Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/768fdb-d1b5-4bef-bcbd-4924fa000b7c/1/1QA91y8AGLSkb0uDQxaxElZUyhQ.roa
File: 1QA91y8AGLSkb0uDQxaxElZUyhQ.roa (raw, json)
Hash identifier: zLkIvGEiHEw3aLkt82RfpANPJ17g/PMMSA+HIeYvuX4=
Subject key identifier: D5:00:3D:D7:2F:00:18:B4:A4:6F:4B:83:43:16:B1:12:56:54:CA:14
Certificate issuer: /CN=a63bcc6d25f7476fbb3ec33f6dbc3e9eead92212
Certificate serial: 018776C25B06A2A70A29DD862183CAA52CE7
Authority key identifier: A6:3B:CC:6D:25:F7:47:6F:BB:3E:C3:3F:6D:BC:3E:9E:EA:D9:22:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pjvMbSX3R2-7PsM_bbw-nurZIhI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/768fdb-d1b5-4bef-bcbd-4924fa000b7c/1/1QA91y8AGLSkb0uDQxaxElZUyhQ.roa
Signing time: Wed 12 Apr 2023 18:37:41 +0000
ROA not before: Wed 12 Apr 2023 18:37:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35819
IP address blocks: 46.153.16.0/20 maxlen: 20
46.153.32.0/20 maxlen: 20
46.153.48.0/20 maxlen: 20
46.153.64.0/19 maxlen: 19
46.153.0.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:76:c2:5b:06:a2:a7:0a:29:dd:86:21:83:ca:a5:2c:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a63bcc6d25f7476fbb3ec33f6dbc3e9eead92212
Validity
Not Before: Apr 12 18:37:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d5003dd72f0018b4a46f4b834316b1125654ca14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:20:14:c5:31:19:1f:ad:ad:49:3f:21:bb:f0:
fc:03:b4:70:ef:73:e3:7e:e6:6b:c3:fe:23:09:f9:
59:da:a3:b0:37:94:d4:2d:24:80:97:15:f2:3e:2e:
5a:6b:f8:30:fd:07:76:c1:5c:3a:51:1e:3b:4b:44:
43:91:a9:74:dd:33:83:ba:6a:c4:2a:3c:01:39:f4:
97:1f:40:45:50:ab:51:40:06:84:7c:1e:56:8f:b1:
78:f8:77:de:a5:39:ed:ed:bc:04:3f:1f:62:17:51:
52:3d:59:93:e5:4b:07:ea:b1:de:bb:51:9e:2e:44:
f6:03:8a:08:f8:64:96:b9:fc:8b:89:d8:6e:03:4a:
b8:ea:f7:ed:5f:14:3e:9a:3a:9c:f6:7b:9e:db:9a:
01:1b:43:25:79:13:cc:2d:45:24:be:63:1c:0c:ad:
e1:0f:36:d9:83:51:ae:99:0c:a3:ce:b6:a7:89:db:
e7:2f:a6:81:c7:e8:b7:7e:7e:8f:19:e3:66:de:9d:
fc:98:37:8a:e1:cb:1c:56:76:d3:89:dd:81:45:ba:
fc:72:99:24:21:0f:f7:43:1c:14:a8:07:f4:af:d2:
7c:0e:b1:9a:7c:8e:86:9d:09:0e:e2:fe:25:fc:30:
7c:53:04:f1:54:7f:99:0d:b8:48:c5:1a:48:27:1c:
21:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:00:3D:D7:2F:00:18:B4:A4:6F:4B:83:43:16:B1:12:56:54:CA:14
X509v3 Authority Key Identifier:
keyid:A6:3B:CC:6D:25:F7:47:6F:BB:3E:C3:3F:6D:BC:3E:9E:EA:D9:22:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pjvMbSX3R2-7PsM_bbw-nurZIhI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/768fdb-d1b5-4bef-bcbd-4924fa000b7c/1/1QA91y8AGLSkb0uDQxaxElZUyhQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/768fdb-d1b5-4bef-bcbd-4924fa000b7c/1/pjvMbSX3R2-7PsM_bbw-nurZIhI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.153.0.0-46.153.95.255
Signature Algorithm: sha256WithRSAEncryption
60:6b:0a:51:62:bb:8b:31:c1:fe:ca:57:95:fc:1d:68:20:9a:
02:db:c1:9d:5d:dc:9d:40:0a:69:48:b7:49:a8:33:fa:87:3b:
fc:79:4a:94:6e:da:ed:19:9f:02:82:6b:d7:04:df:c6:c0:5d:
c1:35:d2:bc:38:62:52:66:83:d9:a7:02:2b:0e:7e:10:c8:68:
4f:29:a9:67:48:c5:0f:c7:60:0e:4c:a8:57:33:01:7c:4a:4b:
54:13:fb:c8:ff:ec:6f:8c:16:fb:fe:e4:18:03:b9:f5:91:e0:
72:ac:b5:12:e4:24:b8:c4:83:27:7f:f8:3b:95:94:17:dd:ed:
f9:4c:f3:3d:f5:c3:db:c7:09:72:6c:62:5a:bf:03:20:83:61:
4d:c6:0c:62:2d:28:99:c7:11:b2:67:a9:b6:0d:02:e4:f6:d4:
16:24:25:d3:a1:61:dc:6b:0e:2d:0b:d7:4d:f4:48:22:9d:12:
9a:8a:68:b4:41:0b:60:45:37:dc:d3:5c:ff:87:10:68:bd:b3:
3d:fe:dd:20:8e:b0:02:72:98:dd:3f:43:46:ca:ef:bc:31:d9:
d5:cb:53:30:4d:11:f2:a9:2a:07:dc:d8:2f:d4:ed:df:f7:67:
12:1c:62:60:cf:dd:13:9e:20:46:8b:3f:49:26:63:ec:fc:17:
c1:72:c2:60
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAYd2wlsGoqcKKd2GIYPKpSznMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2M2JjYzZkMjVmNzQ3NmZiYjNlYzMzZjZkYmMzZTllZWFk
OTIyMTIwHhcNMjMwNDEyMTgzNzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTAwM2RkNzJmMDAxOGI0YTQ2ZjRiODM0MzE2YjExMjU2NTRjYTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmSAUxTEZH62tST8hu/D8A7Rw73Pj
fuZrw/4jCflZ2qOwN5TULSSAlxXyPi5aa/gw/Qd2wVw6UR47S0RDkal03TODumrE
KjwBOfSXH0BFUKtRQAaEfB5Wj7F4+HfepTnt7bwEPx9iF1FSPVmT5UsH6rHeu1Ge
LkT2A4oI+GSWufyLidhuA0q46vftXxQ+mjqc9nue25oBG0MleRPMLUUkvmMcDK3h
DzbZg1GumQyjzranidvnL6aBx+i3fn6PGeNm3p38mDeK4cscVnbTid2BRbr8cpkk
IQ/3QxwUqAf0r9J8DrGafI6GnQkO4v4l/DB8UwTxVH+ZDbhIxRpIJxwhewIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFNUAPdcvABi0pG9Lg0MWsRJWVMoUMB8GA1UdIwQY
MBaAFKY7zG0l90dvuz7DP228Pp7q2SISMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGp2TWJTWDNSMi03UHNNX2Jidy1udXJaSWhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS83NjhmZGItZDFiNS00YmVmLWJjYmQt
NDkyNGZhMDAwYjdjLzEvMVFBOTF5OEFHTFNrYjB1RFF4YXhFbFpVeWhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS83NjhmZGItZDFiNS00YmVmLWJjYmQtNDkyNGZhMDAwYjdj
LzEvcGp2TWJTWDNSMi03UHNNX2Jidy1udXJaSWhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCYGCCsGAQUFBwEHAQH/BBcwFTATBAIAATANMAsDAwAumQME
BS6ZQDANBgkqhkiG9w0BAQsFAAOCAQEAYGsKUWK7izHB/spXlfwdaCCaAtvBnV3c
nUAKaUi3Sagz+oc7/HlKlG7a7RmfAoJr1wTfxsBdwTXSvDhiUmaD2acCKw5+EMho
TympZ0jFD8dgDkyoVzMBfEpLVBP7yP/sb4wW+/7kGAO59ZHgcqy1EuQkuMSDJ3/4
O5WUF93t+UzzPfXD28cJcmxiWr8DIINhTcYMYi0omccRsmeptg0C5PbUFiQl06Fh
3GsOLQvXTfRIIp0SmopotEELYEU33NNc/4cQaL2zPf7dII6wAnKY3T9DRsrvvDHZ
1ctTME0R8qkqB9zYL9Tt3/dnEhxiYM/dE54gRos/SSZj7PwXwXLCYA==
-----END CERTIFICATE-----
Generated at Wed May 14 02:34:25 2025 by rpki-client