:49:e5:
80:7c:98:2b:2a:7f:28:ad:eb:7f:50:49:ec:c1:46:
ef:70:15:ce:e3:a5:22:94:d1:de:cb:d9:7f:3a:39:
0b:58:0e:28:c3:c4:18:f1:1b:19:aa:f0:e4:fd:c6:
df:3e:18:27:e1:28:1b:23:85:65:76:51:b8:17:15:
61:4d:c8:b4:fe:11:bf:73:26:4b:40:21:b3:ef:fa:
af:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:B6:A2:7C:03:F1:FB:89:FE:31:20:08:23:49:5B:84:CB:8A:08:49
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/o7aifAPx-4n-MSAII0lbhMuKCEk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.23.96.0/24
46.23.98.0/23
46.23.108.0/24
46.23.111.0/24
Signature Algorithm: sha256WithRSAEncryption
14:b3:cd:22:ab:6e:ac:c1:f2:52:0d:00:ae:8d:8a:95:35:90:
bc:e2:5a:ba:35:93:9d:c8:e8:1e:47:2c:6a:9b:71:51:d0:84:
0b:c4:7a:37:6e:f3:f7:88:2c:30:02:20:2c:99:31:8b:7e:75:
88:3d:74:35:88:2a:ca:f1:3b:2a:30:79:b9:85:b4:fa:88:c4:
26:0c:02:68:bb:9f:77:a2:02:df:66:7a:6f:75:9c:50:e5:76:
96:e4:0d:d8:ed:5b:9f:d6:5d:e7:94:24:96:60:c1:ae:05:26:
4c:63:73:a1:4d:2b:c4:d9:a6:f7:26:ad:25:f6:80:43:d0:c6:
5e:b4:29:d3:ff:ad:c5:58:4a:66:ad:03:41:28:ed:e2:12:0f:
c3:3e:01:de:ea:23:f5:f9:3d:5e:92:69:9b:bc:69:56:df:ee:
03:ca:52:0d:9f:c0:b7:8a:2f:10:99:9d:7a:10:49:e2:86:d1:
23:d6:8e:11:5f:ac:c7:5c:23:05:c5:6a:38:3d:55:85:8c:5a:
7c:56:2f:b4:41:8f:2a:3e:4e:17:de:b7:81:1d:7b:0e:c4:bd:
68:14:c6:93:52:c0:77:12:b1:d0:00:0c:77:57:64:95:0f:50:
9d:b1:ae:28:86:80:77:f2:b5:42:dc:53:e6:55:a2:d5:42:70:
7f:e7:a9:81
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEA6n8jDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
ZDA2YTQyYmIyNDQ2ZTUxZjE5MmVhMzc1YmRmN2VlYzVhNTFjNzdmMB4XDTIyMDUx
ODE5MjMxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTNiNmEyN2MwM2Yx
ZmI4OWZlMzEyMDA4MjM0OTViODRjYjhhMDg0OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANqbyMRcDWOpfpfybriwShyBWOeMlq3cuyUBcoDKHLtx2wcc
KSxKX3PzjomgOik65BlLJ5Cr+flFq+IwrIUZrZir2CrHpwlwRfjONioJAd7UmbOc
kG2vF9mcsaH9psmnnZdzu1LEak1f2IftjwiG84UpK0z7ZfM154xeiKaV+Dxb8Stj
XftzK3w6+V6cDVAAFBrC73DEeSGHanbN4ESmUhb87VTu96yrSWlJ0IlyCzXHQEnl
gHyYKyp/KK3rf1BJ7MFG73AVzuOlIpTR3svZfzo5C1gOKMPEGPEbGarw5P3G3z4Y
J+EoGyOFZXZRuBcVYU3ItP4Rv3MmS0Ahs+/6r1MCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBSjtqJ8A/H7if4xIAgjSVuEy4oISTAfBgNVHSMEGDAWgBR9BqQrskRuUfGS
6jdb337sWlHHfzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2ZRYWtLN0pFYmxIeGt1bzNXOTktN0ZwUngzOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWMvNzgwMDJhLTRmYzAtNGRiZi04NTg1LTJjZjgwNmIyZDBmMi8x
L283YWlmQVB4LTRuLU1TQUlJMGxiaE11S0NFay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWMv
NzgwMDJhLTRmYzAtNGRiZi04NTg1LTJjZjgwNmIyZDBmMi8xL2ZRYWtLN0pFYmxI
eGt1bzNXOTktN0ZwUngzOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAC4XYAMEAS4XYgMEAC4XbAMEAC4X
bzANBgkqhkiG9w0BAQsFAAOCAQEAFLPNIqturMHyUg0Aro2KlTWQvOJaujWTncjo
HkcsaptxUdCEC8R6N27z94gsMAIgLJkxi351iD10NYgqyvE7KjB5uYW0+ojEJgwC
aLufd6IC32Z6b3WcUOV2luQN2O1bn9Zd55QklmDBrgUmTGNzoU0rxNmm9yatJfaA
Q9DGXrQp0/+txVhKZq0DQSjt4hIPwz4B3uoj9fk9XpJpm7xpVt/uA8pSDZ/At4ov
EJmdehBJ4obRI9aOEV+sx1wjBcVqOD1VhYxafFYvtEGPKj5OF963gR17DsS9aBTG
k1LAdxKx0AAMd1dklQ9QnbGuKIaAd/K1QtxT5lWi1UJwf+epgQ==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:32:08 2025 by rpki-client