Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/b6c1D7VgMWJ3VEgetIda938Dj3s.roa
File: b6c1D7VgMWJ3VEgetIda938Dj3s.roa (raw, json)
Hash identifier: NaMQUp1hHStGwDJJYjRPjNrzn7cZr0ufLEmc+CqCWkA=
Subject key identifier: 6F:A7:35:0F:B5:60:31:62:77:54:48:1E:B4:87:5A:F7:7F:03:8F:7B
Certificate issuer: /CN=8d11cb015df9baab61228dbbce17dd4e00e63c13
Certificate serial: 01874709C22595AC46942B87A2351A18BF59
Authority key identifier: 8D:11:CB:01:5D:F9:BA:AB:61:22:8D:BB:CE:17:DD:4E:00:E6:3C:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jRHLAV35uqthIo27zhfdTgDmPBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/b6c1D7VgMWJ3VEgetIda938Dj3s.roa
Signing time: Mon 03 Apr 2023 12:13:54 +0000
ROA not before: Mon 03 Apr 2023 12:13:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 138687
IP address blocks: 158.46.207.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:47:09:c2:25:95:ac:46:94:2b:87:a2:35:1a:18:bf:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d11cb015df9baab61228dbbce17dd4e00e63c13
Validity
Not Before: Apr 3 12:13:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6fa7350fb56031627754481eb4875af77f038f7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:4a:91:4c:4d:ce:e1:b8:bf:69:23:a3:9a:28:
c8:db:02:95:e2:ef:6e:8b:e5:0c:35:45:02:08:4d:
2c:af:ea:99:5b:c0:ef:49:a0:3f:7c:9d:85:29:7c:
6b:a1:56:8f:21:34:c5:a6:31:ad:25:9b:be:7d:a4:
98:d1:44:9a:a9:50:09:59:30:5d:d0:02:05:69:b6:
6d:48:3f:c1:3e:c7:6a:de:1b:49:8b:8e:3c:94:99:
ed:98:ef:b6:1b:b8:fa:db:19:de:d3:ec:04:9b:e4:
2d:5e:5b:c5:a4:06:29:c5:2a:b0:ff:7f:a5:4a:e5:
75:88:d3:a7:1d:ee:29:f0:83:3c:8d:78:d4:59:84:
b4:99:af:e7:c2:11:4c:b0:c6:2b:49:3b:f4:79:4d:
d7:30:ca:86:5e:a8:6e:09:59:31:e0:a3:0b:b2:94:
b1:f1:cd:36:fa:c5:13:d0:9a:7a:48:ab:08:bd:8c:
03:fb:01:5d:ac:af:ca:dd:1f:5e:d9:13:cb:9f:6c:
81:48:65:d5:59:2b:87:9d:c9:34:f7:79:eb:17:95:
d3:73:24:ab:35:5c:4e:d7:c1:f1:eb:01:fc:31:67:
f6:78:6d:bc:ef:d2:ae:80:94:53:dd:57:4b:a4:0d:
c6:bf:02:a5:cc:04:b7:fc:c9:be:d6:42:fb:31:06:
b3:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:A7:35:0F:B5:60:31:62:77:54:48:1E:B4:87:5A:F7:7F:03:8F:7B
X509v3 Authority Key Identifier:
keyid:8D:11:CB:01:5D:F9:BA:AB:61:22:8D:BB:CE:17:DD:4E:00:E6:3C:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRHLAV35uqthIo27zhfdTgDmPBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/b6c1D7VgMWJ3VEgetIda938Dj3s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/jRHLAV35uqthIo27zhfdTgDmPBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.46.207.0/24
Signature Algorithm: sha256WithRSAEncryption
40:5f:54:5c:86:5c:30:e0:a6:e0:e3:7d:4f:19:cf:53:69:c1:
df:d7:a1:d5:34:90:5b:a5:51:e5:85:d8:be:c2:55:50:d9:94:
eb:b6:fc:97:d7:f3:48:5b:14:c2:4f:89:40:2d:30:6f:0d:9c:
45:71:9b:d7:6e:83:eb:d1:48:0c:38:e9:98:37:11:7e:ee:a8:
fe:7e:32:e1:28:1a:bf:2e:1c:b6:df:cd:d1:2a:5b:fd:a1:73:
34:6e:b8:88:f0:e3:60:8d:fb:24:3c:ea:93:e6:9b:1d:03:c4:
b0:1c:aa:4a:98:f4:28:5d:16:94:eb:08:a1:e9:5e:71:19:16:
57:93:1f:90:82:c3:85:20:79:21:38:58:4a:cb:6e:5c:9c:b1:
c7:0a:75:fb:78:2b:3e:92:7c:e1:d2:59:b5:fc:ae:88:bc:85:
00:06:85:ec:65:8a:57:ef:a7:96:ad:4b:fc:88:0f:4f:53:d1:
82:8d:76:aa:ac:8f:96:1e:e1:13:f1:5e:6d:ca:68:9f:4a:5d:
67:dc:83:aa:b8:7d:99:97:24:ee:48:9a:87:6b:d9:99:14:29:
32:a9:e9:75:bc:8c:bc:19:a1:0b:fb:66:1a:6c:e9:1e:b6:3d:
18:66:66:70:70:ce:7c:2c:e2:26:43:25:08:c3:43:cb:58:ee:
b9:37:a1:b0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYdHCcIllaxGlCuHojUaGL9ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMTFjYjAxNWRmOWJhYWI2MTIyOGRiYmNlMTdkZDRlMDBl
NjNjMTMwHhcNMjMwNDAzMTIxMzU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmE3MzUwZmI1NjAzMTYyNzc1NDQ4MWViNDg3NWFmNzdmMDM4ZjdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1EqRTE3O4bi/aSOjmijI2wKV4u9u
i+UMNUUCCE0sr+qZW8DvSaA/fJ2FKXxroVaPITTFpjGtJZu+faSY0USaqVAJWTBd
0AIFabZtSD/BPsdq3htJi448lJntmO+2G7j62xne0+wEm+QtXlvFpAYpxSqw/3+l
SuV1iNOnHe4p8IM8jXjUWYS0ma/nwhFMsMYrSTv0eU3XMMqGXqhuCVkx4KMLspSx
8c02+sUT0Jp6SKsIvYwD+wFdrK/K3R9e2RPLn2yBSGXVWSuHnck093nrF5XTcySr
NVxO18Hx6wH8MWf2eG2879KugJRT3VdLpA3GvwKlzAS3/Mm+1kL7MQaz5QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG+nNQ+1YDFid1RIHrSHWvd/A497MB8GA1UdIwQY
MBaAFI0RywFd+bqrYSKNu84X3U4A5jwTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJITEFWMzV1cXRoSW8yN3poZmRUZ0RtUEJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni81ZDg5MTUtYzQ0OC00MGU3LThjYWEt
YmE3NzFmZmQyNjljLzEvYjZjMUQ3VmdNV0ozVkVnZXRJZGE5MzhEajNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni81ZDg5MTUtYzQ0OC00MGU3LThjYWEtYmE3NzFmZmQyNjlj
LzEvalJITEFWMzV1cXRoSW8yN3poZmRUZ0RtUEJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAni7PMA0G
CSqGSIb3DQEBCwUAA4IBAQBAX1Rchlww4Kbg431PGc9TacHf16HVNJBbpVHlhdi+
wlVQ2ZTrtvyX1/NIWxTCT4lALTBvDZxFcZvXboPr0UgMOOmYNxF+7qj+fjLhKBq/
Lhy2383RKlv9oXM0briI8ONgjfskPOqT5psdA8SwHKpKmPQoXRaU6wih6V5xGRZX
kx+QgsOFIHkhOFhKy25cnLHHCnX7eCs+knzh0lm1/K6IvIUABoXsZYpX76eWrUv8
iA9PU9GCjXaqrI+WHuET8V5tymifSl1n3IOquH2ZlyTuSJqHa9mZFCkyqel1vIy8
GaEL+2YabOketj0YZmZwcM58LOImQyUIw0PLWO65N6Gw
-----END CERTIFICATE-----
Generated at Sat Jun 14 11:48:01 2025 by rpki-client