Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/06444c-9d9b-4c6b-950b-79c8987a8b1c/1/rX_l9H4aKzwl0ixz_p6jCnl6WHo.roa
File: rX_l9H4aKzwl0ixz_p6jCnl6WHo.roa (raw, json)
Hash identifier: jbk5OngD9jdhAlGXU9ghCHHOY9dRbFmQmic0UTEJSa0=
Subject key identifier: AD:7F:E5:F4:7E:1A:2B:3C:25:D2:2C:73:FE:9E:A3:0A:79:7A:58:7A
Certificate issuer: /CN=5a43e9e267956e7f262c17f0089f0f60ba7abefb
Certificate serial: 018BC30355B44F24C9CBCA23DFB6C5AF732F
Authority key identifier: 5A:43:E9:E2:67:95:6E:7F:26:2C:17:F0:08:9F:0F:60:BA:7A:BE:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WkPp4meVbn8mLBfwCJ8PYLp6vvs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/06444c-9d9b-4c6b-950b-79c8987a8b1c/1/rX_l9H4aKzwl0ixz_p6jCnl6WHo.roa
Signing time: Sun 12 Nov 2023 10:10:57 +0000
ROA not before: Sun 12 Nov 2023 10:10:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201771
IP address blocks: 46.49.128.0/24 maxlen: 24
46.49.133.0/24 maxlen: 24
95.177.150.0/24 maxlen: 24
46.49.154.0/24 maxlen: 24
2a02:df1::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:c3:03:55:b4:4f:24:c9:cb:ca:23:df:b6:c5:af:73:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a43e9e267956e7f262c17f0089f0f60ba7abefb
Validity
Not Before: Nov 12 10:10:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ad7fe5f47e1a2b3c25d22c73fe9ea30a797a587a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:94:19:90:8b:2d:97:ac:1d:a6:73:0f:60:aa:
40:9f:85:75:56:8c:be:ae:be:af:48:bd:c2:b1:d1:
3d:92:ed:7c:ff:e8:b3:ce:1f:1f:e5:8f:55:1b:be:
31:83:79:7b:2b:6f:dc:4f:8b:48:ec:6a:8c:5b:bf:
de:5e:fc:25:0b:0f:15:65:8b:b3:a9:87:89:87:65:
4c:2e:15:e1:0b:b4:29:45:95:6b:f0:de:ed:0e:13:
f5:d4:35:89:e5:0b:4f:c1:83:4d:4c:28:c0:fc:48:
dd:87:e3:77:22:db:d7:a0:ef:69:aa:7a:d1:e2:f3:
39:de:84:2e:1a:c3:ea:65:50:ed:df:fe:4e:52:9f:
aa:2e:cd:24:b3:86:88:91:86:51:4c:02:5f:35:e7:
d7:09:c1:be:8e:fb:36:8e:01:ab:51:9d:cf:e2:c2:
ee:0f:55:61:ed:0f:f7:75:8f:3c:24:d2:fa:9e:50:
f5:cc:11:ef:f3:58:66:6b:ca:ab:a3:b6:5d:fd:8d:
6f:07:af:89:db:eb:37:e9:2d:75:d7:b1:7b:05:ae:
f1:2d:95:d5:50:12:a6:bf:68:37:e0:d0:fc:9c:9a:
b6:0d:12:44:d3:13:e2:de:4e:ea:20:0e:39:c4:d4:
d5:0f:21:c7:f1:51:32:37:7b:f1:6f:81:9a:94:67:
12:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:7F:E5:F4:7E:1A:2B:3C:25:D2:2C:73:FE:9E:A3:0A:79:7A:58:7A
X509v3 Authority Key Identifier:
keyid:5A:43:E9:E2:67:95:6E:7F:26:2C:17:F0:08:9F:0F:60:BA:7A:BE:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WkPp4meVbn8mLBfwCJ8PYLp6vvs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/06444c-9d9b-4c6b-950b-79c8987a8b1c/1/rX_l9H4aKzwl0ixz_p6jCnl6WHo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/06444c-9d9b-4c6b-950b-79c8987a8b1c/1/WkPp4meVbn8mLBfwCJ8PYLp6vvs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.49.128.0/24
46.49.133.0/24
46.49.154.0/24
95.177.150.0/24
IPv6:
2a02:df1::/32
Signature Algorithm: sha256WithRSAEncryption
b3:57:64:23:e3:a4:af:9b:49:fa:71:57:34:a2:66:c1:05:a9:
7a:08:99:b4:f7:a8:c3:6b:62:7f:2f:08:a0:b9:e5:2b:3a:3b:
a2:45:ab:88:8f:c7:e1:74:30:d2:45:54:23:f0:34:49:cb:d2:
bf:f7:58:85:27:bc:7d:10:29:f6:8b:cc:dc:89:d7:97:f0:ae:
63:5b:00:5c:a8:64:70:72:51:c7:6c:07:f5:16:94:ca:fc:02:
4d:9a:5b:ae:57:bc:78:1d:57:88:ce:b8:36:84:fc:10:44:9b:
d9:8b:47:38:7e:8a:ab:7a:d3:64:62:27:e1:27:8a:9b:d3:d2:
43:00:07:78:5b:ea:71:7a:e4:75:50:01:48:e4:41:90:26:23:
a6:89:e9:b7:2f:b0:ee:4c:b1:bb:93:1d:f6:63:dd:9d:f2:d9:
ed:c0:50:0e:64:d5:88:c7:10:8d:0d:bb:b5:f0:f3:f5:1d:a1:
72:fa:7c:2b:ff:cb:ef:15:79:52:33:74:55:3f:ed:33:85:99:
39:ef:68:4c:47:f7:60:65:b4:88:5d:b6:4d:14:bb:4e:7c:4b:
86:0b:5b:61:dc:b0:74:e4:88:31:97:a6:b6:d5:cf:07:3c:d4:
ce:40:bf:16:b5:ff:19:56:28:38:a6:f0:25:b5:41:10:75:90:
e6:06:ab:0a
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYvDA1W0TyTJy8oj37bFr3MvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhNDNlOWUyNjc5NTZlN2YyNjJjMTdmMDA4OWYwZjYwYmE3
YWJlZmIwHhcNMjMxMTEyMTAxMDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDdmZTVmNDdlMWEyYjNjMjVkMjJjNzNmZTllYTMwYTc5N2E1ODdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnJQZkIstl6wdpnMPYKpAn4V1Voy+
rr6vSL3CsdE9ku18/+izzh8f5Y9VG74xg3l7K2/cT4tI7GqMW7/eXvwlCw8VZYuz
qYeJh2VMLhXhC7QpRZVr8N7tDhP11DWJ5QtPwYNNTCjA/Ejdh+N3ItvXoO9pqnrR
4vM53oQuGsPqZVDt3/5OUp+qLs0ks4aIkYZRTAJfNefXCcG+jvs2jgGrUZ3P4sLu
D1Vh7Q/3dY88JNL6nlD1zBHv81hma8qro7Zd/Y1vB6+J2+s36S1117F7Ba7xLZXV
UBKmv2g34ND8nJq2DRJE0xPi3k7qIA45xNTVDyHH8VEyN3vxb4GalGcSjwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFK1/5fR+Gis8JdIsc/6eowp5elh6MB8GA1UdIwQY
MBaAFFpD6eJnlW5/JiwX8AifD2C6er77MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2tQcDRtZVZibjhtTEJmd0NKOFBZTHA2dnZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC8wNjQ0NGMtOWQ5Yi00YzZiLTk1MGIt
NzljODk4N2E4YjFjLzEvclhfbDlINGFLendsMGl4el9wNmpDbmw2V0hvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC8wNjQ0NGMtOWQ5Yi00YzZiLTk1MGItNzljODk4N2E4YjFj
LzEvV2tQcDRtZVZibjhtTEJmd0NKOFBZTHA2dnZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQALjGAAwQA
LjGFAwQALjGaAwQAX7GWMA0EAgACMAcDBQAqAg3xMA0GCSqGSIb3DQEBCwUAA4IB
AQCzV2Qj46Svm0n6cVc0ombBBal6CJm096jDa2J/LwigueUrOjuiRauIj8fhdDDS
RVQj8DRJy9K/91iFJ7x9ECn2i8zcideX8K5jWwBcqGRwclHHbAf1FpTK/AJNmluu
V7x4HVeIzrg2hPwQRJvZi0c4foqretNkYifhJ4qb09JDAAd4W+pxeuR1UAFI5EGQ
JiOmiem3L7DuTLG7kx32Y92d8tntwFAOZNWIxxCNDbu18PP1HaFy+nwr/8vvFXlS
M3RVP+0zhZk572hMR/dgZbSIXbZNFLtOfEuGC1th3LB05Igxl6a21c8HPNTOQL8W
tf8ZVig4pvAltUEQdZDmBqsK
-----END CERTIFICATE-----
Generated at Sat May 3 12:31:39 2025 by rpki-client