Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/c3069e-5ffc-4c8c-91dc-31d197f139d8/1/5i8-D_GUasDbakeFiG9E7hveCJE.roa
File: 5i8-D_GUasDbakeFiG9E7hveCJE.roa (raw, json)
Hash identifier: XA7a7xEtpSJTZUdTj9zSwoOOTdduWSnIEbPtdpmtCQY=
Subject key identifier: E6:2F:3E:0F:F1:94:6A:C0:DB:6A:47:85:88:6F:44:EE:1B:DE:08:91
Certificate issuer: /CN=e875464e89816ef00b0369502018a7e59ce2d36c
Certificate serial: 0185C03A3C0B5B3D4D4F3D44C0A91740C0AE
Authority key identifier: E8:75:46:4E:89:81:6E:F0:0B:03:69:50:20:18:A7:E5:9C:E2:D3:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6HVGTomBbvALA2lQIBin5Zzi02w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/c3069e-5ffc-4c8c-91dc-31d197f139d8/1/5i8-D_GUasDbakeFiG9E7hveCJE.roa
Signing time: Tue 17 Jan 2023 14:55:19 +0000
ROA not before: Tue 17 Jan 2023 14:55:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29470
IP address blocks: 46.46.160.0/20 maxlen: 20
46.46.176.0/21 maxlen: 21
46.46.184.0/22 maxlen: 22
46.46.128.0/19 maxlen: 19
46.46.128.0/18 maxlen: 18
2a02:24b0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:c0:3a:3c:0b:5b:3d:4d:4f:3d:44:c0:a9:17:40:c0:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e875464e89816ef00b0369502018a7e59ce2d36c
Validity
Not Before: Jan 17 14:55:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e62f3e0ff1946ac0db6a4785886f44ee1bde0891
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:c7:5e:76:a2:3f:20:cb:68:d8:c0:5c:4a:a4:
cb:93:1f:0b:52:b8:05:9b:55:8a:06:8a:5e:a7:d2:
0c:11:d9:03:f8:12:27:06:ad:e7:a5:23:28:5b:c7:
41:11:fc:2b:22:0a:17:cc:24:ad:9a:4a:31:5c:70:
ad:56:2c:4e:17:f9:77:a0:be:07:47:52:23:8a:cd:
19:cb:b5:f2:a3:2c:0d:25:53:1e:36:d0:be:56:9c:
69:bb:fe:ce:ad:c1:3a:af:f1:22:44:8c:72:f4:c4:
25:b0:40:28:88:4a:ed:50:6c:88:da:87:1a:d4:5c:
81:55:61:34:2e:29:7e:eb:8f:a7:c6:89:73:73:c7:
76:26:e5:78:c8:47:a7:65:c0:08:29:ab:42:f1:da:
c4:e8:2c:c0:39:31:a1:c4:2f:8a:e0:15:c4:62:c1:
25:ac:65:b2:68:7a:91:86:01:35:e1:cd:9e:9f:5f:
b8:ef:a4:8e:9d:0b:8c:23:72:06:0c:8d:f8:a6:e3:
e9:f6:93:24:57:6d:3c:19:54:aa:b6:32:d2:74:83:
5d:d5:c5:45:41:ea:ca:27:10:4a:87:01:82:7f:f8:
6d:fc:a1:37:24:34:f1:0f:90:12:4f:0a:16:31:67:
6d:c6:ab:6c:23:3d:8d:32:41:b5:5c:a3:fc:de:93:
80:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:2F:3E:0F:F1:94:6A:C0:DB:6A:47:85:88:6F:44:EE:1B:DE:08:91
X509v3 Authority Key Identifier:
keyid:E8:75:46:4E:89:81:6E:F0:0B:03:69:50:20:18:A7:E5:9C:E2:D3:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6HVGTomBbvALA2lQIBin5Zzi02w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/c3069e-5ffc-4c8c-91dc-31d197f139d8/1/5i8-D_GUasDbakeFiG9E7hveCJE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/c3069e-5ffc-4c8c-91dc-31d197f139d8/1/6HVGTomBbvALA2lQIBin5Zzi02w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.46.128.0/18
IPv6:
2a02:24b0::/32
Signature Algorithm: sha256WithRSAEncryption
7d:c0:f0:ab:72:b8:6f:2d:30:cf:4a:92:85:13:fd:3f:21:4b:
25:8b:e1:7c:06:41:a7:01:eb:08:a9:b9:63:8a:42:24:08:d4:
dc:44:1b:e9:c6:2e:af:bb:f2:e5:9a:b1:43:4a:cb:6b:7f:2e:
49:b8:b0:7f:04:96:17:d2:57:cd:ee:fb:b6:54:87:05:36:3e:
8e:e0:4b:c7:9b:78:52:30:48:66:46:20:d9:92:38:9d:e5:08:
26:f0:b8:5e:31:66:9a:d7:fd:2d:8c:08:81:55:9f:4f:7a:ad:
93:c4:e7:25:bc:e9:0a:a3:90:6e:2d:cf:fd:21:3c:55:b4:00:
ee:44:f9:f2:45:35:49:b0:8b:23:f4:c7:28:aa:a0:af:62:d4:
af:ef:7e:ff:2f:0d:d1:50:68:dd:39:96:7a:8d:07:7d:29:1d:
ce:ef:2b:da:5f:8e:a6:c9:b6:b4:37:8e:02:b9:93:cb:7c:08:
eb:a8:03:db:1c:6d:de:b9:64:55:24:40:1f:cb:10:6f:36:07:
d4:4b:ce:00:79:36:e8:f2:9b:6c:d7:ae:82:82:6b:f9:ef:e8:
84:36:2c:7e:eb:22:a5:23:b0:17:b9:3c:b7:55:29:7f:5a:9b:
6c:84:92:e6:6e:37:ea:58:5e:96:a8:55:1e:24:e6:d6:7b:5e:
74:69:5b:48
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYXAOjwLWz1NTz1EwKkXQMCuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4NzU0NjRlODk4MTZlZjAwYjAzNjk1MDIwMThhN2U1OWNl
MmQzNmMwHhcNMjMwMTE3MTQ1NTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjJmM2UwZmYxOTQ2YWMwZGI2YTQ3ODU4ODZmNDRlZTFiZGUwODkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk8dedqI/IMto2MBcSqTLkx8LUrgF
m1WKBopep9IMEdkD+BInBq3npSMoW8dBEfwrIgoXzCStmkoxXHCtVixOF/l3oL4H
R1Ijis0Zy7XyoywNJVMeNtC+Vpxpu/7OrcE6r/EiRIxy9MQlsEAoiErtUGyI2oca
1FyBVWE0Lil+64+nxolzc8d2JuV4yEenZcAIKatC8drE6CzAOTGhxC+K4BXEYsEl
rGWyaHqRhgE14c2en1+476SOnQuMI3IGDI34puPp9pMkV208GVSqtjLSdINd1cVF
QerKJxBKhwGCf/ht/KE3JDTxD5ASTwoWMWdtxqtsIz2NMkG1XKP83pOAnQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOYvPg/xlGrA22pHhYhvRO4b3giRMB8GA1UdIwQY
MBaAFOh1Rk6JgW7wCwNpUCAYp+Wc4tNsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkhWR1RvbUJidkFMQTJsUUlCaW41WnppMDJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy9jMzA2OWUtNWZmYy00YzhjLTkxZGMt
MzFkMTk3ZjEzOWQ4LzEvNWk4LURfR1Vhc0RiYWtlRmlHOUU3aHZlQ0pFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy9jMzA2OWUtNWZmYy00YzhjLTkxZGMtMzFkMTk3ZjEzOWQ4
LzEvNkhWR1RvbUJidkFMQTJsUUlCaW41WnppMDJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQGLi6AMA0E
AgACMAcDBQAqAiSwMA0GCSqGSIb3DQEBCwUAA4IBAQB9wPCrcrhvLTDPSpKFE/0/
IUsli+F8BkGnAesIqbljikIkCNTcRBvpxi6vu/LlmrFDSstrfy5JuLB/BJYX0lfN
7vu2VIcFNj6O4EvHm3hSMEhmRiDZkjid5Qgm8LheMWaa1/0tjAiBVZ9Peq2TxOcl
vOkKo5BuLc/9ITxVtADuRPnyRTVJsIsj9McoqqCvYtSv737/Lw3RUGjdOZZ6jQd9
KR3O7yvaX46myba0N44CuZPLfAjrqAPbHG3euWRVJEAfyxBvNgfUS84AeTbo8pts
166Cgmv57+iENix+6yKlI7AXuTy3VSl/WptshJLmbjfqWF6WqFUeJObWe150aVtI
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:15:12 2025 by rpki-client