Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/f3d446-ac06-4902-a647-ef1570c72599/1/bn44Cklvzfp_Wv3Mn0dBVVBvxOI.roa
File: bn44Cklvzfp_Wv3Mn0dBVVBvxOI.roa (raw, json)
Hash identifier: Xo2tQ81GPf7MhK1U1EJ8+Qdc34lRd0rWR/RTN8GoPDI=
Subject key identifier: 6E:7E:38:0A:49:6F:CD:FA:7F:5A:FD:CC:9F:47:41:55:50:6F:C4:E2
Certificate issuer: /CN=e13e3716139465e6a8cf9f6bd8b5b8f7633af228
Certificate serial: 0185720C902FEE88FF2FC230F19EB08ECD3C
Authority key identifier: E1:3E:37:16:13:94:65:E6:A8:CF:9F:6B:D8:B5:B8:F7:63:3A:F2:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4T43FhOUZeaoz59r2LW492M68ig.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/f3d446-ac06-4902-a647-ef1570c72599/1/bn44Cklvzfp_Wv3Mn0dBVVBvxOI.roa
Signing time: Mon 02 Jan 2023 10:35:03 +0000
ROA not before: Mon 02 Jan 2023 10:35:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51678
IP address blocks: 46.17.136.0/21 maxlen: 24
5.2.24.0/21 maxlen: 24
134.255.184.0/21 maxlen: 24
2a01:b300::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:0c:90:2f:ee:88:ff:2f:c2:30:f1:9e:b0:8e:cd:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e13e3716139465e6a8cf9f6bd8b5b8f7633af228
Validity
Not Before: Jan 2 10:35:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6e7e380a496fcdfa7f5afdcc9f474155506fc4e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:96:9e:c8:0a:d5:31:fc:e7:b3:1d:20:3d:e0:
d7:08:df:00:b9:7f:ce:41:80:17:a8:c3:b7:b5:f2:
72:21:7c:d1:7f:44:c4:57:c8:b6:e1:68:39:52:48:
5f:10:79:4a:39:44:9e:b2:64:be:15:dd:cd:7e:5a:
f8:66:12:3c:45:8a:33:13:14:ee:c4:50:11:65:74:
92:16:5d:0d:3b:23:ad:b7:12:43:f9:29:56:ac:e1:
21:31:0c:cd:93:1d:06:27:b4:bc:51:9a:ad:02:57:
cf:d5:e4:c2:cd:43:82:02:2b:4b:66:17:48:31:d4:
89:dd:f6:9a:9e:69:e2:ed:22:03:0c:00:f0:aa:e9:
7d:f5:c5:51:14:5f:3d:82:b6:1b:3b:72:71:3c:2f:
a3:4b:e9:5b:d8:d7:41:14:1b:b1:42:e6:48:21:d3:
f7:81:6f:67:ef:c0:ae:ae:30:63:aa:b9:72:26:2a:
e2:85:f2:03:91:98:2c:62:15:4c:65:f5:68:84:5e:
02:99:4c:7f:bb:36:fb:13:c1:64:d6:1e:fb:1b:e9:
51:a0:3b:58:76:ce:08:66:93:70:78:ae:66:9b:00:
4f:1d:42:e7:b7:de:6d:1c:4b:b6:42:1b:32:85:58:
47:65:2f:fa:80:ce:66:5c:b6:6c:88:4b:f8:35:8e:
8c:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:7E:38:0A:49:6F:CD:FA:7F:5A:FD:CC:9F:47:41:55:50:6F:C4:E2
X509v3 Authority Key Identifier:
keyid:E1:3E:37:16:13:94:65:E6:A8:CF:9F:6B:D8:B5:B8:F7:63:3A:F2:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4T43FhOUZeaoz59r2LW492M68ig.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/f3d446-ac06-4902-a647-ef1570c72599/1/bn44Cklvzfp_Wv3Mn0dBVVBvxOI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/f3d446-ac06-4902-a647-ef1570c72599/1/4T43FhOUZeaoz59r2LW492M68ig.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.2.24.0/21
46.17.136.0/21
134.255.184.0/21
IPv6:
2a01:b300::/29
Signature Algorithm: sha256WithRSAEncryption
73:74:bd:08:9e:58:ab:9a:25:fc:6e:40:7c:ec:7b:a6:ae:99:
a5:a8:66:80:8c:08:22:db:2f:b0:0f:93:93:27:a0:1c:db:f5:
b9:7f:10:6a:eb:bd:6d:4d:36:02:07:4d:30:50:34:eb:e4:12:
22:c2:ba:04:fd:59:10:d3:09:04:6a:c6:6c:57:b9:5a:eb:c1:
b8:ee:9e:d5:35:82:f2:5d:a3:63:3a:a5:df:73:78:f1:a6:ca:
af:90:5a:a3:08:37:d9:7a:e0:11:0f:ed:64:0c:6a:cd:10:46:
17:ad:82:e8:7c:84:7d:85:43:0b:cc:4c:6e:95:c4:ca:fa:a7:
0b:7c:19:2c:04:88:f8:8b:66:01:b0:d7:fb:f4:4b:8f:cf:85:
ae:df:a7:2c:22:10:41:7d:a4:aa:6f:61:5e:73:c9:b6:4c:a5:
9b:f7:f4:38:38:f1:52:08:d1:14:a2:82:8c:45:d6:67:4d:f3:
fa:ef:da:07:55:c7:07:da:f0:bd:e4:a7:f1:0d:c5:83:b2:5d:
c4:c1:26:dd:45:95:2f:26:51:3a:77:a3:4c:52:47:67:99:5f:
c1:fc:f0:98:20:e9:6e:02:5a:36:6c:9c:92:50:bc:0e:9a:2d:
e6:4c:9b:45:94:f3:ce:68:84:ae:98:19:c7:fc:43:1f:4c:d9:
5c:54:fc:e7
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVyDJAv7oj/L8Iw8Z6wjs08MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxM2UzNzE2MTM5NDY1ZTZhOGNmOWY2YmQ4YjViOGY3NjMz
YWYyMjgwHhcNMjMwMTAyMTAzNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTdlMzgwYTQ5NmZjZGZhN2Y1YWZkY2M5ZjQ3NDE1NTUwNmZjNGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh5aeyArVMfznsx0gPeDXCN8AuX/O
QYAXqMO3tfJyIXzRf0TEV8i24Wg5UkhfEHlKOUSesmS+Fd3Nflr4ZhI8RYozExTu
xFARZXSSFl0NOyOttxJD+SlWrOEhMQzNkx0GJ7S8UZqtAlfP1eTCzUOCAitLZhdI
MdSJ3faanmni7SIDDADwqul99cVRFF89grYbO3JxPC+jS+lb2NdBFBuxQuZIIdP3
gW9n78CurjBjqrlyJirihfIDkZgsYhVMZfVohF4CmUx/uzb7E8Fk1h77G+lRoDtY
ds4IZpNweK5mmwBPHULnt95tHEu2QhsyhVhHZS/6gM5mXLZsiEv4NY6MJQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFG5+OApJb836f1r9zJ9HQVVQb8TiMB8GA1UdIwQY
MBaAFOE+NxYTlGXmqM+fa9i1uPdjOvIoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFQ0M0ZoT1VaZWFvejU5cjJMVzQ5Mk02OGlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9mM2Q0NDYtYWMwNi00OTAyLWE2NDct
ZWYxNTcwYzcyNTk5LzEvYm40NENrbHZ6ZnBfV3YzTW4wZEJWVkJ2eE9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi9mM2Q0NDYtYWMwNi00OTAyLWE2NDctZWYxNTcwYzcyNTk5
LzEvNFQ0M0ZoT1VaZWFvejU5cjJMVzQ5Mk02OGlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDBQIYAwQD
LhGIAwQDhv+4MA0EAgACMAcDBQMqAbMAMA0GCSqGSIb3DQEBCwUAA4IBAQBzdL0I
nlirmiX8bkB87HumrpmlqGaAjAgi2y+wD5OTJ6Ac2/W5fxBq671tTTYCB00wUDTr
5BIiwroE/VkQ0wkEasZsV7la68G47p7VNYLyXaNjOqXfc3jxpsqvkFqjCDfZeuAR
D+1kDGrNEEYXrYLofIR9hUMLzExulcTK+qcLfBksBIj4i2YBsNf79EuPz4Wu36cs
IhBBfaSqb2Fec8m2TKWb9/Q4OPFSCNEUooKMRdZnTfP679oHVccH2vC95KfxDcWD
sl3EwSbdRZUvJlE6d6NMUkdnmV/B/PCYIOluAlo2bJySULwOmi3mTJtFlPPOaISu
mBnH/EMfTNlcVPzn
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:37:08 2025 by rpki-client