Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/oIXPaujIXtm89Czwz1JcXIOJj1Y.roa
File: oIXPaujIXtm89Czwz1JcXIOJj1Y.roa (raw, json)
Hash identifier: jsEoA2YFvx7yP9ptsKQ9D1ccsjVFQu4RGpEt1NqGRHo=
Subject key identifier: A0:85:CF:6A:E8:C8:5E:D9:BC:F4:2C:F0:CF:52:5C:5C:83:89:8F:56
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 0184196F781DEE5D8BEE98D66D685CA65F5D
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/oIXPaujIXtm89Czwz1JcXIOJj1Y.roa
Signing time: Thu 27 Oct 2022 12:34:06 +0000
ROA not before: Thu 27 Oct 2022 12:34:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 398343
IP address blocks: 46.23.98.0/24 maxlen: 24
46.23.96.0/24 maxlen: 24
46.23.99.0/24 maxlen: 24
164.215.103.0/24 maxlen: 24
46.23.111.0/24 maxlen: 24
46.23.108.0/24 maxlen: 24
185.81.219.0/24 maxlen: 24
185.81.218.0/24 maxlen: 24
88.151.195.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:19:6f:78:1d:ee:5d:8b:ee:98:d6:6d:68:5c:a6:5f:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Oct 27 12:34:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a085cf6ae8c85ed9bcf42cf0cf525c5c83898f56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:ae:79:af:69:94:b8:d6:89:75:8c:98:bc:fb:
85:fd:ca:c1:14:7e:d9:ab:f6:bd:d7:25:42:cd:fb:
2d:9a:3c:2f:55:2f:ef:6a:67:6a:e6:cd:cb:72:0d:
c5:8d:a5:2f:de:01:aa:c0:d0:47:58:53:b7:c9:d3:
e1:b9:36:b7:71:fa:ab:7c:06:44:7c:d7:55:9e:51:
e5:7f:9c:5f:53:79:01:bc:34:e8:6d:80:ce:2c:8d:
2c:4d:a4:02:c1:c0:d3:ff:20:c1:5b:46:58:eb:3a:
e2:8b:b9:06:2d:e7:a3:76:62:32:74:f5:ef:58:ce:
16:a3:1b:ce:5b:96:f6:02:3d:c8:50:33:d4:a3:d0:
56:47:84:c6:be:a9:8c:de:a8:53:f5:9b:05:20:22:
b7:89:8d:b7:77:c9:61:9d:09:f1:65:db:f0:67:b3:
f6:91:71:ba:a5:92:1a:fa:d6:f1:65:33:b7:16:bb:
8c:ce:a2:85:ec:f3:05:a9:8d:c3:5c:67:0f:c9:1b:
1f:c4:86:dd:83:e4:1f:f0:c6:d3:e0:32:dc:13:80:
7d:31:7f:83:92:36:b8:db:cd:b6:a5:30:8f:70:c5:
6e:74:dc:66:4d:87:5c:bb:f3:08:81:55:43:93:b5:
7d:fa:dc:87:5e:f4:f7:50:e2:a9:44:05:28:90:c5:
e0:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:85:CF:6A:E8:C8:5E:D9:BC:F4:2C:F0:CF:52:5C:5C:83:89:8F:56
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/oIXPaujIXtm89Czwz1JcXIOJj1Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.23.96.0/24
46.23.98.0/23
46.23.108.0/24
46.23.111.0/24
88.151.195.0/24
164.215.103.0/24
185.81.218.0/23
Signature Algorithm: sha256WithRSAEncryption
6e:0f:ea:3d:ed:45:3e:ef:45:85:72:85:cc:e2:91:64:66:07:
53:62:d6:a9:9b:71:f6:3d:43:b8:7a:ca:a0:f1:54:5c:0e:0e:
36:6a:cb:c3:95:ed:6c:3a:98:82:34:ee:ac:9f:cf:7e:c9:98:
85:39:74:89:57:90:cc:a3:78:cc:44:af:95:9c:ff:ed:82:d9:
b4:ba:35:e8:6c:1d:35:2e:5d:e4:4b:db:8b:f6:af:b7:13:57:
96:20:9f:b6:34:ba:94:37:e6:9a:c3:c2:67:41:f6:71:2b:70:
a5:9d:70:51:cf:20:33:6d:06:a2:98:5a:72:d0:56:cf:c2:36:
3e:0b:ba:2f:bb:7a:7b:6a:f2:71:dc:4f:4d:f0:ed:f0:12:d6:
dd:3f:a9:86:0e:d5:a5:0e:64:54:d6:a9:94:ed:b4:b3:45:e8:
7c:26:69:e1:99:b2:c3:cb:e8:d2:af:5a:9d:7e:4c:b6:2c:5e:
a4:b3:6f:8e:f5:b0:38:53:ef:b7:c9:24:5e:ff:a5:03:d5:52:
4d:3f:4f:b0:e4:58:39:f6:6b:b9:a1:1f:38:b9:b9:cd:3f:bc:
a4:be:d4:1f:e0:08:40:b8:8a:67:b2:88:3f:fc:f2:fc:e2:5b:
2d:92:d7:51:99:8f:de:2f:88:b5:27:3f:e0:cf:9a:64:ed:7e:
0c:05:b8:1d
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYQZb3gd7l2L7pjWbWhcpl9dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjIxMDI3MTIzNDA2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDg1Y2Y2YWU4Yzg1ZWQ5YmNmNDJjZjBjZjUyNWM1YzgzODk4ZjU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoq55r2mUuNaJdYyYvPuF/crBFH7Z
q/a91yVCzfstmjwvVS/vamdq5s3Lcg3FjaUv3gGqwNBHWFO3ydPhuTa3cfqrfAZE
fNdVnlHlf5xfU3kBvDTobYDOLI0sTaQCwcDT/yDBW0ZY6zrii7kGLeejdmIydPXv
WM4WoxvOW5b2Aj3IUDPUo9BWR4TGvqmM3qhT9ZsFICK3iY23d8lhnQnxZdvwZ7P2
kXG6pZIa+tbxZTO3FruMzqKF7PMFqY3DXGcPyRsfxIbdg+Qf8MbT4DLcE4B9MX+D
kja42822pTCPcMVudNxmTYdcu/MIgVVDk7V9+tyHXvT3UOKpRAUokMXgxwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFKCFz2royF7ZvPQs8M9SXFyDiY9WMB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvb0lYUGF1aklYdG04OUN6d3oxSmNYSU9KajFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQALhdgAwQB
LhdiAwQALhdsAwQALhdvAwQAWJfDAwQApNdnAwQBuVHaMA0GCSqGSIb3DQEBCwUA
A4IBAQBuD+o97UU+70WFcoXM4pFkZgdTYtapm3H2PUO4esqg8VRcDg42asvDle1s
OpiCNO6sn89+yZiFOXSJV5DMo3jMRK+VnP/tgtm0ujXobB01Ll3kS9uL9q+3E1eW
IJ+2NLqUN+aaw8JnQfZxK3ClnXBRzyAzbQaimFpy0FbPwjY+C7ovu3p7avJx3E9N
8O3wEtbdP6mGDtWlDmRU1qmU7bSzReh8JmnhmbLDy+jSr1qdfky2LF6ks2+O9bA4
U++3ySRe/6UD1VJNP0+w5Fg59mu5oR84ubnNP7ykvtQf4AhAuIpnsog//PL84lst
ktdRmY/eL4i1Jz/gz5pk7X4MBbgd
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:39:43 2025 by rpki-client