Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/ec3284-3576-4ee4-93b8-1847cb88e83a/1/2bIHhQ38AH1wXE5-NvO1S1y7aDU.roa
File: 2bIHhQ38AH1wXE5-NvO1S1y7aDU.roa (raw, json)
Hash identifier: 9DKeybMdXUVHpmIYeLHrMLH4IpopXefYHFVRz7Mgw6A=
Subject key identifier: D9:B2:07:85:0D:FC:00:7D:70:5C:4E:7E:36:F3:B5:4B:5C:BB:68:35
Certificate issuer: /CN=c2afc14dce450b05ec86c7c53070cd6bb6dbc7ee
Certificate serial: 0187DB5F85A501FD9A8D12A6A47C7843AEB3
Authority key identifier: C2:AF:C1:4D:CE:45:0B:05:EC:86:C7:C5:30:70:CD:6B:B6:DB:C7:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wq_BTc5FCwXshsfFMHDNa7bbx-4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/ec3284-3576-4ee4-93b8-1847cb88e83a/1/2bIHhQ38AH1wXE5-NvO1S1y7aDU.roa
Signing time: Tue 02 May 2023 07:31:23 +0000
ROA not before: Tue 02 May 2023 07:31:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207758
IP address blocks: 46.182.0.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:db:5f:85:a5:01:fd:9a:8d:12:a6:a4:7c:78:43:ae:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2afc14dce450b05ec86c7c53070cd6bb6dbc7ee
Validity
Not Before: May 2 07:31:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d9b207850dfc007d705c4e7e36f3b54b5cbb6835
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:05:55:04:95:e8:58:cf:21:26:21:3c:e9:f8:
3c:f6:6e:11:6c:0b:56:89:2f:a6:ba:fb:0c:b2:bf:
86:09:8f:29:b7:90:7d:84:03:54:10:f4:2a:f0:3b:
b5:22:8d:12:08:44:7d:6f:70:49:0d:9b:48:df:54:
8e:ed:68:a7:24:32:62:c9:e4:a7:99:13:d1:c0:a7:
37:ef:a3:98:15:c3:1a:7e:ef:25:7d:b0:64:02:4f:
40:72:0a:36:cf:e0:77:b3:9c:19:c1:78:3b:ce:9f:
fb:ac:ba:f3:60:40:ad:5b:f2:11:e0:e6:3d:26:3b:
7f:1f:9d:05:fa:3d:9f:08:6b:a7:ab:01:b0:78:93:
df:d5:2e:ad:51:21:3f:d9:e3:fb:06:30:a5:cb:1f:
c4:fa:3d:ea:6d:bc:0b:c4:ac:c4:7a:79:9c:a8:59:
00:32:4d:c8:5c:bd:33:76:a5:7c:2f:e9:d5:06:2b:
8c:ce:a1:5e:13:49:21:c5:2e:4d:a2:2d:1d:0e:da:
57:88:e5:93:2f:61:73:9d:d5:88:75:0c:31:2c:e2:
b3:b5:ba:c2:be:18:56:ce:9a:d8:13:98:36:65:d0:
09:ec:74:0a:06:e9:74:66:e9:91:c0:13:25:b1:06:
89:fc:ac:39:f1:0a:60:f4:f1:e3:37:76:84:c8:92:
ab:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:B2:07:85:0D:FC:00:7D:70:5C:4E:7E:36:F3:B5:4B:5C:BB:68:35
X509v3 Authority Key Identifier:
keyid:C2:AF:C1:4D:CE:45:0B:05:EC:86:C7:C5:30:70:CD:6B:B6:DB:C7:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wq_BTc5FCwXshsfFMHDNa7bbx-4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/ec3284-3576-4ee4-93b8-1847cb88e83a/1/2bIHhQ38AH1wXE5-NvO1S1y7aDU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/ec3284-3576-4ee4-93b8-1847cb88e83a/1/wq_BTc5FCwXshsfFMHDNa7bbx-4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.182.0.0/22
Signature Algorithm: sha256WithRSAEncryption
86:80:0d:dc:ef:5c:ff:23:ec:fb:e8:d7:a5:11:de:53:39:c7:
50:67:17:17:ae:0f:90:85:10:2d:ac:3e:07:d7:45:db:a1:02:
46:a6:d8:76:7e:a1:b8:b6:82:86:26:e3:45:9e:9b:0f:9b:ca:
35:58:2e:c6:f8:cb:ea:c1:89:28:c9:ce:60:eb:86:b4:65:42:
9b:3a:c4:e0:bf:95:4c:2d:94:da:44:2e:53:6f:39:17:0d:3a:
4b:f3:d3:ea:cc:25:68:45:f1:28:73:49:0a:00:7e:b6:f1:c5:
04:9e:90:0c:41:60:d4:1e:4e:44:b3:af:57:19:ca:c2:80:cd:
f2:df:ad:b6:fc:94:db:d6:b4:0c:d3:af:2c:65:59:be:05:3f:
cf:f9:a9:47:7a:64:43:ed:97:72:a5:a9:b5:29:ef:19:c2:ae:
dd:d8:41:f2:20:a8:f1:a6:e6:bd:38:b8:27:35:93:7c:de:3c:
e8:79:44:d9:4a:7e:32:65:d7:4b:93:7a:cc:d9:16:77:d6:40:
4b:00:7b:c7:15:87:f1:ff:e1:80:39:68:bd:ca:0c:3a:22:81:
f9:dc:57:01:10:b3:a1:d6:d4:8e:57:4c:07:ec:c9:32:a8:02:
59:0d:a9:36:11:b2:67:fc:f9:de:bb:f8:f1:2b:1d:77:95:0a:
d1:ac:50:ac
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYfbX4WlAf2ajRKmpHx4Q66zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyYWZjMTRkY2U0NTBiMDVlYzg2YzdjNTMwNzBjZDZiYjZk
YmM3ZWUwHhcNMjMwNTAyMDczMTIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWIyMDc4NTBkZmMwMDdkNzA1YzRlN2UzNmYzYjU0YjVjYmI2ODM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlwVVBJXoWM8hJiE86fg89m4RbAtW
iS+muvsMsr+GCY8pt5B9hANUEPQq8Du1Io0SCER9b3BJDZtI31SO7WinJDJiyeSn
mRPRwKc376OYFcMafu8lfbBkAk9Acgo2z+B3s5wZwXg7zp/7rLrzYECtW/IR4OY9
Jjt/H50F+j2fCGunqwGweJPf1S6tUSE/2eP7BjClyx/E+j3qbbwLxKzEenmcqFkA
Mk3IXL0zdqV8L+nVBiuMzqFeE0khxS5Noi0dDtpXiOWTL2FzndWIdQwxLOKztbrC
vhhWzprYE5g2ZdAJ7HQKBul0ZumRwBMlsQaJ/Kw58Qpg9PHjN3aEyJKrSwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNmyB4UN/AB9cFxOfjbztUtcu2g1MB8GA1UdIwQY
MBaAFMKvwU3ORQsF7IbHxTBwzWu228fuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3FfQlRjNUZDd1hzaHNmRk1IRE5hN2JieC00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9lYzMyODQtMzU3Ni00ZWU0LTkzYjgt
MTg0N2NiODhlODNhLzEvMmJJSGhRMzhBSDF3WEU1LU52TzFTMXk3YURVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9lYzMyODQtMzU3Ni00ZWU0LTkzYjgtMTg0N2NiODhlODNh
LzEvd3FfQlRjNUZDd1hzaHNmRk1IRE5hN2JieC00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLrYAMA0G
CSqGSIb3DQEBCwUAA4IBAQCGgA3c71z/I+z76NelEd5TOcdQZxcXrg+QhRAtrD4H
10XboQJGpth2fqG4toKGJuNFnpsPm8o1WC7G+MvqwYkoyc5g64a0ZUKbOsTgv5VM
LZTaRC5TbzkXDTpL89PqzCVoRfEoc0kKAH628cUEnpAMQWDUHk5Es69XGcrCgM3y
3622/JTb1rQM068sZVm+BT/P+alHemRD7Zdypam1Ke8Zwq7d2EHyIKjxpua9OLgn
NZN83jzoeUTZSn4yZddLk3rM2RZ31kBLAHvHFYfx/+GAOWi9ygw6IoH53FcBELOh
1tSOV0wH7MkyqAJZDak2EbJn/Pneu/jxKx13lQrRrFCs
-----END CERTIFICATE-----
Generated at Wed May 14 14:01:03 2025 by rpki-client