Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/MANcghEWFDhI3AMxcPyrXsBpeXU.roa
File: MANcghEWFDhI3AMxcPyrXsBpeXU.roa (raw, json)
Hash identifier: A0bm1Jlde5WYuGMlEU9GkoyqkIHo+7XCM+wAqc1fAPI=
Subject key identifier: 30:03:5C:82:11:16:14:38:48:DC:03:31:70:FC:AB:5E:C0:69:79:75
Certificate issuer: /CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
Certificate serial: 0189ACF3839DBBF80FA05346CBB860163D44
Authority key identifier: 4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/MANcghEWFDhI3AMxcPyrXsBpeXU.roa
Signing time: Mon 31 Jul 2023 17:16:27 +0000
ROA not before: Mon 31 Jul 2023 17:16:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197100
IP address blocks: 46.34.38.0/24 maxlen: 24
46.34.37.0/24 maxlen: 24
46.34.36.0/24 maxlen: 24
46.34.32.0/22 maxlen: 22
46.34.40.0/24 maxlen: 24
46.34.45.0/24 maxlen: 24
46.34.63.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:ac:f3:83:9d:bb:f8:0f:a0:53:46:cb:b8:60:16:3d:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
Validity
Not Before: Jul 31 17:16:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=30035c821116143848dc033170fcab5ec0697975
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:23:c8:4d:c4:5e:b9:3d:ad:bf:77:26:9c:5c:
b0:87:40:8f:90:ae:4d:5e:b9:47:b6:92:50:af:b8:
2b:5e:39:e9:de:84:c5:8e:29:51:f7:b0:4c:43:82:
ba:2c:a4:a3:9d:e8:49:c0:71:e7:19:b1:b6:f6:ea:
ea:3f:2f:08:4b:4c:22:7b:e1:fa:2e:b6:12:0b:71:
44:72:ae:90:85:54:93:36:77:2d:6f:e0:a3:5f:15:
1b:39:08:d2:d7:0a:4b:ec:e7:bb:eb:c6:10:18:17:
81:b3:c7:f5:e2:fb:a1:61:be:26:9a:7b:56:bc:86:
2c:ad:5e:81:13:4b:42:81:50:c5:0c:e8:b9:be:fb:
e4:0e:04:b3:ae:77:8d:9e:92:e4:79:b3:57:fe:cb:
a0:47:41:ca:1d:d6:5d:ee:fd:e4:ca:02:cc:21:03:
99:81:88:47:d0:53:d2:11:b8:37:5c:81:24:5b:98:
2f:34:f3:bf:1b:a5:56:d4:bb:f2:29:78:26:9d:82:
0c:30:8b:7c:cc:d1:d5:97:c3:66:18:c1:79:3f:0c:
b0:a7:02:fa:7e:f0:74:e0:c3:41:9f:d2:51:dd:a4:
56:0c:7d:70:6b:ae:20:3d:42:f0:ff:a9:46:0c:88:
a0:df:5e:b4:ed:32:e1:1e:c6:6a:71:12:63:a2:e9:
86:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:03:5C:82:11:16:14:38:48:DC:03:31:70:FC:AB:5E:C0:69:79:75
X509v3 Authority Key Identifier:
keyid:4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/MANcghEWFDhI3AMxcPyrXsBpeXU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/Skcc1s5gq-3XR2KxAapeb0IH784.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.34.32.0-46.34.38.255
46.34.40.0/24
46.34.45.0/24
46.34.63.0/24
Signature Algorithm: sha256WithRSAEncryption
69:8a:0b:a8:f7:1d:e9:d9:78:ed:f8:5c:b5:fd:6f:99:c9:ae:
81:8a:c2:df:7a:90:c9:a5:82:43:5c:d4:6d:5a:a1:da:5f:23:
ef:01:f9:44:61:b8:28:62:65:49:43:4d:a3:ca:d1:5c:82:00:
0d:a7:b4:e7:35:a6:f4:03:17:d0:2d:8f:62:7b:f5:11:04:e4:
1d:08:d4:54:41:33:6d:41:70:d9:14:9a:e1:ea:e2:38:ab:10:
39:29:ad:70:88:a8:92:86:bc:fd:ff:ce:c5:2b:18:ef:81:57:
b8:53:a9:05:86:88:fb:78:42:6c:d0:d9:c8:bc:e9:23:dd:e9:
d2:16:3f:c4:b0:3e:16:3b:48:62:59:6f:c5:a9:c8:a0:81:30:
91:fd:2a:84:c6:51:96:0c:58:aa:9e:57:c8:ab:06:3e:d8:f9:
50:d8:30:45:c2:42:fd:5c:fe:f0:11:93:04:e3:84:90:c8:b5:
e9:1a:62:e7:f4:f8:47:e5:e7:8e:d2:d1:3d:f0:21:b3:f2:22:
16:77:2c:bc:b3:fd:9c:a8:d3:85:13:2e:a3:48:a3:73:ca:12:
32:f1:1d:d0:38:7d:14:29:8f:da:df:dc:de:dc:34:d4:89:68:
b1:56:98:ac:74:a5:3d:c7:76:18:59:a9:fb:a6:82:73:6c:05:
b2:46:f5:0a
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYms84Odu/gPoFNGy7hgFj1EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNDcxY2Q2Y2U2MGFiZWRkNzQ3NjJiMTAxYWE1ZTZmNDIw
N2VmY2UwHhcNMjMwNzMxMTcxNjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDAzNWM4MjExMTYxNDM4NDhkYzAzMzE3MGZjYWI1ZWMwNjk3OTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnyPITcReuT2tv3cmnFywh0CPkK5N
XrlHtpJQr7grXjnp3oTFjilR97BMQ4K6LKSjnehJwHHnGbG29urqPy8IS0wie+H6
LrYSC3FEcq6QhVSTNnctb+CjXxUbOQjS1wpL7Oe768YQGBeBs8f14vuhYb4mmntW
vIYsrV6BE0tCgVDFDOi5vvvkDgSzrneNnpLkebNX/sugR0HKHdZd7v3kygLMIQOZ
gYhH0FPSEbg3XIEkW5gvNPO/G6VW1LvyKXgmnYIMMIt8zNHVl8NmGMF5PwywpwL6
fvB04MNBn9JR3aRWDH1wa64gPULw/6lGDIig31607TLhHsZqcRJjoumGqwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFDADXIIRFhQ4SNwDMXD8q17AaXl1MB8GA1UdIwQY
MBaAFEpHHNbOYKvt10disQGqXm9CB+/OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2tjYzFzNWdxLTNYUjJLeEFhcGViMElINzg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9lMTc3MTQtNDY3Yi00NDMzLTliN2Qt
YTZiOTkxZjRmYWY4LzEvTUFOY2doRVdGRGhJM0FNeGNQeXJYc0JwZVhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS9lMTc3MTQtNDY3Yi00NDMzLTliN2QtYTZiOTkxZjRmYWY4
LzEvU2tjYzFzNWdxLTNYUjJLeEFhcGViMElINzg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBAUuIiAD
BAAuIiYDBAAuIigDBAAuIi0DBAAuIj8wDQYJKoZIhvcNAQELBQADggEBAGmKC6j3
HenZeO34XLX9b5nJroGKwt96kMmlgkNc1G1aodpfI+8B+URhuChiZUlDTaPK0VyC
AA2ntOc1pvQDF9Atj2J79REE5B0I1FRBM21BcNkUmuHq4jirEDkprXCIqJKGvP3/
zsUrGO+BV7hTqQWGiPt4QmzQ2ci86SPd6dIWP8SwPhY7SGJZb8WpyKCBMJH9KoTG
UZYMWKqeV8irBj7Y+VDYMEXCQv1c/vARkwTjhJDItekaYuf0+Efl547S0T3wIbPy
IhZ3LLyz/Zyo04UTLqNIo3PKEjLxHdA4fRQpj9rf3N7cNNSJaLFWmKx0pT3HdhhZ
qfumgnNsBbJG9Qo=
-----END CERTIFICATE-----
Generated at Mon Jun 16 08:45:16 2025 by rpki-client