Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/cf4ab4-e914-40e1-82df-14dc7ec0495d/1/GEMf6wHuYbJVmOydElj3Y-kp92w.roa
File: GEMf6wHuYbJVmOydElj3Y-kp92w.roa (raw, json)
Hash identifier: UsgGX4twh7JyxiwgxCywQLTxEF0LQwptDygEeQewom8=
Subject key identifier: 18:43:1F:EB:01:EE:61:B2:55:98:EC:9D:12:58:F7:63:E9:29:F7:6C
Certificate issuer: /CN=fcd7a721eda459ebdf98e029f87c90a980e81d94
Certificate serial: 01856DA631E6B19386C3ED18DE825384EFDF
Authority key identifier: FC:D7:A7:21:ED:A4:59:EB:DF:98:E0:29:F8:7C:90:A9:80:E8:1D:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_NenIe2kWevfmOAp-HyQqYDoHZQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/cf4ab4-e914-40e1-82df-14dc7ec0495d/1/GEMf6wHuYbJVmOydElj3Y-kp92w.roa
Signing time: Sun 01 Jan 2023 14:04:46 +0000
ROA not before: Sun 01 Jan 2023 14:04:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 27471
IP address blocks: 46.235.152.0/24 maxlen: 24
46.235.153.0/24 maxlen: 24
46.235.156.0/24 maxlen: 24
46.235.159.0/24 maxlen: 24
46.235.158.0/24 maxlen: 24
46.235.154.0/24 maxlen: 24
185.180.50.0/24 maxlen: 24
185.180.49.0/24 maxlen: 24
185.180.48.0/24 maxlen: 24
185.180.51.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:a6:31:e6:b1:93:86:c3:ed:18:de:82:53:84:ef:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fcd7a721eda459ebdf98e029f87c90a980e81d94
Validity
Not Before: Jan 1 14:04:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=18431feb01ee61b25598ec9d1258f763e929f76c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:05:cf:74:fc:6a:74:3a:fc:c8:c4:97:f6:cd:
a2:1d:7c:e5:70:57:36:55:b0:68:62:a2:f8:c0:b9:
24:88:0a:7f:15:08:e5:a6:d1:29:28:8d:dc:1e:52:
e8:f7:ab:1b:2b:67:35:f2:ba:5b:fd:b1:fc:58:e1:
79:36:03:75:12:8b:78:67:5a:5d:15:03:9c:67:8e:
a7:4c:2b:5f:e3:e5:59:97:18:58:2f:ac:03:0b:4d:
45:1c:63:11:b1:be:46:8f:4d:34:3b:2b:df:99:30:
eb:65:b9:51:50:a9:2b:95:35:eb:81:0d:00:c8:57:
a1:66:fd:58:97:34:3b:ac:3e:36:ea:64:5a:87:c5:
8c:b6:e4:e0:8d:b3:1a:da:e4:7d:d8:73:fd:57:fd:
7e:4f:19:15:e1:e8:49:e0:73:14:0f:0d:91:52:a7:
2d:c5:0f:28:a3:66:18:f1:86:36:9d:8a:d4:42:ba:
78:14:ff:7d:33:93:b1:31:49:95:38:72:06:16:f3:
7a:a6:68:c6:f2:c4:eb:60:ba:8e:fd:13:e6:0e:ba:
a1:68:32:a2:f3:4e:63:ac:94:e6:23:63:0c:26:97:
68:2c:f7:a8:9d:60:7e:1c:a1:dc:01:5a:62:24:dd:
5f:26:80:e3:aa:34:14:50:1e:4f:56:4f:09:c8:0f:
e1:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:43:1F:EB:01:EE:61:B2:55:98:EC:9D:12:58:F7:63:E9:29:F7:6C
X509v3 Authority Key Identifier:
keyid:FC:D7:A7:21:ED:A4:59:EB:DF:98:E0:29:F8:7C:90:A9:80:E8:1D:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_NenIe2kWevfmOAp-HyQqYDoHZQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/cf4ab4-e914-40e1-82df-14dc7ec0495d/1/GEMf6wHuYbJVmOydElj3Y-kp92w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/cf4ab4-e914-40e1-82df-14dc7ec0495d/1/_NenIe2kWevfmOAp-HyQqYDoHZQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.235.152.0-46.235.154.255
46.235.156.0/24
46.235.158.0/23
185.180.48.0/22
Signature Algorithm: sha256WithRSAEncryption
c2:bc:50:72:ee:f8:29:19:b9:fe:f4:5b:2a:25:6d:06:b0:9b:
4b:8d:ab:b4:72:9f:14:10:b9:23:c6:15:6d:ba:91:66:65:c9:
e3:89:b9:8c:53:79:79:00:78:e8:3b:eb:64:c6:1f:88:30:d9:
5a:db:0e:37:1e:a4:60:01:75:86:bc:5f:b6:63:63:e6:fe:9f:
0e:80:4d:af:d1:4f:11:67:21:c2:72:d9:11:5e:a9:01:d9:ba:
9f:02:df:f4:5a:93:2d:ee:a6:c1:3f:99:23:fb:f3:cd:ee:a0:
74:7e:fa:5b:67:55:1b:1b:ed:10:a6:39:45:4f:c5:d0:a3:70:
12:1d:3e:91:13:ac:fe:b8:d7:84:87:bf:90:89:bc:90:f6:6e:
72:94:87:df:9c:b1:5e:eb:9d:ec:3a:19:86:70:1d:d8:2b:c7:
a7:85:83:ce:35:2d:71:3e:32:48:86:68:46:24:08:16:48:c1:
58:66:91:84:cd:45:d8:88:c5:9f:78:c4:f9:0a:82:8c:82:f7:
96:e3:98:d2:c2:ec:bf:f5:b6:0b:a9:1d:f3:49:35:33:d1:e3:
98:a3:f0:e3:eb:89:1d:ce:ab:93:6a:51:a6:a6:ea:39:52:87:
fa:92:5a:44:b2:87:38:87:70:e8:dd:d5:87:a6:13:6e:cf:9d:
22:4f:cf:18
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYVtpjHmsZOGw+0Y3oJThO/fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjZDdhNzIxZWRhNDU5ZWJkZjk4ZTAyOWY4N2M5MGE5ODBl
ODFkOTQwHhcNMjMwMTAxMTQwNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODQzMWZlYjAxZWU2MWIyNTU5OGVjOWQxMjU4Zjc2M2U5MjlmNzZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjAXPdPxqdDr8yMSX9s2iHXzlcFc2
VbBoYqL4wLkkiAp/FQjlptEpKI3cHlLo96sbK2c18rpb/bH8WOF5NgN1Eot4Z1pd
FQOcZ46nTCtf4+VZlxhYL6wDC01FHGMRsb5Gj000OyvfmTDrZblRUKkrlTXrgQ0A
yFehZv1YlzQ7rD426mRah8WMtuTgjbMa2uR92HP9V/1+TxkV4ehJ4HMUDw2RUqct
xQ8oo2YY8YY2nYrUQrp4FP99M5OxMUmVOHIGFvN6pmjG8sTrYLqO/RPmDrqhaDKi
805jrJTmI2MMJpdoLPeonWB+HKHcAVpiJN1fJoDjqjQUUB5PVk8JyA/h+wIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFBhDH+sB7mGyVZjsnRJY92PpKfdsMB8GA1UdIwQY
MBaAFPzXpyHtpFnr35jgKfh8kKmA6B2UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX05lbkllMmtXZXZmbU9BcC1IeVFxWURvSFpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS9jZjRhYjQtZTkxNC00MGUxLTgyZGYt
MTRkYzdlYzA0OTVkLzEvR0VNZjZ3SHVZYkpWbU95ZEVsajNZLWtwOTJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS9jZjRhYjQtZTkxNC00MGUxLTgyZGYtMTRkYzdlYzA0OTVk
LzEvX05lbkllMmtXZXZmbU9BcC1IeVFxWURvSFpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBAMu65gD
BAAu65oDBAAu65wDBAEu654DBAK5tDAwDQYJKoZIhvcNAQELBQADggEBAMK8UHLu
+CkZuf70WyolbQawm0uNq7RynxQQuSPGFW26kWZlyeOJuYxTeXkAeOg762TGH4gw
2VrbDjcepGABdYa8X7ZjY+b+nw6ATa/RTxFnIcJy2RFeqQHZup8C3/Raky3upsE/
mSP7883uoHR++ltnVRsb7RCmOUVPxdCjcBIdPpETrP6414SHv5CJvJD2bnKUh9+c
sV7rnew6GYZwHdgrx6eFg841LXE+MkiGaEYkCBZIwVhmkYTNRdiIxZ94xPkKgoyC
95bjmNLC7L/1tgupHfNJNTPR45ij8OPriR3Oq5NqUaam6jlSh/qSWkSyhziHcOjd
1YemE27PnSJPzxg=
-----END CERTIFICATE-----
Generated at Sun Apr 27 23:58:41 2025 by rpki-client