Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/06444c-9d9b-4c6b-950b-79c8987a8b1c/1/Lu07Fl8GfqiRYXbwJOy9CcetmfM.roa
File: Lu07Fl8GfqiRYXbwJOy9CcetmfM.roa (raw, json)
Hash identifier: etK8vMg9ZkO8SC1jrNn9/IzEtNFJilmwkn/OkmRmNkg=
Subject key identifier: 2E:ED:3B:16:5F:06:7E:A8:91:61:76:F0:24:EC:BD:09:C7:AD:99:F3
Certificate issuer: /CN=5a43e9e267956e7f262c17f0089f0f60ba7abefb
Certificate serial: 018BB42A11238C4A0A00890BCD7384FD0CEF
Authority key identifier: 5A:43:E9:E2:67:95:6E:7F:26:2C:17:F0:08:9F:0F:60:BA:7A:BE:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WkPp4meVbn8mLBfwCJ8PYLp6vvs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/06444c-9d9b-4c6b-950b-79c8987a8b1c/1/Lu07Fl8GfqiRYXbwJOy9CcetmfM.roa
Signing time: Thu 09 Nov 2023 12:58:57 +0000
ROA not before: Thu 09 Nov 2023 12:58:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201771
IP address blocks: 46.49.128.0/24 maxlen: 24
46.49.133.0/24 maxlen: 24
46.49.154.0/24 maxlen: 24
2a02:df1::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:b4:2a:11:23:8c:4a:0a:00:89:0b:cd:73:84:fd:0c:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a43e9e267956e7f262c17f0089f0f60ba7abefb
Validity
Not Before: Nov 9 12:58:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2eed3b165f067ea8916176f024ecbd09c7ad99f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:27:9a:1e:75:35:db:77:d2:af:cd:8e:6e:2e:
54:a6:84:6a:07:2e:ac:17:1e:72:70:c5:4b:b8:0c:
29:1c:1f:9b:a1:61:0f:01:75:9d:a1:05:fc:a9:8b:
7a:7d:47:6e:8b:9a:27:5d:95:07:ec:b3:82:57:97:
49:e4:21:10:eb:99:6b:54:1e:2b:74:c2:5d:da:e1:
2d:d5:72:14:82:34:a8:f4:3c:b6:3c:19:25:c1:4e:
f5:6f:08:70:47:36:dd:82:a2:1c:a0:d8:82:2c:66:
d3:68:c7:39:1a:46:a2:b7:46:dd:ad:e6:90:f8:84:
59:60:c4:a7:2a:cf:11:92:d7:df:85:3a:09:a7:38:
34:62:d6:f9:c2:92:b8:36:8a:d2:05:50:56:8d:12:
49:0f:82:af:6b:87:0c:61:81:4e:fd:aa:ba:43:c5:
01:f7:79:64:b8:57:0b:55:f7:5b:b0:2d:99:59:4e:
04:d0:18:8a:c4:58:3e:42:40:03:d9:25:d3:ed:81:
19:e8:00:9a:08:b6:b9:c3:18:86:de:3e:ba:f2:b2:
b0:38:09:db:1e:f8:4e:ef:56:73:6e:95:b6:0a:8b:
86:27:79:b2:46:c0:2a:8a:d3:5a:0d:55:e3:26:b2:
81:b5:89:c9:39:15:01:65:0a:dc:b8:44:b6:69:ec:
70:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:ED:3B:16:5F:06:7E:A8:91:61:76:F0:24:EC:BD:09:C7:AD:99:F3
X509v3 Authority Key Identifier:
keyid:5A:43:E9:E2:67:95:6E:7F:26:2C:17:F0:08:9F:0F:60:BA:7A:BE:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WkPp4meVbn8mLBfwCJ8PYLp6vvs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/06444c-9d9b-4c6b-950b-79c8987a8b1c/1/Lu07Fl8GfqiRYXbwJOy9CcetmfM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/06444c-9d9b-4c6b-950b-79c8987a8b1c/1/WkPp4meVbn8mLBfwCJ8PYLp6vvs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.49.128.0/24
46.49.133.0/24
46.49.154.0/24
IPv6:
2a02:df1::/32
Signature Algorithm: sha256WithRSAEncryption
85:f7:50:d5:aa:a9:57:e0:f1:78:e1:8b:d6:9e:d9:28:9e:1e:
8f:d5:9e:d3:6c:f1:e2:36:d3:67:20:07:a2:44:8b:d0:7d:6d:
a2:c0:12:cd:b2:6e:58:96:cd:e9:01:0d:e6:9c:94:57:8f:80:
cd:a7:69:d1:3c:ba:88:de:4a:b4:c3:e4:e5:37:68:f3:dc:a3:
02:d4:2b:f0:25:81:5d:31:77:d4:a1:5c:f6:aa:71:40:01:83:
81:c3:03:4d:9a:b6:4f:5a:9f:6f:55:71:a7:a2:02:fe:33:38:
5d:5f:4c:2b:08:fd:5b:7e:6a:2d:c2:93:15:49:bb:d3:99:06:
b9:5c:38:43:11:9e:6b:d0:21:04:29:12:87:d0:ba:46:77:1a:
f2:1c:6c:f1:7d:b9:79:cb:9f:8a:34:0b:45:2a:84:69:06:62:
83:44:61:79:36:84:04:ee:50:a7:a3:70:b6:04:f6:c3:85:23:
43:32:6e:00:2a:81:1a:f9:54:54:d7:f9:4e:8a:0d:09:53:2e:
5e:ea:ce:7e:de:a8:c8:9f:47:ab:2b:e2:ad:68:a8:53:58:18:
60:80:33:da:1a:59:67:d0:10:13:60:d8:dc:0c:16:7b:78:a8:
c8:0d:62:f2:1c:70:62:81:7d:00:40:7f:70:8b:55:37:eb:a4:
59:7c:22:5c
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYu0KhEjjEoKAIkLzXOE/QzvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhNDNlOWUyNjc5NTZlN2YyNjJjMTdmMDA4OWYwZjYwYmE3
YWJlZmIwHhcNMjMxMTA5MTI1ODU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZWVkM2IxNjVmMDY3ZWE4OTE2MTc2ZjAyNGVjYmQwOWM3YWQ5OWYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApyeaHnU123fSr82Obi5UpoRqBy6s
Fx5ycMVLuAwpHB+boWEPAXWdoQX8qYt6fUdui5onXZUH7LOCV5dJ5CEQ65lrVB4r
dMJd2uEt1XIUgjSo9Dy2PBklwU71bwhwRzbdgqIcoNiCLGbTaMc5Gkait0bdreaQ
+IRZYMSnKs8RktffhToJpzg0Ytb5wpK4NorSBVBWjRJJD4Kva4cMYYFO/aq6Q8UB
93lkuFcLVfdbsC2ZWU4E0BiKxFg+QkAD2SXT7YEZ6ACaCLa5wxiG3j668rKwOAnb
HvhO71ZzbpW2CouGJ3myRsAqitNaDVXjJrKBtYnJORUBZQrcuES2aexw6QIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFC7tOxZfBn6okWF28CTsvQnHrZnzMB8GA1UdIwQY
MBaAFFpD6eJnlW5/JiwX8AifD2C6er77MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2tQcDRtZVZibjhtTEJmd0NKOFBZTHA2dnZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC8wNjQ0NGMtOWQ5Yi00YzZiLTk1MGIt
NzljODk4N2E4YjFjLzEvTHUwN0ZsOEdmcWlSWVhid0pPeTlDY2V0bWZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC8wNjQ0NGMtOWQ5Yi00YzZiLTk1MGItNzljODk4N2E4YjFj
LzEvV2tQcDRtZVZibjhtTEJmd0NKOFBZTHA2dnZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQALjGAAwQA
LjGFAwQALjGaMA0EAgACMAcDBQAqAg3xMA0GCSqGSIb3DQEBCwUAA4IBAQCF91DV
qqlX4PF44YvWntkonh6P1Z7TbPHiNtNnIAeiRIvQfW2iwBLNsm5Yls3pAQ3mnJRX
j4DNp2nRPLqI3kq0w+TlN2jz3KMC1CvwJYFdMXfUoVz2qnFAAYOBwwNNmrZPWp9v
VXGnogL+MzhdX0wrCP1bfmotwpMVSbvTmQa5XDhDEZ5r0CEEKRKH0LpGdxryHGzx
fbl5y5+KNAtFKoRpBmKDRGF5NoQE7lCno3C2BPbDhSNDMm4AKoEa+VRU1/lOig0J
Uy5e6s5+3qjIn0erK+KtaKhTWBhggDPaGlln0BATYNjcDBZ7eKjIDWLyHHBigX0A
QH9wi1U366RZfCJc
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:20:55 2025 by rpki-client